com.ibm.sec.authz.jaccplus.config.internal
Class ApplicationPolicyConfiguration

java.lang.Object
  extended by com.ibm.sec.authz.jaccplus.config.internal.ApplicationPolicyConfiguration
All Implemented Interfaces:
javax.security.jacc.PolicyConfiguration

public class ApplicationPolicyConfiguration
extends java.lang.Object
implements javax.security.jacc.PolicyConfiguration

This class is the implementation of the JACC PolicyConfiguration interface that deploys the policy to the XACML engine. It uses the "role-based" format.

The methods of this interface are used for creating policy statements in a Policy provider.

Usage example to create the object for deploying policy:

 PolicyConfiguration retVal = new ApplicationPolicyConfiguration( context, xacmlConfig, remove );
 

Usage examples for manipulating policy:

 pc.addToExcludedPolicy( new WebResourcePermission( "/excluded", "GET" ));
 pc.addToUncheckedPolicy( new WebResourcePermission( "/unchecked", "GET" ));
 pc.addToRole( "role-1", new WebResourcePermission( "/role-1", "GET" ));
 pc.addToRole( "role-2", new WebResourcePermission( "/role-2", "GET" ));
 

See Also:
PolicyConfiguration, ApplicationPolicyConfigurationFactory

Constructor Summary
ApplicationPolicyConfiguration(java.lang.String contextID, com.ibm.sec.authz.xacml.config.IXACMLConfiguration config, boolean remove, java.util.Properties props)
          This is the default constructor.
 
Method Summary
 void addToExcludedPolicy(java.security.Permission permission)
           
 void addToExcludedPolicy(java.security.PermissionCollection permColl)
           
 void addToRole(java.lang.String role, java.security.Permission permission)
           
 void addToRole(java.lang.String role, java.security.PermissionCollection permColl)
           
 void addToUncheckedPolicy(java.security.Permission permission)
           
 void addToUncheckedPolicy(java.security.PermissionCollection permColl)
           
 void commit()
           
 void delete()
           
 java.lang.String getContextID()
           
static java.lang.String getState(com.ibm.sec.authz.xacml.policy.PolicySet rootPolicy)
          This method is used to retrieve the JACC policy state information from the passed PolicySet.
 boolean inService()
           
 void linkConfiguration(javax.security.jacc.PolicyConfiguration policyConfig)
           
 void removeExcludedPolicy()
           
 void removeRole(java.lang.String role)
           
 void removeUncheckedPolicy()
           
 java.lang.String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ApplicationPolicyConfiguration

public ApplicationPolicyConfiguration(java.lang.String contextID,
                                      com.ibm.sec.authz.xacml.config.IXACMLConfiguration config,
                                      boolean remove,
                                      java.util.Properties props)
                               throws javax.security.jacc.PolicyContextException
This is the default constructor.

Parameters:
contextID - The JACC context identifier we are configuring policy for.
config - The XACML configuration object to store our policy in.
remove - A boolean value that establishes whether all previous policy is to be removed before it configures policy for the given context. If the value passed to this parameter is true, all previous policy is removed. If the value is false, previous policy will not be removed.
props - The property file to create the policy.
Throws:
javax.security.jacc.PolicyContextException
Method Detail

addToExcludedPolicy

public void addToExcludedPolicy(java.security.Permission permission)
                         throws javax.security.jacc.PolicyContextException
Specified by:
addToExcludedPolicy in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

addToExcludedPolicy

public void addToExcludedPolicy(java.security.PermissionCollection permColl)
                         throws javax.security.jacc.PolicyContextException
Specified by:
addToExcludedPolicy in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

addToRole

public void addToRole(java.lang.String role,
                      java.security.Permission permission)
               throws javax.security.jacc.PolicyContextException
Specified by:
addToRole in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

addToRole

public void addToRole(java.lang.String role,
                      java.security.PermissionCollection permColl)
               throws javax.security.jacc.PolicyContextException
Specified by:
addToRole in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

addToUncheckedPolicy

public void addToUncheckedPolicy(java.security.Permission permission)
                          throws javax.security.jacc.PolicyContextException
Specified by:
addToUncheckedPolicy in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

addToUncheckedPolicy

public void addToUncheckedPolicy(java.security.PermissionCollection permColl)
                          throws javax.security.jacc.PolicyContextException
Specified by:
addToUncheckedPolicy in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

commit

public void commit()
            throws javax.security.jacc.PolicyContextException
Specified by:
commit in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

delete

public void delete()
            throws javax.security.jacc.PolicyContextException
Specified by:
delete in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

getContextID

public java.lang.String getContextID()
                              throws javax.security.jacc.PolicyContextException
Specified by:
getContextID in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

inService

public boolean inService()
                  throws javax.security.jacc.PolicyContextException
Specified by:
inService in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

linkConfiguration

public void linkConfiguration(javax.security.jacc.PolicyConfiguration policyConfig)
                       throws javax.security.jacc.PolicyContextException
Specified by:
linkConfiguration in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

removeExcludedPolicy

public void removeExcludedPolicy()
                          throws javax.security.jacc.PolicyContextException
Specified by:
removeExcludedPolicy in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

removeRole

public void removeRole(java.lang.String role)
                throws javax.security.jacc.PolicyContextException
Specified by:
removeRole in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

removeUncheckedPolicy

public void removeUncheckedPolicy()
                           throws javax.security.jacc.PolicyContextException
Specified by:
removeUncheckedPolicy in interface javax.security.jacc.PolicyConfiguration
Throws:
javax.security.jacc.PolicyContextException

getState

public static java.lang.String getState(com.ibm.sec.authz.xacml.policy.PolicySet rootPolicy)
This method is used to retrieve the JACC policy state information from the passed PolicySet.

Parameters:
rootPolicy - The policy set from which to get state information.
Returns:
a String containing the JACC policy state information.

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object


Copyright © 2009 IBM Corp. All Rights Reserved.