Example 1 with DelegationPermissionFactory
use of com.sun.identity.delegation.DelegationPermissionFactory in project OpenAM by OpenRock.
the class XacmlService method checkPermission.
/**
* This "lower level" version of checkPermission is really only here to make testing easier.
*
* @return true if the user has the "action" permission (action being "READ" or "MODIFY"), false otherwise.
*/
private boolean checkPermission(String action, String urlLastSegment, String realm, SSOToken token) throws EntitlementException {
boolean result;
try {
final Set<String> actions = new HashSet<String>(Arrays.asList(action));
final DelegationPermissionFactory permissionFactory = new DelegationPermissionFactory();
final DelegationPermission permissionRequest = permissionFactory.newInstance(realm, REST, VERSION, urlLastSegment, action, actions, Collections.<String, String>emptyMap());
result = checkPermission(permissionRequest, token, urlLastSegment);
} catch (SSOException e) {
debug.warning("XacmlService permission evaluation failed", e);
throw new EntitlementException(INTERNAL_ERROR, e);
} catch (DelegationException e) {
debug.warning("XacmlService permission evaluation failed", e);
throw new EntitlementException(INTERNAL_ERROR, e);
}
return result;
}
Also used :
DelegationPermissionFactory(com.sun.identity.delegation.DelegationPermissionFactory)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SSOException(com.iplanet.sso.SSOException)
DelegationException(com.sun.identity.delegation.DelegationException)
DelegationPermission(com.sun.identity.delegation.DelegationPermission)
HashSet(java.util.HashSet)
Aggregations
SSOException (com.iplanet.sso.SSOException)1
DelegationException (com.sun.identity.delegation.DelegationException)1
DelegationPermission (com.sun.identity.delegation.DelegationPermission)1
DelegationPermissionFactory (com.sun.identity.delegation.DelegationPermissionFactory)1
EntitlementException (com.sun.identity.entitlement.EntitlementException)1
HashSet (java.util.HashSet)1
