Search in sources :

Example 11 with PolicyEvaluator

use of com.sun.identity.policy.PolicyEvaluator in project OpenAM by OpenRock.

the class Util method isGetPostAllowed.

/**
     * Checks the user/url combination against existing Policy rules.
     * @param userToken The user to use in the policy check.
     * @param url The URL to use in the policy check.
     * @param scope The scope of the policy check.
     * @return True if the policy check was OK for the given user/url combination.
     * @throws SSOException If there was a problem with the users token.
     * @throws PolicyException if there was a problem checking the url.
     * @throws NameNotFoundException  If there was a problem looking up the policy service.
     */
public static boolean isGetPostAllowed(SSOToken userToken, String url, String scope) throws SSOException, PolicyException, NameNotFoundException {
    PolicyEvaluator pe = new PolicyEvaluator(IPLANETAMWEBAGENTSERVICE);
    Set<ResourceResult> resResults = pe.getResourceResults(userToken, url, scope, Collections.EMPTY_MAP);
    ResourceResult resResult = resResults.iterator().next();
    PolicyDecision pd = resResult.getPolicyDecision();
    Map<String, ActionDecision> decisions = pd.getActionDecisions();
    ActionDecision get = decisions.get(GET_ACTION);
    ActionDecision post = decisions.get(POST_ACTION);
    return (get != null && get.getValues().contains(ALLOW_DECISION)) && (post != null && post.getValues().contains(ALLOW_DECISION));
}
Also used : PolicyDecision(com.sun.identity.policy.PolicyDecision) ResourceResult(com.sun.identity.policy.ResourceResult) PolicyEvaluator(com.sun.identity.policy.PolicyEvaluator) ActionDecision(com.sun.identity.policy.ActionDecision)

Aggregations

PolicyEvaluator (com.sun.identity.policy.PolicyEvaluator)11 PolicyException (com.sun.identity.policy.PolicyException)6 PolicyDecision (com.sun.identity.policy.PolicyDecision)5 HashSet (java.util.HashSet)5 SSOException (com.iplanet.sso.SSOException)4 SSOToken (com.iplanet.sso.SSOToken)4 ResourceResult (com.sun.identity.policy.ResourceResult)4 Set (java.util.Set)4 HashMap (java.util.HashMap)3 Map (java.util.Map)3 EntitlementException (com.sun.identity.entitlement.EntitlementException)2 IdRepoException (com.sun.identity.idm.IdRepoException)2 ActionDecision (com.sun.identity.policy.ActionDecision)2 ArrayList (java.util.ArrayList)2 Iterator (java.util.Iterator)2 List (java.util.List)2 Cache (com.iplanet.am.util.Cache)1 ResponseSet (com.iplanet.services.comm.share.ResponseSet)1 SSOTokenManager (com.iplanet.sso.SSOTokenManager)1 AuthContext (com.sun.identity.authentication.AuthContext)1