Examples with Rule com.sun.identity.policy.Rule used on opensource projects

Search in sources :

Example 6 with Rule

use of com.sun.identity.policy.Rule in project OpenAM by OpenRock.

the class PrivilegeUtils method privilegeToPolicy.

public static Policy privilegeToPolicy(String realm, Privilege privilege) throws PolicyException, SSOException, EntitlementException {
    Policy policy = new Policy(privilege.getName());
    policy.setDescription(privilege.getDescription());
    if (privilege.getEntitlement() != null) {
        Entitlement entitlement = privilege.getEntitlement();
        Set<Rule> rules = entitlementToRule(realm, entitlement);
        for (Rule rule : rules) {
            policy.addRule(rule);
        }
    }
    EntitlementSubject es = privilege.getSubject();
    if ((es != null) && (es != Privilege.NOT_SUBJECT)) {
        Subject sbj = eSubjectToEPSubject(es);
        policy.addSubject(getSubjectName(es), sbj, false);
    }
    EntitlementCondition ec = privilege.getCondition();
    if (ec != null) {
        Condition cond = eConditionToEPCondition(ec);
        policy.addCondition(getConditionName(ec), cond);
    }
    if (privilege.getResourceAttributes() != null) {
        Map<String, ResponseProvider> nrps = resourceAttributesToResponseProviders(privilege.getResourceAttributes());
        for (String rpName : nrps.keySet()) {
            ResponseProvider responseProvider = nrps.get(rpName);
            policy.addResponseProvider(rpName, responseProvider);
        }
    }
    policy.setCreatedBy(privilege.getCreatedBy());
    policy.setCreationDate(privilege.getCreationDate());
    policy.setLastModifiedBy(privilege.getLastModifiedBy());
    policy.setLastModifiedDate(privilege.getLastModifiedDate());
    return policy;
}
Also used : Policy(com.sun.identity.policy.Policy) EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) OrCondition(com.sun.identity.entitlement.OrCondition) AndCondition(com.sun.identity.entitlement.AndCondition) PrivilegeCondition(com.sun.identity.policy.plugins.PrivilegeCondition) Condition(com.sun.identity.policy.interfaces.Condition) EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition) EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition) IDRepoResponseProvider(com.sun.identity.policy.plugins.IDRepoResponseProvider) ResponseProvider(com.sun.identity.policy.interfaces.ResponseProvider) Rule(com.sun.identity.policy.Rule) Entitlement(com.sun.identity.entitlement.Entitlement) EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) PrivilegeSubject(com.sun.identity.policy.plugins.PrivilegeSubject) Subject(com.sun.identity.policy.interfaces.Subject) OrSubject(com.sun.identity.entitlement.OrSubject)

Example 7 with Rule

use of com.sun.identity.policy.Rule in project OpenAM by OpenRock.

the class PrivilegeUtils method entitlementToRule.

private static Set<Rule> entitlementToRule(String realm, Entitlement entitlement) throws PolicyException, SSOException, EntitlementException {
    Set<Rule> rules = new HashSet<Rule>();
    String appName = entitlement.getApplicationName();
    String realmName = LDAPUtils.isDN(realm) ? DNMapper.orgNameToRealmName(realm) : realm;
    Application application = ApplicationManager.getApplication(PolicyConstants.SUPER_ADMIN_SUBJECT, realmName, appName);
    if (application == null) {
        Object[] params = { appName, realm };
        throw new EntitlementException(105, params);
    }
    String serviceName = application.getApplicationType().getName();
    Set<String> resourceNames = entitlement.getResourceNames();
    Map<String, Boolean> actionValues = entitlement.getActionValues();
    Map av = pravToPav(actionValues, serviceName);
    if (resourceNames != null) {
        String entName = entitlement.getName();
        if (entName == null) {
            entName = "entitlement";
        }
        Rule rule = new Rule(entName, serviceName, null, av);
        rule.setResourceNames(resourceNames);
        rule.setApplicationName(appName);
        rules.add(rule);
    }
    return rules;
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) Rule(com.sun.identity.policy.Rule) Application(com.sun.identity.entitlement.Application) HashMap(java.util.HashMap) Map(java.util.Map) HashSet(java.util.HashSet)

Example 8 with Rule

use of com.sun.identity.policy.Rule in project OpenAM by OpenRock.

the class IDPPTest method setup.

@BeforeClass
public void setup() throws Exception {
    if (!migrated) {
        return;
    }
    user1 = IdRepoUtils.createUser(orgName, USER1_NAME);
    group1 = IdRepoUtils.createGroup(orgName, GROUP1_NAME);
    group1.addMember(user1);
    PolicyManager policyMgr = new PolicyManager(adminToken, orgName);
    Policy policy = new Policy("IDPPTestPolicy1");
    Set values = new HashSet();
    values.add("deny");
    Map actionValues = new HashMap();
    actionValues.put("MODIFY", values);
    actionValues.put("QUERY", values);
    String resourceName = "*";
    String ruleName = "rule1";
    Rule rule = new Rule(ruleName, serviceType, resourceName, actionValues);
    policy.addRule(rule);
    SubjectTypeManager subjectTypeMgr = policyMgr.getSubjectTypeManager();
    com.sun.identity.policy.interfaces.Subject subject = subjectTypeMgr.getSubject("AMIdentitySubject");
    values = new HashSet();
    values.add(group1.getUniversalId());
    subject.setValues(values);
    policy.addSubject("subject1", subject, false);
    policyMgr.addPolicy(policy);
}
Also used : Policy(com.sun.identity.policy.Policy) PolicyManager(com.sun.identity.policy.PolicyManager) HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager) Rule(com.sun.identity.policy.Rule) HashMap(java.util.HashMap) Map(java.util.Map) HashSet(java.util.HashSet) BeforeClass(org.testng.annotations.BeforeClass)

Example 9 with Rule

use of com.sun.identity.policy.Rule in project OpenAM by OpenRock.

the class PrivilegeUtils method rulesToEntitlement.

private static Set<Entitlement> rulesToEntitlement(Policy policy) throws PolicyException, SSOException, EntitlementException {
    Set<Rule> rules = getRules(policy);
    Set<Entitlement> entitlements = new HashSet<Entitlement>();
    for (Rule rule : rules) {
        String serviceName = rule.getServiceTypeName();
        Map<String, Boolean> actionMap = pavToPrav(rule.getActionValues(), serviceName);
        String entitlementName = rule.getName();
        Set<String> resourceNames = new HashSet<String>();
        Set<String> ruleResources = rule.getResourceNames();
        if (ruleResources != null) {
            resourceNames.addAll(ruleResources);
        }
        Entitlement entitlement = new Entitlement(rule.getApplicationName(), resourceNames, actionMap);
        entitlement.setName(entitlementName);
        entitlements.add(entitlement);
    }
    return entitlements;
}
Also used : Rule(com.sun.identity.policy.Rule) Entitlement(com.sun.identity.entitlement.Entitlement) HashSet(java.util.HashSet)

Example 10 with Rule

use of com.sun.identity.policy.Rule in project OpenAM by OpenRock.

the class DelegationPolicyImpl method policyToPrivilege.

/**
     *  Converts a policy to a delegation privilege.
     * @param policy policy to be converted
     * @return priv <code>DelegationPrivilege</code> represting policy.
     */
private DelegationPrivilege policyToPrivilege(Policy policy) throws DelegationException {
    String pname = null;
    Set permissions = new HashSet();
    Set svalues = new HashSet();
    if (policy == null) {
        return null;
    }
    try {
        // get policy name, which is the privilege name as well
        pname = policy.getName();
        // get privilege subjects
        Set snames = policy.getSubjectNames();
        if ((snames != null) && (!snames.isEmpty())) {
            if (snames.contains(DELEGATION_AUTHN_USERS)) {
                svalues.add(AUTHN_USERS_ID);
            }
            if (snames.contains(DELEGATION_SUBJECT)) {
                Subject subject = policy.getSubject(DELEGATION_SUBJECT);
                Set values = subject.getValues();
                if (values != null) {
                    svalues.addAll(values);
                }
            }
        }
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message("SubjectValues=" + svalues);
        }
        String realmName = null;
        String serviceName = null;
        String version = null;
        String configType = null;
        String subconfigName = null;
        String resource = null;
        Set actions = null;
        Set ruleNames = policy.getRuleNames();
        if ((ruleNames != null) && (!ruleNames.isEmpty())) {
            Iterator rit = ruleNames.iterator();
            while (rit.hasNext()) {
                String ruleName = (String) rit.next();
                // now try to get resource and action names
                Rule rule = policy.getRule(ruleName);
                String service = rule.getServiceTypeName();
                if (service.equalsIgnoreCase(DelegationManager.DELEGATION_SERVICE)) {
                    resource = rule.getResourceName();
                    actions = rule.getActionNames();
                    // required to construct a delegation permission
                    if (resource.startsWith(PREFIX)) {
                        String suffix = resource.substring(PREFIX.length());
                        if (suffix != null) {
                            StringTokenizer st = new StringTokenizer(suffix, DELIMITER);
                            realmName = st.nextToken();
                            if (st.hasMoreTokens()) {
                                serviceName = st.nextToken();
                                if (st.hasMoreTokens()) {
                                    version = st.nextToken();
                                    if (st.hasMoreTokens()) {
                                        configType = st.nextToken();
                                        if (st.hasMoreTokens()) {
                                            subconfigName = st.nextToken();
                                            while (st.hasMoreTokens()) {
                                                subconfigName += DELIMITER + st.nextToken();
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                    if (DelegationManager.debug.messageEnabled()) {
                        DelegationManager.debug.message("DelegationPolicyImpl.policyToPrivilege(): " + "create DelegationPermission object with: " + "realm=" + realmName + "; service=" + serviceName + "; version=" + version + "; configType=" + configType + "; subconfig=" + subconfigName + "; actions=" + actions);
                    }
                    DelegationPermission dp = new DelegationPermission(realmName, serviceName, version, configType, subconfigName, actions, null);
                    permissions.add(dp);
                }
            }
        }
        return new DelegationPrivilege(pname, permissions, svalues);
    } catch (Exception e) {
        throw new DelegationException(e);
    }
}
Also used : DelegationPrivilege(com.sun.identity.delegation.DelegationPrivilege) StringTokenizer(java.util.StringTokenizer) Set(java.util.Set) HashSet(java.util.HashSet) Iterator(java.util.Iterator) DelegationException(com.sun.identity.delegation.DelegationException) Rule(com.sun.identity.policy.Rule) Subject(com.sun.identity.policy.interfaces.Subject) DelegationPermission(com.sun.identity.delegation.DelegationPermission) DelegationException(com.sun.identity.delegation.DelegationException) PolicyException(com.sun.identity.policy.PolicyException) SSOException(com.iplanet.sso.SSOException) IdRepoException(com.sun.identity.idm.IdRepoException) HashSet(java.util.HashSet)

Aggregations

Rule (com.sun.identity.policy.Rule)28 Policy (com.sun.identity.policy.Policy)15 HashSet (java.util.HashSet)12 Set (java.util.Set)12 PolicyException (com.sun.identity.policy.PolicyException)9 SSOException (com.iplanet.sso.SSOException)8 Subject (com.sun.identity.policy.interfaces.Subject)8 AMException (com.iplanet.am.sdk.AMException)6 InvalidAuthContextException (com.sun.identity.authentication.internal.InvalidAuthContextException)6 ConfigurationException (com.sun.identity.common.configuration.ConfigurationException)6 UnknownPropertyNameException (com.sun.identity.common.configuration.UnknownPropertyNameException)6 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)6 NameNotFoundException (com.sun.identity.policy.NameNotFoundException)6 SMSException (com.sun.identity.sm.SMSException)6 FileNotFoundException (java.io.FileNotFoundException)6 IOException (java.io.IOException)6 HashMap (java.util.HashMap)6 Map (java.util.Map)6 LoginException (javax.security.auth.login.LoginException)6 ByteString (org.forgerock.opendj.ldap.ByteString)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial