Example 1 with Subject
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class PrivilegeUtils method toEntitlementSubject.
private static EntitlementSubject toEntitlementSubject(Policy policy) throws PolicyException {
Set<String> subjectNames = policy.getSubjectNames();
Set<EntitlementSubject> entitlementSubjects = new HashSet<EntitlementSubject>();
if (subjectNames != null) {
for (String subjectName : subjectNames) {
Subject subject = policy.getSubject(subjectName);
boolean exclusive = policy.isSubjectExclusive(subjectName);
boolean dealtWith = false;
if (!dealtWith) {
EntitlementSubject sbj = mapGenericSubject(subjectName, subject, exclusive);
if (sbj != null) {
entitlementSubjects.add(sbj);
}
}
}
}
if (entitlementSubjects.isEmpty()) {
return null;
}
return (entitlementSubjects.size() == 1) ? entitlementSubjects.iterator().next() : new OrSubject(entitlementSubjects);
}
Also used :
EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject)
EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject)
PrivilegeSubject(com.sun.identity.policy.plugins.PrivilegeSubject)
Subject(com.sun.identity.policy.interfaces.Subject)
OrSubject(com.sun.identity.entitlement.OrSubject)
OrSubject(com.sun.identity.entitlement.OrSubject)
HashSet(java.util.HashSet)
Example 2 with Subject
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class DelegationPolicyImpl method policyToPrivilege.
/**
* Converts a policy to a delegation privilege.
* @param policy policy to be converted
* @return priv <code>DelegationPrivilege</code> represting policy.
*/
private DelegationPrivilege policyToPrivilege(Policy policy) throws DelegationException {
String pname = null;
Set permissions = new HashSet();
Set svalues = new HashSet();
if (policy == null) {
return null;
}
try {
// get policy name, which is the privilege name as well
pname = policy.getName();
// get privilege subjects
Set snames = policy.getSubjectNames();
if ((snames != null) && (!snames.isEmpty())) {
if (snames.contains(DELEGATION_AUTHN_USERS)) {
svalues.add(AUTHN_USERS_ID);
}
if (snames.contains(DELEGATION_SUBJECT)) {
Subject subject = policy.getSubject(DELEGATION_SUBJECT);
Set values = subject.getValues();
if (values != null) {
svalues.addAll(values);
}
}
}
if (DelegationManager.debug.messageEnabled()) {
DelegationManager.debug.message("SubjectValues=" + svalues);
}
String realmName = null;
String serviceName = null;
String version = null;
String configType = null;
String subconfigName = null;
String resource = null;
Set actions = null;
Set ruleNames = policy.getRuleNames();
if ((ruleNames != null) && (!ruleNames.isEmpty())) {
Iterator rit = ruleNames.iterator();
while (rit.hasNext()) {
String ruleName = (String) rit.next();
// now try to get resource and action names
Rule rule = policy.getRule(ruleName);
String service = rule.getServiceTypeName();
if (service.equalsIgnoreCase(DelegationManager.DELEGATION_SERVICE)) {
resource = rule.getResourceName();
actions = rule.getActionNames();
// required to construct a delegation permission
if (resource.startsWith(PREFIX)) {
String suffix = resource.substring(PREFIX.length());
if (suffix != null) {
StringTokenizer st = new StringTokenizer(suffix, DELIMITER);
realmName = st.nextToken();
if (st.hasMoreTokens()) {
serviceName = st.nextToken();
if (st.hasMoreTokens()) {
version = st.nextToken();
if (st.hasMoreTokens()) {
configType = st.nextToken();
if (st.hasMoreTokens()) {
subconfigName = st.nextToken();
while (st.hasMoreTokens()) {
subconfigName += DELIMITER + st.nextToken();
}
}
}
}
}
}
}
if (DelegationManager.debug.messageEnabled()) {
DelegationManager.debug.message("DelegationPolicyImpl.policyToPrivilege(): " + "create DelegationPermission object with: " + "realm=" + realmName + "; service=" + serviceName + "; version=" + version + "; configType=" + configType + "; subconfig=" + subconfigName + "; actions=" + actions);
}
DelegationPermission dp = new DelegationPermission(realmName, serviceName, version, configType, subconfigName, actions, null);
permissions.add(dp);
}
}
}
return new DelegationPrivilege(pname, permissions, svalues);
} catch (Exception e) {
throw new DelegationException(e);
}
}
Also used :
DelegationPrivilege(com.sun.identity.delegation.DelegationPrivilege)
StringTokenizer(java.util.StringTokenizer)
Set(java.util.Set)
HashSet(java.util.HashSet)
Iterator(java.util.Iterator)
DelegationException(com.sun.identity.delegation.DelegationException)
Rule(com.sun.identity.policy.Rule)
Subject(com.sun.identity.policy.interfaces.Subject)
DelegationPermission(com.sun.identity.delegation.DelegationPermission)
DelegationException(com.sun.identity.delegation.DelegationException)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
IdRepoException(com.sun.identity.idm.IdRepoException)
HashSet(java.util.HashSet)
Example 3 with Subject
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class IdentityGroupToEntitlementGroupTest method createSubject.
private Subject createSubject(PolicyManager pm) throws PolicyException {
SubjectTypeManager mgr = pm.getSubjectTypeManager();
Subject subject = mgr.getSubject("AMIdentitySubject");
Set<String> set = new HashSet<String>();
set.add(group1.getUniversalId());
set.add(group2.getUniversalId());
subject.setValues(set);
return subject;
}
Also used :
SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager)
Subject(com.sun.identity.policy.interfaces.Subject)
HashSet(java.util.HashSet)
Example 4 with Subject
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class PolicyModelImpl method getDisplayNameForSubjectValues.
/**
* Returns a map of values to localized label.
*
* @param realmName Name of realm.
* @param subjectTypeName Name of Subject Type.
* @param values Valid values.
* @return a map of values to localized label.
*/
public Map getDisplayNameForSubjectValues(String realmName, String subjectTypeName, Set values) {
Map map = null;
if ((values != null) && !values.isEmpty()) {
map = new HashMap(values.size() * 2);
Locale locale = getUserLocale();
try {
PolicyManager policyMgr = getPolicyManager(realmName);
if (policyMgr != null) {
SubjectTypeManager subjectTypeMgr = policyMgr.getSubjectTypeManager();
Subject subject = subjectTypeMgr.getSubject(subjectTypeName);
for (Iterator i = values.iterator(); i.hasNext(); ) {
String v = (String) i.next();
map.put(v, subject.getDisplayNameForValue(v, locale));
}
}
} catch (AMConsoleException e) {
debug.warning("PolicyModelImpl.getDisplayNameForSubjectValues", e);
} catch (NameNotFoundException e) {
debug.warning("PolicyModelImpl.getDisplayNameForSubjectValues", e);
} catch (PolicyException e) {
debug.warning("PolicyModelImpl.getDisplayNameForSubjectValues", e);
}
}
return (map == null) ? Collections.EMPTY_MAP : map;
}
Also used :
Locale(java.util.Locale)
PolicyManager(com.sun.identity.policy.PolicyManager)
SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager)
HashMap(java.util.HashMap)
NameNotFoundException(com.sun.identity.policy.NameNotFoundException)
PolicyException(com.sun.identity.policy.PolicyException)
Iterator(java.util.Iterator)
AMConsoleException(com.sun.identity.console.base.model.AMConsoleException)
Map(java.util.Map)
HashMap(java.util.HashMap)
Subject(com.sun.identity.policy.interfaces.Subject)
Example 5 with Subject
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class Subjects method toXML.
/**
* Returns XML string representation of the subject
* (user collection) object.
*
* @return xml string representation of this object
*/
protected String toXML() {
StringBuilder sb = new StringBuilder(100);
sb.append("\n").append(SUBJECTS_ELEMENT_BEGIN).append(XMLUtils.escapeSpecialCharacters(name)).append(SUBJECTS_DESCRIPTION).append(XMLUtils.escapeSpecialCharacters(description)).append("\">");
Iterator items = users.keySet().iterator();
while (items.hasNext()) {
String subjectName = (String) items.next();
QualifiedSubject qualifiedSubject = (QualifiedSubject) users.get(subjectName);
boolean realmSubject = qualifiedSubject.isRealmSubject();
if (realmSubject) {
sb.append("\n").append(REALM_SUBJECT_ELEMENT).append(XMLUtils.escapeSpecialCharacters(subjectName)).append("\" ").append(INCLUDE_TYPE).append("=\"").append(qualifiedSubject.isExclusive() ? EXCLUSIVE_TYPE : INCLUSIVE_TYPE).append(REALM_SUBJECT_ELEMENT_END);
} else {
Subject subject = qualifiedSubject.getSubject();
sb.append("\n").append(SUBJECT_ELEMENT).append(XMLUtils.escapeSpecialCharacters(subjectName)).append(SUBJECT_TYPE).append(XMLUtils.escapeSpecialCharacters(SubjectTypeManager.subjectTypeName(subject))).append("\" ").append(INCLUDE_TYPE).append("=\"").append(qualifiedSubject.isExclusive() ? EXCLUSIVE_TYPE : INCLUSIVE_TYPE).append("\">");
// Add attribute values pairs
Set v = subject.getValues();
if ((v != null) && !v.isEmpty()) {
sb.append("\n").append(ATTR_VALUE_BEGIN);
Iterator values = v.iterator();
while (values.hasNext()) {
sb.append(VALUE_BEGIN).append(XMLUtils.escapeSpecialCharacters((String) values.next())).append(VALUE_END);
}
sb.append("\n").append(ATTR_VALUE_END);
}
sb.append("\n").append(SUBJECT_ELEMENT_END);
}
}
sb.append("\n").append(SUBJECTS_ELEMENT_END);
return (sb.toString());
}
Also used :
Subject(com.sun.identity.policy.interfaces.Subject)
Aggregations
Subject (com.sun.identity.policy.interfaces.Subject)47
HashSet (java.util.HashSet)18
PolicyException (com.sun.identity.policy.PolicyException)17
SSOException (com.iplanet.sso.SSOException)14
Policy (com.sun.identity.policy.Policy)14
Set (java.util.Set)12
AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)11
NameNotFoundException (com.sun.identity.policy.NameNotFoundException)11
SubjectTypeManager (com.sun.identity.policy.SubjectTypeManager)11
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)8
Rule (com.sun.identity.policy.Rule)8
Iterator (java.util.Iterator)8
PolicyManager (com.sun.identity.policy.PolicyManager)7
CachedPolicy (com.sun.identity.console.policy.model.CachedPolicy)6
AMException (com.iplanet.am.sdk.AMException)5
InvalidAuthContextException (com.sun.identity.authentication.internal.InvalidAuthContextException)5
ConfigurationException (com.sun.identity.common.configuration.ConfigurationException)5
UnknownPropertyNameException (com.sun.identity.common.configuration.UnknownPropertyNameException)5
SMSException (com.sun.identity.sm.SMSException)5
FileNotFoundException (java.io.FileNotFoundException)5
