use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class Util method createAuthenticatedUsersSubject.
/**
* Returns A Subject that represents all authenticated users.
* @param pm The PolicyManager to use.
* @return A Subject that represents all authenticated users.
* @throws PolicyException if there was a problem creating the Subject.
*/
public static Subject createAuthenticatedUsersSubject(PolicyManager pm) throws PolicyException {
SubjectTypeManager mgr = pm.getSubjectTypeManager();
Subject subject = mgr.getSubject("AuthenticatedUsers");
return subject;
}
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class IdentityGroupToEntitlementGroupTest method createSubject.
private Subject createSubject(PolicyManager pm) throws PolicyException {
SubjectTypeManager mgr = pm.getSubjectTypeManager();
Subject subject = mgr.getSubject("AMIdentitySubject");
Set<String> set = new HashSet<String>();
set.add(group1.getUniversalId());
set.add(group2.getUniversalId());
subject.setValues(set);
return subject;
}
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class PrivilegeUtils method toEntitlementSubject.
private static EntitlementSubject toEntitlementSubject(Policy policy) throws PolicyException {
Set<String> subjectNames = policy.getSubjectNames();
Set<EntitlementSubject> entitlementSubjects = new HashSet<EntitlementSubject>();
if (subjectNames != null) {
for (String subjectName : subjectNames) {
Subject subject = policy.getSubject(subjectName);
boolean exclusive = policy.isSubjectExclusive(subjectName);
boolean dealtWith = false;
if (!dealtWith) {
EntitlementSubject sbj = mapGenericSubject(subjectName, subject, exclusive);
if (sbj != null) {
entitlementSubjects.add(sbj);
}
}
}
}
if (entitlementSubjects.isEmpty()) {
return null;
}
return (entitlementSubjects.size() == 1) ? entitlementSubjects.iterator().next() : new OrSubject(entitlementSubjects);
}
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class DelegationPolicyImpl method policyToPrivilege.
/**
* Converts a policy to a delegation privilege.
* @param policy policy to be converted
* @return priv <code>DelegationPrivilege</code> represting policy.
*/
private DelegationPrivilege policyToPrivilege(Policy policy) throws DelegationException {
String pname = null;
Set permissions = new HashSet();
Set svalues = new HashSet();
if (policy == null) {
return null;
}
try {
// get policy name, which is the privilege name as well
pname = policy.getName();
// get privilege subjects
Set snames = policy.getSubjectNames();
if ((snames != null) && (!snames.isEmpty())) {
if (snames.contains(DELEGATION_AUTHN_USERS)) {
svalues.add(AUTHN_USERS_ID);
}
if (snames.contains(DELEGATION_SUBJECT)) {
Subject subject = policy.getSubject(DELEGATION_SUBJECT);
Set values = subject.getValues();
if (values != null) {
svalues.addAll(values);
}
}
}
if (DelegationManager.debug.messageEnabled()) {
DelegationManager.debug.message("SubjectValues=" + svalues);
}
String realmName = null;
String serviceName = null;
String version = null;
String configType = null;
String subconfigName = null;
String resource = null;
Set actions = null;
Set ruleNames = policy.getRuleNames();
if ((ruleNames != null) && (!ruleNames.isEmpty())) {
Iterator rit = ruleNames.iterator();
while (rit.hasNext()) {
String ruleName = (String) rit.next();
// now try to get resource and action names
Rule rule = policy.getRule(ruleName);
String service = rule.getServiceTypeName();
if (service.equalsIgnoreCase(DelegationManager.DELEGATION_SERVICE)) {
resource = rule.getResourceName();
actions = rule.getActionNames();
// required to construct a delegation permission
if (resource.startsWith(PREFIX)) {
String suffix = resource.substring(PREFIX.length());
if (suffix != null) {
StringTokenizer st = new StringTokenizer(suffix, DELIMITER);
realmName = st.nextToken();
if (st.hasMoreTokens()) {
serviceName = st.nextToken();
if (st.hasMoreTokens()) {
version = st.nextToken();
if (st.hasMoreTokens()) {
configType = st.nextToken();
if (st.hasMoreTokens()) {
subconfigName = st.nextToken();
while (st.hasMoreTokens()) {
subconfigName += DELIMITER + st.nextToken();
}
}
}
}
}
}
}
if (DelegationManager.debug.messageEnabled()) {
DelegationManager.debug.message("DelegationPolicyImpl.policyToPrivilege(): " + "create DelegationPermission object with: " + "realm=" + realmName + "; service=" + serviceName + "; version=" + version + "; configType=" + configType + "; subconfig=" + subconfigName + "; actions=" + actions);
}
DelegationPermission dp = new DelegationPermission(realmName, serviceName, version, configType, subconfigName, actions, null);
permissions.add(dp);
}
}
}
return new DelegationPrivilege(pname, permissions, svalues);
} catch (Exception e) {
throw new DelegationException(e);
}
}
use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.
the class IdentitySubjectEditViewBean method getDefaultValues.
protected Set getDefaultValues(IdentitySubjectModel model) {
Set values = null;
String subjectName = (String) getPageSessionAttribute(SubjectOpViewBeanBase.PG_SESSION_SUBJECT_NAME);
try {
CachedPolicy cachedPolicy = getCachedPolicy();
Policy policy = cachedPolicy.getPolicy();
Subject subject = policy.getSubject(subjectName);
values = subject.getValues();
} catch (NameNotFoundException e) {
debug.warning("IdentitySubjectEditViewBean.getDefaultValues", e);
} catch (AMConsoleException e) {
debug.warning("IdentitySubjectEditViewBean.getDefaultValues", e);
}
return (values != null) ? values : Collections.EMPTY_SET;
}
Aggregations