Search in sources :

Example 16 with Subject

use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.

the class Util method createAuthenticatedUsersSubject.

/**
     * Returns A Subject that represents all authenticated users.
     * @param pm The PolicyManager to use.
     * @return A Subject that represents all authenticated users.
     * @throws PolicyException if there was a problem creating the Subject.
     */
public static Subject createAuthenticatedUsersSubject(PolicyManager pm) throws PolicyException {
    SubjectTypeManager mgr = pm.getSubjectTypeManager();
    Subject subject = mgr.getSubject("AuthenticatedUsers");
    return subject;
}
Also used : SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager) Subject(com.sun.identity.policy.interfaces.Subject)

Example 17 with Subject

use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.

the class IdentityGroupToEntitlementGroupTest method createSubject.

private Subject createSubject(PolicyManager pm) throws PolicyException {
    SubjectTypeManager mgr = pm.getSubjectTypeManager();
    Subject subject = mgr.getSubject("AMIdentitySubject");
    Set<String> set = new HashSet<String>();
    set.add(group1.getUniversalId());
    set.add(group2.getUniversalId());
    subject.setValues(set);
    return subject;
}
Also used : SubjectTypeManager(com.sun.identity.policy.SubjectTypeManager) Subject(com.sun.identity.policy.interfaces.Subject) HashSet(java.util.HashSet)

Example 18 with Subject

use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.

the class PrivilegeUtils method toEntitlementSubject.

private static EntitlementSubject toEntitlementSubject(Policy policy) throws PolicyException {
    Set<String> subjectNames = policy.getSubjectNames();
    Set<EntitlementSubject> entitlementSubjects = new HashSet<EntitlementSubject>();
    if (subjectNames != null) {
        for (String subjectName : subjectNames) {
            Subject subject = policy.getSubject(subjectName);
            boolean exclusive = policy.isSubjectExclusive(subjectName);
            boolean dealtWith = false;
            if (!dealtWith) {
                EntitlementSubject sbj = mapGenericSubject(subjectName, subject, exclusive);
                if (sbj != null) {
                    entitlementSubjects.add(sbj);
                }
            }
        }
    }
    if (entitlementSubjects.isEmpty()) {
        return null;
    }
    return (entitlementSubjects.size() == 1) ? entitlementSubjects.iterator().next() : new OrSubject(entitlementSubjects);
}
Also used : EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) PrivilegeSubject(com.sun.identity.policy.plugins.PrivilegeSubject) Subject(com.sun.identity.policy.interfaces.Subject) OrSubject(com.sun.identity.entitlement.OrSubject) OrSubject(com.sun.identity.entitlement.OrSubject) HashSet(java.util.HashSet)

Example 19 with Subject

use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.

the class DelegationPolicyImpl method policyToPrivilege.

/**
     *  Converts a policy to a delegation privilege.
     * @param policy policy to be converted
     * @return priv <code>DelegationPrivilege</code> represting policy.
     */
private DelegationPrivilege policyToPrivilege(Policy policy) throws DelegationException {
    String pname = null;
    Set permissions = new HashSet();
    Set svalues = new HashSet();
    if (policy == null) {
        return null;
    }
    try {
        // get policy name, which is the privilege name as well
        pname = policy.getName();
        // get privilege subjects
        Set snames = policy.getSubjectNames();
        if ((snames != null) && (!snames.isEmpty())) {
            if (snames.contains(DELEGATION_AUTHN_USERS)) {
                svalues.add(AUTHN_USERS_ID);
            }
            if (snames.contains(DELEGATION_SUBJECT)) {
                Subject subject = policy.getSubject(DELEGATION_SUBJECT);
                Set values = subject.getValues();
                if (values != null) {
                    svalues.addAll(values);
                }
            }
        }
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message("SubjectValues=" + svalues);
        }
        String realmName = null;
        String serviceName = null;
        String version = null;
        String configType = null;
        String subconfigName = null;
        String resource = null;
        Set actions = null;
        Set ruleNames = policy.getRuleNames();
        if ((ruleNames != null) && (!ruleNames.isEmpty())) {
            Iterator rit = ruleNames.iterator();
            while (rit.hasNext()) {
                String ruleName = (String) rit.next();
                // now try to get resource and action names
                Rule rule = policy.getRule(ruleName);
                String service = rule.getServiceTypeName();
                if (service.equalsIgnoreCase(DelegationManager.DELEGATION_SERVICE)) {
                    resource = rule.getResourceName();
                    actions = rule.getActionNames();
                    // required to construct a delegation permission
                    if (resource.startsWith(PREFIX)) {
                        String suffix = resource.substring(PREFIX.length());
                        if (suffix != null) {
                            StringTokenizer st = new StringTokenizer(suffix, DELIMITER);
                            realmName = st.nextToken();
                            if (st.hasMoreTokens()) {
                                serviceName = st.nextToken();
                                if (st.hasMoreTokens()) {
                                    version = st.nextToken();
                                    if (st.hasMoreTokens()) {
                                        configType = st.nextToken();
                                        if (st.hasMoreTokens()) {
                                            subconfigName = st.nextToken();
                                            while (st.hasMoreTokens()) {
                                                subconfigName += DELIMITER + st.nextToken();
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                    if (DelegationManager.debug.messageEnabled()) {
                        DelegationManager.debug.message("DelegationPolicyImpl.policyToPrivilege(): " + "create DelegationPermission object with: " + "realm=" + realmName + "; service=" + serviceName + "; version=" + version + "; configType=" + configType + "; subconfig=" + subconfigName + "; actions=" + actions);
                    }
                    DelegationPermission dp = new DelegationPermission(realmName, serviceName, version, configType, subconfigName, actions, null);
                    permissions.add(dp);
                }
            }
        }
        return new DelegationPrivilege(pname, permissions, svalues);
    } catch (Exception e) {
        throw new DelegationException(e);
    }
}
Also used : DelegationPrivilege(com.sun.identity.delegation.DelegationPrivilege) StringTokenizer(java.util.StringTokenizer) Set(java.util.Set) HashSet(java.util.HashSet) Iterator(java.util.Iterator) DelegationException(com.sun.identity.delegation.DelegationException) Rule(com.sun.identity.policy.Rule) Subject(com.sun.identity.policy.interfaces.Subject) DelegationPermission(com.sun.identity.delegation.DelegationPermission) DelegationException(com.sun.identity.delegation.DelegationException) PolicyException(com.sun.identity.policy.PolicyException) SSOException(com.iplanet.sso.SSOException) IdRepoException(com.sun.identity.idm.IdRepoException) HashSet(java.util.HashSet)

Example 20 with Subject

use of com.sun.identity.policy.interfaces.Subject in project OpenAM by OpenRock.

the class IdentitySubjectEditViewBean method getDefaultValues.

protected Set getDefaultValues(IdentitySubjectModel model) {
    Set values = null;
    String subjectName = (String) getPageSessionAttribute(SubjectOpViewBeanBase.PG_SESSION_SUBJECT_NAME);
    try {
        CachedPolicy cachedPolicy = getCachedPolicy();
        Policy policy = cachedPolicy.getPolicy();
        Subject subject = policy.getSubject(subjectName);
        values = subject.getValues();
    } catch (NameNotFoundException e) {
        debug.warning("IdentitySubjectEditViewBean.getDefaultValues", e);
    } catch (AMConsoleException e) {
        debug.warning("IdentitySubjectEditViewBean.getDefaultValues", e);
    }
    return (values != null) ? values : Collections.EMPTY_SET;
}
Also used : Policy(com.sun.identity.policy.Policy) CachedPolicy(com.sun.identity.console.policy.model.CachedPolicy) HashSet(java.util.HashSet) Set(java.util.Set) NameNotFoundException(com.sun.identity.policy.NameNotFoundException) CachedPolicy(com.sun.identity.console.policy.model.CachedPolicy) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) Subject(com.sun.identity.policy.interfaces.Subject)

Aggregations

Subject (com.sun.identity.policy.interfaces.Subject)47 HashSet (java.util.HashSet)18 PolicyException (com.sun.identity.policy.PolicyException)17 SSOException (com.iplanet.sso.SSOException)14 Policy (com.sun.identity.policy.Policy)14 Set (java.util.Set)12 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)11 NameNotFoundException (com.sun.identity.policy.NameNotFoundException)11 SubjectTypeManager (com.sun.identity.policy.SubjectTypeManager)11 EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)8 Rule (com.sun.identity.policy.Rule)8 Iterator (java.util.Iterator)8 PolicyManager (com.sun.identity.policy.PolicyManager)7 CachedPolicy (com.sun.identity.console.policy.model.CachedPolicy)6 AMException (com.iplanet.am.sdk.AMException)5 InvalidAuthContextException (com.sun.identity.authentication.internal.InvalidAuthContextException)5 ConfigurationException (com.sun.identity.common.configuration.ConfigurationException)5 UnknownPropertyNameException (com.sun.identity.common.configuration.UnknownPropertyNameException)5 SMSException (com.sun.identity.sm.SMSException)5 FileNotFoundException (java.io.FileNotFoundException)5