org.wso2.balana.combine.xacml3
Class PermitUnlessDenyPolicyAlg

java.lang.Object
  extended by org.wso2.balana.combine.CombiningAlgorithm
      extended by org.wso2.balana.combine.PolicyCombiningAlgorithm
          extended by org.wso2.balana.combine.xacml3.PermitUnlessDenyPolicyAlg

public class PermitUnlessDenyPolicyAlg
extends PolicyCombiningAlgorithm

This is the standard Deny unless permit policy combining algorithm. This algorithm is intended for those cases where a deny decision should have priority over a permit decision, and an "Indeterminate" or "NotApplicable" must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite "Permit" or "Deny" result.


Field Summary
static String algId
          The standard URI used to identify this algorithm
 
Constructor Summary
PermitUnlessDenyPolicyAlg()
          Standard constructor.
PermitUnlessDenyPolicyAlg(URI identifier)
          Constructor that takes the algorithm's identifier.
 
Method Summary
 AbstractResult combine(EvaluationCtx context, List parameters, List policyElements)
          Combines the policies based on the context to produce some unified result.
 
Methods inherited from class org.wso2.balana.combine.CombiningAlgorithm
getIdentifier
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

algId

public static final String algId
The standard URI used to identify this algorithm

See Also:
Constant Field Values
Constructor Detail

PermitUnlessDenyPolicyAlg

public PermitUnlessDenyPolicyAlg()
Standard constructor.


PermitUnlessDenyPolicyAlg

public PermitUnlessDenyPolicyAlg(URI identifier)
Constructor that takes the algorithm's identifier.

Parameters:
identifier - the algorithm's identifier
Method Detail

combine

public AbstractResult combine(EvaluationCtx context,
                              List parameters,
                              List policyElements)
Description copied from class: PolicyCombiningAlgorithm
Combines the policies based on the context to produce some unified result. This is the one function of a combining algorithm.

Note that unlike in the RuleCombiningAlgorithms, here you must explicitly match the sub-policies to make sure that you should consider them, and you must handle Obligations.

Specified by:
combine in class PolicyCombiningAlgorithm
Parameters:
context - the representation of the request
parameters - a (possibly empty) non-null List of CombinerParameters
policyElements - a List of CombinerElements
Returns:
a single unified result based on the combining logic


Copyright © 2015 WSO2. All rights reserved.