public class EntitlementService extends Object implements XACMLHandler
Constructor and Description |
---|
EntitlementService() |
Modifier and Type | Method and Description |
---|---|
EntitledResultSetDTO |
getAllEntitlements(String identifier,
AttributeDTO[] givenAttributes)
Gets all entitled attributes for given set of attributes
this an universal method to do policy search and find entitlement attributes
|
boolean |
getBooleanDecision(String subject,
String resource,
String action)
Evaluates the given XACML request and returns the Response as boolean value.
|
String |
getDecision(String request)
Evaluates the given XACML request and returns the Response that the EntitlementEngine will
hand back to the PEP.
|
String |
getDecisionByAttributes(String subject,
String resource,
String action,
String[] environment)
Evaluates the given XACML request and returns the Response that the EntitlementEngine will
hand back to the PEP.
|
EntitledResultSetDTO |
getEntitledAttributes(String subjectName,
String resourceName,
String subjectId,
String action,
boolean enableChildSearch)
Gets entitled resources for given user or role
This method can be only used, if all policies in PDP are defined with default categories i.e
subject, resource and action and default attribute Ids and #string data type.
|
String |
XACMLAuthzDecisionQuery(String request)
Evaluates the given XACML request for given SAML based authorization query
|
public String getDecision(String request) throws EntitlementException
request
- XACML request as a String ObjectEntitlementException
- throwspublic String getDecisionByAttributes(String subject, String resource, String action, String[] environment) throws EntitlementException
subject
- subjectresource
- resourceaction
- actionenvironment
- environmentEntitlementException
- throwspublic boolean getBooleanDecision(String subject, String resource, String action) throws Exception
subject
- subjectresource
- resourceaction
- actionException
- throwspublic EntitledResultSetDTO getEntitledAttributes(String subjectName, String resourceName, String subjectId, String action, boolean enableChildSearch) throws EntitlementException
subjectName
- subject Name, User or Role namesubjectId
- attribute id of the subject, user or roleresourceName
- resource Nameaction
- action nameenableChildSearch
- whether search is done for the child resources under the given resource nameEntitlementException
- throws if invalid data is providedpublic EntitledResultSetDTO getAllEntitlements(String identifier, AttributeDTO[] givenAttributes) throws EntitlementException
identifier
- identifier to separate out the attributes that is used for search
this is not required and can be nullgivenAttributes
- user provided attributesEntitlementException
- if failspublic String XACMLAuthzDecisionQuery(String request) throws Exception
XACMLAuthzDecisionQuery
in interface XACMLHandler
request
- XACML request as a String ObjectException
- throws if failsCopyright © 2016 WSO2. All rights reserved.