com.sun.identity.policy

Class Policy

java.lang.Object

com.sun.identity.policy.Policy

All Implemented Interfaces:

Cloneable

Deprecated.

since 12.0.0

@Deprecated
public class Policy
extends Object
implements Cloneable

The class Policy represents a policy definition. A policy contains a set of rules associated with a collection of users and conditions. The policy object is saved in the data store only when the store method of the Policy is called, or if the methods addPolicy or replacePolicy of PolicyManager instance is invoked with this policy. The Policy object is accessible to policy evaluation and enforcement points only after it is saved in data store.

Constructor Summary

Constructors

Constructor and Description
Policy(String policyName) Deprecated. Constructs a policy given the policy name.
Policy(String policyName, String description) Deprecated. Constructs a policy given the policy name and description.
Policy(String policyName, String description, boolean referralPolicy) Deprecated. Constructs a policy given the policy name,description and a referralPolicy flag.
Policy(String policyName, String description, boolean referralPolicy, boolean active) Deprecated. Constructs a policy given the policy name , description, referralPolicy flag, and active flag

Method Summary

Modifier and Type	Method and Description
void	addCondition(String name, Condition condition) Deprecated. Adds a new policy condition.
void	addRealmSubject(SSOToken token, String subjectName, String realmName, boolean exclusive) Deprecated. Adds a reference in the policy to a Subject defined at the realm.
void	addRealmSubject(String subjectName, SubjectTypeManager stm, boolean exclusive) Deprecated. Adds a reference in the policy to a Subject defined at the realm.
void	addReferral(String name, Referral referral) Deprecated. Adds a new policy referral.
void	addRule(Rule rule) Deprecated. Adds a new policy rule.
void	addSubject(String name, Subject subject) Deprecated. Adds a new policy subject.
void	addSubject(String name, Subject subject, boolean exclusive) Deprecated. Adds a new policy subject.
Condition	getCondition(String condition) Deprecated. Gets the condition object identified by name.
Set	getConditionNames() Deprecated. Get the set of condition names associated with the policy.
String	getDescription() Deprecated. Gets the description for the policy.
String	getName() Deprecated. Gets the name of the policy.
String	getOrganizationName() Deprecated. Gets the organization name under which the policy is created This would be set only for policies that have been read from data store.
Referral	getReferral(String referralName) Deprecated. Gets the Referral object identified by name.
Set	getReferralNames() Deprecated. Get the Set of referral names associated with the policy.
Rule	getRule(String ruleName) Deprecated. Gets the rule object identified by name.
Set	getRuleNames() Deprecated. Gets the set of rule names associated with the policy.
Subject	getSubject(String subjectName) Deprecated. Gets the Subject object identified by name.
Set	getSubjectNames() Deprecated. Get the Set of subject names associated with the policy.
boolean	isActive() Deprecated. Checks whether the policy is active or inactive An inactive policy is not used to make policy evaluations.
boolean	isRealmSubject(String subjectName) Deprecated. Checks if the subjectName is a reference to a Subject defined at the realm
boolean	isReferralPolicy() Deprecated. Checks whether the policy is a referral policy.
boolean	isSubjectExclusive(String subjectName) Deprecated. Checks if the subject is exclusive.
void	removeCondition(Condition condition) Deprecated. Removes the Condition object identified by object's equals method.
Condition	removeCondition(String condition) Deprecated. Removes the condition with the given name.
void	removeReferral(Referral referral) Deprecated. Removes the Referral object identified by object's equals method.
Referral	removeReferral(String referralName) Deprecated. Removes the referral with the given name.
Rule	removeRule(String ruleName) Deprecated. Removes the Rule with the given name.
Subject	removeSubject(String subjectName) Deprecated. Removes the subject with the given name.
void	removeSubject(Subject subject) Deprecated. Removes the Subject object identified by object's equals method.
void	replaceCondition(String name, Condition condition) Deprecated. Replaces an existing condition with the same name by the current one.
void	replaceReferral(String name, Referral referral) Deprecated. Replaces an existing referral with the same name by the current one.
void	replaceRule(Rule rule) Deprecated. Replaces an existing rule with the same name by the current one.
void	replaceSubject(String name, Subject subject) Deprecated. Replaces an existing subject with the same name by the current one.
void	replaceSubject(String name, Subject subject, boolean exclusive) Deprecated. Replaces an existing subject with the same name by the current one.
void	setActive(boolean active) Deprecated. Set the active flag for policy.
void	setDescription(String description) Deprecated. Sets the description for the policy.
void	setName(String policyName) Deprecated. Sets the name of the policy.
void	store(SSOToken token, String name) Deprecated. Stores the policy object in a persistent data store under the organization, sub-organization or a container object, specified as a parameter.
String	toString() Deprecated. Gets string representation of the policy object.
String	toXML() Deprecated. Returns the serialized policy in XML

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

Policy

public Policy(String policyName)
       throws InvalidNameException

Deprecated.

Constructs a policy given the policy name.

Parameters:

policyName - name of the policy

Throws:

InvalidNameException - if policy name is not valid

Policy

public Policy(String policyName,
              String description)
       throws InvalidNameException

Deprecated.

Constructs a policy given the policy name and description.

Parameters:

policyName - name of the policy

description - description for the policy

Throws:

InvalidNameException - if policy name is not valid

Policy

public Policy(String policyName,
              String description,
              boolean referralPolicy)
       throws InvalidNameException

Deprecated.

Constructs a policy given the policy name,description and a referralPolicy flag.

Parameters:

policyName - name of the policy

description - description for the policy

referralPolicy - indicates whether the policy is a referral policy or a standard policy. A referral policy is used only to delegate policy definitions to sub/peer organizations. A referral policy does not make use of any action values

Throws:

InvalidNameException - if policy name is not valid

Policy

public Policy(String policyName,
              String description,
              boolean referralPolicy,
              boolean active)
       throws InvalidNameException

Deprecated.

Constructs a policy given the policy name , description, referralPolicy flag, and active flag

Parameters:

policyName - name of the policy

description - description for the policy

referralPolicy - indicates whether the policy is a referral policy or a standard policy.

active - indicates if the policy is active or not. A referral policy is used only to delegate policy definitions to sub/peer organizations. A referral policy does not make use of any action values

Throws:

InvalidNameException - if policy name is not valid

Method Detail

getName

public String getName()

Deprecated.

Gets the name of the policy.

Returns:

name of the policy

setName

public void setName(String policyName)
             throws InvalidNameException

Deprecated.

Sets the name of the policy.

Parameters:

policyName - name of the policy.

Throws:

InvalidNameException - if policyName is an invalid name.

getOrganizationName

public String getOrganizationName()

Deprecated.

Gets the organization name under which the policy is created This would be set only for policies that have been read from data store. Otherwise this would be null

Returns:

the organization name under which the policy is created

getDescription

public String getDescription()

Deprecated.

Gets the description for the policy. If the description for the policy has not been set the method will return an empty string; not null.

Returns:

description of the policy

setDescription

public void setDescription(String description)
                    throws InvalidNameException

Deprecated.

Sets the description for the policy.

Parameters:

description - description for the policy

Throws:

InvalidNameException - if the description is invalid

isReferralPolicy

public boolean isReferralPolicy()

Deprecated.

Checks whether the policy is a referral policy. A referral policy is used only to delegate policy definitions to sub/peer organizations. A referral policy does not make use of any action values

Returns:

true if this is a referral policy. Otherwise returns false

isActive

public boolean isActive()

Deprecated.

Checks whether the policy is active or inactive An inactive policy is not used to make policy evaluations.

Returns:

true if this is an active policy. Otherwise returns false

setActive

public void setActive(boolean active)

Deprecated.

Set the active flag for policy. An inactive policy is not used to make policy evaluations.

Parameters:

active - boolean representing active or inactive.

getRuleNames

public Set getRuleNames()

Deprecated.

Gets the set of rule names associated with the policy.

Returns:

Set of rule names

getRule

public Rule getRule(String ruleName)
             throws NameNotFoundException

Deprecated.

Gets the rule object identified by name.

Parameters:

ruleName - name of rule.

Returns:

Rule object.

Throws:

NameNotFoundException - if a Rule with the given name does not exist

addRule

public void addRule(Rule rule)
             throws NameAlreadyExistsException,
                    InvalidNameException

Deprecated.

Adds a new policy rule.

Parameters:

rule - rule object to be added to the policy

Throws:

NameAlreadyExistsException - a rule with the given name already exists

InvalidNameException - if the rule name is invalid same service name as the policy

replaceRule

public void replaceRule(Rule rule)
                 throws InvalidNameException

Deprecated.

Replaces an existing rule with the same name by the current one. If a Rule with the same name does not exist, it will be added.

Parameters:

rule - Rule that will replace an existing rule with the same name

Throws:

InvalidNameException - if Rule name is invalid

removeRule

public Rule removeRule(String ruleName)

Deprecated.

Removes the Rule with the given name.

Parameters:

ruleName - name of the rule

Returns:

returns the Rule object being removed; if not present returns null

getSubjectNames

public Set getSubjectNames()

Deprecated.

Get the Set of subject names associated with the policy.

Returns:

Set of String objects representing subject names

getSubject

public Subject getSubject(String subjectName)
                   throws NameNotFoundException

Deprecated.

Gets the Subject object identified by name.

Parameters:

subjectName - name of subject.

Returns:

Subject object

Throws:

NameNotFoundException - if a Subject with the given name does not exist

addSubject

public void addSubject(String name,
                       Subject subject)
                throws NameAlreadyExistsException,
                       InvalidNameException

Deprecated.

Adds a new policy subject. The subject is added as a normal (non exclusive) subject. So, policy will apply to members of the subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.

Parameters:

name - name of the Subject instance

subject - Subject object to be added to the policy

Throws:

NameAlreadyExistsException - if a Subject with the given name already exists

InvalidNameException - if the subject name is invalid

addRealmSubject

public void addRealmSubject(SSOToken token,
                            String subjectName,
                            String realmName,
                            boolean exclusive)
                     throws NameAlreadyExistsException,
                            InvalidNameException,
                            PolicyException,
                            SSOException

Deprecated.

Adds a reference in the policy to a Subject defined at the realm.

Parameters:

token - SSOToken of the user adding the subject

subjectName - name of the Subject as defined at the realm

realmName - name of the realm in which the subject is defined

Throws:

NameAlreadyExistsException - if a Subject with the given name already exists in the policy

InvalidNameException - if the subject name is invalid or the subject is not found at the realm

SSOException - if the SSO token is invalid

PolicyException - if the subject could not be added for any other reason

addRealmSubject

public void addRealmSubject(String subjectName,
                            SubjectTypeManager stm,
                            boolean exclusive)
                     throws NameAlreadyExistsException,
                            InvalidNameException,
                            PolicyException,
                            SSOException

Deprecated.

Adds a reference in the policy to a Subject defined at the realm.

Parameters:

subjectName - name of the Subject as defined at the realm

stm - SubjectTypeManager of the realm. You have to pass the SubjectTypeManager of realm in which you would save the policy. Trying to save the policy at a different realm would throw PolicyException.

Throws:

NameAlreadyExistsException - if a Subject with the given name already exists in the policy

InvalidNameException - if the subject name is invalid or the subject is not found at the realm

SSOException - if the SSO token is invalid

PolicyException - if the subject could not be added for any other reason

addSubject

public void addSubject(String name,
                       Subject subject,
                       boolean exclusive)
                throws NameAlreadyExistsException,
                       InvalidNameException

Deprecated.

Adds a new policy subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.

Parameters:

name - name of the Subject instance

subject - Subject object to be added to the policy

exclusive - boolean flag indicating whether the subject is to be exclusive subject. If subject is exclusive, policy applies to users who are not members of the subject. Otherwise, policy applies to members of the subject.

Throws:

NameAlreadyExistsException - if a Subject with the given name already exists

InvalidNameException - if the subject name is invalid

replaceSubject

public void replaceSubject(String name,
                           Subject subject)
                    throws NameNotFoundException

Deprecated.

Replaces an existing subject with the same name by the current one. If a subject with the same name does not exist, it will be added. The subject is replaced as a normal (non exclusive) subject. So, policy will apply to members of the subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject subject in the policy or not a member of any exclusive subject subject in the policy.

Parameters:

name - name of the Subject instance

subject - Subject that will replace an existing Subject with the same name

Throws:

NameNotFoundException - if a Subject instance with the given name is not present

replaceSubject

public void replaceSubject(String name,
                           Subject subject,
                           boolean exclusive)
                    throws NameNotFoundException

Deprecated.

Replaces an existing subject with the same name by the current one. If a subject with the same name does not exist, it will be added. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.

Parameters:

name - name of the Subject instance

subject - Subject that will replace an existing Subject with the same name

exclusive - boolean flag indicating whether the subject is to be exclusive subject. If subject is exclusive, policy applies to users who are not members of the subject. Otherwise, policy applies to members of the subject.

Throws:

NameNotFoundException - if a Subject instance with the given name is not present

removeSubject

public Subject removeSubject(String subjectName)

Deprecated.

Removes the subject with the given name.

Parameters:

subjectName - name of the Subject

Returns:

returns the Subject object being removed. if not present returns null

removeSubject

public void removeSubject(Subject subject)

Deprecated.

Removes the Subject object identified by object's equals method. If a Subject instance does not exist, the method will return silently.

Parameters:

subject - Subject object that will be removed from the user collection

isSubjectExclusive

public boolean isSubjectExclusive(String subjectName)
                           throws NameNotFoundException

Deprecated.

Checks if the subject is exclusive. If subject is exclusive, policy applies to users who are not members of the subject. Otherwise, policy applies to members of the subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.

Parameters:

subjectName - name of the subject

Returns:

true if the subject is exclusive, false otherwise.

Throws:

NameNotFoundException - if the subject with the given subjectName does not exist in the policy.

isRealmSubject

public boolean isRealmSubject(String subjectName)
                       throws NameNotFoundException

Deprecated.

Checks if the subjectName is a reference to a Subject defined at the realm

Parameters:

subjectName - name of the subject

Returns:

true if the subject is a reference to a Subject defined at the realm, false otherwise.

Throws:

NameNotFoundException - if the subject with the given subjectName does not exist in the policy.

getReferralNames

public Set getReferralNames()

Deprecated.

Get the Set of referral names associated with the policy.

Returns:

Set of referral names

getReferral

public Referral getReferral(String referralName)
                     throws NameNotFoundException

Deprecated.

Gets the Referral object identified by name.

Parameters:

referralName - name of referral.

Returns:

Referral object

Throws:

NameNotFoundException - if a Referral with the given name does not exist

addReferral

public void addReferral(String name,
                        Referral referral)
                 throws NameAlreadyExistsException,
                        InvalidNameException

Deprecated.

Adds a new policy referral.

Parameters:

name - name of the Referral instance

referral - Referral object to be added to the policy

Throws:

NameAlreadyExistsException - if a Referral with the given name already exists

InvalidNameException - if the referral name is invalid

replaceReferral

public void replaceReferral(String name,
                            Referral referral)
                     throws NameNotFoundException

Deprecated.

Replaces an existing referral with the same name by the current one. If a referral with the same name does not exist, it will be added.

Parameters:

name - name of the Referral instance

referral - Referral that will replace an existing Referral with the same name

Throws:

NameNotFoundException - if a Referral instance with the given name is not present

removeReferral

public Referral removeReferral(String referralName)

Deprecated.

Removes the referral with the given name.

Parameters:

referralName - name of the Referral

Returns:

returns the Referral object being removed; if not present returns null

removeReferral

public void removeReferral(Referral referral)

Deprecated.

Removes the Referral object identified by object's equals method. If a Referral instance does not exist, the method will return silently.

Parameters:

referral - Referral object that will be removed

getConditionNames

public Set getConditionNames()

Deprecated.

Get the set of condition names associated with the policy.

Returns:

Set of condition names

getCondition

public Condition getCondition(String condition)
                       throws NameNotFoundException

Deprecated.

Gets the condition object identified by name.

Parameters:

condition - name of condition.

Returns:

Condition object.

Throws:

NameNotFoundException - if a Condition with the given name does not exist.

addCondition

public void addCondition(String name,
                         Condition condition)
                  throws NameAlreadyExistsException,
                         InvalidNameException

Deprecated.

Adds a new policy condition.

Parameters:

name - name of the Condition instance

condition - Condition object to be added to the policy

Throws:

NameAlreadyExistsException - if a Condition with the given name already exists

InvalidNameException - if the condition name is invalid

replaceCondition

public void replaceCondition(String name,
                             Condition condition)
                      throws NameNotFoundException

Deprecated.

Replaces an existing condition with the same name by the current one. If a condition with the same name does not exist, it will be added.

Parameters:

name - name of the Condition instance

condition - Condition that will replace an existing Condition with the same name

Throws:

NameNotFoundException - if a Condition instance with the given name is not present

removeCondition

public Condition removeCondition(String condition)

Deprecated.

Removes the condition with the given name.

Parameters:

condition - name of the Condition

Returns:

returns the Condition object being removed; if not present returns null

removeCondition

public void removeCondition(Condition condition)

Deprecated.

Removes the Condition object identified by object's equals method. If a condition instance does not exist, the method will return silently.

Parameters:

condition - Condition object that will be removed

store

public void store(SSOToken token,
                  String name)
           throws SSOException,
                  NoPermissionException,
                  NameAlreadyExistsException,
                  NameNotFoundException,
                  PolicyException

Deprecated.

Stores the policy object in a persistent data store under the organization, sub-organization or a container object, specified as a parameter. The organization, sub-organization, or the container can be either a LDAP distinguished name (dn) or slash "/" separated as per SMS. This method uses the SSOToken provided to perform the store operation, and hence if the single sign token has expired SSOException will be thrown, and if the user does not have the required privileges NoPermissionException exception will be thrown.

If a policy with the same name exists for the organization the method will throw NameAlreadyExistsException. And if the organization name does not exist, the method will throw NameNotFoundException.

Parameters:

token - SSO token of the user managing policy

name - name of the organization, sub-organization or a container in which the policy will be stored.

Throws:

SSOException - invalid or expired single-sign-on token

NoPermissionException - user does not have sufficient privileges to add policy

NameAlreadyExistsException - a policy with the same name already exists

NameNotFoundException - the given organization name does not exist

PolicyException - for any other abnormal condition

toXML

public String toXML()

Deprecated.

Returns the serialized policy in XML

Returns:

serialized policy in XML

toString

public String toString()

Deprecated.

Gets string representation of the policy object.

Overrides:

toString in class Object

Returns:

XML string representation of the policy object