Package com.sun.identity.entitlement
Class Evaluator
- java.lang.Object
-
- com.sun.identity.entitlement.Evaluator
-
@Supported public class Evaluator extends Object
The class evaluates entitlement request and provides decisions. The evaluation of a policy depends on the following contextual information:- realm: The realm the policy needs to be evaluated in.
- subject: The subject that attempts to access a particular resource.
- resourceNames: The resources the subject attempts to access.
- environment: Additional information about the environment within which the policy should be evaluated. Note
that certain environment/subject conditions may depend on certain fields to be present in this map. One such
example would be the LDAP Filter Condition having access to the
PolicyEvaluator.REALM_DN
field containing the realm's DN representation.
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description List<com.sun.identity.entitlement.Entitlement>
evaluate(String realm, Subject subject, String resourceName, Map<String,Set<String>> environment, boolean recursive)
Returns a list of entitlements for a given subject, resource name and environment.List<com.sun.identity.entitlement.Entitlement>
evaluate(String realm, Subject subject, Set<String> resourceNames, Map<String,Set<String>> environment)
Returns a list of entitlements for a given subject, resource names and environment.
-
-
-
Method Detail
-
evaluate
@Supported public List<com.sun.identity.entitlement.Entitlement> evaluate(String realm, Subject subject, Set<String> resourceNames, Map<String,Set<String>> environment) throws EntitlementException
Returns a list of entitlements for a given subject, resource names and environment.- Parameters:
realm
- Realm Name.subject
- Subject who is under evaluation.resourceNames
- Resource names.environment
- Environment parameters.- Returns:
- a list of entitlements for a given subject, resource name and environment.
- Throws:
EntitlementException
- if the result cannot be determined.
-
evaluate
@Supported public List<com.sun.identity.entitlement.Entitlement> evaluate(String realm, Subject subject, String resourceName, Map<String,Set<String>> environment, boolean recursive) throws EntitlementException
Returns a list of entitlements for a given subject, resource name and environment.- Parameters:
realm
- Realm Name.subject
- Subject who is under evaluation.resourceName
- Resource name.environment
- Environment parameters.recursive
-true
to perform evaluation on sub resources from the given resource name.- Returns:
- a list of entitlements for a given subject, resource name and environment.
- Throws:
EntitlementException
- if the result cannot be determined.
-
-