Package com.sun.identity.entitlement

Interface EntitlementSubject

@SupportedAll
public interface EntitlementSubject

Encapsulates a Strategy to decide if a Privilege applies to a given Subject.

Method Summary

Modifier and Type	Method	Description
SubjectDecision	evaluate(String realm, com.sun.identity.entitlement.SubjectAttributesManager mgr, Subject subject, String resourceName, Map<String,Set<String>> environment)	Returns SubjectDecision of EntitlementSubject evaluation.
Set<String>	getRequiredAttributeNames()	Returns a set of attribute names that are used for evaluation.
Map<String,Set<String>>	getSearchIndexAttributes()	Returns attribute names and values that could be used for indexing.
String	getState()	Returns state of the object encoded as a JSON string.
boolean	isIdentity()	Returns true is this subject is an identity object.
void	setState(String state)	Sets state of this object from a JSON string.

Method Details

setState

void setState(String state)

Sets state of this object from a JSON string.

Parameters:

state - State of the object encoded as a JSON string

getState

String getState()

Returns state of the object encoded as a JSON string.

Returns:

state of the object encoded as a JSON string.

getSearchIndexAttributes

Map<String,Set<String>> getSearchIndexAttributes()

Returns attribute names and values that could be used for indexing. These values will be used by the authorization engine to obtain the applicable policies for a given Subject.

Returns:

a map of key-value pairs that will be used for indexing the entitlements that contain this EntitlementSubject.

getRequiredAttributeNames

Set<String> getRequiredAttributeNames()

Returns a set of attribute names that are used for evaluation. During evaluation, the Evaluator would try to populate these attributes in the Subject for the EntitlementSubject's consumption.

Returns:

a set of attributes that would be required by the EntitlementSubject's implementation.

evaluate

SubjectDecision evaluate(String realm,
 com.sun.identity.entitlement.SubjectAttributesManager mgr,
 Subject subject,
 String resourceName,
 Map<String,Set<String>> environment)
                  throws EntitlementException

Returns SubjectDecision of EntitlementSubject evaluation.

Parameters:

realm - Realm name.

subject - Subject who is under evaluation.

resourceName - Resource name.

environment - Environment parameters.

Returns:

SubjectDecision of Subject evaluation.

Throws:

EntitlementException - if any errors occur.

isIdentity

boolean isIdentity()

Returns true is this subject is an identity object.

Returns:

true is this subject is an identity object.