Package com.sun.identity.policy

Class Policy

java.lang.Object
com.sun.identity.policy.Policy
All Implemented Interfaces:
Cloneable
@Supported @Deprecated public class Policy extends Object implements Cloneable
Deprecated.
As of OpenSSO Express 8.0, use Entitlement instead as Entitlement has replaced Policy.
The class Policy represents a policy definition. A policy contains a set of rules associated with a collection of users and conditions. The policy object is saved in the data store only when the store method of the Policy is called, or if the methods addPolicy or replacePolicy of PolicyManager instance is invoked with this policy. The Policy object is accessible to policy evaluation and enforcement points only after it is saved in data store.

  • Constructor Summary

    Constructors
    Constructor
    Description
    Policy(String policyName)
    Deprecated.
    Constructs a policy given the policy name.
    Policy(String policyName, String description)
    Deprecated.
    Constructs a policy given the policy name and description.
    Policy(String policyName, String description, boolean referralPolicy)
    Deprecated.
    Constructs a policy given the policy name,description and a referralPolicy flag.
    Policy(String policyName, String description, boolean referralPolicy, boolean active)
    Deprecated.
    Constructs a policy given the policy name , description, referralPolicy flag, and active flag

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addCondition(String name, Condition condition)
    Deprecated.
    Adds a new policy condition.
    void
    addRealmSubject(SSOToken token, String subjectName, String realmName, boolean exclusive)
    Deprecated.
    Adds a reference in the policy to a Subject defined at the realm.
    void
    addRealmSubject(String subjectName, SubjectTypeManager stm, boolean exclusive)
    Deprecated.
    Adds a reference in the policy to a Subject defined at the realm.
    void
    addReferral(String name, Referral referral)
    Deprecated.
    Adds a new policy referral.
    void
    addRule(Rule rule)
    Deprecated.
    Adds a new policy rule.
    void
    addSubject(String name, Subject subject)
    Deprecated.
    Adds a new policy subject.
    void
    addSubject(String name, Subject subject, boolean exclusive)
    Deprecated.
    Adds a new policy subject.
    Condition
    getCondition(String condition)
    Deprecated.
    Gets the condition object identified by name.
    Set
    getConditionNames()
    Deprecated.
    Get the set of condition names associated with the policy.
    String
    getDescription()
    Deprecated.
    Gets the description for the policy.
    String
    getName()
    Deprecated.
    Gets the name of the policy.
    String
    getOrganizationName()
    Deprecated.
    Gets the organization name under which the policy is created This would be set only for policies that have been read from data store.
    Referral
    getReferral(String referralName)
    Deprecated.
    Gets the Referral object identified by name.
    Set
    getReferralNames()
    Deprecated.
    Get the Set of referral names associated with the policy.
    Rule
    getRule(String ruleName)
    Deprecated.
    Gets the rule object identified by name.
    Set
    getRuleNames()
    Deprecated.
    Gets the set of rule names associated with the policy.
    Subject
    getSubject(String subjectName)
    Deprecated.
    Gets the Subject object identified by name.
    Set
    getSubjectNames()
    Deprecated.
    Get the Set of subject names associated with the policy.
    boolean
    isActive()
    Deprecated.
    Checks whether the policy is active or inactive An inactive policy is not used to make policy evaluations.
    boolean
    isRealmSubject(String subjectName)
    Deprecated.
    Checks if the subjectName is a reference to a Subject defined at the realm
    boolean
    isReferralPolicy()
    Deprecated.
    Checks whether the policy is a referral policy.
    boolean
    isSubjectExclusive(String subjectName)
    Deprecated.
    Checks if the subject is exclusive.
    void
    removeCondition(Condition condition)
    Deprecated.
    Removes the Condition object identified by object's equals method.
    Condition
    removeCondition(String condition)
    Deprecated.
    Removes the condition with the given name.
    void
    removeReferral(Referral referral)
    Deprecated.
    Removes the Referral object identified by object's equals method.
    Referral
    removeReferral(String referralName)
    Deprecated.
    Removes the referral with the given name.
    Rule
    removeRule(String ruleName)
    Deprecated.
    Removes the Rule with the given name.
    void
    removeSubject(Subject subject)
    Deprecated.
    Removes the Subject object identified by object's equals method.
    Subject
    removeSubject(String subjectName)
    Deprecated.
    Removes the subject with the given name.
    void
    replaceCondition(String name, Condition condition)
    Deprecated.
    Replaces an existing condition with the same name by the current one.
    void
    replaceReferral(String name, Referral referral)
    Deprecated.
    Replaces an existing referral with the same name by the current one.
    void
    replaceRule(Rule rule)
    Deprecated.
    Replaces an existing rule with the same name by the current one.
    void
    replaceSubject(String name, Subject subject)
    Deprecated.
    Replaces an existing subject with the same name by the current one.
    void
    replaceSubject(String name, Subject subject, boolean exclusive)
    Deprecated.
    Replaces an existing subject with the same name by the current one.
    void
    setActive(boolean active)
    Deprecated.
    Set the active flag for policy.
    void
    setDescription(String description)
    Deprecated.
    Sets the description for the policy.
    void
    setName(String policyName)
    Deprecated.
    Sets the name of the policy.
    void
    store(SSOToken token, String name)
    Deprecated.
    Stores the policy object in a persistent data store under the organization, sub-organization or a container object, specified as a parameter.
    String
    toString()
    Deprecated.
    Gets string representation of the policy object.
    String
    toXML()
    Deprecated.
    Returns the serialized policy in XML

    Methods inherited from class java.lang.Object

    finalize, getClass, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • Policy

      @Supported public Policy(String policyName) throws InvalidNameException
      Deprecated.
      Constructs a policy given the policy name.
      Parameters:
      policyName - name of the policy
      Throws:
      InvalidNameException - if policy name is not valid

    • Policy

      @Supported public Policy(String policyName, String description) throws InvalidNameException
      Deprecated.
      Constructs a policy given the policy name and description.
      Parameters:
      policyName - name of the policy
      description - description for the policy
      Throws:
      InvalidNameException - if policy name is not valid

    • Policy

      @Supported public Policy(String policyName, String description, boolean referralPolicy) throws InvalidNameException
      Deprecated.
      Constructs a policy given the policy name,description and a referralPolicy flag.
      Parameters:
      policyName - name of the policy
      description - description for the policy
      referralPolicy - indicates whether the policy is a referral policy or a standard policy. A referral policy is used only to delegate policy definitions to sub/peer organizations. A referral policy does not make use of any action values
      Throws:
      InvalidNameException - if policy name is not valid

    • Policy

      @Supported public Policy(String policyName, String description, boolean referralPolicy, boolean active) throws InvalidNameException
      Deprecated.
      Constructs a policy given the policy name , description, referralPolicy flag, and active flag
      Parameters:
      policyName - name of the policy
      description - description for the policy
      referralPolicy - indicates whether the policy is a referral policy or a standard policy.
      active - indicates if the policy is active or not. A referral policy is used only to delegate policy definitions to sub/peer organizations. A referral policy does not make use of any action values
      Throws:
      InvalidNameException - if policy name is not valid

  • Method Details

    • getName

      @Supported public String getName()
      Deprecated.
      Gets the name of the policy.
      Returns:
      name of the policy

    • setName

      @Supported public void setName(String policyName) throws InvalidNameException
      Deprecated.
      Sets the name of the policy.
      Parameters:
      policyName - name of the policy.
      Throws:
      InvalidNameException - if policyName is an invalid name.

    • getOrganizationName

      @Supported public String getOrganizationName()
      Deprecated.
      Gets the organization name under which the policy is created This would be set only for policies that have been read from data store. Otherwise this would be null
      Returns:
      the organization name under which the policy is created

    • getDescription

      @Supported public String getDescription()
      Deprecated.
      Gets the description for the policy. If the description for the policy has not been set the method will return an empty string; not null.
      Returns:
      description of the policy

    • setDescription

      @Supported public void setDescription(String description) throws InvalidNameException
      Deprecated.
      Sets the description for the policy.
      Parameters:
      description - description for the policy
      Throws:
      InvalidNameException - if the description is invalid

    • isReferralPolicy

      @Supported public boolean isReferralPolicy()
      Deprecated.
      Checks whether the policy is a referral policy. A referral policy is used only to delegate policy definitions to sub/peer organizations. A referral policy does not make use of any action values
      Returns:
      true if this is a referral policy. Otherwise returns false

    • isActive

      @Supported public boolean isActive()
      Deprecated.
      Checks whether the policy is active or inactive An inactive policy is not used to make policy evaluations.
      Returns:
      true if this is an active policy. Otherwise returns false

    • setActive

      @Supported public void setActive(boolean active)
      Deprecated.
      Set the active flag for policy. An inactive policy is not used to make policy evaluations.
      Parameters:
      active - boolean representing active or inactive.

    • getRuleNames

      @Supported public Set getRuleNames()
      Deprecated.
      Gets the set of rule names associated with the policy.
      Returns:
      Set of rule names

    • getRule

      @Supported public Rule getRule(String ruleName) throws NameNotFoundException
      Deprecated.
      Gets the rule object identified by name.
      Parameters:
      ruleName - name of rule.
      Returns:
      Rule object.
      Throws:
      NameNotFoundException - if a Rule with the given name does not exist

    • addRule

      @Supported public void addRule(Rule rule) throws NameAlreadyExistsException, InvalidNameException
      Deprecated.
      Adds a new policy rule.
      Parameters:
      rule - rule object to be added to the policy
      Throws:
      NameAlreadyExistsException - a rule with the given name already exists
      InvalidNameException - if the rule name is invalid same service name as the policy

    • replaceRule

      @Supported public void replaceRule(Rule rule) throws InvalidNameException
      Deprecated.
      Replaces an existing rule with the same name by the current one. If a Rule with the same name does not exist, it will be added.
      Parameters:
      rule - Rule that will replace an existing rule with the same name
      Throws:
      InvalidNameException - if Rule name is invalid

    • removeRule

      @Supported public Rule removeRule(String ruleName)
      Deprecated.
      Removes the Rule with the given name.
      Parameters:
      ruleName - name of the rule
      Returns:
      returns the Rule object being removed; if not present returns null

    • getSubjectNames

      @Supported public Set getSubjectNames()
      Deprecated.
      Get the Set of subject names associated with the policy.
      Returns:
      Set of String objects representing subject names

    • getSubject

      @Supported public Subject getSubject(String subjectName) throws NameNotFoundException
      Deprecated.
      Gets the Subject object identified by name.
      Parameters:
      subjectName - name of subject.
      Returns:
      Subject object
      Throws:
      NameNotFoundException - if a Subject with the given name does not exist

    • addSubject

      @Supported public void addSubject(String name, Subject subject) throws NameAlreadyExistsException, InvalidNameException
      Deprecated.
      Adds a new policy subject. The subject is added as a normal (non exclusive) subject. So, policy will apply to members of the subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.
      Parameters:
      name - name of the Subject instance
      subject - Subject object to be added to the policy
      Throws:
      NameAlreadyExistsException - if a Subject with the given name already exists
      InvalidNameException - if the subject name is invalid

    • addRealmSubject

      @Supported public void addRealmSubject(SSOToken token, String subjectName, String realmName, boolean exclusive) throws NameAlreadyExistsException, InvalidNameException, PolicyException, SSOException
      Deprecated.
      Adds a reference in the policy to a Subject defined at the realm.
      Parameters:
      token - SSOToken of the user adding the subject
      subjectName - name of the Subject as defined at the realm
      realmName - name of the realm in which the subject is defined
      Throws:
      NameAlreadyExistsException - if a Subject with the given name already exists in the policy
      InvalidNameException - if the subject name is invalid or the subject is not found at the realm
      SSOException - if the SSO token is invalid
      PolicyException - if the subject could not be added for any other reason

    • addRealmSubject

      @Supported public void addRealmSubject(String subjectName, SubjectTypeManager stm, boolean exclusive) throws NameAlreadyExistsException, InvalidNameException, PolicyException, SSOException
      Deprecated.
      Adds a reference in the policy to a Subject defined at the realm.
      Parameters:
      subjectName - name of the Subject as defined at the realm
      stm - SubjectTypeManager of the realm. You have to pass the SubjectTypeManager of realm in which you would save the policy. Trying to save the policy at a different realm would throw PolicyException.
      Throws:
      NameAlreadyExistsException - if a Subject with the given name already exists in the policy
      InvalidNameException - if the subject name is invalid or the subject is not found at the realm
      SSOException - if the SSO token is invalid
      PolicyException - if the subject could not be added for any other reason

    • addSubject

      @Supported public void addSubject(String name, Subject subject, boolean exclusive) throws NameAlreadyExistsException, InvalidNameException
      Deprecated.
      Adds a new policy subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.
      Parameters:
      name - name of the Subject instance
      subject - Subject object to be added to the policy
      exclusive - boolean flag indicating whether the subject is to be exclusive subject. If subject is exclusive, policy applies to users who are not members of the subject. Otherwise, policy applies to members of the subject.
      Throws:
      NameAlreadyExistsException - if a Subject with the given name already exists
      InvalidNameException - if the subject name is invalid

    • replaceSubject

      @Supported public void replaceSubject(String name, Subject subject) throws NameNotFoundException
      Deprecated.
      Replaces an existing subject with the same name by the current one. If a subject with the same name does not exist, it will be added. The subject is replaced as a normal (non exclusive) subject. So, policy will apply to members of the subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject subject in the policy or not a member of any exclusive subject subject in the policy.
      Parameters:
      name - name of the Subject instance
      subject - Subject that will replace an existing Subject with the same name
      Throws:
      NameNotFoundException - if a Subject instance with the given name is not present

    • replaceSubject

      @Supported public void replaceSubject(String name, Subject subject, boolean exclusive) throws NameNotFoundException
      Deprecated.
      Replaces an existing subject with the same name by the current one. If a subject with the same name does not exist, it will be added. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.
      Parameters:
      name - name of the Subject instance
      subject - Subject that will replace an existing Subject with the same name
      exclusive - boolean flag indicating whether the subject is to be exclusive subject. If subject is exclusive, policy applies to users who are not members of the subject. Otherwise, policy applies to members of the subject.
      Throws:
      NameNotFoundException - if a Subject instance with the given name is not present

    • removeSubject

      @Supported public Subject removeSubject(String subjectName)
      Deprecated.
      Removes the subject with the given name.
      Parameters:
      subjectName - name of the Subject
      Returns:
      returns the Subject object being removed. if not present returns null

    • removeSubject

      @Supported public void removeSubject(Subject subject)
      Deprecated.
      Removes the Subject object identified by object's equals method. If a Subject instance does not exist, the method will return silently.
      Parameters:
      subject - Subject object that will be removed from the user collection

    • isSubjectExclusive

      @Supported public boolean isSubjectExclusive(String subjectName) throws NameNotFoundException
      Deprecated.
      Checks if the subject is exclusive. If subject is exclusive, policy applies to users who are not members of the subject. Otherwise, policy applies to members of the subject. The policy will apply to a user if he is a member of any normal (non exclusive) subject in the policy or not a member of any exclusive subject in the policy.
      Parameters:
      subjectName - name of the subject
      Returns:
      true if the subject is exclusive, false otherwise.
      Throws:
      NameNotFoundException - if the subject with the given subjectName does not exist in the policy.

    • isRealmSubject

      @Supported public boolean isRealmSubject(String subjectName) throws NameNotFoundException
      Deprecated.
      Checks if the subjectName is a reference to a Subject defined at the realm
      Parameters:
      subjectName - name of the subject
      Returns:
      true if the subject is a reference to a Subject defined at the realm, false otherwise.
      Throws:
      NameNotFoundException - if the subject with the given subjectName does not exist in the policy.

    • getReferralNames

      @Supported public Set getReferralNames()
      Deprecated.
      Get the Set of referral names associated with the policy.
      Returns:
      Set of referral names

    • getReferral

      @Supported public Referral getReferral(String referralName) throws NameNotFoundException
      Deprecated.
      Gets the Referral object identified by name.
      Parameters:
      referralName - name of referral.
      Returns:
      Referral object
      Throws:
      NameNotFoundException - if a Referral with the given name does not exist

    • addReferral

      @Supported public void addReferral(String name, Referral referral) throws NameAlreadyExistsException, InvalidNameException
      Deprecated.
      Adds a new policy referral.
      Parameters:
      name - name of the Referral instance
      referral - Referral object to be added to the policy
      Throws:
      NameAlreadyExistsException - if a Referral with the given name already exists
      InvalidNameException - if the referral name is invalid

    • replaceReferral

      @Supported public void replaceReferral(String name, Referral referral) throws NameNotFoundException
      Deprecated.
      Replaces an existing referral with the same name by the current one. If a referral with the same name does not exist, it will be added.
      Parameters:
      name - name of the Referral instance
      referral - Referral that will replace an existing Referral with the same name
      Throws:
      NameNotFoundException - if a Referral instance with the given name is not present

    • removeReferral

      @Supported public Referral removeReferral(String referralName)
      Deprecated.
      Removes the referral with the given name.
      Parameters:
      referralName - name of the Referral
      Returns:
      returns the Referral object being removed; if not present returns null

    • removeReferral

      @Supported public void removeReferral(Referral referral)
      Deprecated.
      Removes the Referral object identified by object's equals method. If a Referral instance does not exist, the method will return silently.
      Parameters:
      referral - Referral object that will be removed

    • getConditionNames

      @Supported public Set getConditionNames()
      Deprecated.
      Get the set of condition names associated with the policy.
      Returns:
      Set of condition names

    • getCondition

      @Supported public Condition getCondition(String condition) throws NameNotFoundException
      Deprecated.
      Gets the condition object identified by name.
      Parameters:
      condition - name of condition.
      Returns:
      Condition object.
      Throws:
      NameNotFoundException - if a Condition with the given name does not exist.

    • addCondition

      @Supported public void addCondition(String name, Condition condition) throws NameAlreadyExistsException, InvalidNameException
      Deprecated.
      Adds a new policy condition.
      Parameters:
      name - name of the Condition instance
      condition - Condition object to be added to the policy
      Throws:
      NameAlreadyExistsException - if a Condition with the given name already exists
      InvalidNameException - if the condition name is invalid

    • replaceCondition

      @Supported public void replaceCondition(String name, Condition condition) throws NameNotFoundException
      Deprecated.
      Replaces an existing condition with the same name by the current one. If a condition with the same name does not exist, it will be added.
      Parameters:
      name - name of the Condition instance
      condition - Condition that will replace an existing Condition with the same name
      Throws:
      NameNotFoundException - if a Condition instance with the given name is not present

    • removeCondition

      @Supported public Condition removeCondition(String condition)
      Deprecated.
      Removes the condition with the given name.
      Parameters:
      condition - name of the Condition
      Returns:
      returns the Condition object being removed; if not present returns null

    • removeCondition

      @Supported public void removeCondition(Condition condition)
      Deprecated.
      Removes the Condition object identified by object's equals method. If a condition instance does not exist, the method will return silently.
      Parameters:
      condition - Condition object that will be removed

    • store

      @Supported public void store(SSOToken token, String name) throws SSOException, NoPermissionException, NameAlreadyExistsException, NameNotFoundException, PolicyException
      Deprecated.
      Stores the policy object in a persistent data store under the organization, sub-organization or a container object, specified as a parameter. The organization, sub-organization, or the container can be either a LDAP distinguished name (dn) or slash "/" separated as per SMS. This method uses the SSOToken provided to perform the store operation, and hence if the single sign token has expired SSOException will be thrown, and if the user does not have the required privileges NoPermissionException exception will be thrown.

      If a policy with the same name exists for the organization the method will throw NameAlreadyExistsException. And if the organization name does not exist, the method will throw NameNotFoundException.

      Parameters:
      token - SSO token of the user managing policy
      name - name of the organization, sub-organization or a container in which the policy will be stored.
      Throws:
      SSOException - invalid or expired single-sign-on token
      NoPermissionException - user does not have sufficient privileges to add policy
      NameAlreadyExistsException - a policy with the same name already exists
      NameNotFoundException - the given organization name does not exist
      PolicyException - for any other abnormal condition

    • toXML

      @Supported public String toXML()
      Deprecated.
      Returns the serialized policy in XML
      Returns:
      serialized policy in XML

    • toString

      @Supported public String toString()
      Deprecated.
      Gets string representation of the policy object.
      Overrides:
      toString in class Object
      Returns:
      XML string representation of the policy object