Package com.sun.identity.policy.interfaces

Interface Subject

All Superinterfaces:

Cloneable

@SupportedAll
@Deprecated(since="8.0.0",
            forRemoval=true)
public interface Subject
extends Cloneable

Deprecated, for removal: This API element is subject to removal in a future version.

The class Subject defines a collection of users (or subject) to whom the specified Policy is applied. A complete implementation of this interface can have complex boolean operations to determine if the given user identified by the SSOToken belongs to this collection.

The interfaces are separated into administrative interfaces and evaluation interfaces. The administrative interfaces will be used by web interface/command line interface component to create a Subject object and the evaluation interfaces will be used by the PolicyEvaluator.

Method Summary

Modifier and Type	Method	Description
Object	clone()	Deprecated, for removal: This API element is subject to removal in a future version. Creates and returns a copy of this object.
String	getDisplayNameForValue(String value, Locale locale)	Deprecated, for removal: This API element is subject to removal in a future version. Returns the display name for the value for the given locale.
ValidValues	getValidValues(SSOToken token)	Deprecated, for removal: This API element is subject to removal in a future version. Returns a list of possible values for the Subject .
ValidValues	getValidValues(SSOToken token, String pattern)	Deprecated, for removal: This API element is subject to removal in a future version. Returns a list of possible values for the Subject that satisfy the given pattern.
Set	getValues()	Deprecated, for removal: This API element is subject to removal in a future version. Returns the values that was set using the method setValues.
Syntax	getValueSyntax(SSOToken token)	Deprecated, for removal: This API element is subject to removal in a future version. Returns the syntax of the values the Subject implementation can have.
void	initialize(Map configParams)	Deprecated, for removal: This API element is subject to removal in a future version. Initialize (or configure) the Subject object.
boolean	isMember(SSOToken token)	Deprecated, for removal: This API element is subject to removal in a future version. Determines if the user belongs to this instance of the Subject object.
void	setValues(Set names)	Deprecated, for removal: This API element is subject to removal in a future version. Sets the names for the instance of the Subject object.

Method Details

getValueSyntax

Syntax getValueSyntax(SSOToken token)
               throws SSOException,
PolicyException

Deprecated, for removal: This API element is subject to removal in a future version.

Returns the syntax of the values the Subject implementation can have.

Parameters:

token - the SSOToken that will be used to determine the syntax

Returns:

Syntax of the values for the Subject

Throws:

SSOException - if SSOToken is not valid

PolicyException - if unable to get the list of valid names.

See Also:

• Syntax

getValidValues

ValidValues getValidValues(SSOToken token)
                    throws SSOException,
PolicyException

Deprecated, for removal: This API element is subject to removal in a future version.

Returns a list of possible values for the Subject . The implementation must use the SSOToken token provided to determine the possible values. For example, in a Role implementation this method will return all the roles defined in the organization.

Parameters:

token - the SSOToken that will be used to determine the possible values

Returns:

ValidValues object

Throws:

SSOException - if SSOToken is not valid

PolicyException - if unable to get the list of valid names.

getValidValues

ValidValues getValidValues(SSOToken token,
 String pattern)
                    throws SSOException,
PolicyException

Deprecated, for removal: This API element is subject to removal in a future version.

Returns a list of possible values for the Subject that satisfy the given pattern. The implementation must use the SSOToken token provided to determine the possible values. For example, in a Role implementation with the search filter *admin this method will return all the roles defined in the organization that end with admin

Parameters:

token - the SSOToken that will be used to determine the possible values

pattern - search pattern that will be used to narrow the list of valid names.

Returns:

ValidValues object

Throws:

SSOException - if SSOToken is not valid

PolicyException - if unable to get the list of valid names.

getDisplayNameForValue

String getDisplayNameForValue(String value,
 Locale locale)
                       throws NameNotFoundException

Deprecated, for removal: This API element is subject to removal in a future version.

Returns the display name for the value for the given locale. For all the valid values obtained through the methods getValidValues this method must be called by web and command line interface to get the corresponding display name. The locale variable could be used by the plugin to customize the display name for the given locale. The locale variable could be null, in which case the plugin must use the default locale (most probably en_US). This method returns only the display name and should not be used for the method setValues. Alternatively, if the plugin does not have to localize the value, it can just return the value as is.

Parameters:

value - one of the valid value for the plugin

locale - locale for which the display name must be customized

Returns:

the display name for the value for the given locale.

Throws:

NameNotFoundException - if the given value is not one of the valid values for the plugin

getValues

Set getValues()

Deprecated, for removal: This API element is subject to removal in a future version.

Returns the values that was set using the method setValues.

Returns:

Set of values that have been set for the user collection.

initialize

void initialize(Map configParams)
         throws PolicyException

Deprecated, for removal: This API element is subject to removal in a future version.

Initialize (or configure) the Subject object. Usually it will be initialized with the environment parameters set by the system administrator via admin console. For example in a Role implementation, the configuration parameters could specify the directory server name, port, etc.

Parameters:

configParams - configuration parameters as a Map. The values in the map is java.util.Set, which contains one or more configuration parameters.

Throws:

PolicyException - if an error occurred during initialization of Subject instance

setValues

void setValues(Set names)
        throws InvalidNameException

Deprecated, for removal: This API element is subject to removal in a future version.

Sets the names for the instance of the Subject object. The names are obtained from the Policy object, usually configured when a policy is created. For example in a Role implementation, this would be name of the role.

Parameters:

names - names selected for the instance of the user collection object.

Throws:

InvalidNameException - if the given names are not valid

isMember

boolean isMember(SSOToken token)
          throws SSOException,
PolicyException

Deprecated, for removal: This API element is subject to removal in a future version.

Determines if the user belongs to this instance of the Subject object. For example, a Role implementation would return true if the user belongs the specified role; false otherwise.

Parameters:

token - single-sign-on token of the user

Returns:

true if the user is member of the given subject; false otherwise.

Throws:

SSOException - if SSO token is not valid

PolicyException - if an error occurred while checking if the user is a member of this subject

clone

Object clone()

Deprecated, for removal: This API element is subject to removal in a future version.

Creates and returns a copy of this object.

Returns:

a copy of this object