org.openpermis.policy
Interface Policy

All Superinterfaces:
Part, PolicyDecisionPoint, Serializable
All Known Subinterfaces:
PolicyBean
All Known Implementing Classes:
BasicPolicy

public interface Policy
extends Part, PolicyDecisionPoint

A policy decision point policy for role-based access control.

A policy defines two major sets of rules:

In order to be valid the following conditions must be met:

A policy defines role hierarchies. In order to be useful, polices must have at least one RoleHierarchy.

Since:
0.1.0

Method Summary
 AccessDecision getAccessDecision(Subject subject, URI resourceUri, String actionName, List<?> arguments, TimeStamp timeStamp)
          Decides whether a subject may be given access to a target and what obligations need to be fulfilled.
 
Methods inherited from interface org.openpermis.policy.Part
equals, hashCode, isValid, toString
 

Method Detail

getAccessDecision

AccessDecision getAccessDecision(Subject subject,
                                 URI resourceUri,
                                 String actionName,
                                 List<?> arguments,
                                 TimeStamp timeStamp)
Description copied from interface: PolicyDecisionPoint
Decides whether a subject may be given access to a target and what obligations need to be fulfilled.

Specified by:
getAccessDecision in interface PolicyDecisionPoint
Parameters:
subject - a Subject to identify the user requesting access and to provide the roles assigned to her.
resourceUri - a URI to identify the resource that the subject wants to access.
actionName - the name of the action that the subject wants to perform on the resource.
arguments - an optional list of arguments for the action that the subject wants to perform on the resource.
Returns:
an AccessDecision containing the PDP's decision and the obligations associated with the decision.
Since:
0.3.0


PERMIS Role Based Access Control 0.3.0 (Build 14)
2009/05/08 09:06:10
Copyright (c) 2002-2007 Ergon Informatik AG