|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface Policy
A policy decision point policy for role-based access control.
A policy defines two major sets of rules:
In order to be valid the following conditions must be met:
RoleAssignmentRule
.TargetAccessRule
.A policy defines role hierarchies. In order to be useful, polices must have at least one
RoleHierarchy
.
Method Summary | |
---|---|
AccessDecision |
getAccessDecision(Subject subject,
URI resourceUri,
String actionName,
List<?> arguments,
TimeStamp timeStamp)
Decides whether a subject may be given access to a target and what obligations need to be fulfilled. |
boolean |
isPolicyConsistent(PartProblemReporter reporter)
Check if this policy is consistent. |
Methods inherited from interface org.openpermis.policy.Part |
---|
equals, hashCode, toString |
Method Detail |
---|
boolean isPolicyConsistent(PartProblemReporter reporter)
reporter
- optional callback where violations are reported, may be null
if the caller is not interested in details about the violations.
true
if this policy is consistent, otherwise false
.AccessDecision getAccessDecision(Subject subject, URI resourceUri, String actionName, List<?> arguments, TimeStamp timeStamp) throws PolicyDecisionException
PolicyDecisionPoint
getAccessDecision
in interface PolicyDecisionPoint
subject
- a Subject
to identify the user requesting access and to provide
the roles assigned to her.resourceUri
- a URI
to identify the resource that the subject wants to access.actionName
- the name of the action that the subject wants to perform on the resource.arguments
- an optional list of arguments for the action
that the subject wants to perform on the resource.timeStamp
- the time at which the action is executed.
AccessDecision
containing the PDP's decision and the
obligations associated with the decision.
PolicyDecisionException
- if the PDP fails to make an access decision.
|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
OpenPermis Role Based Access Control 0.9.0 (Build 16)
2009/08/13 07:16:59
Copyright (c) 2002-2007 Ergon Informatik AG