Overview  Package   Class  Tree  Deprecated  Index  Help 
SunTM's XACML Implementation for JavaTM
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.xacml
Interface EvaluationCtx

All Known Implementing Classes:
BasicEvaluationCtx
public interface EvaluationCtx

Manages the context of a single policy evaluation. Typically, an instance is instantiated whenever the PDP gets a request and needs to perform an evaluation as a result.

Note that this class does some optional caching for current date, time, and dateTime values (defined by a boolean flag to the constructors). The XACML specification requires that these values always be available, but it does not specify whether or not they must remain constant over the course of an evaluation if the values are being generated by the PDP (if the values are provided in the Request, then obviously they will remain constant). The default behavior is for these environment values to be cached, so that (for example) the current time remains constant over the course of an evaluation.

Since:
1.0

Field Summary
static String RESOURCE_ID
          The standard URI for listing a resource's id
static String RESOURCE_SCOPE
          The standard URI for listing a resource's scope
static int SCOPE_CHILDREN
          Resource scope of Children (the given resource and its direct children)
static int SCOPE_DESCENDANTS
          Resource scope of Descendants (the given resource and all descendants at any depth or distance)
static int SCOPE_IMMEDIATE
          Resource scope of Immediate (only the given resource)
 
Method Summary
 EvaluationResult getActionAttribute(URI type, URI id, URI issuer)
          Returns available action attribute value(s).
 EvaluationResult getAttribute(String contextPath, Node namespaceNode, URI type, String xpathVersion)
          Returns the attribute value(s) retrieved using the given XPath expression.
 AttributeFinder getAttributeFinder()
          Deprecated. As of version 1.2, this method should not be used, as it provides access to a mutable interface. This method will be removed in the next major release.
 DateAttribute getCurrentDate()
          Returns the cached value for the current date.
 DateTimeAttribute getCurrentDateTime()
          Returns the cached value for the current dateTime.
 TimeAttribute getCurrentTime()
          Returns the cached value for the current time.
 EvaluationResult getEnvironmentAttribute(URI type, URI id, URI issuer)
          Returns available environment attribute value(s).
 Node getRequestRoot()
          Returns the DOM root of the original RequestType XML document, if this context is backed by an XACML Request.
 EvaluationResult getResourceAttribute(URI type, URI id, URI issuer)
          Returns available resource attribute value(s).
 AttributeValue getResourceId()
          Returns the identifier for the resource being requested.
 int getScope()
          Returns the resource scope, which will be one of the three fields denoting Immediate, Children, or Descendants.
 EvaluationResult getSubjectAttribute(URI type, URI id, URI category)
          Returns available subject attribute value(s) ignoring the issuer.
 EvaluationResult getSubjectAttribute(URI type, URI id, URI issuer, URI category)
          Returns available subject attribute value(s).
 void setCurrentDate(DateAttribute currentDate)
          Sets the current date for this evaluation.
 void setCurrentDateTime(DateTimeAttribute currentDateTime)
          Sets the current dateTime for this evaluation.
 void setCurrentTime(TimeAttribute currentTime)
          Sets the current time for this evaluation.
 void setResourceId(AttributeValue resourceId)
          Changes the value of the resource-id attribute in this context.
 

Field Detail

RESOURCE_ID

public static final String RESOURCE_ID
The standard URI for listing a resource's id

See Also:
Constant Field Values

RESOURCE_SCOPE

public static final String RESOURCE_SCOPE
The standard URI for listing a resource's scope

See Also:
Constant Field Values

SCOPE_IMMEDIATE

public static final int SCOPE_IMMEDIATE
Resource scope of Immediate (only the given resource)

See Also:
Constant Field Values

SCOPE_CHILDREN

public static final int SCOPE_CHILDREN
Resource scope of Children (the given resource and its direct children)

See Also:
Constant Field Values

SCOPE_DESCENDANTS

public static final int SCOPE_DESCENDANTS
Resource scope of Descendants (the given resource and all descendants at any depth or distance)

See Also:
Constant Field Values
Method Detail

getAttributeFinder

public AttributeFinder getAttributeFinder()
Deprecated. As of version 1.2, this method should not be used, as it provides access to a mutable interface. This method will be removed in the next major release.

Returns the AttributeFinder used by this context.

Returns:
the AttributeFinder

getRequestRoot

public Node getRequestRoot()
Returns the DOM root of the original RequestType XML document, if this context is backed by an XACML Request. If this context is not backed by an XML representation, then an exception is thrown.

Returns:
the DOM root node
Throws:
UnsupportedOperationException - if the context is not backed by an XML representation

getResourceId

public AttributeValue getResourceId()
Returns the identifier for the resource being requested.

Returns:
the resource

getScope

public int getScope()
Returns the resource scope, which will be one of the three fields denoting Immediate, Children, or Descendants.

Returns:
the scope of the resource

setResourceId

public void setResourceId(AttributeValue resourceId)
Changes the value of the resource-id attribute in this context. This is useful when you have multiple resources (ie, a scope other than IMMEDIATE), and you need to keep changing only the resource-id to evaluate the different effective requests.

Parameters:
resourceId - the new resource-id value

getCurrentTime

public TimeAttribute getCurrentTime()
Returns the cached value for the current time. If the value has never been set by a call to setCurrentTime, or if caching is not enabled in this instance, then this will return null.

Returns:
the current time or null

setCurrentTime

public void setCurrentTime(TimeAttribute currentTime)
Sets the current time for this evaluation. If caching is not enabled for this instance then the value is ignored.

Parameters:
currentTime - the dynamically resolved current time

getCurrentDate

public DateAttribute getCurrentDate()
Returns the cached value for the current date. If the value has never been set by a call to setCurrentDate, or if caching is not enabled in this instance, then this will return null.

Returns:
the current date or null

setCurrentDate

public void setCurrentDate(DateAttribute currentDate)
Sets the current date for this evaluation. If caching is not enabled for this instance then the value is ignored.

Parameters:
currentDate - the dynamically resolved current date

getCurrentDateTime

public DateTimeAttribute getCurrentDateTime()
Returns the cached value for the current dateTime. If the value has never been set by a call to setCurrentDateTime, or if caching is not enabled in this instance, then this will return null.

Returns:
the current date or null

setCurrentDateTime

public void setCurrentDateTime(DateTimeAttribute currentDateTime)
Sets the current dateTime for this evaluation. If caching is not enabled for this instance then the value is ignored.

Parameters:
currentDateTime - the dynamically resolved current dateTime

getSubjectAttribute

public EvaluationResult getSubjectAttribute(URI type,
                                            URI id,
                                            URI category)
Returns available subject attribute value(s) ignoring the issuer.

Parameters:
type - the type of the attribute value(s) to find
id - the id of the attribute value(s) to find
category - the category the attribute value(s) must be in
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result

getSubjectAttribute

public EvaluationResult getSubjectAttribute(URI type,
                                            URI id,
                                            URI issuer,
                                            URI category)
Returns available subject attribute value(s).

Parameters:
type - the type of the attribute value(s) to find
id - the id of the attribute value(s) to find
issuer - the issuer of the attribute value(s) to find or null
category - the category the attribute value(s) must be in
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result

getResourceAttribute

public EvaluationResult getResourceAttribute(URI type,
                                             URI id,
                                             URI issuer)
Returns available resource attribute value(s).

Parameters:
type - the type of the attribute value(s) to find
id - the id of the attribute value(s) to find
issuer - the issuer of the attribute value(s) to find or null
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result

getActionAttribute

public EvaluationResult getActionAttribute(URI type,
                                           URI id,
                                           URI issuer)
Returns available action attribute value(s).

Parameters:
type - the type of the attribute value(s) to find
id - the id of the attribute value(s) to find
issuer - the issuer of the attribute value(s) to find or null
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result

getEnvironmentAttribute

public EvaluationResult getEnvironmentAttribute(URI type,
                                                URI id,
                                                URI issuer)
Returns available environment attribute value(s).

Parameters:
type - the type of the attribute value(s) to find
id - the id of the attribute value(s) to find
issuer - the issuer of the attribute value(s) to find or null
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result

getAttribute

public EvaluationResult getAttribute(String contextPath,
                                     Node namespaceNode,
                                     URI type,
                                     String xpathVersion)
Returns the attribute value(s) retrieved using the given XPath expression.

Parameters:
contextPath - the XPath expression to search
namespaceNode - the DOM node defining namespace mappings to use, or null if mappings come from the context root
type - the type of the attribute value(s) to find
xpathVersion - the version of XPath to use
Returns:
a result containing a bag either empty because no values were found or containing at least one value, or status associated with an Indeterminate result
Overview  Package   Class  Tree  Deprecated  Index  Help 
Sun's XACML Implementation Version 1.2
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    All Classes
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2003-2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.

Sun, Sun Microsystems, the Sun Logo, and Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the US and other countries.