Overview  Package   Class  Tree  Deprecated  Index  Help 
SunTM's XACML Implementation for JavaTM
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sun.xacml
Class PDP

java.lang.Object
  extended bycom.sun.xacml.PDP
public class PDP
extends Object

This is the core class for the XACML engine, providing the starting point for request evaluation. To build an XACML policy engine, you start by instantiating this object.

Since:
1.0

Constructor Summary
PDP(PDPConfig config)
          Constructs a new PDP object with the given configuration information.
 
Method Summary
 ResponseCtx evaluate(EvaluationCtx context)
          Uses the given EvaluationCtx against the available policies to determine a response.
 OutputStream evaluate(InputStream input)
          Deprecated. As of 1.2 this method should not be used. Instead, you should do your own stream handling, and then use one of the other evaluate methods. The problem with this method is that it often doesn't handle stream termination correctly (eg, with sockets).
 ResponseCtx evaluate(RequestCtx request)
          Attempts to evaluate the request against the policies known to this PDP.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PDP

public PDP(PDPConfig config)
Constructs a new PDP object with the given configuration information.

Parameters:
config - user configuration data defining how to find policies, resolve external attributes, etc.
Method Detail

evaluate

public ResponseCtx evaluate(RequestCtx request)
Attempts to evaluate the request against the policies known to this PDP. This is really the core method of the entire XACML specification, and for most people will provide what you want. If you need any special handling, you should look at the version of this method that takes an EvaluationCtx.

Note that if the request is somehow invalid (it was missing a required attribute, it was using an unsupported scope, etc), then the result will be a decision of INDETERMINATE.

Parameters:
request - the request to evaluate
Returns:
a response paired to the request

evaluate

public ResponseCtx evaluate(EvaluationCtx context)
Uses the given EvaluationCtx against the available policies to determine a response. If you are starting with a standard XACML Request, then you should use the version of this method that takes a RequestCtx. This method should be used only if you have a real need to directly construct an evaluation context (or if you need to use an EvaluationCtx implementation other than BasicEvaluationCtx).

Parameters:
context - representation of the request and the context used for evaluation
Returns:
a response based on the contents of the context

evaluate

public OutputStream evaluate(InputStream input)
Deprecated. As of 1.2 this method should not be used. Instead, you should do your own stream handling, and then use one of the other evaluate methods. The problem with this method is that it often doesn't handle stream termination correctly (eg, with sockets).

A utility method that wraps the functionality of the other evaluate method with input and output streams. This is useful if you've got a PDP that is taking inputs from some stream and is returning responses through the same stream system. If the Request is invalid, then this will always return a decision of INDETERMINATE.

Parameters:
input - a stream that contains an XML RequestType
Returns:
a stream that contains an XML ResponseType
Overview  Package   Class  Tree  Deprecated  Index  Help 
Sun's XACML Implementation Version 1.2
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright 2003-2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.

Sun, Sun Microsystems, the Sun Logo, and Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the US and other countries.