|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object nbi.xmlsec.xacml.profile.rbac.RoleEnablementAuthority
This class realises the functionality of the RoleEnablementAuthority as
described in the XACML RBAC profile v2.0. The class acts like an PDP, which
works on RoleAssignmentPolicies only. The main method of this class is
getRoles(String, X509Certificate)
,
which evaluates all roles for a given entity authenticated by its X.509
certificate. The configuration is done within the XML-tag
RoleEnablementAuthority
. It mainly consist configuring the
underlying PolicyManager
.
Field Summary | |
(package private) Configuration |
config
Configuration instance of this class. |
(package private) static Logger |
logger
|
(package private) PDP |
pdp
The PDP instance. |
(package private) PolicyManager |
polMgr
PolicyManager instance |
Constructor Summary | |
RoleEnablementAuthority(Configuration config)
Creates a RoleEnablementAuthority based on its configuration. |
Method Summary | |
RequestCtx |
createEnableRoleRequest(String domain,
String subject,
String role)
Creates an enableRole-Request to evaluate the PDP, if the subject has the given role enabled. |
RequestCtx |
createEnableRoleRequest(String domain,
X509Certificate subject,
String role)
Creates an enableRole-Request to evaluate the PDP, if the subject has the given role enabled. |
Set |
getRoles(String domain,
X509Certificate subjectCert)
Evaluates all roles for a given X.509-certificate. |
protected void |
reset()
Resets the REA reinitialising the PolicyManager instance, reloading the assigned policies needed to create a new PDP instance. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
static Logger logger
Configuration config
PolicyManager polMgr
PDP pdp
Constructor Detail |
public RoleEnablementAuthority(Configuration config) throws ClassNotFoundException, NoSuchMethodException, InvocationTargetException, InstantiationException, IllegalAccessException
config
- The configuration.
ClassNotFoundException
NoSuchMethodException
InvocationTargetException
InstantiationException
IllegalAccessException
Method Detail |
protected void reset() throws IllegalArgumentException, SecurityException, ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException
IllegalArgumentException
SecurityException
ClassNotFoundException
InstantiationException
IllegalAccessException
InvocationTargetException
NoSuchMethodException
public Set getRoles(String domain, X509Certificate subjectCert) throws ParsingException, URISyntaxException, ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException, InvocationTargetException, NoSuchMethodException
domain
- The domain to be evaluated.subjectCert
- The certificate.
ParsingException
URISyntaxException
ClassNotFoundException
InstantiationException
IllegalAccessException
InvocationTargetException
NoSuchMethodException
InvocationTargetException
NoSuchMethodException
public RequestCtx createEnableRoleRequest(String domain, X509Certificate subject, String role) throws URISyntaxException
domain
- The domain.subject
- The subject.role
- The role label.
URISyntaxException
public RequestCtx createEnableRoleRequest(String domain, String subject, String role) throws URISyntaxException
domain
- The domain.subject
- The subject as X500Name String..role
- The role label.
URISyntaxException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |