public class PolicyCollection extends Object
AbstractPolicy
instances,
and provides some commonly useful operations. Specifically, it lets you
retrieve matching policies (based on reference or context), it optionally
handles wrapping multiple matches under a single PolicySet, and it manages
different versions of policies correctly. This class is intended for use
as a backing store to PolicyFinderModule
s, but in practice
may have many uses.
Note that this class will accept multiple versions of the same policy. This means that when you retieve a policy by reference, you will get the correct version. It also means that when you retrieve a policy based on context, there may be multiple revisions of the same policy, any number of which may apply. Generally speaking, the correct behavior here is not to return all of these policies, since they are (virtually speaking) the same policy, but may have conflicting rules. So, as a simplification, and to handle the most common cases, only the most recent version of a policy is returned in these cases. If you need a more complex solution, you will need to implement it yourself. Because the support modules use this class as their backing store, this is true also of those modules.
Note that this is not a heavily optimized class. It is intended more as an example, support code for the finder modules, and a starting utility for other programmers than as an enterprise-quality implementation. That said, it is fully functional, and should be useful for many applications.
Constructor and Description |
---|
PolicyCollection()
Creates a new
PolicyCollection that will return errors
when multiple policies match for a given request. |
PolicyCollection(PolicyCombiningAlgorithm combiningAlg,
URI parentPolicyId)
Creates a new
PolicyCollection that will create a new
top-level PolicySet when multiple policies match for a given request. |
Modifier and Type | Method and Description |
---|---|
boolean |
addPolicy(AbstractPolicy policy)
Adds a new policy to the collection, and uses the policy's identifier
as the reference identifier.
|
boolean |
addPolicy(AbstractPolicy policy,
String identifier)
Adds a new policy to the collection using the given identifier as
the reference identifier.
|
AbstractPolicy |
getPolicy(EvaluationCtx context)
Attempts to retrieve a policy based on the given context.
|
AbstractPolicy |
getPolicy(String identifier,
int type,
VersionConstraints constraints)
Attempts to retrieve a policy based on the given identifier and other
constraints.
|
protected HashMap policies
public PolicyCollection()
PolicyCollection
that will return errors
when multiple policies match for a given request.public PolicyCollection(PolicyCombiningAlgorithm combiningAlg, URI parentPolicyId)
PolicyCollection
that will create a new
top-level PolicySet when multiple policies match for a given request.combiningAlg
- the algorithm to use in a new PolicySet when more
than one policy appliesparentPolicyId
- the identifier to use for the new PolicySetpublic boolean addPolicy(AbstractPolicy policy)
policy
- the policy to addpublic boolean addPolicy(AbstractPolicy policy, String identifier)
policy
- the policy to addidentifier
- the identifier to use when referencing this policypublic AbstractPolicy getPolicy(EvaluationCtx context) throws TopLevelPolicyException
context
- representation of a requestTopLevelPolicyException
- if multiple policies match but this
instance wasn't setup to wrap policiespublic AbstractPolicy getPolicy(String identifier, int type, VersionConstraints constraints)
identifier
- an identifier specifying some policytype
- type of reference (policy or policySet) as identified by
the fields in PolicyReference
constraints
- any optional constraints on the version of the
referenced policy (this will never be null, but
it may impose no constraints, and in fact will
never impose constraints when used from a pre-2.0
XACML policy)Copyright © 2023 JBoss by Red Hat. All rights reserved.