public abstract class PolicyFinderModule extends Object
PolicyFinder
modules
extend. All methods have default values to represent that the given
feature isn't supported by this module, so module writers needs only
implement the methods for the features they're supporting.Constructor and Description |
---|
PolicyFinderModule() |
Modifier and Type | Method and Description |
---|---|
PolicyFinderResult |
findPolicy(EvaluationCtx context)
Tries to find one and only one matching policy given the request
represented by the context data.
|
PolicyFinderResult |
findPolicy(URI idReference,
int type,
VersionConstraints constraints,
PolicyMetaData parentMetaData)
Tries to find one and only one matching policy given the idReference
If more than one policy is found, this is an error and must be reported
as such.
|
String |
getIdentifier()
Returns this module's identifier.
|
abstract void |
init(PolicyFinder finder)
Initializes this module for use by the given finder.
|
void |
invalidateCache()
This is an experimental method that asks the module to invalidate any
cache values it may contain.
|
boolean |
isIdReferenceSupported()
Returns true if the module supports finding policies based on an
id reference (in a PolicySet).
|
boolean |
isRequestSupported()
Returns true if the module supports finding policies based on a
request (ie, target matching).
|
public String getIdentifier()
public boolean isRequestSupported()
public boolean isIdReferenceSupported()
public abstract void init(PolicyFinder finder)
PDP
is initialized with a
PDPConfig
containing the given PolicyFinder
.
Because PolicyFinderModule
s usually need to parse
policies, and this requires knowing their PolicyFinder,
parsing is usually done at or after this point in the lifetime
of this module. This might also be a good time to reset any internal
caches or temporary data. Note that this method may be called more
than once in the lifetime of a module.
finder
- the PolicyFinder
using this modulepublic void invalidateCache()
This method has been introduced to see what people think of this functionality, and how they would like to use it. It may be removed in future versions, or it may be changed to a more general message-passing system (if other useful messages are identified).
public PolicyFinderResult findPolicy(EvaluationCtx context)
context
- the representation of the requestpublic PolicyFinderResult findPolicy(URI idReference, int type, VersionConstraints constraints, PolicyMetaData parentMetaData)
idReference
- an identifier specifying some policytype
- type of reference (policy or policySet) as identified by
the fields in PolicyReference
constraints
- any optional constraints on the version of the
referenced policy (this will never be null, but
it may impose no constraints, and in fact will
never impose constraints when used from a pre-2.0
XACML policy)parentMetaData
- the meta-data from the parent policy, which
provides XACML version, factories, etc.Copyright © 2023 JBoss by Red Hat. All rights reserved.