001/* 002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 003 * 004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved 005 * 006 * The contents of this file are subject to the terms 007 * of the Common Development and Distribution License 008 * (the License). You may not use this file except in 009 * compliance with the License. 010 * 011 * You can obtain a copy of the License at 012 * https://opensso.dev.java.net/public/CDDLv1.0.html or 013 * opensso/legal/CDDLv1.0.txt 014 * See the License for the specific language governing 015 * permission and limitations under the License. 016 * 017 * When distributing Covered Code, include this CDDL 018 * Header Notice in each file and include the License file 019 * at opensso/legal/CDDLv1.0.txt. 020 * If applicable, add the following below the CDDL Header, 021 * with the fields enclosed by brackets [] replaced by 022 * your own identifying information: 023 * "Portions Copyrighted [year] [name of copyright owner]" 024 * 025 * $Id: ResponseProvider.java,v 1.5 2008/08/19 19:09:16 veiming Exp $ 026 * 027 * Portions Copyrighted 2014-2015 ForgeRock AS. 028 */ 029 030package com.sun.identity.policy.interfaces; 031 032import com.sun.identity.policy.PolicyException; 033import com.sun.identity.policy.Syntax; 034import com.iplanet.sso.SSOToken; 035import com.iplanet.sso.SSOException; 036 037import java.util.List; 038import java.util.Locale; 039import java.util.Map; 040import java.util.Set; 041 042/** 043 * The class <code>ResponseProvider</code> defines an interface to allow 044 * pluggable response providers into the OpenAM framework. These 045 * are used to provide policy response attributes. Policy response attributes 046 * are different from <code>ActionDecision</code>. Policy response attributes 047 * typically provide attribute values of user profile. User profile could 048 * exist in any data store managed by Identity repository. However, reponse 049 * attributes are not restricted to attributes from user profile. 050 * Source of the attribute values is completely at the discretion of the 051 * specific implementation of the <code>ResponseProvider</code>. 052 * <p> 053 * The response provider is initialized by calling its <code>initialize() 054 * </code> method. 055 * Its also configured by setting its properites by a call to 056 * <code>setProperties()</code> method. 057 * <p> 058 * Response attribute names are not checked against schema of the service 059 * registered with OpenAM. (<code>ActionDecision</code> attributes 060 * are checked against the schema of the service registered with 061 * OpenAM). 062 * 063 * A Response Provider computes a <code>Map</code> of response attributes 064 * and their values based on the <code>SSOToken</code>, resource name and 065 * environment <code>Map</code> passed in the method call 066 * <code>getResponseDecision()</code>. 067 * 068 * Policy framework would make a call <code>getResponseDecision</code> from the 069 * <code>ResponseProvider</code>(s) associated with a policy only if the 070 * policy is applicable to a request as determined by <code>SSOToken</code>, 071 * <code>resource name</code>, <code>Subjects</code> and 072 * <code>Conditions</code>. 073 * <p> 074 * The only out-of-the-box <code>ResponseProvider</code> implementation 075 * provided with the Policy framework would be 076 * <code>IDRepoResponseProvider</code>. 077 * 078 * All <code>ResponseProvider</code> implementations should have a public no 079 * argument constructor. 080 * @supported.all.api 081 * @deprecated since 12.0.0, use {@link com.sun.identity.entitlement.ResourceAttribute} 082 */ 083@Deprecated 084public interface ResponseProvider extends Cloneable { 085 086 /** 087 * Initialize the <code>ResponseProvider</code> 088 * @param configParams <code>Map</code> of the configurational information 089 * @exception PolicyException if an error occured during 090 * initialization of the instance 091 */ 092 093 public void initialize(Map configParams) throws PolicyException; 094 095 096 /** 097 * Returns a list of property names for the Response provider. 098 * 099 * @return list of property names 100 */ 101 public List getPropertyNames(); 102 103 /** 104 * Returns the syntax for a property name 105 * @see com.sun.identity.policy.Syntax 106 * 107 * @param property property name 108 * 109 * @return <code>Syntax<code> for the property name 110 */ 111 public Syntax getPropertySyntax(String property); 112 113 114 /** 115 * Gets the display name for the property name. 116 * The <code>locale</code> variable could be used by the plugin to 117 * customize the display name for the given locale. 118 * The <code>locale</code> variable could be <code>null</code>, in which 119 * case the plugin must use the default locale. 120 * 121 * @param property property name 122 * @param locale locale for which the property name must be customized 123 * @return display name for the property name. 124 * @throws PolicyException 125 */ 126 public String getDisplayName(String property, Locale locale) 127 throws PolicyException; 128 129 /** 130 * Returns a set of valid values given the property name. This method 131 * is called if the property <code>Syntax</code> is either the 132 * <code>SINGLE_CHOICE</code> or <code>MULTIPLE_CHOICE</code>. 133 * 134 * @param property <code>String</code> representing property name 135 * @return Set of valid values for the property. 136 * @exception PolicyException if unable to get the <code>Syntax</code>. 137 */ 138 public Set getValidValues(String property) throws 139 PolicyException; 140 141 /** Sets the properties of the responseProvider plugin. 142 * This influences the response attribute-value Map that would be 143 * computed by a call to method <code>getResponseDecision(Map)</code> 144 * These attribute-value pairs are encapsulated in 145 * <code>ResponseAttribute</code> element tag which is a child of the 146 * <code>PolicyDecision</code> element in the PolicyResponse xml 147 * if the policy is applicable to the user for the resource, subject and 148 * conditions defined. 149 * @param properties the properties of the <code>ResponseProvider</code> 150 * Keys of the properties have to be String. 151 * Value corresponding to each key have to be a <code>Set</code> 152 * of String elements. Each implementation of ResponseProvider 153 * could add further restrictions on the keys and values of this 154 * map. 155 * @throws PolicyException for any abnormal condition 156 */ 157 public void setProperties(Map properties) throws PolicyException; 158 159 /** Gets the properties of the response provider. 160 * @return properties of the response provider. 161 * @see #setProperties 162 */ 163 public Map getProperties(); 164 165 /** 166 * Gets the response attributes computed by this ResponseProvider object, 167 * based on the <code>SSOToken</code> and <code>Map</code> of 168 * environment parameters. 169 * 170 * @param token single-sign-on token of the user 171 * 172 * @param env request specific environment map of key/value pairs 173 * @return a <code>Map</code> of response attributes. 174 * Keys of the Map are attribute names of type <code>static</code> 175 * and <code>dynamic</code>. 176 * Value is a <code>Set</code> of response attribute values 177 * (<code>String</code>). 178 * 179 * @throws PolicyException if the decision could not be computed 180 * @throws SSOException <code>token is not valid 181 * 182 */ 183 public Map getResponseDecision(SSOToken token, 184 Map env) throws PolicyException, SSOException; 185 186 /** 187 * Returns a copy of this object. 188 * 189 * @return an <code>Object</code> which is a copy of this object 190 */ 191 public Object clone(); 192 193}