001/**
002 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
003 *
004 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
005 *
006 * The contents of this file are subject to the terms
007 * of the Common Development and Distribution License
008 * (the License). You may not use this file except in
009 * compliance with the License.
010 *
011 * You can obtain a copy of the License at
012 * https://opensso.dev.java.net/public/CDDLv1.0.html or
013 * opensso/legal/CDDLv1.0.txt
014 * See the License for the specific language governing
015 * permission and limitations under the License.
016 *
017 * When distributing Covered Code, include this CDDL
018 * Header Notice in each file and include the License file
019 * at opensso/legal/CDDLv1.0.txt.
020 * If applicable, add the following below the CDDL Header,
021 * with the fields enclosed by brackets [] replaced by
022 * your own identifying information:
023 * "Portions Copyrighted [year] [name of copyright owner]"
024 *
025 * $Id: XACMLAuthzDecisionQuery.java,v 1.3 2008/06/25 05:48:14 qcheng Exp $
026 *
027 */
028
029package com.sun.identity.xacml.saml2;
030
031import com.sun.identity.saml2.protocol.RequestAbstract;
032import com.sun.identity.xacml.common.XACMLException;
033import com.sun.identity.xacml.context.Request;
034
035
036/**
037 * The <code>XACMLAuthzDecisionQuery</code> element is a SAML Query that 
038 * extends SAML Protocol schema type <code>RequestAbstractType</code>.
039 * It allows an XACML PEP to submit an XACML Request Context in a  SAML
040 * Query along with other information. This element is an alternative to 
041 * SAML defined <code><samlp:AuthzDecisionQuery></code> that allows an 
042 * XACML PEP  to communicate with an XACML PDP using SAML2 protocol.
043 * <p>
044 * Schema:
045 * <pre>
046 *&lt;xs:element name="XACMLAuthzDecisionQuery"
047 *         type="XACMLAuthzDecisionQueryType"/>
048 *&lt;xs:complexType name="XACMLAuthzDecisionQueryType">
049 *  &lt;xs:complexContent>
050 *    &lt;xs:extension base="samlp:RequestAbstractType">
051 *      &lt;xs:sequence>
052 *        &lt;xs:element ref="xacml-context:Request"/>
053 *      &lt;xs:sequence>
054 *      &lt;xs:attribute name="InputContextOnly"
055 *                    type="boolean"
056 *                    use="optional"
057 *                    default="false"/>
058 *      &lt;xs:attribute name="ReturnContext"
059 *                    type="boolean"
060 *                    use="optional"
061 *                    default="false"/>
062 *    &lt;xs:extension>
063 *  &lt;xs:complexContent>
064 *&lt;xs:complexType>
065 * </pre>
066 *
067 * Schema for base:
068 * <pre>
069 *  &lt;complexType name="RequestAbstractType" abstract="true">
070 *      &lt;sequence>
071 *          &lt;element ref="saml:Issuer" minOccurs="0"/>
072 *          &lt;element ref="ds:Signature" minOccurs="0"/>
073 *          &lt;element ref="samlp:Extensions" minOccurs="0"/>
074 *      &lt;sequence>
075 *      &lt;attribute name="ID" type="ID" use="required"/>
076 *      &lt;attribute name="Version" type="string" use="required"/>
077 *      &lt;attribute name="IssueInstant" type="dateTime" use="required"/>
078 *      &lt;attribute name="Destination" type="anyURI" use="optional"/>
079 *      &lt;attribute name="Consent" type="anyURI" use="optional"/>
080 *  &lt;complexType>
081 * </pre>
082 *
083 *@supported.all.api
084 */
085public interface XACMLAuthzDecisionQuery extends RequestAbstract {
086
087    /**
088     * Returns the XML attribute boolean value which governs the
089     * source of information that the PDP is allowed to use in 
090     * making an authorization decision. If this attribute is "true"
091     * then it indiactes that the authorization decision has been made 
092     * solely on the basis of information contained in the <code>
093     * XACMLAuthzDecisionQuery</code>; no external attributes have been
094     * used. If this value is "false" then the decision may have been made
095     * on the basis of external attributes not conatined in the <code>
096     * XACMLAuthzDecisionQuery</code>.
097     * @return <code>boolean</code> indicating the value
098     * of this attribute.
099     */
100    public boolean getInputContextOnly();
101
102    /**
103     * Sets the XML attribute boolean value which governs the
104     * source of information that the PDP is allowed to use in
105     * making an authorization decision. If this attribute is "true"
106     * then it indicates to the PDP  that the authorization decision has to be
107     * made solely on the basis of information contained in the <code>
108     * XACMLAuthzDecisionQuery</code>; no external attributes may be 
109     * used. If this value is "false" then the decision can be  made
110     * on the basis of external attributes not conatined in the <code>
111     * XACMlAuthzDecisionQuery</code>.
112     * @param inputContextOnly <code>boolean</code> indicating the value
113     * of this attribute.
114     *
115     * @exception XACMLException if the object is immutable
116     * An object is considered <code>immutable</code> if <code>
117     * makeImmutable()</code> has been invoked on it. It can
118     * be determined by calling <code>isMutable</code> on the object.
119     */
120    public void setInputContextOnly(boolean inputContextOnly) throws 
121            XACMLException;
122
123    /**
124     * Returns the XML attribute boolean value which provides means
125     * to PEP to request that an <code>xacml-context>Request</code>
126     * element be included in the <code>XACMlAuthzdecisionStatement</code>
127     * resulting from the request. It also governs the contents of that
128     * <code.Request</code> element. If this attribite is "true" then the
129     * PDP SHALL include the <code>xacml-context:Request</code> element in the
130     * <code>XACMLAuthzDecisionStatement</code> element in the 
131     * <code>XACMLResponse</code>.  The <code>xacml-context:Request</code> SHALL
132     * include all the attributes supplied by the PEP in the
133     * <code>AuthzDecisionQuery</code> which were used in making 
134     * the authz decision. Other addtional attributes which may have been used 
135     * by the PDP may be included.
136     * If this attribute is "false" then the PDP SHALL NOT include the 
137     * <code>xacml-context:Request</code> element in the
138     * <code>XACMLAuthzDecisionStatement<code>.
139     * 
140     * @return <code>boolean</code> indicating the value
141     * of this attribute.
142     */
143    public boolean getReturnContext();
144
145    /**
146     * Sets the boolean value for this XML attribute
147     * @see #getReturnContext()
148     *
149     * @param returnContext <code>boolean</code> indicating the value
150     * of this attribute.
151     *
152     * @exception XACMLExceptioXACMLException if the object is immutable
153     * An object is considered <code>immutable</code> if <code>
154     * makeImmutable()</code> has been invoked on it. It can
155     * be determined by calling <code>isMutable</code> on the object.
156     */
157    public void setReturnContext(boolean returnContext) throws XACMLException;
158
159    /**
160     * Returns the <code>xacml-context:Request</code> element of this object
161     *
162     * @return the <code>xacml-context:Request</code> elements of this object
163     */
164    public Request getRequest();
165
166    /**
167     * Sets the <code>xacml-context:Request</code> element of this object
168     *
169     * @param request the <code>xacml-context:Request</code> element of this 
170     * object.
171     *
172     * @exception XACMLException if the object is immutable
173     * An object is considered <code>immutable</code> if <code>
174     * makeImmutable()</code> has been invoked on it. It can
175     * be determined by calling <code>isMutable</code> on the object.
176     */
177    public void setRequest(Request request) throws XACMLException;
178
179   /**
180    * Returns a <code>String</code> representation of this object
181    * @param includeNSPrefix Determines whether or not the namespace qualifier
182    *        is prepended to the Element when converted
183    * @param declareNS Determines whether or not the namespace is declared
184    *        within the Element.
185    * @return a string representation of this object
186    * @exception XACMLException if conversion fails for any reason
187     */
188    public String toXMLString(boolean includeNSPrefix, boolean declareNS)
189            throws XACMLException;
190
191   /**
192    * Returns a string representation of this object
193    *
194    * @return a string representation of this object
195    * @exception XACMLException if conversion fails for any reason
196    */
197    public String toXMLString() throws XACMLException;
198
199   /**
200    * Makes the object immutable
201    */
202    public void makeImmutable();
203
204   /**
205    * Checks if the object is mutable
206    *
207    * @return <code>true</code> if the object is mutable,
208    *         <code>false</code> otherwise
209    */
210    public boolean isMutable();
211    
212}