private void createPrivilege() throws EntitlementException {
Map<String, Boolean> actionValues = new HashMap<String, Boolean>();
actionValues.put("GET", true);
Entitlement e1 = new Entitlement("http://www.OrgAliasReferralTest.com:80/*.*", actionValues);
EntitlementSubject sbj = new AuthenticatedESubject();
Privilege p1 = Privilege.getNewInstance();
p1.setName("OrgAliasReferralTest");
p1.setEntitlement(e1);
p1.setSubject(sbj);
PrivilegeManager mgr = PrivilegeManager.getInstance(SUB_REALM1, adminSubject);
mgr.addPrivilege(p1);
}
@Override
public Privilege read(String policyName) throws EntitlementException {
final Privilege policy = privilegeManager.findByName(policyName);
if (policy == null) {
throw new EntitlementException(
EntitlementException.NO_SUCH_POLICY, new Object[] {policyName});
}
return policy;
}
/**
* Returns instance of configured <code>PrivilegeManager</code>
*
* @param subject subject that would be used for the privilege management operations
* @return instance of configured <code>PrivilegeManager</code>
*/
public static PrivilegeManager getInstance(String realm, Subject subject) {
EntitlementConfiguration ec = EntitlementConfiguration.getInstance(subject, realm);
if (!ec.migratedToEntitlementService()) {
throw new UnsupportedOperationException(
"Updating of DITs is required before using the entitlement service");
}
PrivilegeManager pm = null;
try {
// TODO: read the class name from configuration
Class clazz = Class.forName("com.sun.identity.entitlement.opensso.PolicyPrivilegeManager");
pm = (PrivilegeManager) clazz.newInstance();
pm.initialize(realm, subject);
} catch (ClassNotFoundException e) {
debug.error("PrivilegeManager.getInstance", e);
} catch (InstantiationException e) {
debug.error("PrivilegeManager.getInstance", e);
} catch (IllegalAccessException e) {
debug.error("PrivilegeManager.getInstance", e);
}
return pm;
}
@Override
public List<Privilege> query(QueryRequest request) throws EntitlementException {
QueryFilter queryFilter = request.getQueryFilter();
if (queryFilter == null) {
// Return everything
queryFilter = QueryFilter.alwaysTrue();
}
try {
Set<SearchFilter> searchFilters =
queryFilter.accept(
new PrivilegeQueryBuilder(queryAttributes), new HashSet<SearchFilter>());
return privilegeManager.search(searchFilters);
} catch (UnsupportedOperationException ex) {
throw new EntitlementException(
EntitlementException.INVALID_SEARCH_FILTER, new Object[] {ex.getMessage()});
} catch (IllegalArgumentException ex) {
throw new EntitlementException(
EntitlementException.INVALID_VALUE, new Object[] {ex.getMessage()});
}
}
@Override
public void delete(String policyName) throws EntitlementException {
privilegeManager.remove(policyName);
}
@Override
public Privilege update(String existingName, Privilege policy) throws EntitlementException {
privilegeManager.modify(existingName, policy);
return policy;
}
@Override
public Privilege create(Privilege policy) throws EntitlementException {
privilegeManager.add(policy);
return policy;
}