RuleComparator

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

issrg.pba.rbac
Interface RuleComparator

All Known Implementing Classes:: DefaultRuleComparator, PMITest.TestRuleComparator

public interface RuleComparator

Method Summary
`boolean`	`isSufficient(AssignmentRule asRAR, AssignmentRule vaRAR, java.lang.Object assertion, java.lang.Object validated)` This function test whether the constrained assertion is good enough
`ParsedToken[]`	`predict(java.lang.Object assertion, java.util.Vector tokens, Entry holder)` This function will take the vector of asserted RARs of issuer, ignore unrelevant RARs for the assertion, and sort relevant RARs according to the assertion
`void`	`setFlag(boolean manySOAs)`

Method Detail

predict

ParsedToken[] predict(java.lang.Object assertion,
                      java.util.Vector tokens,
                      Entry holder)

This function will take the vector of asserted RARs of issuer, ignore unrelevant RARs for the assertion, and sort relevant RARs according to the assertion

Parameters:: assertion - is either a credentials or a RoleAssignmentRule of the holder that needs to be validated; tokens - stores all the RARs of issuer; holder - is the holder of the assertion credentials or the RoleAssignmentRule
Returns:: an array of ParsedToken that is sorted according to the assertion.

isSufficient

boolean isSufficient(AssignmentRule asRAR,
                     AssignmentRule vaRAR,
                     java.lang.Object assertion,
                     java.lang.Object validated)

This function test whether the constrained assertion is good enough

Parameters:: asRAR - is the RoleAssignmentRule of the issuer; vaRAR - is the validated RoleAssignmentRule of the issuer. Both of these RoleAssignmentRules may be null. If they are null, it means RoleAssignmentRule of the issuer is totally trusted and we do not care about it.; assertion - is either a credentials or a RoleAssignmentRule of the holder that needs to be validated; validated - is a validated credentials or validated RoleAssignmentRules of the holder
Returns:: a boolean value. If it is true then the issuer's RAR is good enough for validating the request and we do not need to use another issuer'RAR for validating the request. Otherwise, we need to use another RAR to validate the request. Currently, this function simply return true.

setFlag

void setFlag(boolean manySOAs)