issrg.pba.rbac.policies
Class MSoDPolicySet
java.lang.Object
issrg.pba.rbac.policies.MSoDPolicySet
public class MSoDPolicySet
- extends java.lang.Object
This is the class representing the MSoD Policy. It contains a vector of MSoD rules. It determines
whether a access request is allowed by the MSoD rules.
- Version:
- 0.1
- Author:
- W. Xu
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
msodRules
protected java.util.List<MSoDRule> msodRules
retainedADI
protected RetainedADI retainedADI
MSoDPolicySet
protected MSoDPolicySet()
MSoDPolicySet
public MSoDPolicySet(java.util.List<MSoDRule> m,
RetainedADI r,
SAWSServer sawsServer,
PolicyParser pp)
- This constructor creates the MSoDPolicySet object.
separationOfDutiesApplies
public boolean separationOfDutiesApplies(Credentials creds,
Action a,
Target t,
java.util.Map environment)
- This method is to determine if this MSoD policy applies to this user access request.
If this MSoD policy applies, then it means the user access request has broken one of the MSoD rules in this MSoD policy
and it should be forbidden by this MSoD policy, and this method will return true; otherwise this method will return false.
- Parameters:
creds
- is the user credentiala
- is the user actiont
- is the user requested targetenvironment
- is the environment of the decision by PERMIS
- Returns:
- true if this MSoD policy applies to this user requested access; otherwise false.