public class MSoDPolicySet
- extends java.lang.Object
This is the class representing the MSoD Policy. It contains a vector of MSoD rules. It determines
whether a access request is allowed by the MSoD rules.
- W. Xu
|Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
protected java.util.List<MSoDRule> msodRules
protected RetainedADI retainedADI
public MSoDPolicySet(java.util.List<MSoDRule> m,
- This constructor creates the MSoDPolicySet object.
public boolean separationOfDutiesApplies(Credentials creds,
- This method is to determine if this MSoD policy applies to this user access request.
If this MSoD policy applies, then it means the user access request has broken one of the MSoD rules in this MSoD policy
and it should be forbidden by this MSoD policy, and this method will return true; otherwise this method will return false.
creds - is the user credential
a - is the user action
t - is the user requested target
environment - is the environment of the decision by PERMIS
- true if this MSoD policy applies to this user requested access; otherwise false.