org.opensciencegrid.authz.saml
Class ObligatedAuthorizationDecisionStatement

java.lang.Object
  org.opensaml.SAMLObject
      org.opensaml.SAMLStatement
          org.opensaml.SAMLSubjectStatement
              org.opensaml.SAMLAuthorizationDecisionStatement
                  org.opensciencegrid.authz.saml.ObligatedAuthorizationDecisionStatement

All Implemented Interfaces:

java.lang.Cloneable

public class ObligatedAuthorizationDecisionStatement

extends org.opensaml.SAMLAuthorizationDecisionStatement

Represents a SAML authorization decision statement.

Author:

Markus Lorch - based on work from Helen Rehn, Scott Cantor

Field Summary

Fields inherited from class org.opensaml.SAMLAuthorizationDecisionStatement

actions, decision, evidence, resource

Fields inherited from class org.opensaml.SAMLSubjectStatement

subject

Fields inherited from class org.opensaml.SAMLStatement

statementTypeMap

Fields inherited from class org.opensaml.SAMLObject

config, root

Constructor Summary

ObligatedAuthorizationDecisionStatement(org.w3c.dom.Element e)
Reconstructs a statement from a DOM tree

ObligatedAuthorizationDecisionStatement(java.io.InputStream in)
Reconstructs a statement from a stream

ObligatedAuthorizationDecisionStatement(org.opensaml.SAMLSubject subject, java.lang.String resource, java.lang.String decision, java.util.Collection actions, java.util.Collection evidence, java.util.Collection xacmlObligations)
Builds an ObligatedAuthorizationDecisionStatement out of its component parts

Method Summary

void	fromDOM(org.w3c.dom.Element e) Initialization of statement from a DOM element.
java.util.Iterator	getXACMLObligations() Gets the xacml obligations
org.w3c.dom.Node	toDOM(org.w3c.dom.Document doc, boolean xmlns) Overridden method to return a DOM tree representing the ObligatedAuthorizationDecisionStatement This class embeds an ObligatedAuthorizationDecisionStatement directly in a SAML assertion.

Methods inherited from class org.opensaml.SAMLAuthorizationDecisionStatement

addAction, addEvidence, checkValidity, clone, getActions, getDecision, getEvidence, getResource, removeAction, removeEvidence, setActions, setDecision, setEvidence, setResource

Methods inherited from class org.opensaml.SAMLSubjectStatement

getSubject, setSubject

Methods inherited from class org.opensaml.SAMLStatement

getInstance, getInstance, regFactory, unregFactory

Methods inherited from class org.opensaml.SAMLObject

fromStream, plantRoot, toBase64, toDOM, toDOM, toDOM, toStream, toString

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

ObligatedAuthorizationDecisionStatement

public ObligatedAuthorizationDecisionStatement(org.opensaml.SAMLSubject subject,
                                               java.lang.String resource,
                                               java.lang.String decision,
                                               java.util.Collection actions,
                                               java.util.Collection evidence,
                                               java.util.Collection xacmlObligations)
                                        throws org.opensaml.SAMLException

Builds an ObligatedAuthorizationDecisionStatement out of its component parts

Parameters:

subject - subject of the statement

resource - URI of the resource being accessed at the time of the statement

actions - specific actions the decision applies to

evidence - evidence which may be considered

xacmlObligations - XACML style obligations (obligated attribute assignments), at a minimum one obligation is required

Throws:

org.opensaml.SAMLException - Raised if an AuthorizationDecisionStatement cannot be constructed from the supplied information

ObligatedAuthorizationDecisionStatement

public ObligatedAuthorizationDecisionStatement(org.w3c.dom.Element e)
                                        throws org.opensaml.SAMLException

Reconstructs a statement from a DOM tree

Parameters:

e - The root of a DOM tree

Throws:

org.opensaml.SAMLException - Thrown if the object cannot be constructed

ObligatedAuthorizationDecisionStatement

public ObligatedAuthorizationDecisionStatement(java.io.InputStream in)
                                        throws org.opensaml.SAMLException

Reconstructs a statement from a stream

Parameters:

in - A stream containing XML

Throws:

org.opensaml.SAMLException - Raised if an exception occurs while constructing the object.

Method Detail

fromDOM

public void fromDOM(org.w3c.dom.Element e)
             throws org.opensaml.SAMLException

Initialization of statement from a DOM element.

Checks the statement's syntactic validity. An exception is thrown if any problems are detected. The exception will contain a message describing the problem, and may wrap another exception.

Parameters:

e - Root element of a DOM tree

Throws:

org.opensaml.SAMLException - Raised if an exception occurs while constructing the object.

getXACMLObligations

public java.util.Iterator getXACMLObligations()

Gets the xacml obligations

Returns:

string with the xacml obligations

toDOM

public org.w3c.dom.Node toDOM(org.w3c.dom.Document doc,
                              boolean xmlns)
                       throws org.opensaml.SAMLException

Overridden method to return a DOM tree representing the ObligatedAuthorizationDecisionStatement This class embeds an ObligatedAuthorizationDecisionStatement directly in a SAML assertion. This requires modification of the SAML schema and will have to be changed in a future version. In order not to have to modify the SAML schema we will have to utilize the extension point saml:Statement. We will use xsi:type to specify the actual type of statement wanted:

Parameters:

doc - A Document object to use in manufacturing the tree

xmlns - Include namespace on root element - ignored

Returns:

Root element of a DOM tree

Throws:

org.opensaml.SAMLException