Interface PolicyExecutor

All Known Implementing Classes:

public interface PolicyExecutor
Custom executor of policy statements.
  • Method Details

    • supports

      default boolean supports(String policyStatement, ProviderRequest request)
      Can be used to tell the PolicyValidator that this statement is supported by this policy executor. If there are more than one executors configured, first provider that supports a statement will execute it.
      policyStatement - statement as configured through EndpointConfig
      request - request of current security exchange, containing environment, subject, and object
      true if this executor supports the statement, false otherwise
    • executePolicy

      void executePolicy(String policyStatement, Errors.Collector collector, ProviderRequest request)
      Execute a policy based on a policy statement.
      policyStatement - statement to evaluate
      collector - register Errors.Collector.fatal(Object, String) in case the policy statement denies the request, do nothing for successful execution. Errors.Collector.warn(Object, String) and Errors.Collector.hint(Object, String) may be used for troubleshooting/debugging purposes
      request - request providing access to subject, service subject, environment and object (s)