Package com.evolveum.midpoint.model.impl.lens.projector.credentials

Class CredentialPolicyEvaluator<R extends AbstractCredentialType,P extends CredentialPolicyType,F extends FocusType>

java.lang.Object

com.evolveum.midpoint.model.impl.lens.projector.credentials.CredentialPolicyEvaluator<R,P,F>

Direct Known Subclasses:

NoncePolicyEvaluator, PasswordPolicyEvaluator, SecurityQuestionsPolicyEvaluator

public abstract class CredentialPolicyEvaluator<R extends AbstractCredentialType,P extends CredentialPolicyType,F extends FocusType>
extends Object

Processor for evaluating credential policies. This class is processing the credential-related settings of security policy: credential lifetime, history and so on. Specific responsibilities: 1) Validates the operation (add, modify) with regards to security policies. 2) Emits secondary deltas related to changes being executed (e.g. password history, metadata, etc). This class is supposed to be quite generic. It should be able to operate on all credential types. This class does NOT directly deal with details of value policies, validation and generation. That task is delegated to ValuePolicyProcessor.

Author:

mamut, katkav, semancik

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	CredentialPolicyEvaluator.Builder<F extends FocusType>

Method Summary

Modifier and Type	Method	Description
protected abstract P	determineEffectiveCredentialPolicy()
protected abstract String	getCredentialHumanReadableKey()
protected abstract String	getCredentialHumanReadableName()
protected abstract ItemPath	getCredentialsContainerPath()	E.g.
protected SecurityPolicyType	getSecurityPolicy()
void	process()	Main entry point.
protected boolean	supportsHistory()
protected void	validateCredentialContainerValues(PrismContainerValue<R> cVal)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getCredentialsContainerPath

protected abstract ItemPath getCredentialsContainerPath()

E.g. "credentials/password"

getCredentialHumanReadableName

protected abstract String getCredentialHumanReadableName()

getCredentialHumanReadableKey

protected abstract String getCredentialHumanReadableKey()

supportsHistory

protected boolean supportsHistory()

determineEffectiveCredentialPolicy

protected abstract P determineEffectiveCredentialPolicy()
                                                 throws SchemaException

Throws:

SchemaException

getSecurityPolicy

protected SecurityPolicyType getSecurityPolicy()

process

public void process()
             throws ExpressionEvaluationException,
                    ObjectNotFoundException,
                    SchemaException,
                    PolicyViolationException,
                    CommunicationException,
                    ConfigurationException,
                    SecurityViolationException

Main entry point.

Throws:

ExpressionEvaluationException

ObjectNotFoundException

SchemaException

PolicyViolationException

CommunicationException

ConfigurationException

SecurityViolationException

validateCredentialContainerValues

protected void validateCredentialContainerValues(PrismContainerValue<R> cVal)
                                          throws PolicyViolationException,
                                                 SchemaException,
                                                 ObjectNotFoundException,
                                                 ExpressionEvaluationException,
                                                 CommunicationException,
                                                 ConfigurationException,
                                                 SecurityViolationException

Throws:

PolicyViolationException

SchemaException

ObjectNotFoundException

ExpressionEvaluationException

CommunicationException

ConfigurationException

SecurityViolationException