1. Home
  2. Lainnya

Using the Oracle Security Developer Tools

The OPSS Policy Model 20-5 ■ Allows grouping of secured artifacts in building blocks entitlements or permission sets which can be later used in authorization policies.

20.3.2 Managing Policies

Resource catalog artifacts can be managed with the policy management API. Specifically, the following interfaces, all subinterfaces of the interface oracle.security.jps.service.policystore.EntityManager, are directly relevant to the artifacts in the resource catalog: ■ GrantManager - This interface includes methods to query grants using search criteria, to obtain list of grants that satisfy various combinations of resource catalog artifacts, and to grant or revoke permissions to principals. ■ PermissionSetManager - This interface includes methods to create, modify, and query permission sets entitlements. ■ ResourceManager - This interface includes methods to create, delete, and modify resource instances. ■ ResourceTypeManager - This interface includes methods to create, delete, modify, and query resource types. For details about these interfaces, see the Javadoc document Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services. The following code snippet illustrates the creation of a resource type, a resource instance, actions, and a permission set: import oracle.security.jps.service.policystore.entitymanager.; import oracle.security.jps.service.policystore.search.; import oracle.security.jps.service.policystore.info.resource.; import oracle.security.jps.service.policystore.info.; import oracle.security.jps.service.policystore.; import java.util.; public class example { public static void mainString[] args throws Exception { ApplicationPolicy ap; ResourceTypeManager rtm = ap.getEntityManagerResourceTypeManager.class; ResourceTypeSearchQuery query = new ResourceTypeSearchQuery; query.setANDMatch; query.addQueryResourceTypeSearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, resourceType, BaseSearchQuery.MATCHER.EXACT; ListResourceTypeEntry allResourceTypes = rtm.getResourceTypesquery; ResourceManager rm = ap.getEntityManagerResourceManager.class; ResourceSearchQuery ResourceQuery = new ResourceSearchQuery; ResourceQuery.setANDMatch; ResourceQuery.addQueryResourceSearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, R2, BaseSearchQuery.MATCHER.EXACT; ListResourceEntry allResources = rm.getResourcesRT2, ResourceQuery; PermissionSetManager psm = ap.getEntityManagerPermissionSetManager.class; PermissionSetSearchQuery pssq = new PermissionSetSearchQuery; pssq.setANDMatch; pssq.addQueryPermissionSetSearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, PS1, BaseSearchQuery.MATCHER.EXACT; ListPermissionSetEntry allPermSets = psm.getPermissionSetspssq; 20-6 Oracle Fusion Middleware Application Security Guide RoleCategoryManager rcm = ap.getEntityManagerRoleCategoryManager.class; RoleCategorySearchQuery rcsq = new RoleCategorySearchQuery; rcsq.setANDMatch; rcsq.addQueryRoleCategorySearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, roleCategoryCartoon, BaseSearchQuery.MATCHER.EXACT; ListRoleCategoryEntry allRoleCategories = rcm.getRoleCategoriesrcsq; } } The following code snippet illustrates a complex query involving resource catalog elements: ApplicationPolicy ap as in the preceeding example ResourceTypeManager rtm = ap.getEntityManagerResourceTypeManager.class; ResourceTypeSearchQuery query = new ResourceTypeSearchQuery; query.setANDMatch; query.addQueryResourceTypeSearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, resourceType, BaseSearchQuery.MATCHER.EXACT; ListResourceTypeEntry enties = rtm.getResourceTypesquery; ResourceManager rm = ap.getEntityManagerResourceManager.class; ResourceSearchQuery ResourceQuery = new ResourceSearchQuery; ResourceQuery.setANDMatch; ResourceQuery.addQueryResourceSearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, R2, BaseSearchQuery.MATCHER.EXACT; ArrayListBaseSearchQuery querries = ResourceQuery.getQueries; ListResourceEntry resources = rm.getResourcesRT2, ResourceQuery; PermissionSetManager psm = ap.getEntityManagerPermissionSetManager.class; PermissionSetSearchQuery pssq = new PermissionSetSearchQuery; pssq.setANDMatch; pssq.addQueryPermissionSetSearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, PS1, BaseSearchQuery.MATCHER.EXACT; ListPermissionSetEntry psets = psm.getPermissionSetspssq; RoleCategoryManager rcm = ap.getEntityManagerRoleCategoryManager.class; RoleCategorySearchQuery rcsq = new RoleCategorySearchQuery; rcsq.setANDMatch; rcsq.addQueryRoleCategorySearchQuery.SEARCH_PROPERTY.NAME, false, ComparatorType.EQUALITY, roleCategoryCartoon, BaseSearchQuery.MATCHER.EXACT; ArrayListBaseSearchQuery queries = rcsq.getQueries; ListRoleCategoryEntry rcs = rcm.getRoleCategoriesrcsq; The following code sample illustrates how to create a grant: GrantManager gm = ap.getEntityManagerGrantManager.class; SetPrincipalEntry pe = new HashSetPrincipalEntry; ListAppRoleEntry are = ap.searchAppRolesappRoleName; pe.addAllare; gm.grantpe, null, permissionSetName;

20.3.3 Checking Policies

This section illustrates several ways to check policies programmatically, in the following sections: ■ Using the Method checkPermission ■ Using the Methods doAs and doAsPrivileged

Dokumen yang terkait

Oracle Fusion Middleware Online Documentation Library

0 4 110

Oracle Fusion Middleware Online Documentation Library

0 1 210

Oracle Fusion Middleware Online Documentation Library

0 3 60

Oracle Fusion Middleware Online Documentation Library

0 5 76

Oracle Fusion Middleware Online Documentation Library

0 0 44

Oracle Fusion Middleware Online Documentation Library

0 0 70

Oracle Fusion Middleware Online Documentation Library

0 0 18

Oracle Fusion Middleware Online Documentation Library

0 0 152

Oracle Fusion Middleware Online Documentation Library

0 0 76

Oracle Fusion Middleware Online Documentation Library

0 1 74