See: Description
| Interface | Description |
|---|---|
| BooleanPolicyOperatorExecutor<O> |
Policy executor that returns a boolean result.
|
| CollectionPolicyOperatorExecutor<O> |
Policy executor that returns a collection of elements.
|
| Compiler |
The compiler is the second step of the execution process after a lexicon has been parse into a
PolicyExpression tree. |
| ExecutionEngine |
The execution engine is the final stage of the policy evaluation process.
|
| IntegerPolicyOperatorExecutor<O> |
Policy executor that returns an integer result.
|
| LiteralPolicyExpression<P> |
Literal expression type object.
|
| Opcode |
Opcodes are the execution instructions processed by an
ExcutionEngine and are specific to engine implementation. |
| OperationPolicyExpression |
Operation expression type object.
|
| PolicyExpression |
Expressions are the building blocks of building policy statements.
|
| PolicyExpressionSerializer |
Serializes a
PolicyExpression to an external medium and vice versa. |
| PolicyFilter |
Policy filters are the core constructs of the policy engine as they determine if an X509 certificate is compliant with a given policy.
|
| PolicyLexiconParser |
Interface defining parsers for a
PolicyLexicon. |
| PolicyOperatorExecutor<O,R> |
Policy executors perform the logic operations on one or more parameters and
PolicyOperators are associated to an executor. |
| PolicyValue<T> |
This class is a wrapper around objects that are operated upon and returned by the policy engine.
|
| ReferencePolicyExpression<R,P> |
Reference expression type object.
|
| Class | Description |
|---|---|
| LiteralPolicyExpressionFactory |
Factory class for creating
LiteralPolicyExpression instances. |
| OperationPolicyExpressionFactory |
Factory class for creating
OperationPolicyExpression instances. |
| OperationPolicyExpressionFactory.OperationPolicyExpressionImpl |
Default implementation of the
OperationPolicyExpression interface. |
| PolicyFilterFactory |
Factory class for creating
PolicyFilter instances. |
| PolicyLexiconParserFactory |
Factory class for creating
PolicyLexiconParser instances. |
| PolicyValueFactory |
Factory class that generates a
PolicyValue object for an actual value. |
| Enum | Description |
|---|---|
| PolicyExpressionReferenceType |
Enumeration of policy reference constructs supported by policy engine.
|
| PolicyExpressionType |
Enumeration defining the types of expressions.
|
| PolicyLexicon |
Lexicons are canonical formats of a
PolicyExpression represented by a defined set of tokens and a grammar. |
| PolicyOperator |
Enumeration of operators supported by the policy engine.
|
| PolicyOperatorParamsType |
Enumeration that indicates the
PolicyOperator type in terms of number of parameters. |
| Exception | Description |
|---|---|
| PolicyGrammarException |
Thrown if an invalid lexicon grammar is encountered..
|
| PolicyParseException |
Thrown when errors are encountered when parsing a expression from a lexicon.
|
| PolicyProcessException |
Generic exception for errors that occur during the policy engine process.
|
| PolicyRequiredException |
Thrown when an X509 certificate does not contain an attribute that is required by a policy.
|
The policy engine is more or less a boolean logic engine. It processes a set of rules called a PolicyExpression
against a provided X509 certificate and determines if the certificate is in compliance with the policy.
The engine itself is structurally similar to a compiled programming language and runtime environment that the compiled code execute in.
Polices start as definition files written in a specific PolicyLexicon, are compiled to an intermediate state, converted into an
ExecutionEngine specific set of Opcodes, and finally processed by the ExecutionEngine.
The engine is broken into four modules that can be consumed independently for the purpose of building tooling, but generally
the aggregate PolicyFilter interface is used to process certificates against a PolicyExpression.
Copyright © 2010–2020 The Direct Project. All rights reserved.