com.netscape.certsrv.request
Interface IPolicy

All Known Subinterfaces:
IEnrollmentPolicy, IKeyArchivalPolicy, IKeyRecoveryPolicy, IPolicyProcessor, IPolicyRule, IRenewalPolicy, IRevocationPolicy
All Known Implementing Classes:
AgentPolicy, APolicyRule, AttributePresentConstraints, AuthInfoAccessExt, AuthorityKeyIdentifierExt, BasicConstraintsExt, CertificatePoliciesExt, CertificateRenewalWindowExt, CertificateScopeOfUseExt, CRLDistributionPointsExt, DefaultRevocation, DSAKeyConstraints, ExtendedKeyUsageExt, GenericASN1Ext, IssuerAltNameExt, IssuerConstraints, KeyAlgorithmConstraints, KeyUsageExt, ManualAuthentication, NameConstraintsExt, NSCCommentExt, NSCertTypeExt, OCSPNoCheckExt, PolicyConstraintsExt, PolicyMappingsExt, PresenceExt, PrivateKeyUsagePeriodExt, RemoveBasicConstraintsExt, RenewalConstraints, RenewalValidityConstraints, RevocationConstraints, RSAKeyConstraints, SigningAlgorithmConstraints, SubCANameConstraints, SubjAltNameExt, SubjectAltNameExt, SubjectDirectoryAttributesExt, SubjectKeyIdentifierExt, UniqueSubjectName, UniqueSubjectNameConstraints, ValidityConstraints

public interface IPolicy

Interface to a policy. The policy evaluates the request for correctness and completeness. It may change or add to values stored in the request. The policy object also decides whether a request should be queue to await approval by an agent. FUTURE: In this case, the policy should set the 'agentGroup' entry in the request to indicate the group of agents allowed to perform further processing. If none is set, a default value ("defaultAgentGroup") will be set instead.

Version:
$Revision: 1211 $, $Date: 2010-08-18 10:15:37 -0700 (Wed, 18 Aug 2010) $

Method Summary
 PolicyResult apply(IRequest request)
          Applies the policy check to the request.
 

Method Detail

apply

PolicyResult apply(IRequest request)
Applies the policy check to the request. The policy should determine whether the request can be processed immediately, or should be held pending manual approval.

The policy can update fields in the request, to add additional values or to restrict the values to pre-determined ranges.

Parameters:
request - the request to check
Returns:
a result code indicating the result of the evaluation. The processor will determine the next request processing step based on this value