NamespacePolicy.java

/*
 * Copyright (c) 2011 ICM Uniwersytet Warszawski All rights reserved.
 * See LICENCE file for licensing information.
 */
package eu.emi.security.authn.x509.helpers.ns;

import javax.security.auth.x500.X500Principal;


/**
 * Represents a namespace policy, i.e. defines which subject DNs are permitted or denied for an issuer.
 * @author K. Benedyczak
 */
public interface NamespacePolicy
{
	/**
	 * @return the issuer
	 */
	public String getIssuer();

	/**
	 * @return whether the policy is permit or deny
	 */
	public boolean isPermit();

	/**
	 * @return the identification
	 */
	public String getIdentification();
	
	/**
	 * @return hash of the CA where the policy is defined. It can be the  
	 * {@link #getIssuer()} hash or it may be its parent CA subject name hash, if the namespace was defined in 
	 * its namespaces file.
	 */
	public String getDefinedFor();
	
	/**
	 * Checks whether the given subject name is matching this policy.
	 * @param subject to be checked
	 * @return true if subject is matched, false otherwise
	 */
	public boolean isSubjectMatching(X500Principal subject);
}