Add an AzResourceActionAssociation to the AzRequestContext for each
possible AzResource-AzAction combination (cross-product (nxm)) of a
Set of "n" AzResource entities and a Set of "m" AzAction entities.
AzAttributeValue is the parent interface of all the subinterfaces
that provide for the implementation of each XACML DataType as
enumerated by the enums that implement AzDataTypeId.
AzAttributeValueDate contains the Java Date object within an
AzDataDateTime object that contains the information to
be used to generate the XACML #date DataType.
AzCategoryId is a marker interface to identify the XACML Category
of a collection of AzAttributes (an AzEntity) and to identify
individual AzAttributes as being members of a collection of
a specific category.
The AzCategoryIdSubjectRecipient identifier indicates the system
entity that will receive the results of the request (used when it
is distinct from the access-subject).
This enumeration defines the identifiers for the DataTypes that are used
in the XACML specification:
http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
See Appendix A.2 ("Data-types") of the XACML 2.0 specification for
the source of these DataType definitions and subsequent sections for
detail on the semantics of these data types.
AzDecision enum values correspond to the values defined in XACML 2.0 Section 6.11: (http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf)
The AzResourceActionAssociation is a pairing of an AzResource
entity (aka: AzEntity), and an AzAction
entity (aka: AzEntity), for the purpose of
submitting the pair as a specific resource/action pair for which
an authorization decision can be obtained.
The AzService interface is the main entry point and service
module for this package, which is generally referred to as
the "AzAPI" or "AzApi" (Authorization Application Programming Interface).