package com.sun.identity.delegation.plugins;

import com.iplanet.am.util.Cache;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenID;
import com.sun.identity.delegation.DelegationException;
import com.sun.identity.delegation.DelegationManager;
import com.sun.identity.delegation.DelegationPermission;
import com.sun.identity.delegation.DelegationPrivilege;
import com.sun.identity.delegation.ResBundleUtils;
import com.sun.identity.delegation.interfaces.DelegationInterface;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdEventListener;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.policy.ActionDecision;
import com.sun.identity.policy.Policy;
import com.sun.identity.policy.PolicyDecision;
import com.sun.identity.policy.PolicyEvaluator;
import com.sun.identity.policy.PolicyEvent;
import com.sun.identity.policy.PolicyException;
import com.sun.identity.policy.PolicyManager;
import com.sun.identity.policy.Rule;
import com.sun.identity.policy.interfaces.PolicyListener;
import com.sun.identity.policy.interfaces.Subject;
import com.sun.identity.sm.OrganizationConfigManager;
import com.sun.identity.sm.ServiceConfigManager;
import com.sun.identity.sm.ServiceListener;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import netscape.ldap.util.DN;

/* loaded from: input_file:120954-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/delegation/plugins/DelegationPolicyImpl.class */
public class DelegationPolicyImpl implements DelegationInterface, ServiceListener, IdEventListener, PolicyListener {
    private static final String POLICY_REPOSITORY_REALM = "/sunamhiddenrealmdelegationservicepermissions";
    private static final String NAME_DELIMITER = "^^";
    private static final char REPLACEMENT_FOR_COMMA = '^';
    private static final String PREFIX = "sms://";
    private static final String DELIMITER = "/";
    private static final String ACTION_ALLOW = "allow";
    private static final String ACTION_DENY = "deny";
    private static final String DELEGATION_RULE = "delegation-rule";
    private static final String DELEGATION_SUBJECT = "delegation-subject";
    private static final String POLICY_SUBJECT = "AMIdentitySubject";
    private static final String AUTHN_USERS_ID = "id=All Authenticated Users,ou=role";
    private static final String DELEGATION_AUTHN_USERS = "AuthenticatedUsers";
    private static final String AUTHENTICATED_USERS_SUBJECT = "AuthenticatedUsers";
    private static final String CONFIGURED_CACHE_SIZE = "com.sun.identity.delegation.cache.size";
    private static Cache delegationCache;
    private static ServiceConfigManager scm;
    private SSOToken appToken;
    private Map configParams;
    private PolicyEvaluator pe;
    private static final int DEFAULT_CACHE_SIZE = 20000;
    private static int maxCacheSize = DEFAULT_CACHE_SIZE;
    private static Map idRepoListeners = new HashMap();

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public void initialize(SSOToken sSOToken, Map map) throws DelegationException {
        this.appToken = sSOToken;
        this.configParams = map;
        try {
            String str = SystemProperties.get(CONFIGURED_CACHE_SIZE);
            if (str != null) {
                try {
                    maxCacheSize = Integer.parseInt(str);
                    if (maxCacheSize < 0) {
                        maxCacheSize = DEFAULT_CACHE_SIZE;
                    }
                } catch (NumberFormatException e) {
                    DelegationManager.debug.error("DelegationPolicyImpl.initialize(): invalid cache size specified in AMConfig.properties. Use default cache size 20000");
                    maxCacheSize = DEFAULT_CACHE_SIZE;
                }
            }
            delegationCache = new Cache(maxCacheSize);
            if (DelegationManager.debug.messageEnabled()) {
                DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl.initialize(): cache size=").append(maxCacheSize).toString());
            }
            this.pe = new PolicyEvaluator("/sunamhiddenrealmdelegationservicepermissions", DelegationManager.DELEGATION_SERVICE);
            this.pe.addPolicyListener(this);
            AMIdentityRepository aMIdentityRepository = new AMIdentityRepository(this.appToken, "/");
            aMIdentityRepository.addEventListener(this);
            if (DelegationManager.debug.messageEnabled()) {
                DelegationManager.debug.message("DelegationPolicyImpl: IdRepo event listener added for root realm.");
            }
            Set<String> subOrganizationNames = new OrganizationConfigManager(this.appToken, "/").getSubOrganizationNames("*", true);
            if (subOrganizationNames != null && !subOrganizationNames.isEmpty()) {
                for (String str2 : subOrganizationNames) {
                    new AMIdentityRepository(this.appToken, str2).addEventListener(this);
                    idRepoListeners.put(str2, aMIdentityRepository);
                    if (DelegationManager.debug.messageEnabled()) {
                        DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: IdRepo event listener added for realm (").append(str2).append(").").toString());
                    }
                }
            }
            scm = new ServiceConfigManager("iPlanetAMPolicyConfigService", sSOToken);
            scm.addListener(this);
        } catch (Exception e2) {
            DelegationManager.debug.error("DelegationPolicyImpl: initialize() failed");
            throw new DelegationException(e2);
        }
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public Set getPrivileges(SSOToken sSOToken, String str) throws SSOException, DelegationException {
        DelegationPrivilege policyToPrivilege;
        try {
            HashSet hashSet = new HashSet();
            PolicyManager policyManager = new PolicyManager(sSOToken, "/sunamhiddenrealmdelegationservicepermissions");
            Set<String> policyNames = policyManager.getPolicyNames();
            if (policyNames != null) {
                String replace = str != null ? new StringBuffer().append(str.toLowerCase()).append(NAME_DELIMITER).toString().replace(',', '^') : NAME_DELIMITER;
                int length = replace.length();
                for (String str2 : policyNames) {
                    if (str2.toLowerCase().startsWith(replace) && (policyToPrivilege = policyToPrivilege(policyManager.getPolicy(str2))) != null) {
                        policyToPrivilege.setName(str2.substring(length));
                        hashSet.add(policyToPrivilege);
                    }
                }
            }
            return hashSet;
        } catch (Exception e) {
            DelegationManager.debug.error(new StringBuffer().append("unable to get privileges from realm ").append(str).toString());
            throw new DelegationException(e);
        }
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public void addPrivilege(SSOToken sSOToken, String str, DelegationPrivilege delegationPrivilege) throws SSOException, DelegationException {
        if (delegationPrivilege != null) {
            try {
                PolicyManager policyManager = new PolicyManager(sSOToken, "/sunamhiddenrealmdelegationservicepermissions");
                Policy privilegeToPolicy = privilegeToPolicy(policyManager, delegationPrivilege);
                if (privilegeToPolicy == null) {
                    throw new DelegationException(ResBundleUtils.rbName, "invalid_delegation_privilege", null, null);
                }
                privilegeToPolicy.setName(new StringBuffer().append(str != null ? new StringBuffer().append(str.toLowerCase()).append(NAME_DELIMITER).toString().replace(',', '^') : NAME_DELIMITER).append(privilegeToPolicy.getName()).toString());
                policyManager.addPolicy(privilegeToPolicy);
            } catch (Exception e) {
                throw new DelegationException(e);
            }
        }
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public void removePrivilege(SSOToken sSOToken, String str, String str2) throws SSOException, DelegationException {
        try {
            new PolicyManager(sSOToken, "/sunamhiddenrealmdelegationservicepermissions").removePolicy(new StringBuffer().append(str != null ? new StringBuffer().append(str.toLowerCase()).append(NAME_DELIMITER).toString().replace(',', '^') : NAME_DELIMITER).append(str2).toString());
        } catch (Exception e) {
            throw new DelegationException(e);
        }
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public Set getSubjects(SSOToken sSOToken, String str, Set set, String str2) throws SSOException, DelegationException {
        Set searchResults;
        HashSet hashSet = new HashSet();
        if (str2 != null && str2.equals("*")) {
            hashSet.add(AUTHN_USERS_ID);
        }
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl.getSubjects(): types=").append(set).toString());
        }
        try {
            AMIdentityRepository aMIdentityRepository = new AMIdentityRepository(this.appToken, str);
            Set supportedIdTypes = aMIdentityRepository.getSupportedIdTypes();
            if (DelegationManager.debug.messageEnabled()) {
                DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl.getSubjects(): supported subject types=").append(supportedIdTypes).toString());
            }
            if (supportedIdTypes != null && !supportedIdTypes.isEmpty() && set != null && !set.isEmpty()) {
                Iterator it = set.iterator();
                while (it.hasNext()) {
                    IdType type = IdUtils.getType((String) it.next());
                    if (supportedIdTypes.contains(type)) {
                        IdSearchControl idSearchControl = new IdSearchControl();
                        idSearchControl.setRecursive(true);
                        idSearchControl.setMaxResults(-1);
                        idSearchControl.setTimeOut(-1);
                        IdSearchResults searchIdentities = aMIdentityRepository.searchIdentities(type, str2, idSearchControl);
                        if (searchIdentities != null && (searchResults = searchIdentities.getSearchResults()) != null && !searchResults.isEmpty()) {
                            Iterator it2 = searchResults.iterator();
                            while (it2.hasNext()) {
                                hashSet.add(IdUtils.getUniversalId((AMIdentity) it2.next()));
                            }
                        }
                    }
                }
            }
            return hashSet;
        } catch (IdRepoException e) {
            throw new DelegationException(e);
        }
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public Set getManageableOrganizationNames(SSOToken sSOToken, Set set) throws SSOException, DelegationException {
        HashSet hashSet = new HashSet();
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                Set permissions = getPermissions(sSOToken, str);
                if (permissions != null && !permissions.isEmpty()) {
                    hashSet.add(str);
                }
            }
        }
        return hashSet;
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public boolean isAllowed(SSOToken sSOToken, DelegationPermission delegationPermission, Map map) throws SSOException, DelegationException {
        SSOTokenID tokenID;
        String str = null;
        boolean z = false;
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message("DelegationPolicyImpl.isAllowed() is called");
        }
        if (sSOToken != null && (tokenID = sSOToken.getTokenID()) != null && delegationPermission != null) {
            String sSOTokenID = tokenID.toString();
            Set actions = delegationPermission.getActions();
            if (actions != null && !actions.isEmpty()) {
                try {
                    str = getResourceName(delegationPermission);
                    PolicyDecision resultFromCache = getResultFromCache(sSOTokenID, str, map);
                    if (resultFromCache == null) {
                        resultFromCache = this.pe.getPolicyDecision(sSOToken, str, null, map);
                        putResultIntoCache(sSOTokenID, str, map, resultFromCache);
                        if (DelegationManager.debug.messageEnabled()) {
                            DelegationManager.debug.message("put delegation evaluation result into cache.");
                        }
                    } else if (DelegationManager.debug.messageEnabled()) {
                        DelegationManager.debug.message("got delegation evaluation result from cache.");
                    }
                    Map actionDecisions = resultFromCache.getActionDecisions();
                    if (actionDecisions != null && !actionDecisions.isEmpty()) {
                        z = true;
                        Iterator it = actions.iterator();
                        while (it.hasNext() && z) {
                            ActionDecision actionDecision = (ActionDecision) actionDecisions.get((String) it.next());
                            if (actionDecision != null) {
                                Set values = actionDecision.getValues();
                                if (values == null || values.contains("deny")) {
                                    z = false;
                                }
                            } else {
                                z = false;
                            }
                        }
                    }
                } catch (PolicyException e) {
                    throw new DelegationException(e);
                }
            }
            if (DelegationManager.debug.messageEnabled()) {
                DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl.isAllowed(): actions=").append(actions).append("  resource=").append(str).append("  result is:").append(z).toString());
            }
        }
        return z;
    }

    private static PolicyDecision getResultFromCache(String str, String str2, Map map) throws SSOException, DelegationException {
        Map map2;
        ArrayList arrayList;
        PolicyDecision policyDecision;
        if (str2 == null || (map2 = (Map) delegationCache.get(str)) == null || map2.isEmpty() || (arrayList = (ArrayList) map2.get(str2)) == null) {
            return null;
        }
        Map map3 = (Map) arrayList.get(0);
        if (map == null || map.isEmpty()) {
            map = Collections.EMPTY_MAP;
        }
        if (map3 == null || map3.isEmpty()) {
            map3 = Collections.EMPTY_MAP;
        }
        if (!map.equals(map3) || (policyDecision = (PolicyDecision) arrayList.get(1)) == null) {
            return null;
        }
        long timeToLive = policyDecision.getTimeToLive();
        long currentTimeMillis = System.currentTimeMillis();
        if (timeToLive > currentTimeMillis) {
            return policyDecision;
        }
        if (!DelegationManager.debug.messageEnabled()) {
            return null;
        }
        DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: delegation decision expired.  TTL=").append(timeToLive).append("; current time=").append(currentTimeMillis).toString());
        return null;
    }

    private static void putResultIntoCache(String str, String str2, Map map, PolicyDecision policyDecision) throws SSOException, DelegationException {
        if (str2 != null) {
            ArrayList arrayList = new ArrayList(2);
            arrayList.add(0, map);
            arrayList.add(1, policyDecision);
            Map map2 = (Map) delegationCache.get(str);
            if (map2 == null) {
                map2 = new HashMap();
            }
            map2.put(str2, arrayList);
            delegationCache.put(str, map2);
        }
    }

    private static void cleanupCache() {
        if (delegationCache.size() > 0) {
            delegationCache = new Cache(maxCacheSize);
            if (DelegationManager.debug.messageEnabled()) {
                DelegationManager.debug.message("DelegationPolicyImpl.cleanupCache(): cache cleared");
            }
        }
    }

    @Override // com.sun.identity.delegation.interfaces.DelegationInterface
    public Set getPermissions(SSOToken sSOToken, String str) throws SSOException, DelegationException {
        IdSearchResults searchIdentities;
        Set searchResults;
        HashSet hashSet = new HashSet();
        if (sSOToken == null) {
            if (DelegationManager.debug.warningEnabled()) {
                DelegationManager.debug.warning("DelegationPolicyImpl.getPermissions():user sso token is null");
            }
            return hashSet;
        }
        try {
            AMIdentity identity = IdUtils.getIdentity(sSOToken);
            if (identity == null) {
                if (DelegationManager.debug.warningEnabled()) {
                    DelegationManager.debug.warning("DelegationPolicyImpl.getPermissions():could not get user's identity from token");
                }
                return hashSet;
            }
            Set<DelegationPrivilege> privileges = getPrivileges(this.appToken, str);
            if (privileges != null && !privileges.isEmpty()) {
                AMIdentityRepository aMIdentityRepository = new AMIdentityRepository(this.appToken, str);
                IdSearchControl idSearchControl = new IdSearchControl();
                idSearchControl.setRecursive(true);
                idSearchControl.setMaxResults(-1);
                idSearchControl.setTimeOut(-1);
                for (DelegationPrivilege delegationPrivilege : privileges) {
                    Set subjects = delegationPrivilege.getSubjects();
                    if (subjects != null && !subjects.isEmpty()) {
                        Iterator it = subjects.iterator();
                        while (it.hasNext()) {
                            String str2 = new DN((String) it.next()).explodeDN(true)[0];
                            if (str2 != null && (searchIdentities = aMIdentityRepository.searchIdentities(IdType.ROLE, str2, idSearchControl)) != null && (searchResults = searchIdentities.getSearchResults()) != null && !searchResults.isEmpty() && identity.isMember((AMIdentity) searchResults.iterator().next())) {
                                hashSet.add(delegationPrivilege);
                            }
                        }
                    }
                }
            }
            return hashSet;
        } catch (Exception e) {
            throw new DelegationException(e);
        }
    }

    private Policy privilegeToPolicy(PolicyManager policyManager, DelegationPrivilege delegationPrivilege) throws DelegationException {
        try {
            Policy policy = new Policy(delegationPrivilege.getName());
            String resourceName = getResourceName(delegationPrivilege);
            HashMap hashMap = new HashMap();
            Set actions = delegationPrivilege.getActions();
            if (actions != null) {
                HashSet hashSet = new HashSet();
                hashSet.add("allow");
                Iterator it = actions.iterator();
                while (it.hasNext()) {
                    hashMap.put((String) it.next(), hashSet);
                }
            }
            policy.addRule(new Rule(DELEGATION_RULE, DelegationManager.DELEGATION_SERVICE, resourceName, hashMap));
            HashSet hashSet2 = new HashSet(delegationPrivilege.getSubjects());
            if (hashSet2 != null && hashSet2.contains(AUTHN_USERS_ID)) {
                policy.addSubject("AuthenticatedUsers", policyManager.getSubjectTypeManager().getSubject("AuthenticatedUsers"));
                hashSet2.remove(AUTHN_USERS_ID);
            }
            Subject subject = policyManager.getSubjectTypeManager().getSubject(POLICY_SUBJECT);
            subject.setValues(hashSet2);
            policy.addSubject(DELEGATION_SUBJECT, subject);
            return policy;
        } catch (Exception e) {
            DelegationManager.debug.error("unable to convert a privilege to a policy", e);
            throw new DelegationException(e);
        }
    }

    private DelegationPrivilege policyToPrivilege(Policy policy) throws DelegationException {
        Set values;
        String str = null;
        Set set = null;
        HashSet hashSet = new HashSet();
        if (policy == null) {
            return null;
        }
        try {
            String name = policy.getName();
            Set subjectNames = policy.getSubjectNames();
            if (subjectNames != null && !subjectNames.isEmpty()) {
                if (subjectNames.contains("AuthenticatedUsers")) {
                    hashSet.add(AUTHN_USERS_ID);
                }
                if (subjectNames.contains(DELEGATION_SUBJECT) && (values = policy.getSubject(DELEGATION_SUBJECT).getValues()) != null) {
                    hashSet.addAll(values);
                }
            }
            if (DelegationManager.debug.messageEnabled()) {
                DelegationManager.debug.message(new StringBuffer().append("SubjectValues=").append(hashSet).toString());
            }
            Rule rule = policy.getRule(DELEGATION_RULE);
            if (rule != null && rule.getServiceTypeName().equalsIgnoreCase(DelegationManager.DELEGATION_SERVICE)) {
                str = rule.getResourceName();
                set = rule.getActionNames();
            }
            if (!str.startsWith(PREFIX)) {
                return null;
            }
            String str2 = null;
            String str3 = null;
            String str4 = null;
            String str5 = null;
            String substring = str.substring(PREFIX.length());
            if (substring == null) {
                return null;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(substring, "/");
            String nextToken = stringTokenizer.nextToken();
            if (stringTokenizer.hasMoreTokens()) {
                str2 = stringTokenizer.nextToken();
                if (stringTokenizer.hasMoreTokens()) {
                    str3 = stringTokenizer.nextToken();
                    if (stringTokenizer.hasMoreTokens()) {
                        str4 = stringTokenizer.nextToken();
                        if (stringTokenizer.hasMoreTokens()) {
                            str5 = stringTokenizer.nextToken();
                            while (stringTokenizer.hasMoreTokens()) {
                                str5 = new StringBuffer().append(str5).append("/").append(stringTokenizer.nextToken()).toString();
                            }
                        }
                    }
                }
            }
            return new DelegationPrivilege(name, hashSet, nextToken, str2, str3, str4, str5, set, null);
        } catch (Exception e) {
            throw new DelegationException(e);
        }
    }

    private String getResourceName(DelegationPermission delegationPermission) {
        String organizationName = delegationPermission.getOrganizationName();
        String serviceName = delegationPermission.getServiceName();
        String version = delegationPermission.getVersion();
        String configType = delegationPermission.getConfigType();
        String subConfigName = delegationPermission.getSubConfigName();
        StringBuffer stringBuffer = new StringBuffer(100);
        stringBuffer.append(PREFIX);
        if (organizationName != null) {
            stringBuffer.append(organizationName);
        }
        stringBuffer.append("/");
        if (serviceName != null) {
            stringBuffer.append(serviceName);
            stringBuffer.append("/");
        }
        if (version != null) {
            stringBuffer.append(version);
            stringBuffer.append("/");
        }
        if (configType != null) {
            stringBuffer.append(configType);
            stringBuffer.append("/");
        }
        if (subConfigName != null) {
            stringBuffer.append(subConfigName);
        }
        return stringBuffer.toString();
    }

    @Override // com.sun.identity.sm.ServiceListener
    public void schemaChanged(String str, String str2) {
    }

    @Override // com.sun.identity.sm.ServiceListener
    public void globalConfigChanged(String str, String str2, String str3, String str4, int i) {
    }

    @Override // com.sun.identity.sm.ServiceListener
    public void organizationConfigChanged(String str, String str2, String str3, String str4, String str5, int i) {
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: org config changed: ").append(str3).toString());
        }
        synchronized (idRepoListeners) {
            if (i == 1) {
                if (idRepoListeners.get(str3) == null) {
                    try {
                        AMIdentityRepository aMIdentityRepository = new AMIdentityRepository(this.appToken, str3);
                        aMIdentityRepository.addEventListener(this);
                        idRepoListeners.put(str3, aMIdentityRepository);
                        if (DelegationManager.debug.messageEnabled()) {
                            DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: IdRepo event listener added for realm (").append(str3).append(").").toString());
                        }
                    } catch (Exception e) {
                        DelegationManager.debug.error("DelegationPolicyImpl: failed to process organization config changes. ", e);
                    }
                }
            } else if (i == 2) {
                idRepoListeners.remove(str3);
                if (DelegationManager.debug.messageEnabled()) {
                    DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: IdRepo event listener removed for realm (").append(str3).append(").").toString());
                }
            }
        }
    }

    @Override // com.sun.identity.idm.IdEventListener
    public void identityChanged(String str) {
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: changed universalId=").append(str).toString());
        }
        cleanupCache();
    }

    @Override // com.sun.identity.idm.IdEventListener
    public void identityDeleted(String str) {
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: deleted universalId=").append(str).toString());
        }
        cleanupCache();
    }

    @Override // com.sun.identity.idm.IdEventListener
    public void identityRenamed(String str) {
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message(new StringBuffer().append("DelegationPolicyImpl: renamed universalId=").append(str).toString());
        }
        cleanupCache();
    }

    @Override // com.sun.identity.idm.IdEventListener
    public void allIdentitiesChanged() {
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message("DelegationPolicyImpl: all identities changed.");
        }
        cleanupCache();
    }

    @Override // com.sun.identity.policy.interfaces.PolicyListener
    public String getServiceTypeName() {
        return DelegationManager.DELEGATION_SERVICE;
    }

    @Override // com.sun.identity.policy.interfaces.PolicyListener
    public void policyChanged(PolicyEvent policyEvent) {
        if (DelegationManager.debug.messageEnabled()) {
            DelegationManager.debug.message("DelegationPolicyImpl: delegation policy changed.");
        }
        cleanupCache();
    }
}
