Package com.netscape.cms.authorization
Class DirAclAuthz
- java.lang.Object
-
- com.netscape.cms.authorization.AAclAuthz
-
- com.netscape.cms.authorization.DirAclAuthz
-
- All Implemented Interfaces:
IAuthzManager
,IExtendedPluginInfo
public class DirAclAuthz extends AAclAuthz implements IAuthzManager, IExtendedPluginInfo
A class for ldap acls based authorization manager The ldap server used for acls is the cms internal ldap db.- Version:
- $Revision$, $Date$
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class com.netscape.cms.authorization.AAclAuthz
AAclAuthz.EvaluationOrder
-
-
Field Summary
Fields Modifier and Type Field Description protected static java.lang.String
PROP_BASEDN
protected static java.lang.String
PROP_SEARCHBASE
-
Fields inherited from class com.netscape.cms.authorization.AAclAuthz
ACLS_ATTR, mConfigParams, mExtendedPluginInfo, PROP_CLASS, PROP_EVAL, PROP_IMPL
-
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
-
-
Constructor Summary
Constructors Constructor Description DirAclAuthz()
Default constructor
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
flushResourceACLs()
updates resourceACLs to ldap.protected netscape.ldap.LDAPConnection
getConn()
void
init(java.lang.String name, java.lang.String implName, IConfigStore config)
Initializesprotected void
returnConn(netscape.ldap.LDAPConnection conn)
void
shutdown()
graceful shutdownvoid
updateACLs(java.lang.String id, java.lang.String rights, java.lang.String strACLs, java.lang.String desc)
update acls.-
Methods inherited from class com.netscape.cms.authorization.AAclAuthz
accessInit, aclEvaluatorElements, aclResElements, addACLs, authorize, authorize, checkAllowEntries, checkDenyEntries, checkPermission, checkPermission, evaluateACLs, getAccessEvaluators, getACL, getACLs, getConfigParams, getConfigStore, getEntries, getExtendedPluginInfo, getImplName, getName, getNodes, getOrder, getTargetNames, isTypeUnique, log, registerEvaluator
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface com.netscape.certsrv.authorization.IAuthzManager
accessInit, aclEvaluatorElements, authorize, authorize, getAccessEvaluators, getACL, getACLs, getConfigParams, getConfigStore, getImplName, getName, registerEvaluator
-
Methods inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
getExtendedPluginInfo
-
-
-
-
Field Detail
-
PROP_BASEDN
protected static final java.lang.String PROP_BASEDN
- See Also:
- Constant Field Values
-
PROP_SEARCHBASE
protected static final java.lang.String PROP_SEARCHBASE
- See Also:
- Constant Field Values
-
-
Method Detail
-
init
public void init(java.lang.String name, java.lang.String implName, IConfigStore config) throws EBaseException
Description copied from class:AAclAuthz
Initializes- Specified by:
init
in interfaceIAuthzManager
- Overrides:
init
in classAAclAuthz
- Parameters:
name
- The name of this authorization manager instance.implName
- The name of the authorization manager plugin.config
- The configuration store for this authorization manager.- Throws:
EBaseException
- If an initialization error occurred.
-
updateACLs
public void updateACLs(java.lang.String id, java.lang.String rights, java.lang.String strACLs, java.lang.String desc) throws EACLsException
update acls. when memory update is done, flush to ldap.Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts down, another flush will be attempted.
- Specified by:
updateACLs
in interfaceIAuthzManager
- Overrides:
updateACLs
in classAAclAuthz
- Parameters:
id
- is the resource idrights
- The allowable rights for this resourcestrACLs
- has the same format as a resourceACLs entry acis on the ldap serverdesc
- The description for this resource- Throws:
EACLsException
- when update fails.
-
flushResourceACLs
protected void flushResourceACLs() throws EACLsException
updates resourceACLs to ldap.- Throws:
EACLsException
-
getConn
protected netscape.ldap.LDAPConnection getConn() throws ELdapException
- Throws:
ELdapException
-
returnConn
protected void returnConn(netscape.ldap.LDAPConnection conn) throws ELdapException
- Throws:
ELdapException
-
shutdown
public void shutdown()
graceful shutdown- Specified by:
shutdown
in interfaceIAuthzManager
- Specified by:
shutdown
in classAAclAuthz
-
-