public class DirAclAuthz extends AAclAuthz implements IAuthzManager, IExtendedPluginInfo
AAclAuthz.EvaluationOrder
Modifier and Type | Field and Description |
---|---|
static org.slf4j.Logger |
logger |
protected static java.lang.String |
PROP_SEARCHBASE |
ACLS_ATTR, mConfigParams, mExtendedPluginInfo, PROP_CLASS, PROP_EVAL, PROP_IMPL
HELP_TEXT, HELP_TOKEN
Constructor and Description |
---|
DirAclAuthz()
Default constructor
|
Modifier and Type | Method and Description |
---|---|
protected void |
flushResourceACLs()
updates resourceACLs to ldap.
|
protected netscape.ldap.LDAPConnection |
getConn() |
void |
init(java.lang.String name,
java.lang.String implName,
AuthzManagerConfig config)
Initializes
|
protected void |
returnConn(netscape.ldap.LDAPConnection conn) |
void |
shutdown()
graceful shutdown
|
void |
updateACLs(java.lang.String id,
java.lang.String rights,
java.lang.String strACLs,
java.lang.String desc)
update acls.
|
accessInit, aclEvaluatorElements, aclResElements, addACLs, authorize, authorize, checkAllowEntries, checkDenyEntries, checkPermission, checkPermission, evaluateACLs, getAccessEvaluators, getACL, getACLs, getConfigParams, getConfigStore, getEntries, getExtendedPluginInfo, getImplName, getName, getNodes, getOrder, getTargetNames, isTypeUnique, registerEvaluator
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
accessInit, aclEvaluatorElements, authorize, authorize, getAccessEvaluators, getACL, getACLs, getConfigParams, getConfigStore, getImplName, getName, registerEvaluator
getExtendedPluginInfo
public static org.slf4j.Logger logger
protected static final java.lang.String PROP_SEARCHBASE
public void init(java.lang.String name, java.lang.String implName, AuthzManagerConfig config) throws EBaseException
AAclAuthz
init
in interface IAuthzManager
init
in class AAclAuthz
name
- The name of this authorization manager instance.implName
- The name of the authorization manager plugin.config
- The configuration store for this authorization manager.EBaseException
- If an initialization error occurred.public void updateACLs(java.lang.String id, java.lang.String rights, java.lang.String strACLs, java.lang.String desc) throws EACLsException
Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts down, another flush will be attempted.
updateACLs
in interface IAuthzManager
updateACLs
in class AAclAuthz
id
- is the resource idrights
- The allowable rights for this resourcestrACLs
- has the same format as a resourceACLs entry acis
on the ldap serverdesc
- The description for this resourceEACLsException
- when update fails.protected void flushResourceACLs() throws EACLsException
EACLsException
protected netscape.ldap.LDAPConnection getConn() throws ELdapException
ELdapException
protected void returnConn(netscape.ldap.LDAPConnection conn) throws ELdapException
ELdapException
public void shutdown()
shutdown
in interface IAuthzManager
shutdown
in class AAclAuthz