|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface AciEvalContext
Interface that provides a view of the AciContainer that is used by the ACI evaluation code to evaluate an ACI.
Method Summary | |
---|---|
java.util.LinkedList<Aci> |
getAllowList()
Get the list allow ACIs. |
DN |
getClientDN()
Get client DN. |
Entry |
getClientEntry()
Get the client entry. |
AttributeType |
getCurrentAttributeType()
Get the current attribute type being evaluated. |
java.lang.String |
getDecidingAciName()
Return the name of the ACI that decided the last access evaluation. |
java.util.LinkedList<Aci> |
getDenyList()
Get the list of deny ACIs. |
EnumEvalReason |
getEvalReason()
Return the reason the last access evaluation was evaluated the way it was. |
java.lang.String |
getEvalSummary()
Return the access evaluation summary string. |
java.lang.String |
getHostName()
Get the hostname of the bound connection. |
java.net.InetAddress |
getRemoteAddress()
Get the address of the bound connection. |
DN |
getResourceDN()
Get the resource DN. |
Entry |
getResourceEntry()
Return the entry being evaluated . |
int |
getRights()
Return the rights set for this container's LDAP operation. |
java.lang.String |
getTargAttrFiltersAciName()
Return the name of the ACI that last matched a targattrfilters rule. |
EnumEvalResult |
hasAuthenticationMethod(EnumAuthMethod authMethod,
java.lang.String saslMech)
Determine whether the client connection has been authenticated using a specified authentication method. |
boolean |
hasRights(int rights)
Check if an evaluation context contains a set of access rights. |
boolean |
hasTargAttrFiltersMatchAci(Aci aci)
The context maintains a hashtable of ACIs that matched the targattrfilters keyword evaluation. |
boolean |
hasTargAttrFiltersMatchOp(int flag)
Return true if an ACI that evaluated to deny or allow has an targattrfilters keyword. |
boolean |
isAddOperation()
Return true if this is an add operation, needed by the userattr USERDN parent inheritance level 0 processing. |
boolean |
isAnonymousUser()
Check if the remote client is bound anonymously. |
boolean |
isDenyEval()
Returns true if the deny list is being evaluated. |
boolean |
isGetEffectiveRightsEval()
Returns true if the evaluation context is being used in a geteffectiverights evaluation. |
boolean |
isMemberOf(Group group)
Return true if the operation associated with this evaluation context is a member of the specified group. |
boolean |
isProxiedAuthorization()
Return true if a evaluation context is being used in proxied authorization evaluation. |
boolean |
isTargAttrFilterMatchAciEmpty()
Returns true if the hashtable of ACIs that matched the targattrfilters keyword evaluation is empty. |
java.lang.String |
rightToString()
Return a string representation of the current right being evaluated. |
void |
setDecidingAci(Aci aci)
Set the ACI that decided that last access evaluation. |
void |
setDenyEval(boolean v)
Set when the deny list is being evaluated. |
void |
setEvalReason(EnumEvalReason reason)
Set the reason the last access evaluation was evaluated the way it was. |
void |
setEvalSummary(java.lang.String summary)
Set the value of the summary string to the specified string. |
void |
setTargAttrFiltersAciName(java.lang.String name)
Set the name of the ACI that last matched a targattrfilters rule. |
void |
setTargAttrFiltersMatchOp(int flag)
Set a flag that specifies that a ACI that evaluated to either deny or allow contains a targattrfilters keyword. |
void |
useFullResourceEntry(boolean val)
The full entry with all of the attributes was saved in the operation's attachment mechanism when the container was created during the SearchOperation read evaluation. |
Method Detail |
---|
DN getClientDN()
Entry getClientEntry()
DN getResourceDN()
java.util.LinkedList<Aci> getDenyList()
java.util.LinkedList<Aci> getAllowList()
void setDenyEval(boolean v)
v
- True if deny's are being evaluated.boolean isDenyEval()
boolean isAnonymousUser()
int getRights()
Entry getResourceEntry()
java.lang.String getHostName()
EnumEvalResult hasAuthenticationMethod(EnumAuthMethod authMethod, java.lang.String saslMech)
authMethod
- The required authentication method.saslMech
- The required SASL mechanism if the authentication method
is SASL.
java.net.InetAddress getRemoteAddress()
boolean isAddOperation()
boolean isMemberOf(Group group)
group
- The group to check membership in.
boolean isTargAttrFilterMatchAciEmpty()
boolean hasTargAttrFiltersMatchAci(Aci aci)
aci
- The ACI that to evaluate if it contains a match during
targattrfilters keyword evaluation.
boolean hasTargAttrFiltersMatchOp(int flag)
flag
- The integer value specifying either a deny or allow, but not
both.
boolean isGetEffectiveRightsEval()
void setTargAttrFiltersAciName(java.lang.String name)
name
- The ACI name string matching the targattrfilters rule.void setTargAttrFiltersMatchOp(int flag)
flag
- Either the integer value representing an allow or a deny,
but not both.void setEvalReason(EnumEvalReason reason)
reason
- The enumeration representing the reason of the last access
evaluation.EnumEvalReason getEvalReason()
void setDecidingAci(Aci aci)
aci
- The ACI that decided the last access evaluation.boolean hasRights(int rights)
rights
- The rights mask to check.
java.lang.String getDecidingAciName()
boolean isProxiedAuthorization()
AttributeType getCurrentAttributeType()
void setEvalSummary(java.lang.String summary)
summary
- The string to set the summary string tojava.lang.String getEvalSummary()
java.lang.String rightToString()
java.lang.String getTargAttrFiltersAciName()
void useFullResourceEntry(boolean val)
val
- Specifies if the saved entry should be used or not. True if it
should be used, false if the original resource entry should be used.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |