org.opends.server.core
Class AccessControlConfigManager

java.lang.Object
  extended by org.opends.server.core.AccessControlConfigManager
All Implemented Interfaces:
ConfigurationChangeListener<AccessControlHandlerCfg>, AlertGenerator

public final class AccessControlConfigManager
extends java.lang.Object
implements AlertGenerator, ConfigurationChangeListener<AccessControlHandlerCfg>

This class manages the application-wide access-control configuration.

When access control is disabled a default "permissive" access control implementation is used, which permits all operations regardless of the identity of the user.


Method Summary
 ConfigChangeResult applyConfigurationChange(AccessControlHandlerCfg configuration)
          Applies the configuration changes to this change listener.
 AccessControlHandler getAccessControlHandler()
          Get the active access control handler.
 java.util.LinkedHashMap<java.lang.String,java.lang.String> getAlerts()
          Retrieves information about the set of alerts that this generator may produce.
 java.lang.String getClassName()
          Retrieves the fully-qualified name of the Java class for this alert generator implementation.
 DN getComponentEntryDN()
          Retrieves the DN of the configuration entry with which this alert generator is associated.
static AccessControlConfigManager getInstance()
          Get the single application-wide access control manager instance.
 void initializeAccessControl()
          Initializes the access control sub-system.
 boolean isAccessControlEnabled()
          Determine if access control is enabled according to the current configuration.
 boolean isConfigurationChangeAcceptable(AccessControlHandlerCfg configuration, java.util.List<Message> unacceptableReasons)
          Indicates whether the proposed change to the configuration is acceptable to this change listener.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

getInstance

public static AccessControlConfigManager getInstance()
Get the single application-wide access control manager instance.

Returns:
The access control manager.

isAccessControlEnabled

public boolean isAccessControlEnabled()
Determine if access control is enabled according to the current configuration.

Returns:
true if access control is enabled, false otherwise.

getAccessControlHandler

public AccessControlHandler getAccessControlHandler()
Get the active access control handler.

When access control is disabled, this method returns a default access control implementation which permits all operations.

Returns:
The active access control handler (never null).

initializeAccessControl

public void initializeAccessControl()
                             throws ConfigException,
                                    InitializationException
Initializes the access control sub-system. This should only be called at Directory Server startup. If an error occurs then an exception will be thrown and the Directory Server will fail to start (this prevents accidental exposure of user data due to misconfiguration).

Throws:
ConfigException - If an access control configuration error is detected.
InitializationException - If a problem occurs while initializing the access control handler that is not related to the Directory Server configuration.

isConfigurationChangeAcceptable

public boolean isConfigurationChangeAcceptable(AccessControlHandlerCfg configuration,
                                               java.util.List<Message> unacceptableReasons)
Indicates whether the proposed change to the configuration is acceptable to this change listener.

Specified by:
isConfigurationChangeAcceptable in interface ConfigurationChangeListener<AccessControlHandlerCfg>
Parameters:
configuration - The new configuration containing the changes.
unacceptableReasons - A list that can be used to hold messages about why the provided configuration is not acceptable.
Returns:
Returns true if the proposed change is acceptable, or false if it is not.

applyConfigurationChange

public ConfigChangeResult applyConfigurationChange(AccessControlHandlerCfg configuration)
Applies the configuration changes to this change listener.

Specified by:
applyConfigurationChange in interface ConfigurationChangeListener<AccessControlHandlerCfg>
Parameters:
configuration - The new configuration containing the changes.
Returns:
Returns information about the result of changing the configuration.

getComponentEntryDN

public DN getComponentEntryDN()
Retrieves the DN of the configuration entry with which this alert generator is associated.

Specified by:
getComponentEntryDN in interface AlertGenerator
Returns:
The DN of the configuration entry with which this alert generator is associated.

getClassName

public java.lang.String getClassName()
Retrieves the fully-qualified name of the Java class for this alert generator implementation.

Specified by:
getClassName in interface AlertGenerator
Returns:
The fully-qualified name of the Java class for this alert generator implementation.

getAlerts

public java.util.LinkedHashMap<java.lang.String,java.lang.String> getAlerts()
Retrieves information about the set of alerts that this generator may produce. The map returned should be between the notification type for a particular notification and the human-readable description for that notification. This alert generator must not generate any alerts with types that are not contained in this list.

Specified by:
getAlerts in interface AlertGenerator
Returns:
Information about the set of alerts that this generator may produce.