Package | Description |
---|---|
org.apache.directory.fortress.core |
This package contains public APIs that are used by Java programs to provide Access Management
functionality.
|
org.apache.directory.fortress.core.impl |
This package contains the fortress implementation classes for data persistence with the LDAP server.
|
org.apache.directory.fortress.core.rest |
This package uses Commons HTTP to provide HTTP functionality that is reused
across several components in this package.
|
org.apache.directory.fortress.core.util |
This package contains miscellaneous utilities used by internal fortress procedures.
|
org.apache.directory.fortress.core.util.time |
This package contains utilities used to process fortress temporal constraint checks on entities being activated
within the runtime system.
|
Modifier and Type | Class and Description |
---|---|
class |
AuthorizationException
This exception extends
SecurityException and is thrown when administrative permission check fails. |
class |
CfgException
This exception extends
SecurityException and is thrown when Fortress cannot find correct cfg for a particular
entity. |
class |
CreateException
This exception extends
SecurityException and is thrown when DAO cannot create entity. |
class |
FinderException
This exception extends
SecurityException and is thrown when DAO cannot find entity. |
class |
PasswordException
This exception extends
SecurityException and is thrown when password check fails. |
class |
RemoveException
This exception extends
SecurityException and is thrown when DAO cannot delete entity. |
class |
RestException
This exception extends
SecurityException and is thrown when Fortress cannot call En Masse to perform a particular
operation via RESTful interface. |
class |
UpdateException
This exception extends
SecurityException and is thrown when DAO cannot update entity. |
class |
ValidationException
This exception extends
SecurityException and is thrown when Fortress cannot validate entity. |
Modifier and Type | Method and Description |
---|---|
Group |
GroupMgr.add(Group group)
Create a new group node.,
|
Group |
GroupMgr.add(Group group,
String key,
String value)
Add a property to an existing group node.
|
OrgUnit |
DelAdminMgr.add(OrgUnit entity)
Commands adds a new OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgr.add(PwPolicy policy)
This method will add a new policy entry to the POLICIES data set.
|
Properties |
ConfigMgr.add(String name,
Properties inProps)
Create a new cfg node with given name and properties.
|
void |
DelAccessMgr.addActiveRole(Session session,
UserAdminRole role)
This function adds an adminRole as an active role of a session whose owner is a given user.
|
void |
AccelMgr.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
AccessMgr.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
DelAdminMgr.addAscendant(AdminRole childRole,
AdminRole parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
DelAdminMgr.addAscendant(OrgUnit child,
OrgUnit parent)
This command creates a new orgunit parent, and inserts it in the orgunit hierarchy as an immediate ascendant of
the existing child orgunit.
|
void |
AdminMgr.addAscendant(Role childRole,
Role parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
DelAdminMgr.addDescendant(AdminRole parentRole,
AdminRole childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
void |
DelAdminMgr.addDescendant(OrgUnit parent,
OrgUnit child)
This command creates a new orgunit child, and inserts it in the orgunit hierarchy as an immediate descendant of
the existing orgunit parent.
|
void |
AdminMgr.addDescendant(Role parentRole,
Role childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
SDSet |
AdminMgr.addDsdRoleMember(SDSet dsdSet,
Role role)
This command adds a role to a named DSD set of roles.
|
void |
DelAdminMgr.addInheritance(AdminRole parentRole,
AdminRole childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
void |
DelAdminMgr.addInheritance(OrgUnit parent,
OrgUnit child)
This command establishes a new immediate inheritance relationship with parent orgunit <<-- child orgunit
|
void |
AdminMgr.addInheritance(Role parentRole,
Role childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
Permission |
DelAdminMgr.addPermission(Permission perm)
This method will add an administrative permission operation to an existing permission object which resides under
ou=AdminPerms,ou=ARBAC,dc=yourHostName,dc=com container in directory information tree. |
Permission |
AdminMgr.addPermission(Permission perm)
This method will add permission operation to an existing permission object which resides under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
DelAdminMgr.addPermObj(PermObj pObj)
This method will add administrative permission object to admin perms container in directory.
|
PermObj |
AdminMgr.addPermObj(PermObj pObj)
This method will add permission object to perms container in directory.
|
AdminRole |
DelAdminMgr.addRole(AdminRole role)
This command creates a new admin role.
|
Role |
AdminMgr.addRole(Role role)
This command creates a new role.
|
SDSet |
AdminMgr.addSsdRoleMember(SDSet ssdSet,
Role role)
This command adds a role to a named SSD set of roles.
|
User |
AdminMgr.addUser(User user)
This command creates a new RBAC user.
|
Group |
GroupMgr.assign(Group group,
String member)
Assign a user to an existing group node.
|
List<String> |
ReviewMgr.assignedRoles(String userId)
This function returns the set of roles assigned to a given user.
|
List<UserRole> |
ReviewMgr.assignedRoles(User user)
This function returns the set of roles assigned to a given user.
|
List<UserAdminRole> |
DelReviewMgr.assignedRoles(User user)
This function returns the set of admin roles assigned to a given user.
|
List<User> |
DelReviewMgr.assignedUsers(AdminRole role)
This method returns the data set of all users who are assigned the given admin role.
|
List<User> |
ReviewMgr.assignedUsers(Role role)
This method returns the data set of all users who are assigned the given role.
|
List<String> |
ReviewMgr.assignedUsers(Role role,
int limit)
This function returns the set of users assigned to a given role.
|
void |
DelAdminMgr.assignUser(UserAdminRole uAdminRole)
This command assigns a user to an admin role.
|
void |
AdminMgr.assignUser(UserRole uRole)
This command assigns a user to a role.
|
Session |
AccessMgr.authenticate(String userId,
char[] password)
Perform user authentication only.
|
Set<String> |
DelAccessMgr.authorizedAdminRoles(Session session)
This function returns the authorized admin roles associated with a session based on hierarchical relationships.
|
Set<String> |
ReviewMgr.authorizedPermissionRoles(Permission perm)
Return all role names that have been authorized for a given permission.
|
Set<String> |
ReviewMgr.authorizedPermissionUsers(Permission perm)
Return all userIds that have been authorized for a given permission.
|
Set<String> |
AccessMgr.authorizedRoles(Session session)
This function returns the authorized roles associated with a session based on hierarchical relationships.
|
Set<String> |
ReviewMgr.authorizedRoles(User user)
This function returns the set of roles authorized for a given user.
|
List<User> |
ReviewMgr.authorizedUsers(Role role)
This function returns the set of users authorized to a given role, i.e., the users that are assigned to a role that
inherits the given role.
|
boolean |
DelAccessMgr.canAssign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized assignment control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgr.canDeassign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized revoke control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgr.canGrant(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized assignment control over
Permission-Role Assignment (PRA).
|
boolean |
DelAccessMgr.canRevoke(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized revoke control over
Permission-Role Assignment (PRA).
|
void |
AdminMgr.changePassword(User user,
char[] newPassword)
Method will change user's password.
|
boolean |
AccelMgr.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
AccessMgr.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
DelAccessMgr.checkAccess(Session session,
Permission perm)
This function returns a Boolean value meaning whether the subject of a given session is
allowed or not to perform a given operation on a given object.
|
SDSet |
AdminMgr.createDsdSet(SDSet dsdSet)
This command creates a named DSD set of roles and sets an associated cardinality n.
|
static PwPolicyMgr |
PwPolicyMgrFactory.createInstance()
Create and return a reference to
PwPolicyMgr object using HOME context. |
static AdminMgr |
AdminMgrFactory.createInstance()
Create and return a reference to
AdminMgr object using HOME context. |
static DelReviewMgr |
DelReviewMgrFactory.createInstance()
Create and return a reference to
DelReviewMgr object using HOME context. |
static AuditMgr |
AuditMgrFactory.createInstance()
Create and return a reference to
AuditMgr object using HOME context. |
static DelAdminMgr |
DelAdminMgrFactory.createInstance()
Create and return a reference to
DelAdminMgr object using HOME context. |
static AccessMgr |
AccessMgrFactory.createInstance()
Create and return a reference to
AccessMgr object using HOME context. |
static ReviewMgr |
ReviewMgrFactory.createInstance()
Create and return a reference to
ReviewMgr object using HOME context. |
static DelAccessMgr |
DelAccessMgrFactory.createInstance()
Create and return a reference to
DelAccessMgr object using HOME context. |
static GroupMgr |
GroupMgrFactory.createInstance()
Create and return a reference to
GroupMgr object using HOME context. |
static AccelMgr |
AccelMgrFactory.createInstance()
Create and return a reference to
AccelMgr object using HOME context. |
static ConfigMgr |
ConfigMgrFactory.createInstance()
Create and return a reference to
ConfigMgr object. |
static PwPolicyMgr |
PwPolicyMgrFactory.createInstance(Session adminSess)
Create and return a reference to
PwPolicyMgr object using HOME context. |
static AdminMgr |
AdminMgrFactory.createInstance(Session adminSess)
Create and return a reference to
AdminMgr object using HOME context. |
static DelReviewMgr |
DelReviewMgrFactory.createInstance(Session adminSess)
Create and return a reference to
DelReviewMgr object using HOME context. |
static AuditMgr |
AuditMgrFactory.createInstance(Session adminSess)
Create and return a reference to
AuditMgr object using HOME context. |
static DelAdminMgr |
DelAdminMgrFactory.createInstance(Session adminSess)
Create and return a reference to
DelAdminMgr object using HOME context. |
static ReviewMgr |
ReviewMgrFactory.createInstance(Session adminSess)
Create and return a reference to
ReviewMgr object using HOME context. |
static DelAccessMgr |
DelAccessMgrFactory.createInstance(Session adminSess)
Create and return a reference to
DelAccessMgr object using HOME context. |
static GroupMgr |
GroupMgrFactory.createInstance(Session adminSess)
Create and return a reference to
GroupMgr object using HOME context. |
static PwPolicyMgr |
PwPolicyMgrFactory.createInstance(String contextId)
Create and return a reference to
PwPolicyMgr object. |
static AdminMgr |
AdminMgrFactory.createInstance(String contextId)
Create and return a reference to
AdminMgr object. |
static DelReviewMgr |
DelReviewMgrFactory.createInstance(String contextId)
Create and return a reference to
DelReviewMgr object. |
static AuditMgr |
AuditMgrFactory.createInstance(String contextId)
Create and return a reference to
AuditMgr object. |
static DelAdminMgr |
DelAdminMgrFactory.createInstance(String contextId)
Create and return a reference to
DelAdminMgr object. |
static AccessMgr |
AccessMgrFactory.createInstance(String contextId)
Create and return a reference to
AccessMgr object. |
static ReviewMgr |
ReviewMgrFactory.createInstance(String contextId)
Create and return a reference to
ReviewMgr object. |
static DelAccessMgr |
DelAccessMgrFactory.createInstance(String contextId)
Create and return a reference to
DelAccessMgr object. |
static GroupMgr |
GroupMgrFactory.createInstance(String contextId)
Create and return a reference to
GroupMgr object. |
static AccelMgr |
AccelMgrFactory.createInstance(String contextId)
Create and return a reference to
AccelMgr object. |
static ConfigMgr |
ConfigMgrFactory.createInstance(String configClassName,
boolean IS_REST) |
static PwPolicyMgr |
PwPolicyMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
PwPolicyMgr object. |
static AdminMgr |
AdminMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
AdminMgr object. |
static DelReviewMgr |
DelReviewMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
DelReviewMgr object. |
static AuditMgr |
AuditMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
AuditMgr object. |
static DelAdminMgr |
DelAdminMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
DelAdminMgr object. |
static ReviewMgr |
ReviewMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
ReviewMgr object. |
static DelAccessMgr |
DelAccessMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
DelAccessMgr object. |
static GroupMgr |
GroupMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
GroupMgr object. |
Session |
AccelMgr.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations. |
Session |
AccessMgr.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations.This method must be called once per user prior to calling other methods within this class. |
SDSet |
AdminMgr.createSsdSet(SDSet ssdSet)
This command creates a named SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
Group |
GroupMgr.deassign(Group group,
String member)
Deassign a member from an existing group node.
|
void |
DelAdminMgr.deassignUser(UserAdminRole uAdminRole)
This method removes assigned admin role from user entity.
|
void |
AdminMgr.deassignUser(UserRole uRole)
This command deletes the assignment of the User from the Role entities.
|
Group |
GroupMgr.delete(Group group)
Delete existing group node.
|
Group |
GroupMgr.delete(Group group,
String key,
String value)
Delete existing group node.
|
OrgUnit |
DelAdminMgr.delete(OrgUnit entity)
Commands deletes existing OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgr.delete(PwPolicy policy)
This method will delete exiting policy entry from the POLICIES data set.
|
void |
ConfigMgr.delete(String name)
Completely removes named cfg node from the directory.
|
void |
ConfigMgr.delete(String name,
Properties inProps)
Delete properties from existing cfg node.
|
SDSet |
AdminMgr.deleteDsdRoleMember(SDSet dsdSet,
Role role)
This command removes a role from a named DSD set of roles.
|
SDSet |
AdminMgr.deleteDsdSet(SDSet dsdSet)
This command deletes a DSD role set completely.
|
void |
DelAdminMgr.deleteInheritance(AdminRole parentRole,
AdminRole childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
DelAdminMgr.deleteInheritance(OrgUnit parent,
OrgUnit child)
This command deletes an existing immediate inheritance relationship parent <<-- child.
|
void |
AdminMgr.deleteInheritance(Role parentRole,
Role childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
PwPolicyMgr.deletePasswordPolicy(String userId)
This method will remove the pw policy assignment from a user entity.
|
void |
AdminMgr.deletePasswordPolicy(User user)
Method will delete user's password policy designation.
|
void |
DelAdminMgr.deletePermission(Permission perm)
This method will remove administrative permission operation entity from permission object.
|
void |
AdminMgr.deletePermission(Permission perm)
This method will remove permission operation entity from permission object.
|
void |
DelAdminMgr.deletePermObj(PermObj pObj)
This method will remove administrative permission object from perms container in directory.
|
void |
AdminMgr.deletePermObj(PermObj pObj)
This method will remove permission object to perms container in directory.
|
void |
DelAdminMgr.deleteRole(AdminRole role)
This command deletes an existing admin role from the ARBAC database.
|
void |
AdminMgr.deleteRole(Role role)
This command deletes an existing role from the RBAC database.
|
void |
AccelMgr.deleteSession(Session session)
This function deletes a fortress session from the RBAC Policy Decision Point inside OpenLDAP RBAC Accelerator.
|
SDSet |
AdminMgr.deleteSsdRoleMember(SDSet ssdSet,
Role role)
This command removes a role from a named SSD set of roles.
|
SDSet |
AdminMgr.deleteSsdSet(SDSet ssdSet)
This command deletes a SSD role set completely.
|
void |
AdminMgr.deleteUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
AdminMgr.disableUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
DelAccessMgr.dropActiveRole(Session session,
UserAdminRole role)
This function deactivates adminRole from the active adminRole set of a session owned by a given user.
|
void |
AccelMgr.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
void |
AccessMgr.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
SDSet |
ReviewMgr.dsdRoleSet(SDSet set)
This function returns the DSD data set that matches a particular set name.
|
int |
ReviewMgr.dsdRoleSetCardinality(SDSet dsd)
This function returns the cardinality associated with a DSD role set.
|
Set<String> |
ReviewMgr.dsdRoleSetRoles(SDSet dsd)
This function returns the set of roles of a DSD role set.
|
List<SDSet> |
ReviewMgr.dsdRoleSets(Role role)
This function returns the list of all dSD role sets that have a particular Role as member or Role's
parent as a member.
|
List<SDSet> |
ReviewMgr.dsdSets(SDSet dsd)
This function returns the list of DSDs that match a given dsd name value.
|
List<Group> |
GroupMgr.find(Group group)
Search using a full or partial group node.
|
List<Group> |
GroupMgr.find(User user)
Search for groups by userId.
|
List<Permission> |
ReviewMgr.findAnyPermissions(Permission permission)
Method returns a list of Permissions that match any part of the permission object or operation.
|
List<Permission> |
ReviewMgr.findPermissions(Permission permission)
Method returns a list of type Permission that match the perm object search string.
|
List<PermObj> |
ReviewMgr.findPermObjs(OrgUnit ou)
Method returns a list of type Permission that match the perm object search string.
|
List<PermObj> |
ReviewMgr.findPermObjs(PermObj permObj)
Method returns a list of type PermObj that match the perm object search string.
|
List<Permission> |
ReviewMgr.findPermsByObj(PermObj permObj)
Method returns Permission operations for the provided permission object
|
List<Role> |
ReviewMgr.findRoles(String searchVal)
Method will return a list of type Role matching all or part of Role name,
Role.name . |
List<AdminRole> |
DelReviewMgr.findRoles(String searchVal)
Method will return a list of type Admin Role.
|
List<String> |
ReviewMgr.findRoles(String searchVal,
int limit)
Method returns a list of roles of type String.
|
List<User> |
ReviewMgr.findUsers(OrgUnit ou)
Return a list of type User of all users in the people container that match the name field passed in OrgUnit entity.
|
List<User> |
ReviewMgr.findUsers(User user)
Return a list of type User of all users in the people container that match all or part of the
User.userId
field passed in User entity. |
List<String> |
ReviewMgr.findUsers(User user,
int limit)
Return a list of type String of all users in the people container that match the userId field passed in User entity.
|
User |
AccessMgr.getUser(Session session)
This function returns the user object that is contained within the session object.
|
List<AuthZ> |
AuditMgr.getUserAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId
and given timestamp field UserAudit.beginDate .Method also can discriminate between all events or failed only by setting UserAudit.failedOnly . |
String |
AccessMgr.getUserId(Session session)
This function returns the userId value that is contained within the session object.
|
void |
DelAdminMgr.grantPermission(Permission perm,
AdminRole role)
This command grants an AdminRole the administrative permission to perform an operation on an object to a role.
|
void |
AdminMgr.grantPermission(Permission perm,
Role role)
This command grants a role the permission to perform an operation on an object to a role.
|
void |
DelAdminMgr.grantPermission(Permission perm,
User user)
This command grants a user the administrative permission to perform an operation on an object to a user.
|
void |
AdminMgr.grantPermission(Permission perm,
User user)
This command grants a user the permission to perform an operation on an object to a role.
|
void |
AdminMgr.lockUserAccount(User user)
Method will lock user's password which will prevent the user from authenticating with directory.
|
List<String> |
ReviewMgr.permissionRoles(Permission perm)
Return a list of type String of all roles that have granted a particular permission.
|
List<String> |
ReviewMgr.permissionUsers(Permission perm)
Return all userIds that have been granted (directly) a particular permission.
|
Group |
GroupMgr.read(Group group)
Read an existing group node.
|
OrgUnit |
DelReviewMgr.read(OrgUnit entity)
Commands reads existing OrgUnit entity from OrgUnit dataset.
|
Properties |
ConfigMgr.read(String name)
Read an existing cfg node with given name and return to caller.
|
PwPolicy |
PwPolicyMgr.read(String name)
This method will return the password policy entity to the caller.
|
Permission |
ReviewMgr.readPermission(Permission permission)
This method returns a matching permission entity to caller.
|
PermObj |
ReviewMgr.readPermObj(PermObj permObj)
Method reads permission object from perm container in directory.
|
AdminRole |
DelReviewMgr.readRole(AdminRole role)
Method reads Admin Role entity from the admin role container in directory.
|
Role |
ReviewMgr.readRole(Role role)
Method reads Role entity from the role container in directory.
|
User |
ReviewMgr.readUser(User user)
Method returns matching User entity that is contained within the people container in the directory.
|
void |
AdminMgr.resetPassword(User user,
char[] newPassword)
Method will reset user's password which will require user to change password before successful authentication with
directory.
|
void |
DelAdminMgr.revokePermission(Permission perm,
AdminRole role)
This command revokes the administrative permission to perform an operation on an object from the set
of permissions assigned to an AdminRole.
|
void |
AdminMgr.revokePermission(Permission perm,
Role role)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a role.
|
void |
DelAdminMgr.revokePermission(Permission perm,
User user)
This command revokes the administrative permission to perform an operation on an object from the set
of permissions assigned to a user.
|
void |
AdminMgr.revokePermission(Permission perm,
User user)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a user.
|
List<Permission> |
DelReviewMgr.rolePermissions(AdminRole role)
This function returns the set of all ARBAC permissions (op, obj), granted to or inherited by a
given ARBAC role.
|
List<Permission> |
DelReviewMgr.rolePermissions(AdminRole role,
boolean noInheritance)
This function returns the set of all ARBAC permissions (op, obj), granted to or inherited by a
given ARBAC role.
|
List<Permission> |
ReviewMgr.rolePermissions(Role role)
This function returns the set of all permissions (op, obj), granted to or inherited by a
given role.
|
List<Permission> |
ReviewMgr.rolePermissions(Role role,
boolean noInheritance)
This function returns the set of all permissions (op, obj), granted to or inherited by a
given role.
|
List<OrgUnit> |
DelReviewMgr.search(OrgUnit.Type type,
String searchVal)
Commands searches existing OrgUnit entities from OrgUnit dataset.
|
List<PwPolicy> |
PwPolicyMgr.search(String searchVal)
This method will return a list of all password policy entities that match a particular search string.
|
List<Mod> |
AuditMgr.searchAdminMods(UserAudit uAudit)
This method returns a list of admin operations events for a particular entity
UserAudit.dn ,
object UserAudit.objName and timestamp UserAudit.beginDate . |
List<AuthZ> |
AuditMgr.searchAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId ,
object UserAudit.objName , and given timestamp field
UserAudit.beginDate .Method also can discriminate between all events or failed only by setting flag UserAudit.failedOnly .. |
List<Bind> |
AuditMgr.searchBinds(UserAudit uAudit)
This method returns a list of authentication audit events for a particular user
UserAudit.userId ,
and given timestamp field UserAudit.beginDate . |
List<AuthZ> |
AuditMgr.searchInvalidUsers(UserAudit uAudit)
This method returns a list of failed authentication attempts on behalf of an invalid identity
UserAudit.userId , and given timestamp UserAudit.beginDate . |
List<Mod> |
AuditMgr.searchUserSessions(UserAudit uAudit)
This method returns a list of sessions created for a given user
UserAudit.userId ,
and timestamp UserAudit.beginDate . |
List<UserAdminRole> |
DelAccessMgr.sessionAdminRoles(Session session)
This function returns the active admin roles associated with a session.
|
List<Permission> |
AccelMgr.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
AccessMgr.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
DelAccessMgr.sessionPermissions(Session session)
This function returns the ARBAC (administrative) permissions of the session, i.e., the permissions assigned
to its authorized admin roles.
|
List<UserRole> |
AccelMgr.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
List<UserRole> |
AccessMgr.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
SDSet |
AdminMgr.setDsdSetCardinality(SDSet dsdSet,
int cardinality)
This command sets the cardinality associated with a given DSD role set.
|
SDSet |
AdminMgr.setSsdSetCardinality(SDSet ssdSet,
int cardinality)
This command sets the cardinality associated with a given SSD role set.
|
SDSet |
ReviewMgr.ssdRoleSet(SDSet set)
This function returns the SSD data set that matches a particular set name.
|
int |
ReviewMgr.ssdRoleSetCardinality(SDSet ssd)
This function returns the cardinality associated with a SSD role set.
|
Set<String> |
ReviewMgr.ssdRoleSetRoles(SDSet ssd)
This function returns the set of roles of a SSD role set.
|
List<SDSet> |
ReviewMgr.ssdRoleSets(Role role)
This function returns the list of all SSD role sets that have a particular Role as member or Role's
parent as a member.
|
List<SDSet> |
ReviewMgr.ssdSets(SDSet ssd)
This function returns the list of SSDs that match a given ssd name value.
|
void |
AdminMgr.unlockUserAccount(User user)
Method will unlock user's password which will enable user to authenticate with directory.
|
Group |
GroupMgr.update(Group group)
Modify existing group node.
|
OrgUnit |
DelAdminMgr.update(OrgUnit entity)
Commands updates existing OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgr.update(PwPolicy policy)
This method will update an exiting policy entry to the POLICIES data set.
|
Properties |
ConfigMgr.update(String name,
Properties inProps)
Update existing cfg node with additional properties, or, replace existing properties.
|
SDSet |
AdminMgr.updateDsdSet(SDSet dsdSet)
This command updates existing DSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
Permission |
DelAdminMgr.updatePermission(Permission perm)
This method will update administrative permission operation pre-existing in target directory under
ou=AdminPerms,ou=ARBAC,dc=yourHostName,dc=com container in directory information tree. |
Permission |
AdminMgr.updatePermission(Permission perm)
This method will update permission operation pre-existing in target directory under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
DelAdminMgr.updatePermObj(PermObj pObj)
This method will update administrative permission object in perms container in directory.
|
PermObj |
AdminMgr.updatePermObj(PermObj pObj)
This method will update permission object in perms container in directory.
|
AdminRole |
DelAdminMgr.updateRole(AdminRole role)
Method will update an AdminRole entity in the directory.
|
Role |
AdminMgr.updateRole(Role role)
Method will update a Role entity in the directory.
|
SDSet |
AdminMgr.updateSsdSet(SDSet ssdSet)
This command updates existing SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
User |
AdminMgr.updateUser(User user)
This method performs an update on User entity in directory.
|
void |
PwPolicyMgr.updateUserPolicy(String userId,
String policyName)
This method will associate a user entity with a password policy entity.
|
List<Permission> |
ReviewMgr.userPermissions(User user)
This function returns the set of permissions a given user gets through his/her authorized
roles.
|
Modifier and Type | Method and Description |
---|---|
Group |
GroupMgrImpl.add(Group group)
Create a new group node.,
|
Group |
GroupMgrImpl.add(Group group,
String key,
String value)
Add a property to an existing group node.
|
void |
OrganizationalUnitP.add(OrganizationalUnit orgUnit)
Add a new container to the Directory Information Tree (DIT).
|
OrgUnit |
DelAdminMgrImpl.add(OrgUnit entity)
Commands adds a new OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgrImpl.add(PwPolicy policy)
This method will add a new policy entry to the POLICIES data set.
|
Properties |
ConfigMgrImpl.add(String name,
Properties inProps)
Create a new cfg node with given name and properties.
|
void |
SuffixP.add(Suffix suffix)
Add a new suffix to the Directory Information Tree (DIT).
|
void |
DelAccessMgrImpl.addActiveRole(Session session,
UserAdminRole role)
This function adds an adminRole as an active role of a session whose owner is a given user.
|
void |
AccessMgrImpl.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
AccelMgrImpl.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
DelAdminMgrImpl.addAscendant(AdminRole childRole,
AdminRole parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
DelAdminMgrImpl.addAscendant(OrgUnit child,
OrgUnit parent)
This command creates a new orgunit parent, and inserts it in the orgunit hierarchy as an immediate ascendant of
the existing child orgunit.
|
void |
AdminMgrImpl.addAscendant(Role childRole,
Role parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
DelAdminMgrImpl.addDescendant(AdminRole parentRole,
AdminRole childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
void |
DelAdminMgrImpl.addDescendant(OrgUnit parent,
OrgUnit child)
This command creates a new orgunit child, and inserts it in the orgunit hierarchy as an immediate descendant of
the existing orgunit parent.
|
void |
AdminMgrImpl.addDescendant(Role parentRole,
Role childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
SDSet |
AdminMgrImpl.addDsdRoleMember(SDSet dsdSet,
Role role)
This command adds a role to a named DSD set of roles.
|
void |
DelAdminMgrImpl.addInheritance(AdminRole parentRole,
AdminRole childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
void |
DelAdminMgrImpl.addInheritance(OrgUnit parent,
OrgUnit child)
This command establishes a new immediate inheritance relationship with parent orgunit <<-- child orgunit
|
void |
AdminMgrImpl.addInheritance(Role parentRole,
Role childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
Permission |
AdminMgrImpl.addPermission(Permission perm)
This method will add permission operation to an existing permission object which resides under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
Permission |
DelAdminMgrImpl.addPermission(Permission perm)
This method will add an administrative permission operation to an existing permission object which resides under
ou=AdminPerms,ou=ARBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
AdminMgrImpl.addPermObj(PermObj pObj)
This method will add permission object to perms container in directory.
|
PermObj |
DelAdminMgrImpl.addPermObj(PermObj pObj)
This method will add administrative permission object to admin perms container in directory.
|
AdminRole |
DelAdminMgrImpl.addRole(AdminRole role)
This command creates a new admin role.
|
Role |
AdminMgrImpl.addRole(Role role)
This command creates a new role.
|
SDSet |
AdminMgrImpl.addSsdRoleMember(SDSet ssdSet,
Role role)
This command adds a role to a named SSD set of roles.
|
User |
AdminMgrImpl.addUser(User user)
This command creates a new RBAC user.
|
Group |
GroupMgrImpl.assign(Group group,
String member)
Assign a user to an existing group node.
|
List<String> |
ReviewMgrImpl.assignedRoles(String userId)
This function returns the set of roles assigned to a given user.
|
List<UserRole> |
ReviewMgrImpl.assignedRoles(User user)
This function returns the set of roles assigned to a given user.
|
List<UserAdminRole> |
DelReviewMgrImpl.assignedRoles(User user)
This function returns the set of admin roles assigned to a given user.
|
List<User> |
DelReviewMgrImpl.assignedUsers(AdminRole role)
This method returns the data set of all users who are assigned the given admin role.
|
List<User> |
ReviewMgrImpl.assignedUsers(Role role)
This method returns the data set of all users who are assigned the given role.
|
List<String> |
ReviewMgrImpl.assignedUsers(Role role,
int limit)
This function returns the set of users assigned to a given role.
|
void |
DelAdminMgrImpl.assignUser(UserAdminRole uAdminRole)
This command assigns a user to an admin role.
|
void |
AdminMgrImpl.assignUser(UserRole uRole)
This command assigns a user to a role.
|
Session |
AccessMgrImpl.authenticate(String userId,
char[] password)
Perform user authentication only.
|
Set<String> |
DelAccessMgrImpl.authorizedAdminRoles(Session session)
This function returns the authorized admin roles associated with a session based on hierarchical relationships.
|
Set<String> |
ReviewMgrImpl.authorizedPermissionRoles(Permission perm)
Return all role names that have been authorized for a given permission.
|
Set<String> |
ReviewMgrImpl.authorizedPermissionUsers(Permission perm)
Return all userIds that have been authorized for a given permission.
|
Set<String> |
AccessMgrImpl.authorizedRoles(Session session)
This function returns the authorized roles associated with a session based on hierarchical relationships.
|
Set<String> |
ReviewMgrImpl.authorizedRoles(User user)
This function returns the set of roles authorized for a given user.
|
List<User> |
ReviewMgrImpl.authorizedUsers(Role role)
This function returns the set of users authorized to a given role, i.e., the users that are assigned to a role that
inherits the given role.
|
boolean |
DelAccessMgrImpl.canAssign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized assignment control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrImpl.canDeassign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized revoke control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrImpl.canGrant(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized assignment control over
Permission-Role Assignment (PRA).
|
boolean |
DelAccessMgrImpl.canRevoke(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized revoke control over
Permission-Role Assignment (PRA).
|
void |
AdminMgrImpl.changePassword(User user,
char[] newPassword)
Method will change user's password.
|
boolean |
AccessMgrImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
DelAccessMgrImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
AccelMgrImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
protected void |
Manageable.checkAccess(String className,
String opName)
Every Fortress Manager API (e.g.
|
SDSet |
AdminMgrImpl.createDsdSet(SDSet dsdSet)
This command creates a named DSD set of roles and sets an associated cardinality n.
|
Session |
AccessMgrImpl.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations.This method must be called once per user prior to calling other methods within this class. |
Session |
AccelMgrImpl.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations. |
SDSet |
AdminMgrImpl.createSsdSet(SDSet ssdSet)
This command creates a named SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
Group |
GroupMgrImpl.deassign(Group group,
String member)
Deassign a member from an existing group node.
|
void |
DelAdminMgrImpl.deassignUser(UserAdminRole uAdminRole)
This method removes assigned admin role from user entity.
|
void |
AdminMgrImpl.deassignUser(UserRole uRole)
This command deletes the assignment of the User from the Role entities.
|
Group |
GroupMgrImpl.delete(Group group)
Delete existing group node.
|
Group |
GroupMgrImpl.delete(Group group,
String key,
String value)
Delete existing group node.
|
void |
OrganizationalUnitP.delete(OrganizationalUnit orgUnit)
Remove a container from the Directory Information Tree (DIT).
|
OrgUnit |
DelAdminMgrImpl.delete(OrgUnit entity)
Commands deletes existing OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgrImpl.delete(PwPolicy policy)
This method will delete exiting policy entry from the POLICIES data set.
|
void |
ConfigMgrImpl.delete(String name)
Completely removes named cfg node from the directory.
|
void |
ConfigMgrImpl.delete(String name,
Properties inProps)
Delete properties from existing cfg node.
|
void |
SuffixP.delete(Suffix suffix)
Remove the suffix along with descendant nodes.
|
SDSet |
AdminMgrImpl.deleteDsdRoleMember(SDSet dsdSet,
Role role)
This command removes a role from a named DSD set of roles.
|
SDSet |
AdminMgrImpl.deleteDsdSet(SDSet dsdSet)
This command deletes a DSD role set completely.
|
void |
DelAdminMgrImpl.deleteInheritance(AdminRole parentRole,
AdminRole childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
DelAdminMgrImpl.deleteInheritance(OrgUnit parent,
OrgUnit child)
This command deletes an existing immediate inheritance relationship parent <<-- child.
|
void |
AdminMgrImpl.deleteInheritance(Role parentRole,
Role childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
PwPolicyMgrImpl.deletePasswordPolicy(String userId)
This method will remove the pw policy assignment from a user entity.
|
void |
AdminMgrImpl.deletePasswordPolicy(User user)
Method will delete user's password policy designation.
|
void |
AdminMgrImpl.deletePermission(Permission perm)
This method will remove permission operation entity from permission object.
|
void |
DelAdminMgrImpl.deletePermission(Permission perm)
This method will remove administrative permission operation entity from permission object.
|
void |
AdminMgrImpl.deletePermObj(PermObj pObj)
This method will remove permission object to perms container in directory.
|
void |
DelAdminMgrImpl.deletePermObj(PermObj pObj)
This method will remove administrative permission object from perms container in directory.
|
void |
DelAdminMgrImpl.deleteRole(AdminRole role)
This command deletes an existing admin role from the ARBAC database.
|
void |
AdminMgrImpl.deleteRole(Role role)
This command deletes an existing role from the RBAC database.
|
void |
AccelMgrImpl.deleteSession(Session session)
This function deletes a fortress session from the RBAC Policy Decision Point inside OpenLDAP RBAC Accelerator.
|
SDSet |
AdminMgrImpl.deleteSsdRoleMember(SDSet ssdSet,
Role role)
This command removes a role from a named SSD set of roles.
|
SDSet |
AdminMgrImpl.deleteSsdSet(SDSet ssdSet)
This command deletes a SSD role set completely.
|
void |
AdminMgrImpl.deleteUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
AdminMgrImpl.disableUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
DelAccessMgrImpl.dropActiveRole(Session session,
UserAdminRole role)
This function deactivates adminRole from the active adminRole set of a session owned by a given user.
|
void |
AccessMgrImpl.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
void |
AccelMgrImpl.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
SDSet |
ReviewMgrImpl.dsdRoleSet(SDSet set)
This function returns the DSD data set that matches a particular set name.
|
int |
ReviewMgrImpl.dsdRoleSetCardinality(SDSet dsd)
This function returns the cardinality associated with a DSD role set.
|
Set<String> |
ReviewMgrImpl.dsdRoleSetRoles(SDSet dsd)
This function returns the set of roles of a DSD role set.
|
List<SDSet> |
ReviewMgrImpl.dsdRoleSets(Role role)
This function returns the list of all dSD role sets that have a particular Role as member or Role's
parent as a member.
|
List<SDSet> |
ReviewMgrImpl.dsdSets(SDSet ssd)
This function returns the list of DSDs that match a given dsd name value.
|
List<Group> |
GroupMgrImpl.find(Group group)
Search using a full or partial group node.
|
List<Group> |
GroupMgrImpl.find(User user)
Search for groups by userId.
|
List<Permission> |
ReviewMgrImpl.findAnyPermissions(Permission permission)
Method returns a list of Permissions that match any part of the permission object or operation.
|
List<Permission> |
ReviewMgrImpl.findPermissions(Permission permission)
Method returns a list of type Permission that match the perm object search string.
|
List<PermObj> |
ReviewMgrImpl.findPermObjs(OrgUnit ou)
Method returns a list of type Permission that match the perm object search string.
|
List<PermObj> |
ReviewMgrImpl.findPermObjs(PermObj permObj)
Method returns a list of type PermObj that match the perm object search string.
|
List<Permission> |
ReviewMgrImpl.findPermsByObj(PermObj permObj)
Method returns Permission operations for the provided permission object
|
List<Role> |
ReviewMgrImpl.findRoles(String searchVal)
Method will return a list of type Role matching all or part of Role name,
Role.name . |
List<AdminRole> |
DelReviewMgrImpl.findRoles(String searchVal)
Method will return a list of type Admin Role.
|
List<String> |
ReviewMgrImpl.findRoles(String searchVal,
int limit)
Method returns a list of roles of type String.
|
List<User> |
ReviewMgrImpl.findUsers(OrgUnit ou)
Return a list of type User of all users in the people container that match the name field passed in OrgUnit entity.
|
List<User> |
ReviewMgrImpl.findUsers(User user)
Return a list of type User of all users in the people container that match all or part of the
User.userId
field passed in User entity. |
List<String> |
ReviewMgrImpl.findUsers(User user,
int limit)
Return a list of type String of all users in the people container that match the userId field passed in User entity.
|
User |
AccessMgrImpl.getUser(Session session)
This function returns the user object that is contained within the session object.
|
List<AuthZ> |
AuditMgrImpl.getUserAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId
and given timestamp field UserAudit.beginDate .Method also can discriminate between all events or failed only by setting UserAudit.failedOnly . |
String |
AccessMgrImpl.getUserId(Session session)
This function returns the userId value that is contained within the session object.
|
void |
DelAdminMgrImpl.grantPermission(Permission perm,
AdminRole role)
This command grants an AdminRole the administrative permission to perform an operation on an object to a role.
|
void |
AdminMgrImpl.grantPermission(Permission perm,
Role role)
This command grants a role the permission to perform an operation on an object to a role.
|
void |
AdminMgrImpl.grantPermission(Permission perm,
User user)
This command grants a user the permission to perform an operation on an object to a role.
|
void |
DelAdminMgrImpl.grantPermission(Permission perm,
User user)
This command grants a user the administrative permission to perform an operation on an object to a user.
|
void |
AdminMgrImpl.lockUserAccount(User user)
Method will lock user's password which will prevent the user from authenticating with directory.
|
List<String> |
ReviewMgrImpl.permissionRoles(Permission perm)
Return a list of type String of all roles that have granted a particular permission.
|
List<String> |
ReviewMgrImpl.permissionUsers(Permission perm)
Return all userIds that have been granted (directly) a particular permission.
|
Group |
GroupMgrImpl.read(Group group)
Read an existing group node.
|
OrgUnit |
DelReviewMgrImpl.read(OrgUnit entity)
Commands reads existing OrgUnit entity from OrgUnit dataset.
|
PwPolicy |
PwPolicyMgrImpl.read(String name)
This method will return the password policy entity to the caller.
|
Properties |
ConfigMgrImpl.read(String name)
Read an existing cfg node with given name and return to caller.
|
Permission |
ReviewMgrImpl.readPermission(Permission permission)
This method returns a matching permission entity to caller.
|
PermObj |
ReviewMgrImpl.readPermObj(PermObj permObj)
Method reads permission object from perm container in directory.
|
AdminRole |
DelReviewMgrImpl.readRole(AdminRole role)
Method reads Admin Role entity from the admin role container in directory.
|
Role |
ReviewMgrImpl.readRole(Role role)
Method reads Role entity from the role container in directory.
|
User |
ReviewMgrImpl.readUser(User user)
Method returns matching User entity that is contained within the people container in the directory.
|
void |
AdminMgrImpl.resetPassword(User user,
char[] newPassword)
Method will reset user's password which will require user to change password before successful authentication with
directory.
|
void |
DelAdminMgrImpl.revokePermission(Permission perm,
AdminRole role)
This command revokes the administrative permission to perform an operation on an object from the set
of permissions assigned to an AdminRole.
|
void |
AdminMgrImpl.revokePermission(Permission perm,
Role role)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a role.
|
void |
AdminMgrImpl.revokePermission(Permission perm,
User user)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a user.
|
void |
DelAdminMgrImpl.revokePermission(Permission perm,
User user)
This command revokes the administrative permission to perform an operation on an object from the set
of permissions assigned to a user.
|
List<Permission> |
DelReviewMgrImpl.rolePermissions(AdminRole role)
This function returns the set of all ARBAC permissions (op, obj), granted to or inherited by a
given ARBAC role.
|
List<Permission> |
DelReviewMgrImpl.rolePermissions(AdminRole role,
boolean noInheritance)
This function returns the set of all ARBAC permissions (op, obj), granted to or inherited by a
given ARBAC role.
|
List<Permission> |
ReviewMgrImpl.rolePermissions(Role role)
This function returns the set of all permissions (op, obj), granted to or inherited by a
given role.
|
List<Permission> |
ReviewMgrImpl.rolePermissions(Role role,
boolean noInheritance)
This function returns the set of all permissions (op, obj), granted to or inherited by a
given role.
|
List<OrgUnit> |
DelReviewMgrImpl.search(OrgUnit.Type type,
String searchVal)
Commands searches existing OrgUnit entities from OrgUnit dataset.
|
List<PwPolicy> |
PwPolicyMgrImpl.search(String searchVal)
This method will return a list of all password policy entities that match a particular search string.
|
List<Mod> |
AuditMgrImpl.searchAdminMods(UserAudit uAudit)
This method returns a list of admin operations events for a particular entity
UserAudit.dn ,
object UserAudit.objName and timestamp UserAudit.beginDate . |
List<AuthZ> |
AuditMgrImpl.searchAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId ,
object UserAudit.objName , and given timestamp field
UserAudit.beginDate .Method also can discriminate between all events or failed only by setting flag UserAudit.failedOnly .. |
List<Bind> |
AuditMgrImpl.searchBinds(UserAudit uAudit)
This method returns a list of authentication audit events for a particular user
UserAudit.userId ,
and given timestamp field UserAudit.beginDate . |
List<AuthZ> |
AuditMgrImpl.searchInvalidUsers(UserAudit uAudit)
This method returns a list of failed authentication attempts on behalf of an invalid identity
UserAudit.userId , and given timestamp UserAudit.beginDate . |
List<Mod> |
AuditMgrImpl.searchUserSessions(UserAudit uAudit)
This method returns a list of sessions created for a given user
UserAudit.userId ,
and timestamp UserAudit.beginDate . |
List<UserAdminRole> |
DelAccessMgrImpl.sessionAdminRoles(Session session)
This function returns the active admin roles associated with a session.
|
List<Permission> |
AccessMgrImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
DelAccessMgrImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
AccelMgrImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<UserRole> |
AccessMgrImpl.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
List<UserRole> |
AccelMgrImpl.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
SDSet |
AdminMgrImpl.setDsdSetCardinality(SDSet dsdSet,
int cardinality)
This command sets the cardinality associated with a given DSD role set.
|
protected void |
Manageable.setEntitySession(String className,
String opName,
FortEntity entity)
Set A/RBAC session on entity and perform authorization on behalf of the caller if the
Manageable.adminSess is set. |
SDSet |
AdminMgrImpl.setSsdSetCardinality(SDSet ssdSet,
int cardinality)
This command sets the cardinality associated with a given SSD role set.
|
SDSet |
ReviewMgrImpl.ssdRoleSet(SDSet set)
This function returns the SSD data set that matches a particular set name.
|
int |
ReviewMgrImpl.ssdRoleSetCardinality(SDSet ssd)
This function returns the cardinality associated with a SSD role set.
|
Set<String> |
ReviewMgrImpl.ssdRoleSetRoles(SDSet ssd)
This function returns the set of roles of a SSD role set.
|
List<SDSet> |
ReviewMgrImpl.ssdRoleSets(Role role)
This function returns the list of all SSD role sets that have a particular Role as member or Role's
parent as a member.
|
List<SDSet> |
ReviewMgrImpl.ssdSets(SDSet ssd)
This function returns the list of SSDs that match a given ssd name value.
|
void |
AdminMgrImpl.unlockUserAccount(User user)
Method will unlock user's password which will enable user to authenticate with directory.
|
Group |
GroupMgrImpl.update(Group group)
Modify existing group node.
|
OrgUnit |
DelAdminMgrImpl.update(OrgUnit entity)
Commands updates existing OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgrImpl.update(PwPolicy policy)
This method will update an exiting policy entry to the POLICIES data set.
|
Properties |
ConfigMgrImpl.update(String name,
Properties inProps)
Update existing cfg node with additional properties, or, replace existing properties.
|
SDSet |
AdminMgrImpl.updateDsdSet(SDSet dsdSet)
This command updates existing DSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
Permission |
AdminMgrImpl.updatePermission(Permission perm)
This method will update permission operation pre-existing in target directory under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
Permission |
DelAdminMgrImpl.updatePermission(Permission perm)
This method will update administrative permission operation pre-existing in target directory under
ou=AdminPerms,ou=ARBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
AdminMgrImpl.updatePermObj(PermObj pObj)
This method will update permission object in perms container in directory.
|
PermObj |
DelAdminMgrImpl.updatePermObj(PermObj pObj)
This method will update administrative permission object in perms container in directory.
|
AdminRole |
DelAdminMgrImpl.updateRole(AdminRole role)
Method will update an AdminRole entity in the directory.
|
Role |
AdminMgrImpl.updateRole(Role role)
Method will update a Role entity in the directory.
|
SDSet |
AdminMgrImpl.updateSsdSet(SDSet ssdSet)
This command updates existing SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
User |
AdminMgrImpl.updateUser(User user)
This method performs an update on User entity in directory.
|
void |
PwPolicyMgrImpl.updateUserPolicy(String userId,
String policyName)
This method will associate a user entity with a password policy entity.
|
List<Permission> |
ReviewMgrImpl.userPermissions(User user)
This function returns the set of permissions a given user gets through his/her authorized
roles.
|
int |
DSDChecker.validate(Session session,
Constraint constraint,
Time time,
VUtil.ConstraintType type)
This method is called during entity activation,
VUtil.validateConstraints(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.util.VUtil.ConstraintType, boolean) and ensures the role does not violate dynamic separation of duty constraints. |
Modifier and Type | Method and Description |
---|---|
OrgUnit |
DelAdminMgrRestImpl.add(OrgUnit entity)
Commands adds a new OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgrRestImpl.add(PwPolicy policy)
This method will add a new policy entry to the POLICIES data set.
|
Properties |
ConfigMgrRestImpl.add(String name,
Properties inProperties)
Create a new cfg node with given name and properties.
|
void |
DelAccessMgrRestImpl.addActiveRole(Session session,
UserAdminRole role)
This function adds an adminRole as an active role of a session whose owner is a given user.
|
void |
AccessMgrRestImpl.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
DelAdminMgrRestImpl.addAscendant(AdminRole childRole,
AdminRole parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
DelAdminMgrRestImpl.addAscendant(OrgUnit child,
OrgUnit parent)
This command creates a new orgunit parent, and inserts it in the orgunit hierarchy as an immediate ascendant of
the existing child orgunit.
|
void |
AdminMgrRestImpl.addAscendant(Role childRole,
Role parentRole)
This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
the existing role childRole.
|
void |
DelAdminMgrRestImpl.addDescendant(AdminRole parentRole,
AdminRole childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
void |
DelAdminMgrRestImpl.addDescendant(OrgUnit parent,
OrgUnit child)
This command creates a new orgunit child, and inserts it in the orgunit hierarchy as an immediate descendant of
the existing orgunit parent.
|
void |
AdminMgrRestImpl.addDescendant(Role parentRole,
Role childRole)
This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
the existing role parentRole.
|
SDSet |
AdminMgrRestImpl.addDsdRoleMember(SDSet dsdSet,
Role role)
This command adds a role to a named DSD set of roles.
|
void |
DelAdminMgrRestImpl.addInheritance(AdminRole parentRole,
AdminRole childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
void |
DelAdminMgrRestImpl.addInheritance(OrgUnit parent,
OrgUnit child)
This command establishes a new immediate inheritance relationship with parent orgunit <<-- child orgunit
|
void |
AdminMgrRestImpl.addInheritance(Role parentRole,
Role childRole)
This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
roles parentRole, childRole.
|
Permission |
AdminMgrRestImpl.addPermission(Permission perm)
This method will add permission operation to an existing permission object which resides under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
Permission |
DelAdminMgrRestImpl.addPermission(Permission perm)
This method will add an administrative permission operation to an existing permission object which resides under
ou=AdminPerms,ou=ARBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
AdminMgrRestImpl.addPermObj(PermObj pObj)
This method will add permission object to perms container in directory.
|
PermObj |
DelAdminMgrRestImpl.addPermObj(PermObj pObj)
This method will add administrative permission object to admin perms container in directory.
|
AdminRole |
DelAdminMgrRestImpl.addRole(AdminRole role)
This command creates a new admin role.
|
Role |
AdminMgrRestImpl.addRole(Role role)
This command creates a new role.
|
SDSet |
AdminMgrRestImpl.addSsdRoleMember(SDSet ssdSet,
Role role)
This command adds a role to a named SSD set of roles.
|
User |
AdminMgrRestImpl.addUser(User user)
This command creates a new RBAC user.
|
List<String> |
ReviewMgrRestImpl.assignedRoles(String userId)
This function returns the set of roles assigned to a given user.
|
List<UserAdminRole> |
DelReviewMgrRestImpl.assignedRoles(User user)
This function returns the set of admin roles assigned to a given user.
|
List<UserRole> |
ReviewMgrRestImpl.assignedRoles(User user)
This function returns the set of roles assigned to a given user.
|
List<User> |
DelReviewMgrRestImpl.assignedUsers(AdminRole role)
This method returns the data set of all users who are assigned the given admin role.
|
List<User> |
ReviewMgrRestImpl.assignedUsers(Role role)
This method returns the data set of all users who are assigned the given role.
|
List<String> |
ReviewMgrRestImpl.assignedUsers(Role role,
int limit)
This function returns the set of users assigned to a given role.
|
void |
DelAdminMgrRestImpl.assignUser(UserAdminRole uAdminRole)
This command assigns a user to an admin role.
|
void |
AdminMgrRestImpl.assignUser(UserRole uRole)
This command assigns a user to a role.
|
Session |
AccessMgrRestImpl.authenticate(String userId,
char[] password)
Perform user authentication only.
|
Set<String> |
DelAccessMgrRestImpl.authorizedAdminRoles(Session session)
This function returns the authorized admin roles associated with a session based on hierarchical relationships.
|
Set<String> |
ReviewMgrRestImpl.authorizedPermissionRoles(Permission perm)
Return all role names that have been authorized for a given permission.
|
Set<String> |
ReviewMgrRestImpl.authorizedPermissionUsers(Permission perm)
Return all userIds that have been authorized for a given permission.
|
Set<String> |
AccessMgrRestImpl.authorizedRoles(Session session)
This function returns the authorized roles associated with a session based on hierarchical relationships.
|
Set<String> |
ReviewMgrRestImpl.authorizedRoles(User user)
This function returns the set of roles authorized for a given user.
|
List<User> |
ReviewMgrRestImpl.authorizedUsers(Role role)
This function returns the set of users authorized to a given role, i.e., the users that are assigned to a role that
inherits the given role.
|
boolean |
DelAccessMgrRestImpl.canAssign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized assignment control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrRestImpl.canDeassign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized revoke control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrRestImpl.canGrant(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized assignment control over
Permission-Role Assignment (PRA).
|
boolean |
DelAccessMgrRestImpl.canRevoke(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized revoke control over
Permission-Role Assignment (PRA).
|
void |
AdminMgrRestImpl.changePassword(User user,
char[] newPassword)
Method will change user's password.
|
boolean |
AccessMgrRestImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
DelAccessMgrRestImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
SDSet |
AdminMgrRestImpl.createDsdSet(SDSet dsdSet)
This command creates a named DSD set of roles and sets an associated cardinality n.
|
Session |
AccessMgrRestImpl.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations.This method must be called once per user prior to calling other methods within this class. |
SDSet |
AdminMgrRestImpl.createSsdSet(SDSet ssdSet)
This command creates a named SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
void |
DelAdminMgrRestImpl.deassignUser(UserAdminRole uAdminRole)
This method removes assigned admin role from user entity.
|
void |
AdminMgrRestImpl.deassignUser(UserRole uRole)
This command deletes the assignment of the User from the Role entities.
|
OrgUnit |
DelAdminMgrRestImpl.delete(OrgUnit entity)
Commands deletes existing OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgrRestImpl.delete(PwPolicy policy)
This method will delete exiting policy entry from the POLICIES data set.
|
void |
ConfigMgrRestImpl.delete(String name)
Completely removes named cfg node from the directory.
|
void |
ConfigMgrRestImpl.delete(String name,
Properties inProperties)
Delete properties from existing cfg node.
|
SDSet |
AdminMgrRestImpl.deleteDsdRoleMember(SDSet dsdSet,
Role role)
This command removes a role from a named DSD set of roles.
|
SDSet |
AdminMgrRestImpl.deleteDsdSet(SDSet dsdSet)
This command deletes a DSD role set completely.
|
void |
DelAdminMgrRestImpl.deleteInheritance(AdminRole parentRole,
AdminRole childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
DelAdminMgrRestImpl.deleteInheritance(OrgUnit parent,
OrgUnit child)
This command deletes an existing immediate inheritance relationship parent <<-- child.
|
void |
AdminMgrRestImpl.deleteInheritance(Role parentRole,
Role childRole)
This command deletes an existing immediate inheritance relationship parentRole <<-- childRole.
|
void |
PwPolicyMgrRestImpl.deletePasswordPolicy(String userId)
This method will remove the pw policy assignment from a user entity.
|
void |
AdminMgrRestImpl.deletePasswordPolicy(User user)
Method will delete user's password policy designation.
|
void |
AdminMgrRestImpl.deletePermission(Permission perm)
This method will remove permission operation entity from permission object.
|
void |
DelAdminMgrRestImpl.deletePermission(Permission perm)
This method will remove administrative permission operation entity from permission object.
|
void |
AdminMgrRestImpl.deletePermObj(PermObj pObj)
This method will remove permission object to perms container in directory.
|
void |
DelAdminMgrRestImpl.deletePermObj(PermObj pObj)
This method will remove administrative permission object from perms container in directory.
|
void |
DelAdminMgrRestImpl.deleteRole(AdminRole role)
This command deletes an existing admin role from the ARBAC database.
|
void |
AdminMgrRestImpl.deleteRole(Role role)
This command deletes an existing role from the RBAC database.
|
SDSet |
AdminMgrRestImpl.deleteSsdRoleMember(SDSet ssdSet,
Role role)
This command removes a role from a named SSD set of roles.
|
SDSet |
AdminMgrRestImpl.deleteSsdSet(SDSet ssdSet)
This command deletes a SSD role set completely.
|
void |
AdminMgrRestImpl.deleteUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
AdminMgrRestImpl.disableUser(User user)
This command deletes an existing user from the RBAC database.
|
void |
DelAccessMgrRestImpl.dropActiveRole(Session session,
UserAdminRole role)
This function deactivates adminRole from the active adminRole set of a session owned by a given user.
|
void |
AccessMgrRestImpl.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
SDSet |
ReviewMgrRestImpl.dsdRoleSet(SDSet set)
This function returns the DSD data set that matches a particular set name.
|
int |
ReviewMgrRestImpl.dsdRoleSetCardinality(SDSet dsd)
This function returns the cardinality associated with a DSD role set.
|
Set<String> |
ReviewMgrRestImpl.dsdRoleSetRoles(SDSet dsd)
This function returns the set of roles of a DSD role set.
|
List<SDSet> |
ReviewMgrRestImpl.dsdRoleSets(Role role)
This function returns the list of all dSD role sets that have a particular Role as member or Role's
parent as a member.
|
List<SDSet> |
ReviewMgrRestImpl.dsdSets(SDSet dsd)
This function returns the list of DSDs that match a given dsd name value.
|
List<Permission> |
ReviewMgrRestImpl.findAnyPermissions(Permission permission)
Method returns a list of Permissions that match any part of the permission object or operation.
|
List<Permission> |
ReviewMgrRestImpl.findPermissions(Permission permission)
Method returns a list of type Permission that match the perm object search string.
|
List<PermObj> |
ReviewMgrRestImpl.findPermObjs(OrgUnit ou)
Method returns a list of type Permission that match the perm object search string.
|
List<PermObj> |
ReviewMgrRestImpl.findPermObjs(PermObj permObj)
Method returns a list of type PermObj that match the perm object search string.
|
List<Permission> |
ReviewMgrRestImpl.findPermsByObj(PermObj permObj)
Method returns Permission operations for the provided permission object
|
List<AdminRole> |
DelReviewMgrRestImpl.findRoles(String searchVal)
Method will return a list of type Admin Role.
|
List<Role> |
ReviewMgrRestImpl.findRoles(String searchVal)
Method will return a list of type Role matching all or part of Role name,
Role.name . |
List<String> |
ReviewMgrRestImpl.findRoles(String searchVal,
int limit)
Method returns a list of roles of type String.
|
List<User> |
ReviewMgrRestImpl.findUsers(OrgUnit ou)
Return a list of type User of all users in the people container that match the name field passed in OrgUnit entity.
|
List<User> |
ReviewMgrRestImpl.findUsers(User user)
Return a list of type User of all users in the people container that match all or part of the
User.userId
field passed in User entity. |
List<String> |
ReviewMgrRestImpl.findUsers(User user,
int limit)
Return a list of type String of all users in the people container that match the userId field passed in User entity.
|
User |
AccessMgrRestImpl.getUser(Session session)
This function returns the user object that is contained within the session object.
|
List<AuthZ> |
AuditMgrRestImpl.getUserAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId
and given timestamp field UserAudit.beginDate .Method also can discriminate between all events or failed only by setting UserAudit.failedOnly . |
String |
AccessMgrRestImpl.getUserId(Session session)
This function returns the userId value that is contained within the session object.
|
void |
DelAdminMgrRestImpl.grantPermission(Permission perm,
AdminRole role)
This command grants an AdminRole the administrative permission to perform an operation on an object to a role.
|
void |
AdminMgrRestImpl.grantPermission(Permission perm,
Role role)
This command grants a role the permission to perform an operation on an object to a role.
|
void |
AdminMgrRestImpl.grantPermission(Permission perm,
User user)
This command grants a user the permission to perform an operation on an object to a role.
|
void |
DelAdminMgrRestImpl.grantPermission(Permission perm,
User user)
This command grants a user the administrative permission to perform an operation on an object to a user.
|
void |
AdminMgrRestImpl.lockUserAccount(User user)
Method will lock user's password which will prevent the user from authenticating with directory.
|
List<String> |
ReviewMgrRestImpl.permissionRoles(Permission perm)
Return a list of type String of all roles that have granted a particular permission.
|
List<String> |
ReviewMgrRestImpl.permissionUsers(Permission perm)
Return all userIds that have been granted (directly) a particular permission.
|
OrgUnit |
DelReviewMgrRestImpl.read(OrgUnit entity)
Commands reads existing OrgUnit entity from OrgUnit dataset.
|
Properties |
ConfigMgrRestImpl.read(String name)
Read an existing cfg node with given name and return to caller.
|
PwPolicy |
PwPolicyMgrRestImpl.read(String name)
This method will return the password policy entity to the caller.
|
Permission |
ReviewMgrRestImpl.readPermission(Permission permission)
This method returns a matching permission entity to caller.
|
PermObj |
ReviewMgrRestImpl.readPermObj(PermObj permObj)
Method reads permission object from perm container in directory.
|
AdminRole |
DelReviewMgrRestImpl.readRole(AdminRole role)
Method reads Admin Role entity from the admin role container in directory.
|
Role |
ReviewMgrRestImpl.readRole(Role role)
Method reads Role entity from the role container in directory.
|
User |
ReviewMgrRestImpl.readUser(User user)
Method returns matching User entity that is contained within the people container in the directory.
|
void |
AdminMgrRestImpl.resetPassword(User user,
char[] newPassword)
Method will reset user's password which will require user to change password before successful authentication with
directory.
|
void |
DelAdminMgrRestImpl.revokePermission(Permission perm,
AdminRole role)
This command revokes the administrative permission to perform an operation on an object from the set
of permissions assigned to an AdminRole.
|
void |
AdminMgrRestImpl.revokePermission(Permission perm,
Role role)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a role.
|
void |
AdminMgrRestImpl.revokePermission(Permission perm,
User user)
This command revokes the permission to perform an operation on an object from the set
of permissions assigned to a user.
|
void |
DelAdminMgrRestImpl.revokePermission(Permission perm,
User user)
This command revokes the administrative permission to perform an operation on an object from the set
of permissions assigned to a user.
|
List<Permission> |
DelReviewMgrRestImpl.rolePermissions(AdminRole role) |
List<Permission> |
DelReviewMgrRestImpl.rolePermissions(AdminRole role,
boolean noInheritance) |
List<Permission> |
ReviewMgrRestImpl.rolePermissions(Role role)
This function returns the set of all permissions (op, obj), granted to or inherited by a
given role.
|
List<Permission> |
ReviewMgrRestImpl.rolePermissions(Role role,
boolean noInheritance)
This function returns the set of all permissions (op, obj), granted to or inherited by a
given role.
|
List<OrgUnit> |
DelReviewMgrRestImpl.search(OrgUnit.Type type,
String searchVal)
Commands searches existing OrgUnit entities from OrgUnit dataset.
|
List<PwPolicy> |
PwPolicyMgrRestImpl.search(String searchVal)
This method will return a list of all password policy entities that match a particular search string.
|
List<Mod> |
AuditMgrRestImpl.searchAdminMods(UserAudit uAudit)
This method returns a list of admin operations events for a particular entity
UserAudit.dn ,
object UserAudit.objName and timestamp UserAudit.beginDate . |
List<AuthZ> |
AuditMgrRestImpl.searchAuthZs(UserAudit uAudit)
This method returns a list of authorization events for a particular user
UserAudit.userId ,
object UserAudit.objName , and given timestamp field
UserAudit.beginDate .Method also can discriminate between all events or failed only by setting flag UserAudit.failedOnly .. |
List<Bind> |
AuditMgrRestImpl.searchBinds(UserAudit uAudit)
This method returns a list of authentication audit events for a particular user
UserAudit.userId ,
and given timestamp field UserAudit.beginDate . |
List<AuthZ> |
AuditMgrRestImpl.searchInvalidUsers(UserAudit uAudit)
This method returns a list of failed authentication attempts on behalf of an invalid identity
UserAudit.userId , and given timestamp UserAudit.beginDate . |
List<Mod> |
AuditMgrRestImpl.searchUserSessions(UserAudit uAudit)
This method returns a list of sessions created for a given user
UserAudit.userId ,
and timestamp UserAudit.beginDate . |
List<UserAdminRole> |
DelAccessMgrRestImpl.sessionAdminRoles(Session session)
This function returns the active admin roles associated with a session.
|
List<Permission> |
AccessMgrRestImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
DelAccessMgrRestImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<UserRole> |
AccessMgrRestImpl.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
SDSet |
AdminMgrRestImpl.setDsdSetCardinality(SDSet dsdSet,
int cardinality)
This command sets the cardinality associated with a given DSD role set.
|
SDSet |
AdminMgrRestImpl.setSsdSetCardinality(SDSet ssdSet,
int cardinality)
This command sets the cardinality associated with a given SSD role set.
|
SDSet |
ReviewMgrRestImpl.ssdRoleSet(SDSet set)
This function returns the SSD data set that matches a particular set name.
|
int |
ReviewMgrRestImpl.ssdRoleSetCardinality(SDSet ssd)
This function returns the cardinality associated with a SSD role set.
|
Set<String> |
ReviewMgrRestImpl.ssdRoleSetRoles(SDSet ssd)
This function returns the set of roles of a SSD role set.
|
List<SDSet> |
ReviewMgrRestImpl.ssdRoleSets(Role role)
This function returns the list of all SSD role sets that have a particular Role as member or Role's
parent as a member.
|
List<SDSet> |
ReviewMgrRestImpl.ssdSets(SDSet ssd)
This function returns the list of SSDs that match a given ssd name value.
|
void |
AdminMgrRestImpl.unlockUserAccount(User user)
Method will unlock user's password which will enable user to authenticate with directory.
|
OrgUnit |
DelAdminMgrRestImpl.update(OrgUnit entity)
Commands updates existing OrgUnit entity to OrgUnit dataset.
|
void |
PwPolicyMgrRestImpl.update(PwPolicy policy)
This method will update an exiting policy entry to the POLICIES data set.
|
Properties |
ConfigMgrRestImpl.update(String name,
Properties inProperties)
Update existing cfg node with additional properties, or, replace existing properties.
|
SDSet |
AdminMgrRestImpl.updateDsdSet(SDSet dsdSet)
This command updates existing DSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
Permission |
AdminMgrRestImpl.updatePermission(Permission perm)
This method will update permission operation pre-existing in target directory under
ou=Permissions,ou=RBAC,dc=yourHostName,dc=com container in directory information tree. |
Permission |
DelAdminMgrRestImpl.updatePermission(Permission perm)
This method will update administrative permission operation pre-existing in target directory under
ou=AdminPerms,ou=ARBAC,dc=yourHostName,dc=com container in directory information tree. |
PermObj |
AdminMgrRestImpl.updatePermObj(PermObj pObj)
This method will update permission object in perms container in directory.
|
PermObj |
DelAdminMgrRestImpl.updatePermObj(PermObj pObj)
This method will update administrative permission object in perms container in directory.
|
AdminRole |
DelAdminMgrRestImpl.updateRole(AdminRole role)
Method will update an AdminRole entity in the directory.
|
Role |
AdminMgrRestImpl.updateRole(Role role)
Method will update a Role entity in the directory.
|
SDSet |
AdminMgrRestImpl.updateSsdSet(SDSet ssdSet)
This command updates existing SSD set of roles and sets the cardinality n of its subsets
that cannot have common users.
|
User |
AdminMgrRestImpl.updateUser(User user)
This method performs an update on User entity in directory.
|
void |
PwPolicyMgrRestImpl.updateUserPolicy(String userId,
String name)
This method will associate a user entity with a password policy entity.
|
List<Permission> |
ReviewMgrRestImpl.userPermissions(User user)
This function returns the set of permissions a given user gets through his/her authorized
roles.
|
Modifier and Type | Method and Description |
---|---|
void |
VUtil.validateConstraints(Session session,
VUtil.ConstraintType type,
boolean checkDsd)
This utility iterates over all of the Validators initialized for runtime and calls them passing the
Constraint contained within the
targeted entity. |
Modifier and Type | Method and Description |
---|---|
int |
Validator.validate(Session session,
Constraint constraint,
Time time,
VUtil.ConstraintType type)
This method is called during activation of
UserRole and UserAdminRole |
Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621