Package | Description |
---|---|
org.apache.directory.fortress.core |
This package contains public APIs that are used by Java programs to provide Access Management
functionality.
|
org.apache.directory.fortress.core.impl |
This package contains the fortress implementation classes for data persistence with the LDAP server.
|
org.apache.directory.fortress.core.model |
The data entities in this package comprise the fortress data model.
|
org.apache.directory.fortress.core.rest |
This package uses Commons HTTP to provide HTTP functionality that is reused
across several components in this package.
|
org.apache.directory.fortress.core.util |
This package contains miscellaneous utilities used by internal fortress procedures.
|
org.apache.directory.fortress.core.util.time |
This package contains utilities used to process fortress temporal constraint checks on entities being activated
within the runtime system.
|
Modifier and Type | Method and Description |
---|---|
Session |
AccessMgr.authenticate(String userId,
char[] password)
Perform user authentication only.
|
Session |
AccelMgr.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations. |
Session |
AccessMgr.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations.This method must be called once per user prior to calling other methods within this class. |
Modifier and Type | Method and Description |
---|---|
void |
DelAccessMgr.addActiveRole(Session session,
UserAdminRole role)
This function adds an adminRole as an active role of a session whose owner is a given user.
|
void |
AccelMgr.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
AccessMgr.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
Set<String> |
DelAccessMgr.authorizedAdminRoles(Session session)
This function returns the authorized admin roles associated with a session based on hierarchical relationships.
|
Set<String> |
AccessMgr.authorizedRoles(Session session)
This function returns the authorized roles associated with a session based on hierarchical relationships.
|
boolean |
DelAccessMgr.canAssign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized assignment control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgr.canDeassign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized revoke control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgr.canGrant(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized assignment control over
Permission-Role Assignment (PRA).
|
boolean |
DelAccessMgr.canRevoke(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized revoke control over
Permission-Role Assignment (PRA).
|
boolean |
AccelMgr.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
AccessMgr.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
DelAccessMgr.checkAccess(Session session,
Permission perm)
This function returns a Boolean value meaning whether the subject of a given session is
allowed or not to perform a given operation on a given object.
|
static PwPolicyMgr |
PwPolicyMgrFactory.createInstance(Session adminSess)
Create and return a reference to
PwPolicyMgr object using HOME context. |
static AdminMgr |
AdminMgrFactory.createInstance(Session adminSess)
Create and return a reference to
AdminMgr object using HOME context. |
static DelReviewMgr |
DelReviewMgrFactory.createInstance(Session adminSess)
Create and return a reference to
DelReviewMgr object using HOME context. |
static AuditMgr |
AuditMgrFactory.createInstance(Session adminSess)
Create and return a reference to
AuditMgr object using HOME context. |
static DelAdminMgr |
DelAdminMgrFactory.createInstance(Session adminSess)
Create and return a reference to
DelAdminMgr object using HOME context. |
static ReviewMgr |
ReviewMgrFactory.createInstance(Session adminSess)
Create and return a reference to
ReviewMgr object using HOME context. |
static DelAccessMgr |
DelAccessMgrFactory.createInstance(Session adminSess)
Create and return a reference to
DelAccessMgr object using HOME context. |
static GroupMgr |
GroupMgrFactory.createInstance(Session adminSess)
Create and return a reference to
GroupMgr object using HOME context. |
static PwPolicyMgr |
PwPolicyMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
PwPolicyMgr object. |
static AdminMgr |
AdminMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
AdminMgr object. |
static DelReviewMgr |
DelReviewMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
DelReviewMgr object. |
static AuditMgr |
AuditMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
AuditMgr object. |
static DelAdminMgr |
DelAdminMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
DelAdminMgr object. |
static ReviewMgr |
ReviewMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
ReviewMgr object. |
static DelAccessMgr |
DelAccessMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
DelAccessMgr object. |
static GroupMgr |
GroupMgrFactory.createInstance(String contextId,
Session adminSess)
Create and return a reference to
GroupMgr object. |
void |
AccelMgr.deleteSession(Session session)
This function deletes a fortress session from the RBAC Policy Decision Point inside OpenLDAP RBAC Accelerator.
|
void |
DelAccessMgr.dropActiveRole(Session session,
UserAdminRole role)
This function deactivates adminRole from the active adminRole set of a session owned by a given user.
|
void |
AccelMgr.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
void |
AccessMgr.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
User |
AccessMgr.getUser(Session session)
This function returns the user object that is contained within the session object.
|
String |
AccessMgr.getUserId(Session session)
This function returns the userId value that is contained within the session object.
|
List<UserAdminRole> |
DelAccessMgr.sessionAdminRoles(Session session)
This function returns the active admin roles associated with a session.
|
List<Permission> |
AccelMgr.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
AccessMgr.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
DelAccessMgr.sessionPermissions(Session session)
This function returns the ARBAC (administrative) permissions of the session, i.e., the permissions assigned
to its authorized admin roles.
|
List<UserRole> |
AccelMgr.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
List<UserRole> |
AccessMgr.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
void |
Manageable.setAdmin(Session session)
Use this method to load an administrative user's ARBAC Session object into Manager object which will enable
authorization to be performed on behalf of admin user.
|
Modifier and Type | Field and Description |
---|---|
protected Session |
Manageable.adminSess |
Modifier and Type | Method and Description |
---|---|
Session |
AccessMgrImpl.authenticate(String userId,
char[] password)
Perform user authentication only.
|
Session |
AccessMgrImpl.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations.This method must be called once per user prior to calling other methods within this class. |
Session |
AccelMgrImpl.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations. |
Modifier and Type | Method and Description |
---|---|
void |
DelAccessMgrImpl.addActiveRole(Session session,
UserAdminRole role)
This function adds an adminRole as an active role of a session whose owner is a given user.
|
void |
AccessMgrImpl.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
void |
AccelMgrImpl.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
Set<String> |
DelAccessMgrImpl.authorizedAdminRoles(Session session)
This function returns the authorized admin roles associated with a session based on hierarchical relationships.
|
Set<String> |
AccessMgrImpl.authorizedRoles(Session session)
This function returns the authorized roles associated with a session based on hierarchical relationships.
|
boolean |
DelAccessMgrImpl.canAssign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized assignment control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrImpl.canDeassign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized revoke control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrImpl.canGrant(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized assignment control over
Permission-Role Assignment (PRA).
|
boolean |
DelAccessMgrImpl.canRevoke(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized revoke control over
Permission-Role Assignment (PRA).
|
boolean |
AccessMgrImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
DelAccessMgrImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
AccelMgrImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
void |
AccelMgrImpl.deleteSession(Session session)
This function deletes a fortress session from the RBAC Policy Decision Point inside OpenLDAP RBAC Accelerator.
|
void |
DelAccessMgrImpl.dropActiveRole(Session session,
UserAdminRole role)
This function deactivates adminRole from the active adminRole set of a session owned by a given user.
|
void |
AccessMgrImpl.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
void |
AccelMgrImpl.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
User |
AccessMgrImpl.getUser(Session session)
This function returns the user object that is contained within the session object.
|
String |
AccessMgrImpl.getUserId(Session session)
This function returns the userId value that is contained within the session object.
|
List<UserAdminRole> |
DelAccessMgrImpl.sessionAdminRoles(Session session)
This function returns the active admin roles associated with a session.
|
List<Permission> |
AccessMgrImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
DelAccessMgrImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
AccelMgrImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<UserRole> |
AccessMgrImpl.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
List<UserRole> |
AccelMgrImpl.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
void |
Manageable.setAdmin(Session session)
Use this method to load an administrative user's ARBAC Session object into Manager object will enable authorization to
be performed on behalf of admin user.
|
int |
DSDChecker.validate(Session session,
Constraint constraint,
Time time,
VUtil.ConstraintType type)
This method is called during entity activation,
VUtil.validateConstraints(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.util.VUtil.ConstraintType, boolean) and ensures the role does not violate dynamic separation of duty constraints. |
Modifier and Type | Field and Description |
---|---|
protected Session |
FortEntity.adminSession |
Modifier and Type | Method and Description |
---|---|
Session |
ObjectFactory.createSession()
Create an instance of
Session |
Session |
FortEntity.getAdminSession()
Return the ARBAC Session object that was loaded into this entity.
|
Session |
FortResponse.getSession() |
Session |
FortRequest.getSession() |
Modifier and Type | Method and Description |
---|---|
JAXBElement<Session> |
ObjectFactory.createFortSession(Session value)
|
Modifier and Type | Method and Description |
---|---|
void |
Session.copy(Session inSession)
Copy values from incoming Session object.
|
JAXBElement<Session> |
ObjectFactory.createFortSession(Session value)
|
void |
FortEntity.setAdminSession(Session adminSession)
Load an ARBAC Session object into this entity.
|
void |
FortResponse.setSession(Session session) |
void |
FortRequest.setSession(Session session) |
Constructor and Description |
---|
FortEntity(Session adminSession)
Use this constructor to load administrative RBAC session into this entity.
|
Modifier and Type | Method and Description |
---|---|
Session |
AccessMgrRestImpl.authenticate(String userId,
char[] password)
Perform user authentication only.
|
Session |
AccessMgrRestImpl.createSession(User user,
boolean isTrusted)
Perform user authentication
User.password and role activations.This method must be called once per user prior to calling other methods within this class. |
Modifier and Type | Method and Description |
---|---|
void |
DelAccessMgrRestImpl.addActiveRole(Session session,
UserAdminRole role)
This function adds an adminRole as an active role of a session whose owner is a given user.
|
void |
AccessMgrRestImpl.addActiveRole(Session session,
UserRole role)
This function adds a role as an active role of a session whose owner is a given user.
|
Set<String> |
DelAccessMgrRestImpl.authorizedAdminRoles(Session session)
This function returns the authorized admin roles associated with a session based on hierarchical relationships.
|
Set<String> |
AccessMgrRestImpl.authorizedRoles(Session session)
This function returns the authorized roles associated with a session based on hierarchical relationships.
|
boolean |
DelAccessMgrRestImpl.canAssign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized assignment control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrRestImpl.canDeassign(Session session,
User user,
Role role)
This function will determine if the user contains an AdminRole that is authorized revoke control over
User-Role Assignment (URA).
|
boolean |
DelAccessMgrRestImpl.canGrant(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized assignment control over
Permission-Role Assignment (PRA).
|
boolean |
DelAccessMgrRestImpl.canRevoke(Session session,
Role role,
Permission perm)
This function will determine if the user contains an AdminRole that is authorized revoke control over
Permission-Role Assignment (PRA).
|
boolean |
AccessMgrRestImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
boolean |
DelAccessMgrRestImpl.checkAccess(Session session,
Permission perm)
Perform user RBAC authorization.
|
void |
DelAccessMgrRestImpl.dropActiveRole(Session session,
UserAdminRole role)
This function deactivates adminRole from the active adminRole set of a session owned by a given user.
|
void |
AccessMgrRestImpl.dropActiveRole(Session session,
UserRole role)
This function deletes a role from the active role set of a session owned by a given user.
|
User |
AccessMgrRestImpl.getUser(Session session)
This function returns the user object that is contained within the session object.
|
String |
AccessMgrRestImpl.getUserId(Session session)
This function returns the userId value that is contained within the session object.
|
List<UserAdminRole> |
DelAccessMgrRestImpl.sessionAdminRoles(Session session)
This function returns the active admin roles associated with a session.
|
List<Permission> |
AccessMgrRestImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<Permission> |
DelAccessMgrRestImpl.sessionPermissions(Session session)
This function returns the permissions of the session, i.e., the permissions assigned
to its authorized roles.
|
List<UserRole> |
AccessMgrRestImpl.sessionRoles(Session session)
This function returns the active roles associated with a session.
|
Modifier and Type | Method and Description |
---|---|
int |
AuthNValidator.validate(Session session,
Constraint constraint,
Time time,
VUtil.ConstraintType type)
This method is called during user-role activation,
.VUtil#validateConstraints and ensures the current user has been
proper authentication status before activating the specified role into the session. |
void |
VUtil.validateConstraints(Session session,
VUtil.ConstraintType type,
boolean checkDsd)
This utility iterates over all of the Validators initialized for runtime and calls them passing the
Constraint contained within the
targeted entity. |
Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621