The data entities in this package comprise the fortress data model. These classes are intended to be accessible
publicly using the getter and setters methods on them.
All entities (
SDSet etc...) are used to carry data between three Fortress layers:
(1) Manager layer - e.g. AdminMgrImpl, AccessMgrImpl, ReviewMgrImpl
(2) Process layer - e.g. UserP, RoleP, PermP
(3) DAO layer - e.g. UserDAO, RoleDAO, PermDAO
This entities in this package...
- adhere to standards like RBAC
- adhere to ARBAC02 model to provide delegated administration capabilities.
- adhere to OpenLDAP's slapd access log to obtain fortress audit trail and historical events.
- represent fortress configuration parameter data to be stored on the ldap server.
- can be used for LDAP groups.
- use JGraphT to provide hierarchical functionality that is reused within several other packages in the fortress system.
Interface Summary Interface Description AdministratorThis interface is used by Fortress admin role processing. Constraint GraphableThe Fortress Graphable interface prescribes attributes that are used to maintain implementor within a simple directed graph. ParentUtil PwMessageInterface is implemented by
Sessionand prescribes methods used to return Fortress password messages to the caller.
Class Summary Class Description AddressThis entity is stored on
Userand is used to store postal address information in LDAP.
AdminRole AdminRoleRelationshipThis entity is used by Fortress Rest to communicate parent and child
AdminRoleinformation to the server.
AuthZThis entity class contains OpenLDAP slapo-accesslog records that correspond to authorization attempts made to the directory. BindThis entity class contains OpenLDAP slapd access log records that correspond to bind attempts made to the directory. ConfigurationA class for passing configuration information. ConstraintUtilUtilities to copy constraints attributes between entities. ContextThis class contains the Context id which is used as container for segregating data by customer within the LDAP Directory Information Tree. FortEntityThis abstract class is extended by other Fortress entities. FortRequestThis class is used to pass request data to Fortress Rest server. FortResponseThis class is used to return response data from Fortress Rest server. GroupAll entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs. HierAll entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs. ModThis entity class contains OpenLDAP slapd access log records that correspond to modifications made to the directory. ObjectFactoryThis class contains factory methods for each Java content interface and Java element interface generated in the org.apache.directory.fortress packages. OrganizationalUnitThis class contains the container node for the OpenLDAP Directory Information Tree. OrgUnit OrgUnitRelationshipThis entity is used by Fortress Rest to communicate parent and child
OrgUnitinformation to the server.
PermGrant Permission PermissionAttributeAll entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs. PermissionAttributeSet PermObj PropsThis class is used as a container for
java.util.Propertiesfor passing to Fortress Rest server.
Props.EntryJava class for anonymous complex type. PwPolicyThis class contains the Password Policy entity which is used to pass directives into and out of ldap.
The unique key to locate a Policy entity (which is subsequently assigned to Users) is
RelationshipContains a parent child data entity that is used for hierarchical processing. Role RoleConstraintThe role constraint object holds non date time constraints on user to role relationships. RolePerm RoleRelationshipThis entity is used by Fortress Rest to communicate parent and child
Roleinformation to the server.
SDSetStatic Separation of Duties Schema SessionThis contains attributes related to a user's RBAC session. SuffixA class storing the suffix information User UserAdminRoleThe UserAdminRole entity extends the UserRole and is used to store ARBAC User to AdminRole assignment along with temporal and ARBAC contraint values. UserAuditThis entity is used to pass search criteria into the
AuditMgrAPIs, down through the org.apache.directory.fortress.core.impl.AuditP process layer and finally into the org.apache.directory.fortress.core.impl.AuditDAO data access layer.
UserRoleThe Fortress UserRole entity is used to store an RBAC User to Role assignment along with its temporal constraint values. WarningThis entity is stored on
Sessionand is used to pass warnings that occur during role activation and password policy validation.
Enum Summary Enum Description ComparisonOperator Group.Typeenum for User or Role data sets. Hier.OpOperation type specifies if Add, Update or Deletion of relationship is being targeted. Hier.TypeEnumeration is used to specify which hierarchy node this entity is bound to. OrgUnit.TypeThe OrgUnit 'Type' attribute is required and used to specify which OrgUnit tree a particular entity is in reference to. RoleConstraint.RCTypeThe type of role constraint. SDSet.SDTypeenum for SSD or DSD data sets. Warning.TypeType determines if warning is of type Role or Password Policy.