Package org.apache.directory.fortress.core.model
The data entities in this package comprise the fortress data model. These classes are intended to be accessible
publicly using the getter and setters methods on them.
All entities (User
, Role
, Permission
,
PwPolicy
SDSet
etc...) are used to carry data between three Fortress layers:
(1) Manager layer - e.g. AdminMgrImpl, AccessMgrImpl, ReviewMgrImpl
(2) Process layer - e.g. UserP, RoleP, PermP
(3) DAO layer - e.g. UserDAO, RoleDAO, PermDAO
This entities in this package...
- adhere to standards like RBAC
- adhere to ARBAC02 model to provide delegated administration capabilities.
- adhere to OpenLDAP's slapd access log to obtain fortress audit trail and historical events.
- represent fortress configuration parameter data to be stored on the ldap server.
- can be used for LDAP groups.
- use JGraphT to provide hierarchical functionality that is reused within several other packages in the fortress system.
-
Interface Summary Interface Description Administrator This interface is used by Fortress admin role processing.Constraint The Fortress Constraint interface prescribes attributes that are used to store, process and retrieve temporal validation attributes onUser
,UserRole
,Role
,AdminRole
,UserAdminRole
entities.Graphable The Fortress Graphable interface prescribes attributes that are used to maintain implementor within a simple directed graph.ParentUtil This interface provides a callback mechanism for entitiesUserRole
andUserAdminRole
and is implemented by RoleUtil.*PwMessage Interface is implemented bySession
and prescribes methods used to return Fortress password messages to the caller. -
Class Summary Class Description Address This entity is stored onUser
and is used to store postal address information in LDAP.AdminRole AdminRoleRelationship This entity is used by Fortress Rest to communicate parent and childAdminRole
information to the server.AuthZ This entity class contains OpenLDAP slapo-accesslog records that correspond to authorization attempts made to the directory.Bind This entity class contains OpenLDAP slapd access log records that correspond to bind attempts made to the directory.Configuration A class for passing configuration information.ConstraintUtil Utilities to copy constraints attributes between entities.Context This class contains the Context id which is used as container for segregating data by customer within the LDAP Directory Information Tree.FortEntity This abstract class is extended by other Fortress entities.FortRequest This class is used to pass request data to Fortress Rest server.FortResponse This class is used to return response data from Fortress Rest server.Group All entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.Hier All entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.Mod This entity class contains OpenLDAP slapd access log records that correspond to modifications made to the directory.ObjectFactory This class contains factory methods for each Java content interface and Java element interface generated in the org.apache.directory.fortress packages.OrganizationalUnit This class contains the container node for the OpenLDAP Directory Information Tree.OrgUnit OrgUnitRelationship This entity is used by Fortress Rest to communicate parent and childOrgUnit
information to the server.PermGrant Permission All entities (User
,Role
,Permission
,PwPolicy
SDSet
etc...) are used to carry data between three Fortress layers, starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.PermissionAttribute All entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.PermissionAttributeSet All entities (User, Role, Permission, Policy, SDSet, etc...) are used to carry data between Fortress's layers starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.PermObj All entities (User
,Role
,Permission
,PwPolicy
SDSet
etc...) are used to carry data between three Fortress layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.Props This class is used as a container forjava.util.Properties
for passing to Fortress Rest server.Props.Entry Java class for anonymous complex type.PwPolicy This class contains the Password Policy entity which is used to pass directives into and out of ldap.
The unique key to locate a Policy entity (which is subsequently assigned to Users) isPwPolicy.name
.Relationship Contains a parent child data entity that is used for hierarchical processing.Role All entities (User
,Role
,Permission
,PwPolicy
SDSet
etc...) are used to carry data between three Fortress layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.RoleConstraint The role constraint object holds non date time constraints on user to role relationships.RolePerm This entity is used by Fortress Rest to communicateRole
,Permission
andSession
information to the server for access control decisions.RoleRelationship This entity is used by Fortress Rest to communicate parent and childRole
information to the server.SDSet Static Separation of Duties SchemaSession This contains attributes related to a user's RBAC session.Suffix A class storing the suffix informationUser All entities (User
,Role
,Permission
,PwPolicy
SDSet
etc...) are used to carry data between three Fortress layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.UserAdminRole The UserAdminRole entity extends the UserRole and is used to store ARBAC User to AdminRole assignment along with temporal and ARBAC contraint values.UserAudit This entity is used to pass search criteria into theAuditMgr
APIs, down through the org.apache.directory.fortress.core.impl.AuditP process layer and finally into the org.apache.directory.fortress.core.impl.AuditDAO data access layer.UserRole The Fortress UserRole entity is used to store an RBAC User to Role assignment along with its temporal constraint values.Warning This entity is stored onSession
and is used to pass warnings that occur during role activation and password policy validation. -
Enum Summary Enum Description ComparisonOperator Group.Type enum for User or Role data sets.Hier.Op Operation type specifies if Add, Update or Deletion of relationship is being targeted.Hier.Type Enumeration is used to specify which hierarchy node this entity is bound to.OrgUnit.Type The OrgUnit 'Type' attribute is required and used to specify which OrgUnit tree a particular entity is in reference to.RoleConstraint.RCType The type of role constraint.SDSet.SDType enum for SSD or DSD data sets.Warning.Type Type determines if warning is of type Role or Password Policy.