Package org.forgerock.opendj.server.config.client

Interface PolicyBasedAccessControlHandlerCfgClient

All Superinterfaces:

AccessControlHandlerCfgClient, ConfigurationClient

public interface PolicyBasedAccessControlHandlerCfgClient
extends AccessControlHandlerCfgClient

A client-side interface for reading and modifying Policy Based Access Control Handler settings.

A policy based access control handler implements a coarse grained access control model suitable for use in proxies.

Method Summary

Modifier and Type	Method	Description
<C extends GlobalAccessControlPolicyCfgClient> C	createGlobalAccessControlPolicy(ManagedObjectDefinition<C,? extends GlobalAccessControlPolicyCfg> d, String name, Collection<PropertyException> exceptions)	Creates a new Global Access Control Policy.
ManagedObjectDefinition<? extends PolicyBasedAccessControlHandlerCfgClient,? extends PolicyBasedAccessControlHandlerCfg>	definition()	Get the configuration definition associated with this Policy Based Access Control Handler.
GlobalAccessControlPolicyCfgClient	getGlobalAccessControlPolicy(String name)	Gets the named Global Access Control Policy.
ValueOrExpression<String>	getJavaClass()	Gets the "java-class" property.
String[]	listGlobalAccessControlPolicies()	Lists the Global Access Control Policies.
void	removeGlobalAccessControlPolicy(String name)	Removes the named Global Access Control Policy.
void	setJavaClass(ValueOrExpression<String> value)	Sets the "java-class" property.

Methods inherited from interface org.forgerock.opendj.server.config.client.AccessControlHandlerCfgClient

isEnabled, setEnabled

Methods inherited from interface org.forgerock.opendj.config.ConfigurationClient

commit, properties

Method Detail

definition

ManagedObjectDefinition<? extends PolicyBasedAccessControlHandlerCfgClient,? extends PolicyBasedAccessControlHandlerCfg> definition()

Get the configuration definition associated with this Policy Based Access Control Handler.

Specified by:

definition in interface AccessControlHandlerCfgClient

Specified by:

definition in interface ConfigurationClient

Returns:

Returns the configuration definition associated with this Policy Based Access Control Handler.

getJavaClass

@MandatoryProperty
ValueOrExpression<String> getJavaClass()

Gets the "java-class" property.

Specifies the fully-qualified name of the Java class that provides the Policy Based Access Control Handler implementation.

Default value: org.opends.server.authorization.policy.PolicyBasedAccessControlHandler

Specified by:

getJavaClass in interface AccessControlHandlerCfgClient

Returns:

Returns the value of the "java-class" property.

setJavaClass

@MandatoryProperty
void setJavaClass(ValueOrExpression<String> value)
           throws PropertyException

Sets the "java-class" property.

Specifies the fully-qualified name of the Java class that provides the Policy Based Access Control Handler implementation.

Specified by:

setJavaClass in interface AccessControlHandlerCfgClient

Parameters:

value - The value of the "java-class" property.

Throws:

PropertyException - If the new value is invalid.

listGlobalAccessControlPolicies

String[] listGlobalAccessControlPolicies()
                                  throws ConcurrentModificationException,
                                         LdapException

Lists the Global Access Control Policies.

Returns:

Returns an array containing the names of the Global Access Control Policies.

Throws:

ConcurrentModificationException - If this Policy Based Access Control Handler has been removed from the server by another client.

LdapException - If any other error occurs.

getGlobalAccessControlPolicy

GlobalAccessControlPolicyCfgClient getGlobalAccessControlPolicy(String name)
                                                         throws DefinitionDecodingException,
                                                                ManagedObjectDecodingException,
                                                                ManagedObjectNotFoundException,
                                                                ConcurrentModificationException,
                                                                LdapException

Gets the named Global Access Control Policy.

Parameters:

name - The name of the Global Access Control Policy to retrieve.

Returns:

Returns the named Global Access Control Policy.

Throws:

DefinitionDecodingException - If the named Global Access Control Policy was found but its type could not be determined.

ManagedObjectDecodingException - If the named Global Access Control Policy was found but one or more of its properties could not be decoded.

ManagedObjectNotFoundException - If the named Global Access Control Policy was not found on the server.

ConcurrentModificationException - If this Policy Based Access Control Handler has been removed from the server by another client.

LdapException - If any other error occurs.

createGlobalAccessControlPolicy

<C extends GlobalAccessControlPolicyCfgClient> C createGlobalAccessControlPolicy(ManagedObjectDefinition<C,? extends GlobalAccessControlPolicyCfg> d,
                                                                                 String name,
                                                                                 Collection<PropertyException> exceptions)
                                                                          throws IllegalManagedObjectNameException

Creates a new Global Access Control Policy. The new Global Access Control Policy will initially not contain any property values (including mandatory properties). Once the Global Access Control Policy has been configured it can be added to the server using the ConfigurationClient.commit() method.

Type Parameters:

C - The type of the Global Access Control Policy being created.

Parameters:

d - The definition of the Global Access Control Policy to be created.

name - The name of the new Global Access Control Policy.

exceptions - An optional collection in which to place any PropertyExceptions that occurred whilst attempting to determine the default values of the Global Access Control Policy. This argument can be null.

Returns:

Returns a new Global Access Control Policy configuration instance.

Throws:

IllegalManagedObjectNameException - If the name of the new Global Access Control Policy is invalid.

removeGlobalAccessControlPolicy

void removeGlobalAccessControlPolicy(String name)
                              throws ManagedObjectNotFoundException,
                                     OperationRejectedException,
                                     ConcurrentModificationException,
                                     LdapException

Removes the named Global Access Control Policy.

Parameters:

name - The name of the Global Access Control Policy to remove.

Throws:

ManagedObjectNotFoundException - If the Global Access Control Policy does not exist.

OperationRejectedException - If the server refuses to remove the Global Access Control Policy due to some server-side constraint which cannot be satisfied (for example, if it is referenced by another managed object).

ConcurrentModificationException - If this Policy Based Access Control Handler has been removed from the server by another client.

LdapException - If any other error occurs.