Package org.opends.server.authorization.policy
The main entry point is PolicyBasedAccessControlHandler, which acts as
a bridge between the server's configuration framework and the global Router
and also the policy enforcement point. The Router creates a new
AccessController for each request. The access controller is
responsible for performing access control decisions, i.e. deciding whether a request is allowed as well as filtering
out disallowed attributes from search results. Instances of
GlobalPolicy represent a single global access control policy
configuration entry. An access control decision proceeds by determining which global policies apply to the client,
then the focus is further restricted by determining which of the remaining policies applies to the request. Finally,
the effective access rights applicable to the request are computed as the union of the remaining policies'
permissions.
-
ClassesClassDescriptionEnforces access controls for a single request and its responses.Provides coarse grained access control for all operations, regardless of whether they are destined for local or proxy backends.