|
SAP NetWeaver '04 | |||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||
See:
Description
| Interface Summary | |
| IAcl | An IAcl is a Access Control List which defines the access
permissions to an object. |
| IAclEntry | An IAclEntry is an entry in an IAcl which grants or
denies a permission to a specific principal. |
| IAclEntryList | An IAclEntryList is a list of IAclEntry s. |
| IAclEntryListIterator | An IAclEntryListIterator is an iterator for an
IAclEntryList . |
| IAclEntryRaw | Tagging interface to mark an IAclEntry/ |
| IAclManager | An IAclManager administers and persists Access Control Lists
(ACLs). |
| IAclManagerRaw | A IAclManagerRaw extends a IAclManager by
methods to access even those ACLs with either deleted owners or
deleted principals in the ACL's ACEs. |
| IAclPermission | An IAclPermission denominates a set of actions that can be
carried out on an object and can be granted or denied to a principal. |
| IAclPermissionList | An IAclPermissionList is a list of IAclPermission
s. |
| IAclPermissionListIterator | An IAclPermissionListIterator is an iterator for an
IAclPermissionList . |
| IAclRaw | A IAclRaw is a IAcl which also supports the
retrieval of deleted owners and ACEs for deleted principals. |
| IObjectType | An IObjectType is specifies the possible type of an object, an
ACL can be assigned to. |
| IObjectTypeList | An IObjectTypeList is a list of IObjectType s. |
| IObjectTypeListIterator | An IObjectTypeListIterator is an iterator for an
IObjectTypeList . |
| IOwner | An IOwner holds a list of principals that are the owners of an
ACL. |
| IUMPrincipalList | An IUMPrincipalList is a list of IUMPrincipals .
|
| IUMPrincipalListIterator | An IUMPrincipalListIterator is an iterator for an
IUMPrincipalList . |
| IUMPrincipalRaw | An IUMPrincipalList is a list of IUMPrincipals .
|
| Class Summary | |
| AclEntryList | Default implementation of an IAclEntryList , a list of
IAclEntry s. |
| AclEntryListIterator | Default implementation of an IAclEntryListIterator , an iterator
for IAclEntryList s. |
| AclManagerFactory | The factory which creates IAclManager s. |
| AclPermissionImpl | An abstract base class for IAclPermission implementations. |
| AclPermissionList | Default implementation of an IAclPermissionList , a list of
IAclPermission s. |
| AclPermissionListIterator | Default implementation of an IAclPermissionListIterator , an
iterator for IAclPermissionList s. |
| ObjectType | The default implementation for IObjectType s, the type of an
object associated to an IAcl . |
| ObjectTypeList | Default implementation of an IObjectTypeList , a list of
IObjectType s. |
| ObjectTypeListIterator | Default implementation of an IObjectTypeListIterator , an
iterator for IObjectTypeList s. |
| UMPrincipalList | Default implementation of an IUMPrincipalList , a list of
IUMPrincipal s. |
| UMPrincipalListIterator | Default implementation of an UMPrincipalListIterator , an
iterator for IUMPrincipalList s. |
| UMPrincipalRaw | special implementation for a non existing user, tagged by
IUMPrincipalRaw. |
| Exception Summary | |
| AclException | Superclass for all exceptions thrown by IAcl s, IAclEntry
s and IAclManager . |
| AclExistsException | An AclException that indicates that a specific IAcl
already exists. |
| AclLoadClassException | An AclException that indicates that a IAclManager
could not be loaded by the AclManagerFactory . |
| AclNotFoundException | An AclException that indicates that a specific IAcl
was not found. |
| AclPersistenceException | An AclException that indicates that an error occured during
access of the IAclManager 's persistence layer. |
| AlreadyAssignedToAclException | An AclException that indicates that a specific IAclEntry
is already assigned to an IAcl . |
| InvalidClassException | An AclException that indicates that the classname given for
IAclManager is invalid. |
| InvalidConfigException | An AclException that indicates that the config-id for a
IAclManager is not valid for within the AclManagerFactory
. |
| LastOwnerException | An AclException that indicates that a principal is the last
owner of an IAcl and can not be removed. |
| NoAclException | No longer used. |
| NotAuthenticatedException | An AclException that indicates that a principal is not
authenticated. |
| NotAuthorizedException | An AclException that indicates that a principal is not
authorized. |
| PermissionExistsException | An AclException that indicates that a specific
IAclPermission already exists. |
| PermissionNotSupportedException | An AclException that indicates that a specific
IAclPermission is not supported by the IAclManager . |
| PermissionUsedException | An AclException that indicates that a specific
IAclPermission is used and can not be removed. |
| PredefinedPermissionException | An AclException that indicates that a specific
IAclPermission is predefined by the IAclManager . |
Contains interfaces for ACLs and AclManagers with definitions for permissions, ACLs and ACL entries.
With ACLs (Access Control Lists) specific Permissions can be
stored for a given Object (e.g. a document).
An ACL consists of ACEs (ACl Entries). Such an ACLEntry defines,
which principal (e.g. user 'admin') is given which permission (e.g. 'read').
An AclManager is responsible for storing and retrieving the ACLs.
The configured and available AclManagers are retrieved through the
AclManagerFactory.
Since the AclManagerFactory maintains the available AclManagers, each instance of an AclManager has to be defined within the AclManagerFactory's configuration with the following variables:
| Property | Required | Description |
class | yes |
The classname of the AclManager to use (e.g. com.sapportals.wcm.util.acl.jdbc.JDBCAclManager
to use the default implementation).
|
cfg | yes |
The configuration block to use for this manager (see below). Usualy this is either acl_jdbc_rep_mgr for the AclManager for the repository
ACLs, or acl_jdbc_service_mgr for the AclManager for service ACLs (see below).
|
The default implementation for AclManagers, the JDBCAclManager, has to be
configured using the following variables:
| Property | Required | Description |
poolid | yes | The id of the connection pool, which identifies the database where the ACLs are stored. |
cacheid | no |
The id of the cache to use for caching the ACLs (usualy ca_cm_xxx_acl,
where xxx is rep for the AclManager for repository ACLs and srv for the
AclManager for the service ACLs).Allthough this variable is optional, it is not recommended to leave it blank, because doing so will disable caching of the ACLs and thus leading to a significant performance slowdown! |
permission_cacheid | no |
The id of the cache to use for caching the Permissions (usualy ca_cm_xxx_acl_perm,
where xxx is rep for the AclManager for repository ACLs and srv for the
AclManager for the service ACLs).Allthough this variable is optional, it is not recommended to leave it blank, because doing so will disable caching of the persmission and thus leading to a drastic performance slowdown! |
The following is a sample configuration entry for the AclManager for repository ACLs:
poolid = dbcon_rep
cacheid = ca_cm_rep_acl
permission_cacheid = ca_cm_rep_acl_perm
|
SAP NetWeaver '04 | |||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||