external-software/github_OpenIdentityPlatform_OpenDJ.git

Add an initial set of privilege support to OpenDS. The current privileges ...

neil_a_wilson

09.51.2007 ed39262fa647434d4a0e31f07754a263ce2b16e3

refs
author	neil_a_wilson <neil_a_wilson@localhost>
	Friday, February 9, 2007 22:51 +0100
committer	neil_a_wilson <neil_a_wilson@localhost>
	Friday, February 9, 2007 22:51 +0100
commit	ed39262fa647434d4a0e31f07754a263ce2b16e3
tree	3a436fb26b27ff6c6e3995b07acf21412d50cb7d tree \| zip \| gz
parent	cfe6d3c911c21e5e7b1091fe0802251fe055854b view \| diff

Add an initial set of privilege support to OpenDS.  The current privileges are
currently defined and implemented:
* config-read (allow reading the configuration)
* config-write (allow updating the configuration)
* ldif-import (allow invoking LDIF import tasks)
* ldif-export (allow invoking LDIF export tasks)
* backend-backup (allow invoking backup tasks)
* backend-restore (allow invoking restore tasks)
* server-shutdown (allow invoking server shutdown tasks)
* server-restart (allow invoking server restart tasks)
* server-restart (allow invoking server restart tasks)
* password-reset (allow resetting user passwords)
* update-schema (allow updating the server schema)
* privilege-change (allow changing the set of privileges for a user)

The following privileges are also defined but not yet implemented:
* bypass-acl (allow bypassing access control evaluation)
* modify-acl (allow updating access control definitions)
* jmx-read (allow reading information over JMX)
* jmx-write (allow updating information over JMX)
* jmx-notify (allow subscribing to JMX notifications)
* proxied-auth (allow the use of proxied authorization and SASL authzid)
* disconnect-request (allow terminating arbitrary client connections)
* cancel-request (allow canceling arbitrary client connections)
* search-unindexed (allow requesting unindexed searches)
* data-sync (allow participating in a data synchronization environment)

Root users automatically inherit a subset of these privileges by default, and
users can also be explicitly granted or forbidden the use of specified
privileges.

OpenDS Issue Numbers:  468, 472, 474, 475, 477, 1213

2 files added

29 files modified

	opends/resource/config/config.ldif	18 ●●●●● diff \| view \| raw \| blame \| history
	opends/resource/schema/02-config.ldif	9 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/api/ClientConnection.java	238 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/backends/SchemaBackend.java	16 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/backends/task/Task.java	38 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/backends/task/TaskBackend.java	2 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/backends/task/TaskScheduler.java	11 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/config/ConfigConstants.java	17 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/core/AddOperation.java	15 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/core/CompareOperation.java	15 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/core/DirectoryServer.java	23 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/core/ModifyOperation.java	29 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/core/RootDNConfigManager.java	312 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/extensions/ConfigFileHandler.java	116 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java	33 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/messages/BackendMessages.java	13 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/messages/ConfigMessages.java	140 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/messages/CoreMessages.java	86 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/messages/ExtensionsMessages.java	15 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/messages/TaskMessages.java	99 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/protocols/internal/InternalClientConnection.java	2 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tasks/AddSchemaFileTask.java	20 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tasks/BackupTask.java	22 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tasks/ExportTask.java	22 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tasks/ImportTask.java	22 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tasks/RestoreTask.java	22 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tasks/ShutdownTask.java	41 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/tools/LDAPPasswordModify.java	12 ●●●●● diff \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/types/Privilege.java	389 ●●●●● diff \| view \| raw \| blame \| history
	opends/tests/unit-tests-testng/src/server/org/opends/server/core/BindOperationTestCase.java	2 ●●●●● diff \| view \| raw \| blame \| history
	opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java	1166 ●●●●● diff \| view \| raw \| blame \| history