org.exist.security
Class XMLSecurityManager
java.lang.Object
org.exist.security.XMLSecurityManager
- All Implemented Interfaces:
- SecurityManager
public class XMLSecurityManager
- extends Object
- implements SecurityManager
SecurityManager is responsible for managing users and groups.
There's only one SecurityManager for each database instance, which
may be obtained by BrokerPool.getSecurityManager()
.
Users and groups are stored in the system collection, in document
users.xml. While it is possible to edit this file by hand, it
may lead to unexpected results, since SecurityManager reads
users.xml only during database startup and shutdown.
CONFIGURATION_ELEMENT_NAME
public static final String CONFIGURATION_ELEMENT_NAME
- See Also:
- Constant Field Values
COLLECTION_ATTRIBUTE
public static final String COLLECTION_ATTRIBUTE
- See Also:
- Constant Field Values
RESOURCE_ATTRIBUTE
public static final String RESOURCE_ATTRIBUTE
- See Also:
- Constant Field Values
PROPERTY_PERMISSIONS_COLLECTIONS
public static final String PROPERTY_PERMISSIONS_COLLECTIONS
- See Also:
- Constant Field Values
PROPERTY_PERMISSIONS_RESOURCES
public static final String PROPERTY_PERMISSIONS_RESOURCES
- See Also:
- Constant Field Values
DBA_GROUP
public static final String DBA_GROUP
- See Also:
- Constant Field Values
DBA_USER
public static final String DBA_USER
- See Also:
- Constant Field Values
GUEST_GROUP
public static final String GUEST_GROUP
- See Also:
- Constant Field Values
GUEST_USER
public static final String GUEST_USER
- See Also:
- Constant Field Values
SYSTEM_USER
public static final User SYSTEM_USER
XMLSecurityManager
public XMLSecurityManager()
attach
public void attach(BrokerPool pool,
DBBroker sysBroker)
- Initialize the security manager.
Checks if the file users.xml exists in the system collection of the database.
If not, it is created with two default users: admin and guest.
- Specified by:
attach
in interface SecurityManager
- Parameters:
pool
- sysBroker
-
isXACMLEnabled
public boolean isXACMLEnabled()
- Specified by:
isXACMLEnabled
in interface SecurityManager
getPDP
public ExistPDP getPDP()
- Specified by:
getPDP
in interface SecurityManager
deleteUser
public void deleteUser(String name)
throws PermissionDeniedException
- Specified by:
deleteUser
in interface SecurityManager
- Throws:
PermissionDeniedException
deleteUser
public void deleteUser(User user)
throws PermissionDeniedException
- Specified by:
deleteUser
in interface SecurityManager
- Throws:
PermissionDeniedException
getUser
public User getUser(String name)
- Specified by:
getUser
in interface SecurityManager
getUser
public User getUser(int uid)
- Specified by:
getUser
in interface SecurityManager
getUsers
public User[] getUsers()
- Specified by:
getUsers
in interface SecurityManager
addGroup
public void addGroup(String name)
- Specified by:
addGroup
in interface SecurityManager
hasGroup
public boolean hasGroup(String name)
- Specified by:
hasGroup
in interface SecurityManager
getGroup
public Group getGroup(String name)
- Specified by:
getGroup
in interface SecurityManager
getGroup
public Group getGroup(int gid)
- Specified by:
getGroup
in interface SecurityManager
getGroups
public String[] getGroups()
- Specified by:
getGroups
in interface SecurityManager
hasAdminPrivileges
public boolean hasAdminPrivileges(User user)
- Specified by:
hasAdminPrivileges
in interface SecurityManager
hasUser
public boolean hasUser(String name)
- Specified by:
hasUser
in interface SecurityManager
setUser
public void setUser(User user)
- Specified by:
setUser
in interface SecurityManager
getResourceDefaultPerms
public int getResourceDefaultPerms()
- Specified by:
getResourceDefaultPerms
in interface SecurityManager
getCollectionDefaultPerms
public int getCollectionDefaultPerms()
- Specified by:
getCollectionDefaultPerms
in interface SecurityManager
Copyright (C) Wolfgang Meier. All rights reserved.