You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by gi...@apache.org on 2022/07/26 22:41:25 UTC
[directory-site] branch asf-site updated: Updated site from master (aa8c89acf21fbe65280fd39c1177d024054f0cfd)
This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/directory-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new a2114d34 Updated site from master (aa8c89acf21fbe65280fd39c1177d024054f0cfd)
a2114d34 is described below
commit a2114d34d91c96053aefdf8a52645104cc097338
Author: jenkins <bu...@apache.org>
AuthorDate: Tue Jul 26 22:41:20 2022 +0000
Updated site from master (aa8c89acf21fbe65280fd39c1177d024054f0cfd)
---
content/fortress/index.xml | 22 ++++-
content/fortress/user-guide.html | 4 +-
.../user-guide/4-fortress-code-samples.html | 2 +
.../{4.7-add-role.html => 4.10-delete-user.html} | 82 +++++++++----------
content/fortress/user-guide/4.7-add-role.html | 2 +-
content/fortress/user-guide/4.8-delete-role.html | 6 +-
.../{4.7-add-role.html => 4.9-add-user.html} | 93 +++++++++++++---------
content/index.xml | 22 ++++-
content/sitemap.xml | 20 +++--
9 files changed, 156 insertions(+), 97 deletions(-)
diff --git a/content/fortress/index.xml b/content/fortress/index.xml
index 8282b73c..7067b0cf 100644
--- a/content/fortress/index.xml
+++ b/content/fortress/index.xml
@@ -137,7 +137,7 @@ More info here on how it works:
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://directory.apache.org/fortress/user-guide/4-fortress-code-samples.html</guid>
- <description>4 - Apache Fortress Code Samples Table of content 4.1 - Create Session 4.2 - Check Access 4.3 - Session Permissions 4.4 - Add Active Role 4.5 - Drop Active Role 4.6 - Get Authorized Roles 4.7 - Add Role 4.8 - Delete Role </description>
+ <description>4 - Apache Fortress Code Samples Table of content 4.1 - Create Session 4.2 - Check Access 4.3 - Session Permissions 4.4 - Add Active Role 4.5 - Drop Active Role 4.6 - Get Authorized Roles 4.7 - Add Role 4.8 - Delete Role 4.9 - Add User 4.10 - Delete User </description>
</item>
<item>
@@ -151,6 +151,15 @@ Parameters:
user - Contains User.userId, User.password (optional if isTrusted is &lsquo;true&rsquo;), optional User.</description>
</item>
+ <item>
+ <title>4.10 - Delete User</title>
+ <link>https://directory.apache.org/fortress/user-guide/4.10-delete-user.html</link>
+ <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
+
+ <guid>https://directory.apache.org/fortress/user-guide/4.10-delete-user.html</guid>
+ <description>void deleteUser(User user) throws SecurityException 4.10 - Delete User This command deletes an existing user from the RBAC database. The command is valid if and only if the user to be deleted is a member of the USERS data set. The USERS and UA data sets and the assigned_users function are updated. This method performs a &ldquo;hard&rdquo; delete. It completely removes all data associated with this user from the directory. User entity must exist in directory pri [...]
+ </item>
+
<item>
<title>4.2 - Check Access</title>
<link>https://directory.apache.org/fortress/user-guide/4.2-check-access.html</link>
@@ -234,6 +243,17 @@ required parameters:
role - Must contain Role#name for Role to delete.</description>
</item>
+ <item>
+ <title>4.9 - Add User</title>
+ <link>https://directory.apache.org/fortress/user-guide/4.9-add-user.html</link>
+ <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
+
+ <guid>https://directory.apache.org/fortress/user-guide/4.9-add-user.html</guid>
+ <description>4.9 - Add User User addUser(User user) throws SecurityException This command creates a new RBAC user. The command is valid only if the new user is not already a member of the USERS data set. The USER data set is updated. The new user does not own any session at the time of its creation.
+required parameters:
+ User#userId - maps to INetOrgPerson uid User#password - used when password authentication is required User#ou - contains the name of an already existing User OU node optional parameters:</description>
+ </item>
+
<item>
<title>ApacheDS Installation guide</title>
<link>https://directory.apache.org/fortress/installation/apacheds.html</link>
diff --git a/content/fortress/user-guide.html b/content/fortress/user-guide.html
index a7d78286..b8fe2b82 100644
--- a/content/fortress/user-guide.html
+++ b/content/fortress/user-guide.html
@@ -167,13 +167,13 @@
<li><a href="user-guide/4.6-authorized-roles.html">4.6 - Authorized Roles</a></li>
<li><a href="user-guide/4.7-add-role.html">4.7 - Add Role</a></li>
<li><a href="user-guide/4.8-delete-role.html">4.8 - Delete Role</a></li>
+<li><a href="user-guide/4.9-add-user.html">4.9 - Add User</a></li>
+<li><a href="user-guide/4.10-delete-user.html">4.10 - Delete User</a></li>
</ul>
</li>
<li>
<p>TODO (more code samples):</p>
<ul>
-<li>[4.9 - addUser]</li>
-<li>[4.10 - deleteUser]</li>
<li>[4.11 - addPermObj]</li>
<li>[4.12 - deletePermObj]</li>
<li>[4.13 - addPermission]</li>
diff --git a/content/fortress/user-guide/4-fortress-code-samples.html b/content/fortress/user-guide/4-fortress-code-samples.html
index 484731ef..07b42b2c 100644
--- a/content/fortress/user-guide/4-fortress-code-samples.html
+++ b/content/fortress/user-guide/4-fortress-code-samples.html
@@ -163,6 +163,8 @@
<li><a href="4.6-authorized-roles.html">4.6 - Get Authorized Roles</a></li>
<li><a href="4.7-add-role.html">4.7 - Add Role</a></li>
<li><a href="4.8-delete-role.html">4.8 - Delete Role</a></li>
+<li><a href="4.9-add-user.html">4.9 - Add User</a></li>
+<li><a href="4.10-delete-user.html">4.10 - Delete User</a></li>
</ul>
diff --git a/content/fortress/user-guide/4.7-add-role.html b/content/fortress/user-guide/4.10-delete-user.html
similarity index 64%
copy from content/fortress/user-guide/4.7-add-role.html
copy to content/fortress/user-guide/4.10-delete-user.html
index 2db58ad8..23bc62ac 100644
--- a/content/fortress/user-guide/4.7-add-role.html
+++ b/content/fortress/user-guide/4.10-delete-user.html
@@ -3,7 +3,7 @@
<html lang="en">
<head>
<meta charset="utf-8">
- <title>4.7 - Add Role — Apache Directory</title>
+ <title>4.10 - Delete User — Apache Directory</title>
<link href="/css/common.css" rel="stylesheet" type="text/css"/>
<link href="/css/turquoise.css" rel="stylesheet" type="text/css"/>
@@ -132,7 +132,7 @@
<div class="nav_prev">
- <a href="4.6-authorized-roles.html">4.6 - Authorized Roles</a>
+ <a href="4.9-add-user.html">4.9 - Add User</a>
</div>
<div class="nav_up">
@@ -143,8 +143,7 @@
</div>
<div class="nav_next">
-
- <a href="4.8-delete-role.html">4.8 - Delete Role</a>
+
</div>
<div class="clearfix"></div>
@@ -152,61 +151,53 @@
- <h1 id="47---add-role">4.7 - Add Role</h1>
-<div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-java" data-lang="java">Role <span style="color:#00a000">addRole</span><span style="color:#666">(</span>Role role<span style="color:#666">)</span> <span style="color:#a2f;font-weight:bold">throws</span> SecurityException
-</code></pre></div><p>This command creates a new role.
-The command is valid if and only if the new role is not already a member of the ROLES data set.
-The ROLES data set is updated. Initially, no user or permission is assigned to the new role.</p>
+ <div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-java" data-lang="java"><span style="color:#0b0;font-weight:bold">void</span> <span style="color:#00a000">deleteUser</span><span style="color:#666">(</span>User user<span style="color:#666">)</span> <span style="color:#a2f;font-weight:bold">throws</span> SecurityException
+</code></pre></div><h1 id="410---delete-user">4.10 - Delete User</h1>
+<p>This command deletes an existing user from the RBAC database.
+The command is valid if and only if the user to be deleted is a member of the USERS data set.
+The USERS and UA data sets and the assigned_users function are updated. This method performs a “hard” delete.
+It completely removes all data associated with this user from the directory.
+User entity must exist in directory prior to making this call else exception will be thrown.</p>
<p>required parameters:</p>
<ul>
-<li>Role#name - contains the name to use for the Role to be created.</li>
-</ul>
-<p>optional parameters:</p>
-<ul>
-<li>Role#description - maps to description attribute on organizationalRole object class</li>
-<li>Role#beginTime - HHMM - determines begin hour role may be activated into user’s RBAC session</li>
-<li>Role#endTime - HHMM - determines end hour role may be activated into user’s RBAC session.</li>
-<li>Role#beginDate - YYYYMMDD - determines date when role may be activated into user’s RBAC session</li>
-<li>Role#endDate - YYYYMMDD - indicates latest date role may be activated into user’s RBAC session</li>
-<li>Role#beginLockDate - YYYYMMDD - determines beginning of enforced inactive status</li>
-<li>Role#endLockDate - YYYYMMDD - determines end of enforced inactive status</li>
-<li>Role#dayMask - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user’s RBAC session</li>
+<li>User#userId - maps to INetOrgPerson uid</li>
</ul>
<p>Parameters:</p>
<ul>
-<li>role - must contains Role#name (required) and optional Role#description.</li>
-</ul>
-<p>Returns:</p>
-<ul>
-<li>copy of the added Role</li>
+<li>user - Contains the User#userId of the User targeted for deletion.</li>
</ul>
<p>Throws:</p>
<ul>
<li>SecurityException - thrown in the event of data validation or system error.</li>
</ul>
-<h2 id="addrole">addRole</h2>
+<h2 id="deleteuser">deleteUser</h2>
<div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-java" data-lang="java"><span style="color:#a2f">@test</span>
-<span style="color:#a2f;font-weight:bold">public</span> <span style="color:#a2f;font-weight:bold">static</span> <span style="color:#0b0;font-weight:bold">void</span> <span style="color:#00a000">testCreateRole</span><span style="color:#666">(</span><span style="color:#666">)</span>
+<span style="color:#a2f;font-weight:bold">public</span> <span style="color:#a2f;font-weight:bold">static</span> <span style="color:#0b0;font-weight:bold">void</span> <span style="color:#00a000">testDeleteUser</span><span style="color:#666">(</span>String userId<span style="color:#666">)</span>
<span style="color:#666">{</span>
- String szLocation <span style="color:#666">=</span> <span style="color:#b44">".testCreateRole"</span><span style="color:#666">;</span>
+ String szLocation <span style="color:#666">=</span> <span style="color:#b44">".testDeleteUser"</span><span style="color:#666">;</span>
+
<span style="color:#a2f;font-weight:bold">try</span>
<span style="color:#666">{</span>
<span style="color:#080;font-style:italic">// Instantiate the AdminMgr implementation which is used to provision RBAC policies.
</span><span style="color:#080;font-style:italic"></span> AdminMgr adminMgr <span style="color:#666">=</span> AdminMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// At its simplest a Role contains only a name.
-</span><span style="color:#080;font-style:italic"></span> Role inRole <span style="color:#666">=</span> <span style="color:#a2f;font-weight:bold">new</span> Role<span style="color:#666">(</span><span style="color:#b44">"myRoleName"</span><span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// Call the API to actually add the Role to ldap.
-</span><span style="color:#080;font-style:italic"></span> adminMgr<span style="color:#666">.</span><span style="color:#b44">addRole</span><span style="color:#666">(</span>inRole<span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// Instantiate the ReviewMgr implementation which is used to interrogate RBAC policy information.
-</span><span style="color:#080;font-style:italic"></span> ReviewMgr reviewMgr <span style="color:#666">=</span> ReviewMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span>TestUtils<span style="color:#666">.</span><span style="color:#b44">getContext</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// now read the newly created Role entity back:
-</span><span style="color:#080;font-style:italic"></span> Role outRole <span style="color:#666">=</span> reviewMgr<span style="color:#666">.</span><span style="color:#b44">readRole</span><span style="color:#666">(</span>inRole<span style="color:#666">)</span><span style="color:#666">;</span>
- assertTrue<span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" failed read"</span><span style="color:#666">,</span> inRole<span style="color:#666">.</span><span style="color:#b44">equals</span><span style="color:#666">(</span>outRole<span style="color:#666">)</span><span style="color:#666">)</span><span style="color:#666">;</span>
- LOG<span style="color:#666">.</span><span style="color:#b44">info</span><span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" ["</span> <span style="color:#666">+</span> outRole<span style="color:#666">.</span><span style="color:#b44">getName</span><span style="color:#666">(</span><span style="color:#666">)</span> <span style="color:#666">+</span> <span style="color:#b44">"] success"</span><span style="color:#666" [...]
+ User inUser <span style="color:#666">=</span> <span style="color:#a2f;font-weight:bold">new</span> User<span style="color:#666">(</span>userId<span style="color:#666">)</span><span style="color:#666">;</span>
+ adminMgr<span style="color:#666">.</span><span style="color:#b44">deleteUser</span><span style="color:#666">(</span>inUser<span style="color:#666">)</span><span style="color:#666">;</span>
+
+ <span style="color:#080;font-style:italic">// now read it back:
+</span><span style="color:#080;font-style:italic"></span> <span style="color:#080;font-style:italic">// Instantiate the ReviewMgr implementation which is used to interrogate policy information.
+</span><span style="color:#080;font-style:italic"></span> ReviewMgr reviewMgr <span style="color:#666">=</span> ReviewMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">;</span>
+ <span style="color:#a2f;font-weight:bold">try</span>
+ <span style="color:#666">{</span>
+ <span style="color:#080;font-style:italic">// this should fail because User was deleted above:
+</span><span style="color:#080;font-style:italic"></span> reviewMgr<span style="color:#666">.</span><span style="color:#b44">readUser</span><span style="color:#666">(</span>inUser<span style="color:#666">)</span><span style="color:#666">;</span>
+ fail<span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" user ["</span> <span style="color:#666">+</span> inUser<span style="color:#666">.</span><span style="color:#b44">getUserId</span><span style="color:#666">(</span><span style="color:#666">)</span> <span style="color:#666">+</span> <span style="color:#b44">"] delete failed"</span><span style="color:#666">)</span><span style="color:#666">;</span>
+ <span style="color:#666">}</span>
+ <span style="color:#a2f;font-weight:bold">catch</span> <span style="color:#666">(</span>SecurityException se<span style="color:#666">)</span>
+ <span style="color:#666">{</span>
+ assertTrue<span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" excep id check"</span><span style="color:#666">,</span> se<span style="color:#666">.</span><span style="color:#b44">getErrorId</span><span style="color:#666">(</span><span style="color:#666">)</span> <span style="color:#666">=</span><span style="color:#666">=</span> GlobalErrIds<span style="color:#666">.</span><span style="color:#b44">USER_NOT_FOUND</span [...]
+ <span style="color:#080;font-style:italic">// pass
+</span><span style="color:#080;font-style:italic"></span> <span style="color:#666">}</span>
+ LOG<span style="color:#666">.</span><span style="color:#b44">info</span><span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" user ["</span> <span style="color:#666">+</span> inUser<span style="color:#666">.</span><span style="color:#b44">getUserId</span><span style="color:#666">(</span><span style="color:#666">)</span> <span style="color:#666">+</span> <span style="color:#b44">"] success"</span><span style="color [...]
<span style="color:#666">}</span>
<span style="color:#a2f;font-weight:bold">catch</span> <span style="color:#666">(</span>SecurityException ex<span style="color:#666">)</span>
<span style="color:#666">{</span>
@@ -221,7 +212,7 @@ The ROLES data set is updated. Initially, no user or permission is assigned to t
<div class="nav_prev">
- <a href="4.6-authorized-roles.html">4.6 - Authorized Roles</a>
+ <a href="4.9-add-user.html">4.9 - Add User</a>
</div>
<div class="nav_up">
@@ -232,8 +223,7 @@ The ROLES data set is updated. Initially, no user or permission is assigned to t
</div>
<div class="nav_next">
-
- <a href="4.8-delete-role.html">4.8 - Delete Role</a>
+
</div>
<div class="clearfix"></div>
diff --git a/content/fortress/user-guide/4.7-add-role.html b/content/fortress/user-guide/4.7-add-role.html
index 2db58ad8..0dfbe29d 100644
--- a/content/fortress/user-guide/4.7-add-role.html
+++ b/content/fortress/user-guide/4.7-add-role.html
@@ -201,7 +201,7 @@ The ROLES data set is updated. Initially, no user or permission is assigned to t
</span><span style="color:#080;font-style:italic"></span> adminMgr<span style="color:#666">.</span><span style="color:#b44">addRole</span><span style="color:#666">(</span>inRole<span style="color:#666">)</span><span style="color:#666">;</span>
<span style="color:#080;font-style:italic">// Instantiate the ReviewMgr implementation which is used to interrogate RBAC policy information.
-</span><span style="color:#080;font-style:italic"></span> ReviewMgr reviewMgr <span style="color:#666">=</span> ReviewMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span>TestUtils<span style="color:#666">.</span><span style="color:#b44">getContext</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">)</span><span style="color:#666">;</span>
+</span><span style="color:#080;font-style:italic"></span> ReviewMgr reviewMgr <span style="color:#666">=</span> ReviewMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">;</span>
<span style="color:#080;font-style:italic">// now read the newly created Role entity back:
</span><span style="color:#080;font-style:italic"></span> Role outRole <span style="color:#666">=</span> reviewMgr<span style="color:#666">.</span><span style="color:#b44">readRole</span><span style="color:#666">(</span>inRole<span style="color:#666">)</span><span style="color:#666">;</span>
diff --git a/content/fortress/user-guide/4.8-delete-role.html b/content/fortress/user-guide/4.8-delete-role.html
index da724c6d..745a53fa 100644
--- a/content/fortress/user-guide/4.8-delete-role.html
+++ b/content/fortress/user-guide/4.8-delete-role.html
@@ -143,7 +143,8 @@
</div>
<div class="nav_next">
-
+
+ <a href="4.9-add-user.html">4.9 - Add User</a>
</div>
<div class="clearfix"></div>
@@ -208,7 +209,8 @@ This command will also deassign role from all users.</p>
</div>
<div class="nav_next">
-
+
+ <a href="4.9-add-user.html">4.9 - Add User</a>
</div>
<div class="clearfix"></div>
diff --git a/content/fortress/user-guide/4.7-add-role.html b/content/fortress/user-guide/4.9-add-user.html
similarity index 62%
copy from content/fortress/user-guide/4.7-add-role.html
copy to content/fortress/user-guide/4.9-add-user.html
index 2db58ad8..58206269 100644
--- a/content/fortress/user-guide/4.7-add-role.html
+++ b/content/fortress/user-guide/4.9-add-user.html
@@ -3,7 +3,7 @@
<html lang="en">
<head>
<meta charset="utf-8">
- <title>4.7 - Add Role — Apache Directory</title>
+ <title>4.9 - Add User — Apache Directory</title>
<link href="/css/common.css" rel="stylesheet" type="text/css"/>
<link href="/css/turquoise.css" rel="stylesheet" type="text/css"/>
@@ -132,7 +132,7 @@
<div class="nav_prev">
- <a href="4.6-authorized-roles.html">4.6 - Authorized Roles</a>
+ <a href="4.8-delete-role.html">4.8 - Delete Role</a>
</div>
<div class="nav_up">
@@ -144,7 +144,7 @@
<div class="nav_next">
- <a href="4.8-delete-role.html">4.8 - Delete Role</a>
+ <a href="4.10-delete-user.html">4.10 - Delete User</a>
</div>
<div class="clearfix"></div>
@@ -152,61 +152,76 @@
- <h1 id="47---add-role">4.7 - Add Role</h1>
-<div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-java" data-lang="java">Role <span style="color:#00a000">addRole</span><span style="color:#666">(</span>Role role<span style="color:#666">)</span> <span style="color:#a2f;font-weight:bold">throws</span> SecurityException
-</code></pre></div><p>This command creates a new role.
-The command is valid if and only if the new role is not already a member of the ROLES data set.
-The ROLES data set is updated. Initially, no user or permission is assigned to the new role.</p>
+ <h1 id="49---add-user">4.9 - Add User</h1>
+<div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-java" data-lang="java">User <span style="color:#00a000">addUser</span><span style="color:#666">(</span>User user<span style="color:#666">)</span> <span style="color:#a2f;font-weight:bold">throws</span> SecurityException
+</code></pre></div><p>This command creates a new RBAC user. The command is valid only if the new user is not already a member of the USERS data set.
+The USER data set is updated. The new user does not own any session at the time of its creation.</p>
<p>required parameters:</p>
<ul>
-<li>Role#name - contains the name to use for the Role to be created.</li>
+<li>User#userId - maps to INetOrgPerson uid</li>
+<li>User#password - used when password authentication is required</li>
+<li>User#ou - contains the name of an already existing User OU node</li>
</ul>
<p>optional parameters:</p>
<ul>
-<li>Role#description - maps to description attribute on organizationalRole object class</li>
-<li>Role#beginTime - HHMM - determines begin hour role may be activated into user’s RBAC session</li>
-<li>Role#endTime - HHMM - determines end hour role may be activated into user’s RBAC session.</li>
-<li>Role#beginDate - YYYYMMDD - determines date when role may be activated into user’s RBAC session</li>
-<li>Role#endDate - YYYYMMDD - indicates latest date role may be activated into user’s RBAC session</li>
-<li>Role#beginLockDate - YYYYMMDD - determines beginning of enforced inactive status</li>
-<li>Role#endLockDate - YYYYMMDD - determines end of enforced inactive status</li>
-<li>Role#dayMask - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user’s RBAC session</li>
+<li>User#pwPolicy - contains the name of an already existing OpenLDAP password policy node</li>
+<li>User#cn - maps to INetOrgPerson common name attribute</li>
+<li>User#sn - maps to INetOrgPerson surname attribute</li>
+<li>User#description - maps to INetOrgPerson description attribute</li>
+<li>User#title - maps to INetOrgPerson title attribute</li>
+<li>User#employeeType - maps to INetOrgPerson employeeType attribute</li>
+<li>User#phones * - multivalued attribute maps to organizationalPerson telephoneNumber attribute</li>
+<li>User#mobiles * - multivalued attribute maps to INetOrgPerson mobile attribute</li>
+<li>User#emails * - multivalued attribute maps to INetOrgPerson mail attribute</li>
+<li>User#address * - multivalued attribute maps to organizationalPerson postalAddress, st, l, postalCode, postOfficeBox attributes</li>
+<li>User#beginTime - HHMM - determines begin hour user may activate session</li>
+<li>User#endTime - HHMM - determines end hour user may activate session.</li>
+<li>User#beginDate - YYYYMMDD - determines date when user may sign on</li>
+<li>User#endDate - YYYYMMDD - indicates latest date user may sign on</li>
+<li>User#beginLockDate - YYYYMMDD - determines beginning of enforced inactive status</li>
+<li>User#endLockDate - YYYYMMDD - determines end of enforced inactive status</li>
+<li>User#dayMask - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day of user may sign on</li>
+<li>User#timeout - number (in minutes) of session inactivity time allowed</li>
+<li>User#props * - multivalued attribute contains property key and values are separated with a ‘:'. e.g. mykey1:myvalue1</li>
+<li>User#roles * - multivalued attribute contains the name of already existing role to assign to user</li>
+<li>User#adminRoles * - multivalued attribute contains the name of already existing adminRole to assign to user</li>
</ul>
<p>Parameters:</p>
<ul>
-<li>role - must contains Role#name (required) and optional Role#description.</li>
+<li>user - User entity must contain User#userId and User#ou (required) and optional User#description,User#roles and many others.</li>
</ul>
<p>Returns:</p>
<ul>
-<li>copy of the added Role</li>
+<li>Returns entity containing user data that was added.</li>
</ul>
<p>Throws:</p>
<ul>
<li>SecurityException - thrown in the event of data validation or system error.</li>
</ul>
-<h2 id="addrole">addRole</h2>
+<h2 id="adduser">addUser</h2>
<div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-java" data-lang="java"><span style="color:#a2f">@test</span>
-<span style="color:#a2f;font-weight:bold">public</span> <span style="color:#a2f;font-weight:bold">static</span> <span style="color:#0b0;font-weight:bold">void</span> <span style="color:#00a000">testCreateRole</span><span style="color:#666">(</span><span style="color:#666">)</span>
+<span style="color:#a2f;font-weight:bold">public</span> <span style="color:#a2f;font-weight:bold">static</span> <span style="color:#0b0;font-weight:bold">void</span> <span style="color:#00a000">testCreateUser</span><span style="color:#666">(</span>String userId<span style="color:#666">,</span> String password<span style="color:#666">,</span> String userOu<span style="color:#666">)</span>
<span style="color:#666">{</span>
- String szLocation <span style="color:#666">=</span> <span style="color:#b44">".testCreateRole"</span><span style="color:#666">;</span>
+ String szLocation <span style="color:#666">=</span> <span style="color:#b44">".testCreateUser"</span><span style="color:#666">;</span>
<span style="color:#a2f;font-weight:bold">try</span>
<span style="color:#666">{</span>
- <span style="color:#080;font-style:italic">// Instantiate the AdminMgr implementation which is used to provision RBAC policies.
+ <span style="color:#080;font-style:italic">// Instantiate the AdminMgr implementation. All AdminMgr APIs can throw a SecurityException in the event
+</span><span style="color:#080;font-style:italic"></span> <span style="color:#080;font-style:italic">// of rule violation or system error.
</span><span style="color:#080;font-style:italic"></span> AdminMgr adminMgr <span style="color:#666">=</span> AdminMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// At its simplest a Role contains only a name.
-</span><span style="color:#080;font-style:italic"></span> Role inRole <span style="color:#666">=</span> <span style="color:#a2f;font-weight:bold">new</span> Role<span style="color:#666">(</span><span style="color:#b44">"myRoleName"</span><span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// Call the API to actually add the Role to ldap.
-</span><span style="color:#080;font-style:italic"></span> adminMgr<span style="color:#666">.</span><span style="color:#b44">addRole</span><span style="color:#666">(</span>inRole<span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// Instantiate the ReviewMgr implementation which is used to interrogate RBAC policy information.
-</span><span style="color:#080;font-style:italic"></span> ReviewMgr reviewMgr <span style="color:#666">=</span> ReviewMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span>TestUtils<span style="color:#666">.</span><span style="color:#b44">getContext</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">)</span><span style="color:#666">;</span>
-
- <span style="color:#080;font-style:italic">// now read the newly created Role entity back:
-</span><span style="color:#080;font-style:italic"></span> Role outRole <span style="color:#666">=</span> reviewMgr<span style="color:#666">.</span><span style="color:#b44">readRole</span><span style="color:#666">(</span>inRole<span style="color:#666">)</span><span style="color:#666">;</span>
- assertTrue<span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" failed read"</span><span style="color:#666">,</span> inRole<span style="color:#666">.</span><span style="color:#b44">equals</span><span style="color:#666">(</span>outRole<span style="color:#666">)</span><span style="color:#666">)</span><span style="color:#666">;</span>
- LOG<span style="color:#666">.</span><span style="color:#b44">info</span><span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" ["</span> <span style="color:#666">+</span> outRole<span style="color:#666">.</span><span style="color:#b44">getName</span><span style="color:#666">(</span><span style="color:#666">)</span> <span style="color:#666">+</span> <span style="color:#b44">"] success"</span><span style="color:#666" [...]
+ User inUser <span style="color:#666">=</span> <span style="color:#a2f;font-weight:bold">new</span> User<span style="color:#666">(</span>userId<span style="color:#666">,</span> password<span style="color:#666">)</span><span style="color:#666">;</span>
+ <span style="color:#080;font-style:italic">// ou is required attribute:
+</span><span style="color:#080;font-style:italic"></span> inUser<span style="color:#666">.</span><span style="color:#b44">setOu</span><span style="color:#666">(</span>userOu<span style="color:#666">)</span><span style="color:#666">;</span>
+ <span style="color:#080;font-style:italic">// Now call the add API. The API will return User entity with associated LDAP dn if creation was successful.
+</span><span style="color:#080;font-style:italic"></span> User outUser <span style="color:#666">=</span> adminMgr<span style="color:#666">.</span><span style="color:#b44">addUser</span><span style="color:#666">(</span>inUser<span style="color:#666">)</span><span style="color:#666">;</span>
+ assertNotNull<span style="color:#666">(</span>outUser<span style="color:#666">)</span><span style="color:#666">;</span>
+
+ <span style="color:#080;font-style:italic">// Instantiate the ReviewMgr implementation which is used to interrogate policy information.
+</span><span style="color:#080;font-style:italic"></span> ReviewMgr reviewMgr <span style="color:#666">=</span> ReviewMgrFactory<span style="color:#666">.</span><span style="color:#b44">createInstance</span><span style="color:#666">(</span><span style="color:#666">)</span><span style="color:#666">;</span>
+
+ <span style="color:#080;font-style:italic">// now read the newly created User entity back:
+</span><span style="color:#080;font-style:italic"></span> User outUser2 <span style="color:#666">=</span> reviewMgr<span style="color:#666">.</span><span style="color:#b44">readUser</span><span style="color:#666">(</span>inUser<span style="color:#666">)</span><span style="color:#666">;</span>
+ assertTrue<span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" failed read"</span><span style="color:#666">,</span> inUser<span style="color:#666">.</span><span style="color:#b44">equals</span><span style="color:#666">(</span>outUser2<span style="color:#666">)</span><span style="color:#666">)</span><span style="color:#666">;</span>
+ LOG<span style="color:#666">.</span><span style="color:#b44">info</span><span style="color:#666">(</span>szLocation <span style="color:#666">+</span> <span style="color:#b44">" user ["</span> <span style="color:#666">+</span> outUser2<span style="color:#666">.</span><span style="color:#b44">getUserId</span><span style="color:#666">(</span><span style="color:#666">)</span> <span style="color:#666">+</span> <span style="color:#b44">"] success"</span><span style="col [...]
<span style="color:#666">}</span>
<span style="color:#a2f;font-weight:bold">catch</span> <span style="color:#666">(</span>SecurityException ex<span style="color:#666">)</span>
<span style="color:#666">{</span>
@@ -221,7 +236,7 @@ The ROLES data set is updated. Initially, no user or permission is assigned to t
<div class="nav_prev">
- <a href="4.6-authorized-roles.html">4.6 - Authorized Roles</a>
+ <a href="4.8-delete-role.html">4.8 - Delete Role</a>
</div>
<div class="nav_up">
@@ -233,7 +248,7 @@ The ROLES data set is updated. Initially, no user or permission is assigned to t
<div class="nav_next">
- <a href="4.8-delete-role.html">4.8 - Delete Role</a>
+ <a href="4.10-delete-user.html">4.10 - Delete User</a>
</div>
<div class="clearfix"></div>
diff --git a/content/index.xml b/content/index.xml
index b61b04ab..25265168 100644
--- a/content/index.xml
+++ b/content/index.xml
@@ -1454,7 +1454,7 @@ Anyway, we use a subset of ASN/1, as what we have to deal with is the BER/DER en
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
<guid>https://directory.apache.org/fortress/user-guide/4-fortress-code-samples.html</guid>
- <description>4 - Apache Fortress Code Samples Table of content 4.1 - Create Session 4.2 - Check Access 4.3 - Session Permissions 4.4 - Add Active Role 4.5 - Drop Active Role 4.6 - Get Authorized Roles 4.7 - Add Role 4.8 - Delete Role </description>
+ <description>4 - Apache Fortress Code Samples Table of content 4.1 - Create Session 4.2 - Check Access 4.3 - Session Permissions 4.4 - Add Active Role 4.5 - Drop Active Role 4.6 - Get Authorized Roles 4.7 - Add Role 4.8 - Delete Role 4.9 - Add User 4.10 - Delete User </description>
</item>
<item>
@@ -1708,6 +1708,15 @@ Usage MessageType : BIND_REQUEST Message ID : 1 BindRequest Version : &lsquo
At the moment, the server does not support this feature.</description>
</item>
+ <item>
+ <title>4.10 - Delete User</title>
+ <link>https://directory.apache.org/fortress/user-guide/4.10-delete-user.html</link>
+ <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
+
+ <guid>https://directory.apache.org/fortress/user-guide/4.10-delete-user.html</guid>
+ <description>void deleteUser(User user) throws SecurityException 4.10 - Delete User This command deletes an existing user from the RBAC database. The command is valid if and only if the user to be deleted is a member of the USERS data set. The USERS and UA data sets and the assigned_users function are updated. This method performs a &ldquo;hard&rdquo; delete. It completely removes all data associated with this user from the directory. User entity must exist in directory pri [...]
+ </item>
+
<item>
<title>4.2 - Authenticate with Studio</title>
<link>https://directory.apache.org/apacheds/kerberos-ug/4.2-authenticate-studio.html</link>
@@ -2184,6 +2193,17 @@ required parameters:
role - Must contain Role#name for Role to delete.</description>
</item>
+ <item>
+ <title>4.9 - Add User</title>
+ <link>https://directory.apache.org/fortress/user-guide/4.9-add-user.html</link>
+ <pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
+
+ <guid>https://directory.apache.org/fortress/user-guide/4.9-add-user.html</guid>
+ <description>4.9 - Add User User addUser(User user) throws SecurityException This command creates a new RBAC user. The command is valid only if the new user is not already a member of the USERS data set. The USER data set is updated. The new user does not own any session at the time of its creation.
+required parameters:
+ User#userId - maps to INetOrgPerson uid User#password - used when password authentication is required User#ou - contains the name of an already existing User OU node optional parameters:</description>
+ </item>
+
<item>
<title>5 - Administration</title>
<link>https://directory.apache.org/apacheds/advanced-ug/5-administration.html</link>
diff --git a/content/sitemap.xml b/content/sitemap.xml
index b6c41eba..cb4e68e0 100644
--- a/content/sitemap.xml
+++ b/content/sitemap.xml
@@ -714,7 +714,7 @@
<url>
<loc>https://directory.apache.org/fortress/user-guide/4-fortress-code-samples.html</loc>
- <lastmod>2022-07-25T21:23:40-05:00</lastmod>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
</url>
<url>
@@ -837,6 +837,11 @@
<lastmod>2020-08-08T11:25:14+02:00</lastmod>
</url>
+ <url>
+ <loc>https://directory.apache.org/fortress/user-guide/4.10-delete-user.html</loc>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
+ </url>
+
<url>
<loc>https://directory.apache.org/apacheds/kerberos-ug/4.2-authenticate-studio.html</loc>
<lastmod>2020-08-08T11:25:14+02:00</lastmod>
@@ -1064,12 +1069,17 @@
<url>
<loc>https://directory.apache.org/fortress/user-guide/4.7-add-role.html</loc>
- <lastmod>2022-07-25T21:05:59-05:00</lastmod>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
</url>
<url>
<loc>https://directory.apache.org/fortress/user-guide/4.8-delete-role.html</loc>
- <lastmod>2022-07-25T21:05:59-05:00</lastmod>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
+ </url>
+
+ <url>
+ <loc>https://directory.apache.org/fortress/user-guide/4.9-add-user.html</loc>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
</url>
<url>
@@ -1844,7 +1854,7 @@
<url>
<loc>https://directory.apache.org/fortress.html</loc>
- <lastmod>2022-07-25T22:12:19-05:00</lastmod>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
</url>
<url>
@@ -2349,7 +2359,7 @@
<url>
<loc>https://directory.apache.org/fortress/user-guide.html</loc>
- <lastmod>2022-07-25T22:12:19-05:00</lastmod>
+ <lastmod>2022-07-26T17:39:01-05:00</lastmod>
</url>
<url>