org.exist.security
Class XMLSecurityManager

java.lang.Object
  extended byorg.exist.security.XMLSecurityManager
All Implemented Interfaces:
SecurityManager

public class XMLSecurityManager
extends java.lang.Object
implements SecurityManager

SecurityManager is responsible for managing users and groups. There's only one SecurityManager for each database instance, which may be obtained by BrokerPool.getSecurityManager(). Users and groups are stored in the system collection, in document users.xml. While it is possible to edit this file by hand, it may lead to unexpected results, since SecurityManager reads users.xml only during database startup and shutdown.


Field Summary
static java.lang.String DBA_GROUP
           
static java.lang.String DBA_USER
           
static java.lang.String GUEST_GROUP
           
static java.lang.String GUEST_USER
           
static User SYSTEM_USER
           
 
Fields inherited from interface org.exist.security.SecurityManager
ACL_FILE, ACL_FILE_URI
 
Constructor Summary
XMLSecurityManager()
           
 
Method Summary
 void addGroup(java.lang.String name)
           
 void attach(BrokerPool pool, DBBroker sysBroker)
          Initialize the security manager.
 void deleteUser(java.lang.String name)
           
 void deleteUser(User user)
           
 int getCollectionDefaultPerms()
           
 Group getGroup(int gid)
           
 Group getGroup(java.lang.String name)
           
 java.lang.String[] getGroups()
           
 ExistPDP getPDP()
           
 int getResourceDefaultPerms()
           
 User getUser(int uid)
           
 User getUser(java.lang.String name)
           
 User[] getUsers()
           
 boolean hasAdminPrivileges(User user)
           
 boolean hasGroup(java.lang.String name)
           
 boolean hasUser(java.lang.String name)
           
 boolean isXACMLEnabled()
           
 void setUser(User user)
           
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DBA_GROUP

public static final java.lang.String DBA_GROUP
See Also:
Constant Field Values

DBA_USER

public static final java.lang.String DBA_USER
See Also:
Constant Field Values

GUEST_GROUP

public static final java.lang.String GUEST_GROUP
See Also:
Constant Field Values

GUEST_USER

public static final java.lang.String GUEST_USER
See Also:
Constant Field Values

SYSTEM_USER

public static final User SYSTEM_USER
Constructor Detail

XMLSecurityManager

public XMLSecurityManager()
Method Detail

attach

public void attach(BrokerPool pool,
                   DBBroker sysBroker)
Initialize the security manager. Checks if the file users.xml exists in the system collection of the database. If not, it is created with two default users: admin and guest.

Specified by:
attach in interface SecurityManager
Parameters:
pool -
sysBroker -

isXACMLEnabled

public boolean isXACMLEnabled()
Specified by:
isXACMLEnabled in interface SecurityManager

getPDP

public ExistPDP getPDP()
Specified by:
getPDP in interface SecurityManager

deleteUser

public void deleteUser(java.lang.String name)
                throws PermissionDeniedException
Specified by:
deleteUser in interface SecurityManager
Throws:
PermissionDeniedException

deleteUser

public void deleteUser(User user)
                throws PermissionDeniedException
Specified by:
deleteUser in interface SecurityManager
Throws:
PermissionDeniedException

getUser

public User getUser(java.lang.String name)
Specified by:
getUser in interface SecurityManager

getUser

public User getUser(int uid)
Specified by:
getUser in interface SecurityManager

getUsers

public User[] getUsers()
Specified by:
getUsers in interface SecurityManager

addGroup

public void addGroup(java.lang.String name)
Specified by:
addGroup in interface SecurityManager

hasGroup

public boolean hasGroup(java.lang.String name)
Specified by:
hasGroup in interface SecurityManager

getGroup

public Group getGroup(java.lang.String name)
Specified by:
getGroup in interface SecurityManager

getGroup

public Group getGroup(int gid)
Specified by:
getGroup in interface SecurityManager

getGroups

public java.lang.String[] getGroups()
Specified by:
getGroups in interface SecurityManager

hasAdminPrivileges

public boolean hasAdminPrivileges(User user)
Specified by:
hasAdminPrivileges in interface SecurityManager

hasUser

public boolean hasUser(java.lang.String name)
Specified by:
hasUser in interface SecurityManager

setUser

public void setUser(User user)
Specified by:
setUser in interface SecurityManager

getResourceDefaultPerms

public int getResourceDefaultPerms()
Specified by:
getResourceDefaultPerms in interface SecurityManager

getCollectionDefaultPerms

public int getCollectionDefaultPerms()
Specified by:
getCollectionDefaultPerms in interface SecurityManager


Copyright (C) Wolfgang Meier. All rights reserved.