From commits-return-36622-apmail-directory-commits-archive=directory.apache.org@directory.apache.org Wed May 15 15:22:14 2013 Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C9997D245 for ; Wed, 15 May 2013 15:22:14 +0000 (UTC) Received: (qmail 2040 invoked by uid 500); 15 May 2013 15:22:14 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 2000 invoked by uid 500); 15 May 2013 15:22:14 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 1981 invoked by uid 99); 15 May 2013 15:22:14 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 May 2013 15:22:14 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 May 2013 15:22:10 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 734EB2388847 for ; Wed, 15 May 2013 15:21:49 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r862073 - in /websites/staging/directory/trunk/content: ./ apacheds/advanced-ug/4.2-authorization.html apacheds/advanced-ug/4.2.1-introduction.html apacheds/advanced-ug/4.5.1-introduction.html Date: Wed, 15 May 2013 15:21:49 -0000 To: commits@directory.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130515152149.734EB2388847@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: buildbot Date: Wed May 15 15:21:49 2013 New Revision: 862073 Log: Staging update by buildbot for directory Added: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2.1-introduction.html Removed: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.5.1-introduction.html Modified: websites/staging/directory/trunk/content/ (props changed) websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2-authorization.html Propchange: websites/staging/directory/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Wed May 15 15:21:49 2013 @@ -1 +1 @@ -1481933 +1482895 Modified: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2-authorization.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2-authorization.html (original) +++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2-authorization.html Wed May 15 15:21:49 2013 @@ -145,17 +145,17 @@ basic access control mechanism and how t to manage access to protected resources.

Chapter content

Some Simple Examples

The ACIItem syntax is very expressive and that makes it extremely powerful Added: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2.1-introduction.html ============================================================================== --- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2.1-introduction.html (added) +++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.2.1-introduction.html Wed May 15 15:21:49 2013 @@ -0,0 +1,194 @@ + + + + + 4.2.1 Introduction — Apache Directory + + + + + + + + + + + + +

+ +
+
+ + + +
+
+ + + + + +

4.2.1 - Introduction

+

First of all, one has to understand that Authorization in this context +involves four components. The principle is :

+

+ grants Users authorization to proceed some Action on a set of +Items in a defined Area +

+

Let's define the four components.

+

Users : +the set of entity being able to do some action. It can be every user, +the entry owner, a list of users, members of a group or a selection in the +DIT. Basically, a user is defined as an entry in the DIT.

+

Action : +Generally speaking, a grant or denial to do something, depending on the +selected item (read, delete, etc).

+

Items : +An item is an element of the DIT. It can be an Entry, an +AttributeType, some AttributeValues. It can also define some constraints +that will apply on the selected entries.

+

Area : +It defines the set of entries on which the defined ACI applies. It can +be the whole DIT, a part of the DIT, a selection of entries, an Entry.

+

We implement those elements using ACIs.

+

The following chapters will present you the system inside out.

+ + + + + +
+
+
+ +
+ + \ No newline at end of file