directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [16/19] directory-fortress-core git commit: FC-109 - break core package cycles
Date Mon, 01 Jun 2015 23:02:21 GMT
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupMgrImpl.java
index cb0ad9d..fae8794 100755
--- a/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupMgrImpl.java
@@ -24,7 +24,7 @@ import org.apache.directory.fortress.core.ReviewMgr;
 import org.apache.directory.fortress.core.ReviewMgrFactory;
 import org.apache.directory.fortress.core.SecurityException;
 import org.apache.directory.fortress.core.rbac.Manageable;
-import org.apache.directory.fortress.core.rbac.User;
+import org.apache.directory.fortress.core.model.User;
 import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import java.util.ArrayList;

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupP.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupP.java b/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupP.java
index 45151f2..bc2c799 100755
--- a/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupP.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/group/GroupP.java
@@ -22,7 +22,7 @@ package org.apache.directory.fortress.core.ldap.group;
 
 import org.apache.directory.api.util.Strings;
 import org.apache.directory.fortress.core.ValidationException;
-import org.apache.directory.fortress.core.rbac.User;
+import org.apache.directory.fortress.core.model.User;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.apache.directory.fortress.core.GlobalErrIds;

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/model/Address.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/Address.java b/src/main/java/org/apache/directory/fortress/core/model/Address.java
new file mode 100644
index 0000000..b928ade
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/Address.java
@@ -0,0 +1,469 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.core.model;
+
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+
+/**
+ * This entity is stored on {@link User} and is used to store postal address information in LDAP.
+ * <p/>
+ * Contains data retrieved from the following LDAP attributes:
+ * <p/>
+ * <ul>
+ * <li>  ------------------------------------------
+ * <li> <code>postalAddress</code>
+ * <li> <code>st</code>
+ * <li> <code>postalCode</code>
+ * <li> <code>postOfficeBox</code>
+ * <li> <code>c</code>
+ * <li>  ------------------------------------------
+ * </ul>
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@XmlRootElement(name = "fortAddress")
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "address", propOrder =
+    {
+        "addresses",
+        "city",
+        "state",
+        "country",
+        "postalCode",
+        "postOfficeBox",
+        "building",
+        "departmentNumber",
+        "roomNumber"
+})
+public class Address implements Serializable
+{
+    private static final long serialVersionUID = 1L;
+
+    @XmlElement(nillable = true)
+    private List<String> addresses;
+    private String city;
+    private String state;
+    private String country;
+    private String postalCode;
+    private String postOfficeBox;
+    private String building;
+    private String departmentNumber;
+    private String roomNumber;
+
+
+    /**
+     * This attribute is bound for {@code postalAddress} attribute on {@code organizationalPerson} object class.
+     *
+     * @param address contains a String value containing address line that is bound for multi-occurring {@code postalAddress} attribute.
+     */
+    public void setAddress( String address )
+    {
+        if ( addresses == null )
+        {
+            addresses = new ArrayList<>();
+        }
+
+        addresses.add( address );
+    }
+
+
+    /**
+     * Return an ArrayList of type String that contains zero or more values retrieved from {@code postalAddress} attribute from {@code organizationalPerson} object class.
+     *
+     * @return a non-null ArrayList of type String that contains zero or more address lines associated with the user.
+     */
+    public List<String> getAddresses()
+    {
+        if ( addresses == null )
+        {
+            addresses = new ArrayList<>();
+        }
+
+        return addresses;
+    }
+
+
+    /**
+     * Set an ArrayList of type String that contains one or more values bound for {@code postalAddress} attribute on {@code organizationalPerson} object class.
+     *
+     * @param addresses contains ArrayList of type String with one or more address lines associated with the user.
+     */
+    public void setAddresses( List<String> addresses )
+    {
+        this.addresses = addresses;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code l} (location) attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains city associated with the user.
+     */
+    public String getCity()
+    {
+        return city;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code l} (location) bound for {@code organizationalPerson} object class.
+     *
+     * @param city associated with the user.
+     */
+    public void setCity( String city )
+    {
+        this.city = city;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code st} (state) attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains state associated with the user.
+     */
+    public String getState()
+    {
+        return state;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code st} (state) bound for {@code organizationalPerson} object class.
+     *
+     * @param state associated with the user.
+     */
+    public void setState( String state )
+    {
+        this.state = state;
+    }
+
+
+    /**
+     * TODO: Add support for this attribute:
+     * Return a String that contains a value retrieved from {@code c} (country) attribute from {@code c} object class.
+     *
+     * @return a String that contains country associated with the user.
+     */
+    public String getCountry()
+    {
+        return country;
+    }
+
+
+    /**
+     * TODO: Add support for this attribute:
+     * Accept a String that contains a value {@code c} (country) bound for {@code c} object class.
+     *
+     * @param country associated with the user.
+     */
+    public void setCountry( String country )
+    {
+        this.country = country;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code postalCode} attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains postalCode associated with the user.
+     */
+    public String getPostalCode()
+    {
+        return postalCode;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code postalCode} bound for {@code organizationalPerson} object class.
+     *
+     * @param postalCode associated with the user.
+     */
+    public void setPostalCode( String postalCode )
+    {
+        this.postalCode = postalCode;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code postOfficeBox} attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains postOfficeBox associated with the user.
+     */
+    public String getPostOfficeBox()
+    {
+        return postOfficeBox;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code postOfficeBox} bound for {@code organizationalPerson} object class.
+     *
+     * @param postOfficeBox associated with the user.
+     */
+    public void setPostOfficeBox( String postOfficeBox )
+    {
+        this.postOfficeBox = postOfficeBox;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code building} attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains building associated with the user.
+     */
+    public String getBuilding()
+    {
+        return building;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code building} bound for {@code organizationalPerson} object class.
+     *
+     * @param building associated with the user.
+     */
+    public void setBuilding( String building )
+    {
+        this.building = building;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code departmentNumber} attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains departmentNumber associated with the user.
+     */
+    public String getDepartmentNumber()
+    {
+        return departmentNumber;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code departmentNumber} bound for {@code inetOrgperson} object class.
+     *
+     * @param departmentNumber associated with the user.
+     */
+    public void setDepartmentNumber( String departmentNumber )
+    {
+        this.departmentNumber = departmentNumber;
+    }
+
+
+    /**
+     * Return a String that contains a value retrieved from {@code roomNumber} attribute from {@code organizationalPerson} object class.
+     *
+     * @return a String that contains roomNumber associated with the user.
+     */
+    public String getRoomNumber()
+    {
+        return roomNumber;
+    }
+
+
+    /**
+     * Accept a String that contains a value {@code roomNumber} bound for {@code inetOrgperson} object class.
+     *
+     * @param roomNumber associated with the user.
+     */
+    public void setRoomNumber( String roomNumber )
+    {
+        this.roomNumber = roomNumber;
+    }
+
+
+    /**
+     * Override the standard equals on object to use the attributes of this class.
+     *
+     * @param o
+     * @return boolean value
+     */
+    @Override
+    public boolean equals( Object o )
+    {
+        if ( this == o )
+        {
+            return true;
+        }
+
+        if ( ( o == null ) || ( getClass() != o.getClass() ) )
+        {
+            return false;
+        }
+
+        Address address = ( Address ) o;
+
+        if ( addresses != null ? !addresses.equals( address.addresses ) : address.addresses != null )
+        {
+            return false;
+        }
+
+        if ( building != null ? !building.equals( address.building ) : address.building != null )
+        {
+            return false;
+        }
+
+        if ( city != null ? !city.equals( address.city ) : address.city != null )
+        {
+            return false;
+        }
+
+        if ( country != null ? !country.equals( address.country ) : address.country != null )
+        {
+            return false;
+        }
+
+        if ( departmentNumber != null ? !departmentNumber.equals( address.departmentNumber )
+            : address.departmentNumber != null )
+        {
+            return false;
+        }
+
+        if ( postOfficeBox != null ? !postOfficeBox.equals( address.postOfficeBox ) : address.postOfficeBox != null )
+        {
+            return false;
+        }
+
+        if ( postalCode != null ? !postalCode.equals( address.postalCode ) : address.postalCode != null )
+        {
+            return false;
+        }
+
+        if ( roomNumber != null ? !roomNumber.equals( address.roomNumber ) : address.roomNumber != null )
+        {
+            return false;
+        }
+
+        if ( state != null ? !state.equals( address.state ) : address.state != null )
+        {
+            return false;
+        }
+
+        return true;
+    }
+
+
+    /**
+     * Override the standard hashCode on object to use attributes of class.
+     *
+     * @return int
+     */
+    @Override
+    public int hashCode()
+    {
+        int result = addresses != null ? addresses.hashCode() : 0;
+        result = 31 * result + ( city != null ? city.hashCode() : 0 );
+        result = 31 * result + ( state != null ? state.hashCode() : 0 );
+        result = 31 * result + ( country != null ? country.hashCode() : 0 );
+        result = 31 * result + ( postalCode != null ? postalCode.hashCode() : 0 );
+        result = 31 * result + ( postOfficeBox != null ? postOfficeBox.hashCode() : 0 );
+        result = 31 * result + ( building != null ? building.hashCode() : 0 );
+        result = 31 * result + ( departmentNumber != null ? departmentNumber.hashCode() : 0 );
+        result = 31 * result + ( roomNumber != null ? roomNumber.hashCode() : 0 );
+
+        return result;
+    }
+
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        StringBuilder sb = new StringBuilder();
+
+        sb.append( "Address object: \n" );
+
+        if ( roomNumber != null )
+        {
+            sb.append( "    roomNumber :" ).append( roomNumber ).append( '\n' );
+        }
+
+        if ( departmentNumber != null )
+        {
+            sb.append( "    departmentNumber :" ).append( departmentNumber ).append( '\n' );
+        }
+
+        if ( building != null )
+        {
+            sb.append( "    building :" ).append( building ).append( '\n' );
+        }
+
+        if ( addresses != null )
+        {
+            sb.append( "    addresses : " );
+
+            boolean isFirst = true;
+
+            for ( String addr : addresses )
+            {
+                if ( isFirst )
+                {
+                    isFirst = false;
+                }
+                else
+                {
+                    sb.append( ", " );
+                }
+
+                sb.append( addr );
+            }
+
+            sb.append( '\n' );
+        }
+
+        if ( city != null )
+        {
+            sb.append( "    city :" ).append( city ).append( '\n' );
+        }
+
+        if ( postalCode != null )
+        {
+            sb.append( "    postalCode :" ).append( postalCode ).append( '\n' );
+        }
+
+        if ( postOfficeBox != null )
+        {
+            sb.append( "    postOfficeBox :" ).append( postOfficeBox ).append( '\n' );
+        }
+
+        if ( state != null )
+        {
+            sb.append( "    state :" ).append( state ).append( '\n' );
+        }
+
+        if ( country != null )
+        {
+            sb.append( "    country :" ).append( country ).append( '\n' );
+        }
+
+        return sb.toString();
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java b/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java
new file mode 100755
index 0000000..3b77e72
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/AdminRole.java
@@ -0,0 +1,600 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.core.model;
+
+
+import java.util.Set;
+import java.util.TreeSet;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+import org.apache.directory.fortress.core.rbac.Administrator;
+import org.apache.directory.fortress.core.util.attr.VUtil;
+import org.apache.directory.fortress.core.util.time.CUtil;
+import org.apache.directory.fortress.core.util.time.Constraint;
+
+
+/**
+ * All entities ({@link AdminRole}, {@link org.apache.directory.fortress.core.model.OrgUnit},
+ * {@link org.apache.directory.fortress.core.model.SDSet} etc...) are used to carry data between three Fortress
+ * layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into
+ * (3) DAO layer where persistence with the OpenLDAP server occurs.
+ * <h4>Fortress Processing Layers</h4>
+ * <ol>
+ * <li>Manager layer: {@link org.apache.directory.fortress.core.rbac.DelAdminMgrImpl}, {@link org.apache.directory.fortress.core.rbac.DelAccessMgrImpl}, {@link org.apache.directory.fortress.core.rbac.DelReviewMgrImpl},...</li>
+ * <li>Process layer: {@link org.apache.directory.fortress.core.rbac.AdminRoleP}, {@link org.apache.directory.fortress.core.rbac.OrgUnitP},...</li>
+ * <li>DAO layer: {@link org.apache.directory.fortress.core.rbac.AdminRoleDAO}, {@link org.apache.directory.fortress.core.rbac.OrgUnitDAO},...</li>
+ * </ol>
+ * Fortress clients first instantiate and populate a data entity before invoking any of the Manager APIs.  The caller must
+ * provide enough information to uniquely identity the entity target within ldap.<br />
+ * For example, this entity requires {@link #name} set before passing into {@link org.apache.directory.fortress.core.rbac.DelAdminMgrImpl} or  {@link org.apache.directory.fortress.core.rbac.DelReviewMgrImpl} APIs.
+ * Create methods usually require more attributes (than Read) due to constraints enforced between entities.
+ * <p/>
+ * This entity extends the {@link org.apache.directory.fortress.core.model.Role} entity and is used to store the ARBAC AdminRole assignments that comprise the many-to-many relationships between Users and Administrative Permissions.
+ * In addition it is used to store the ARBAC {@link org.apache.directory.fortress.core.model.OrgUnit.Type#PERM} and {@link org.apache.directory.fortress.core.model.OrgUnit.Type#USER} OU information that adheres to the AdminRole entity in the ARBAC02 model.
+ * <br />The unique key to locate AdminRole entity (which is subsequently assigned both to Users and administrative Permissions) is {@link AdminRole#name}.<br />
+ * <p/>
+ * There is a many-to-many relationship between User's, Administrative Roles and Administrative Permissions.
+ * <h3>{@link org.apache.directory.fortress.core.model.User}*<->*{@link AdminRole}*<->*{@link org.apache.directory.fortress.core.model.Permission}</h3>
+ * Example to create new ARBAC AdminRole:
+ * <p/>
+ * <code>AdminRole myRole = new AdminRole("MyRoleName");</code><br />
+ * <code>myRole.setDescription("This is a test admin role");</code><br />
+ * <code>DelAdminMgr delAdminMgr = DelAdminMgrFactory.createInstance();</code><br />
+ * <code>delAdminMgr.addRole(myRole);</code><br />
+ * <p/>
+ * This will create a AdminRole name that can be used as a target for User-AdminRole assignments and AdminRole-AdminPermission grants.
+ * <p/>
+ * <p/>
+ * <h4>Administrative Role Schema</h4>
+ * The Fortress AdminRole entity is a composite of the following other Fortress structural and aux object classes:
+ * <p/>
+ * 1. organizationalRole Structural Object Class is used to store basic attributes like cn and description.
+ * <pre>
+ * ------------------------------------------
+ * objectclass ( 2.5.6.8 NAME 'organizationalRole'
+ *  DESC 'RFC2256: an organizational role'
+ *  SUP top STRUCTURAL
+ *  MUST cn
+ *  MAY (
+ *      x121Address $ registeredAddress $ destinationIndicator $
+ *      preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
+ *      telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
+ *      seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
+ *      postOfficeBox $ postalCode $ postalAddress $
+ *      physicalDeliveryOfficeName $ ou $ st $ l $ description
+ *  )
+ * )
+ * ------------------------------------------
+ * </pre>
+ * <p/>
+ * 2. ftRls Structural objectclass is used to store the AdminRole information like name, and temporal constraints.
+ * <pre>
+ * ------------------------------------------
+ * Fortress Roles Structural Object Class
+ * objectclass    ( 1.3.6.1.4.1.38088.2.1
+ *  NAME 'ftRls'
+ *  DESC 'Fortress Role Structural Object Class'
+ *  SUP organizationalrole
+ *  STRUCTURAL
+ *  MUST (
+ *      ftId $
+ *      ftRoleName
+ *  )
+ *  MAY (
+ *      description $
+ *      ftCstr $
+ *      ftParents
+ *  )
+ * )
+ * ------------------------------------------
+ * </pre>
+ * <p/>
+ * 3. ftProperties AUXILIARY Object Class is used to store client specific name/value pairs on target entity.<br />
+ * <code># This aux object class can be used to store custom attributes.</code><br />
+ * <code># The properties collections consist of name/value pairs and are not constrainted by Fortress.</code><br />
+ * <pre>
+ * ------------------------------------------
+ * AC2: Fortress Properties Auxiliary Object Class
+ * objectclass ( 1.3.6.1.4.1.38088.3.2
+ *  NAME 'ftProperties'
+ *  DESC 'Fortress Properties AUX Object Class'
+ *  AUXILIARY
+ *  MAY (
+ *      ftProps
+ *  )
+ * )
+ * ------------------------------------------
+ * </pre>
+ * <p/>
+ * 4. ftPools Auxiliary object class store the ARBAC Perm and User OU assignments on AdminRole entity.
+ * <pre>
+ * ------------------------------------------
+ * Fortress Organizational Pools Auxiliary Object Class
+ * objectclass ( 1.3.6.1.4.1.38088.3.3
+ *  NAME 'ftPools'
+ *  DESC 'Fortress Pools AUX Object Class'
+ *  AUXILIARY
+ *  MAY (
+ *      ftOSU  $
+ *      ftOSP  $
+ *      ftRange
+ *  )
+ * )
+ * ------------------------------------------
+ * </pre>
+ * <p/>
+ * 5. ftMods AUXILIARY Object Class is used to store Fortress audit variables on target entity.
+ * <pre>
+ * ------------------------------------------
+ * Fortress Audit Modification Auxiliary Object Class
+ * objectclass ( 1.3.6.1.4.1.38088.3.4
+ *  NAME 'ftMods'
+ *  DESC 'Fortress Modifiers AUX Object Class'
+ *  AUXILIARY
+ *  MAY (
+ *      ftModifier $
+ *      ftModCode $
+ *      ftModId
+ *  )
+ * )
+ * ------------------------------------------
+ * </pre>
+ * <p/>
+
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@XmlRootElement(name = "fortAdminRole")
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "adminRole", propOrder =
+    {
+        "osPs",
+        "osUs",
+        "beginRange",
+        "endRange",
+        "beginInclusive",
+        "endInclusive"
+})
+public class AdminRole extends Role implements Administrator
+{
+    /**
+     * 
+     */
+    private static final long serialVersionUID = 1L;
+    private Set<String> osPs;
+    private Set<String> osUs;
+    private String beginRange;
+    private String endRange;
+    private boolean beginInclusive;
+    private boolean endInclusive;
+
+
+    /**
+     * Default constructor is used by internal Fortress classes.
+     */
+    public AdminRole()
+    {
+    }
+
+
+    /**
+     * Construct an Admin Role with a given temporal constraint.
+     *
+     * @param con maps to 'OamRC' attribute for 'ftTemporal' aux object classes.
+     */
+    public AdminRole( Constraint con )
+    {
+        CUtil.copy( con, this );
+    }
+
+
+    /**
+     * Construct an AdminRole entity with a given name.
+     *
+     */
+    public AdminRole( String name )
+    {
+        this.setName( name );
+    }
+
+
+    /**
+     * Load the role range attributes given a raw format.  This method is used internal to Fortress and is not intended
+     * to be used by external callers.
+     *
+     * @param szRaw maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setRoleRangeRaw( String szRaw )
+    {
+        if ( VUtil.isNotNullOrEmpty( szRaw ) )
+        {
+            int bindx = szRaw.indexOf( '(' );
+            if ( bindx > -1 )
+            {
+                this.setBeginInclusive( false );
+            }
+            else
+            {
+                bindx = szRaw.indexOf( '[' );
+                this.setBeginInclusive( true );
+            }
+            int eindx = szRaw.indexOf( ')' );
+            if ( eindx > -1 )
+            {
+                this.setEndInclusive( false );
+            }
+            else
+            {
+                eindx = szRaw.indexOf( ']' );
+                this.setEndInclusive( true );
+            }
+            int cindx = szRaw.indexOf( ':' );
+            if ( cindx > -1 )
+            {
+                String szBeginRange = szRaw.substring( bindx + 1, cindx );
+                String szEndRange = szRaw.substring( cindx + 1, eindx );
+                this.setBeginRange( szBeginRange );
+                this.setEndRange( szEndRange );
+            }
+        }
+    }
+
+
+    /**
+     *
+     * Get the raw format for role range using current AdminRole entity attributes.  This method is used internal to Fortress and is not intended
+     * to be used by external callers.
+     *
+     * @return String maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public String getRoleRangeRaw()
+    {
+        String szRaw = "";
+        if ( this.beginRange != null )
+        {
+            if ( this.isBeginInclusive() )
+            {
+                szRaw += "[";
+            }
+            else
+            {
+                szRaw += "(";
+            }
+            szRaw += this.getBeginRange();
+            szRaw += ":";
+            szRaw += this.getEndRange();
+            if ( this.isEndInclusive() )
+            {
+                szRaw += "]";
+            }
+            else
+            {
+                szRaw += ")";
+            }
+
+        }
+        return szRaw;
+    }
+
+
+    /**
+     * Get a collection of optional Perm OU attributes that were stored on the AdminRole entity.
+     *
+     * @return List of type String containing Perm OU.  This maps to 'ftOSP' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public Set<String> getOsP()
+    {
+        return osPs;
+    }
+
+
+    /**
+     * Set a collection of optional Perm OU attributes to be stored on the AdminRole entity.
+     *
+     * @param osPs is a List of type String containing Perm OU.  This maps to 'ftOSP' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setOsP( Set<String> osPs )
+    {
+        this.osPs = osPs;
+    }
+
+
+    /**
+     * Set a Perm OU attribute to be stored on the AdminRole entity.
+     *
+     * @param osP is a Perm OU that maps to 'ftOSP' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setOsP( String osP )
+    {
+        if ( this.osPs == null )
+        {
+            // create Set with case insensitive comparator:
+            osPs = new TreeSet<>( String.CASE_INSENSITIVE_ORDER );
+        }
+        osPs.add( osP );
+    }
+
+
+    /**
+     * Get a collection of optional User OU attributes that were stored on the AdminRole entity.
+     *
+     * @return List of type String containing User OU.  This maps to 'ftOSU' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public Set<String> getOsU()
+    {
+        return osUs;
+    }
+
+
+    /**
+     * Set a collection of optional User OU attributes to be stored on the AdminRole entity.
+     *
+     * @param osUs is a List of type String containing User OU.  This maps to 'ftOSU' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setOsU( Set<String> osUs )
+    {
+        this.osUs = osUs;
+    }
+
+
+    /**
+     * Set a User OU attribute to be stored on the AdminRole entity.
+     *
+     * @param osU is a User OU that maps to 'ftOSU' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setOsU( String osU )
+    {
+        if ( this.osUs == null )
+        {
+            // create Set with case insensitive comparator:
+            osUs = new TreeSet<>( String.CASE_INSENSITIVE_ORDER );
+        }
+        osUs.add( osU );
+    }
+
+
+    /**
+     * Return the begin Role range attribute for AdminRole entity which corresponds to lowest descendant.
+     *
+     * @return String that maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public String getBeginRange()
+    {
+        return beginRange;
+    }
+
+
+    /**
+     * Set the begin Role range attribute for AdminRole entity which corresponds to lowest descendant.
+     *
+     * @param beginRange maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setBeginRange( String beginRange )
+    {
+        this.beginRange = beginRange;
+    }
+
+
+    /**
+     * Return the end Role range attribute for AdminRole entity which corresponds to highest ascendant.
+     *
+     * @return String that maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public String getEndRange()
+    {
+        return endRange;
+    }
+
+
+    /**
+     * Set the end Role range attribute for AdminRole entity which corresponds to highest ascendant.
+     *
+     * @param endRange maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setEndRange( String endRange )
+    {
+        this.endRange = endRange;
+    }
+
+
+    /**
+     * Get the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.
+     *
+     * @return String that maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public boolean isBeginInclusive()
+    {
+        return beginInclusive;
+    }
+
+
+    /**
+     * Set the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.
+     *
+     * @param beginInclusive maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setBeginInclusive( boolean beginInclusive )
+    {
+        this.beginInclusive = beginInclusive;
+    }
+
+
+    /**
+     * Get the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.
+     *
+     * @return String that maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public boolean isEndInclusive()
+    {
+        return endInclusive;
+    }
+
+
+    /**
+     * Set the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.
+     *
+     * @param endInclusive maps to 'ftRange' attribute on 'ftPools' aux object class.
+     */
+    @Override
+    public void setEndInclusive( boolean endInclusive )
+    {
+        this.endInclusive = endInclusive;
+    }
+
+
+    /**
+     * Matches the name from two AdminRole entities.
+     *
+     * @param thatObj contains an AdminRole entity.
+     * @return boolean indicating both objects contain matching AdminRole names.
+     */
+    public boolean equals( Object thatObj )
+    {
+        if ( this == thatObj )
+        {
+            return true;
+        }
+
+        if ( this.getName() == null )
+        {
+            return false;
+        }
+
+        if ( !( thatObj instanceof AdminRole ) )
+        {
+            return false;
+        }
+
+        Role thatRole = ( Role ) thatObj;
+
+        if ( thatRole.getName() == null )
+        {
+            return false;
+        }
+
+        return thatRole.getName().equalsIgnoreCase( this.getName() );
+    }
+
+
+    @Override
+    public int hashCode()
+    {
+        int result = osPs != null ? osPs.hashCode() : 0;
+        result = 31 * result + ( osUs != null ? osUs.hashCode() : 0 );
+        result = 31 * result + ( beginRange != null ? beginRange.hashCode() : 0 );
+        result = 31 * result + ( endRange != null ? endRange.hashCode() : 0 );
+        result = 31 * result + ( beginInclusive ? 1 : 0 );
+        result = 31 * result + ( endInclusive ? 1 : 0 );
+        return result;
+    }
+
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        StringBuilder sb = new StringBuilder();
+
+        sb.append( "AdminRole object: \n" );
+
+        sb.append( super.toString( "    " ) ).append( '\n' );
+
+        if ( beginRange != null )
+        {
+            sb.append( "    beginRange :" ).append( beginRange ).append( '\n' );
+        }
+
+        if ( endRange != null )
+        {
+            sb.append( "    endRange :" ).append( endRange ).append( '\n' );
+        }
+
+        sb.append( "    beginInclusive :" ).append( beginInclusive ).append( '\n' );
+        sb.append( "    endInclusive :" ).append( endInclusive ).append( '\n' );
+
+        if ( osPs != null )
+        {
+            sb.append( "    osPs : " );
+
+            boolean isFirst = true;
+
+            for ( String osP : osPs )
+            {
+                if ( isFirst )
+                {
+                    isFirst = false;
+                }
+                else
+                {
+                    sb.append( ", " );
+                }
+
+                sb.append( osP );
+            }
+
+            sb.append( '\n' );
+        }
+
+        if ( osUs != null )
+        {
+            sb.append( "    osUs : " );
+
+            boolean isFirst = true;
+
+            for ( String osU : osUs )
+            {
+                if ( isFirst )
+                {
+                    isFirst = false;
+                }
+                else
+                {
+                    sb.append( ", " );
+                }
+
+                sb.append( osU );
+            }
+
+            sb.append( '\n' );
+        }
+
+        return sb.toString();
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/model/AdminRoleRelationship.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/AdminRoleRelationship.java b/src/main/java/org/apache/directory/fortress/core/model/AdminRoleRelationship.java
new file mode 100755
index 0000000..a519279
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/AdminRoleRelationship.java
@@ -0,0 +1,85 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.core.model;
+
+import java.io.Serializable;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+/**
+ * This entity is used by en masse to communicate parent and child {@link AdminRole} information to the server.
+ * <p/>
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@XmlRootElement(name = "fortAdminRoleRelationship")
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "adminrelationship", propOrder = {
+    "child",
+    "parent"
+})
+public class AdminRoleRelationship extends FortEntity implements Serializable
+{
+    private static final long serialVersionUID = 1L;
+    
+    /** The parent AdminRole */
+    private AdminRole parent;
+    
+    /** The child AdminRole */
+    private AdminRole child;
+
+    public AdminRole getParent()
+    {
+        return parent;
+    }
+
+    public void setParent(AdminRole parent)
+    {
+        this.parent = parent;
+    }
+
+    public AdminRole getChild()
+    {
+        return child;
+    }
+
+    public void setChild(AdminRole child)
+    {
+        this.child = child;
+    }
+
+
+    /**
+     * @see Object#toString()
+     */
+    public String toString()
+    {
+        StringBuilder sb = new StringBuilder();
+
+        sb.append( "AdminRoleRelationship object: \n" );
+
+        sb.append( "    parent :" ).append( parent ).append( '\n' );
+        sb.append( "    child :" ).append( child ).append( '\n' );
+
+        return sb.toString();
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/model/AuthZ.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/AuthZ.java b/src/main/java/org/apache/directory/fortress/core/model/AuthZ.java
new file mode 100755
index 0000000..9f06291
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/AuthZ.java
@@ -0,0 +1,830 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.core.model;
+
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+import java.io.Serializable;
+
+
+/**
+ * This entity class contains OpenLDAP slapo-accesslog records that correspond to authorization attempts made to the directory.
+ * <p/>
+ * The auditCompare Structural object class is used by the slapo-accesslog overlay to store record of fortress authorization events.
+ * These events can later be pulled as audit trail using ldap protocol.  The data pertaining to authZ events are stored in this entity record.<br/>
+ * <p/>
+ * <pre>
+ * ------------------------------------------
+ * objectclass (  1.3.6.1.4.1.4203.666.11.5.2.7
+ * NAME 'auditCompare'
+ * DESC 'Compare operation'
+ * SUP auditObject STRUCTURAL
+ * MUST reqAssertion )
+ * ------------------------------------------
+ * </pre>
+ * For the Compare operation the reqAssertion attribute carries the Attribute Value Assertion used in the compare request
+ * <p/>
+ * Note this class uses descriptions pulled from man pages on slapo-accesslog.
+ * <p/>
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@XmlRootElement(name = "fortAuthZ")
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "authZ", propOrder =
+    {
+        "createTimestamp",
+        "creatorsName",
+        "entryCSN",
+        "entryDN",
+        "entryUUID",
+        "hasSubordinates",
+        "modifiersName",
+        "modifyTimestamp",
+        "objectClass",
+        "reqAttr",
+        "reqAttrsOnly",
+        "reqAuthzID",
+        "reqControls",
+        "reqDN",
+        "reqDerefAliases",
+        "reqEnd",
+        "reqEntries",
+        "reqFilter",
+        "reqResult",
+        "reqScope",
+        "reqSession",
+        "reqSizeLimit",
+        "reqStart",
+        "reqTimeLimit",
+        "reqType",
+        "reqAssertion",
+        "structuralObjectClass",
+        "subschemaSubentry",
+        "sequenceId"
+})
+public class AuthZ extends FortEntity implements Serializable
+{
+    /** Default serialVersionUID */
+    private static final long serialVersionUID = 1L;
+    private String createTimestamp;
+    private String creatorsName;
+    private String entryCSN;
+    private String entryDN;
+    private String entryUUID;
+    private String hasSubordinates;
+    private String modifiersName;
+    private String modifyTimestamp;
+    private String objectClass;
+    private String reqAttr;
+    private String reqAttrsOnly;
+    private String reqAuthzID;
+    private String reqControls;
+    private String reqDN;
+    private String reqDerefAliases;
+    private String reqEnd;
+    private String reqEntries;
+    private String reqFilter;
+    private String reqResult;
+    private String reqScope;
+    private String reqSession;
+    private String reqSizeLimit;
+    private String reqStart;
+    private String reqTimeLimit;
+    private String reqType;
+    private String reqAssertion;
+    private String structuralObjectClass;
+    private String subschemaSubentry;
+    private long sequenceId;
+
+
+    /**
+     * Get the attribute that maps to 'reqStart' which provides the start time of the operation which is also the rDn for the node.
+     * These time attributes use generalizedTime syntax. The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @return attribute that maps to 'reqStart' in 'auditSearch' object class.
+     */
+    public String getCreateTimestamp()
+    {
+        return createTimestamp;
+    }
+
+
+    /**
+     * Set the attribute that maps to 'reqStart' which provides the start time of the operation which is also the rDn for the node.
+     * These time attributes use generalizedTime syntax. The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @param createTimestamp attribute that maps to 'reqStart' in 'auditSearch' object class.
+     */
+    public void setCreateTimestamp( String createTimestamp )
+    {
+        this.createTimestamp = createTimestamp;
+    }
+
+
+    /**
+     * Return the user dn containing the identity of log user who added the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @return value that maps to 'creatorsName' attribute on 'auditSearch' object class.
+     */
+    public String getCreatorsName()
+    {
+        return creatorsName;
+    }
+
+
+    /**
+     * Set the user dn containing the identity of log user who added the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @param creatorsName maps to 'creatorsName' attribute on 'auditSearch' object class.
+     */
+    public void setCreatorsName( String creatorsName )
+    {
+        this.creatorsName = creatorsName;
+    }
+
+
+    /**
+     * Return the Change Sequence Number (CSN) containing sequence number that is used for OpenLDAP synch replication functionality.
+     *
+     * @return attribute that maps to 'entryCSN' on 'auditSearch' object class.
+     */
+    public String getEntryCSN()
+    {
+        return entryCSN;
+    }
+
+
+    /**
+     * Set the Change Sequence Number (CSN) containing sequence number that is used for OpenLDAP synch replication functionality.
+     *
+     * @param entryCSN maps to 'entryCSN' attribute on 'auditSearch' object class.
+     */
+    public void setEntryCSN( String entryCSN )
+    {
+        this.entryCSN = entryCSN;
+    }
+
+
+    /**
+     * Get the entry dn for bind object stored in directory.  This attribute uses the 'reqStart' along with suffix for log.
+     *
+     * @return attribute that maps to 'entryDN' on 'auditSearch' object class.
+     */
+    public String getEntryDN()
+    {
+        return entryDN;
+    }
+
+
+    /**
+     * Set the entry dn for bind object stored in directory.  This attribute uses the 'reqStart' along with suffix for log.
+     *
+     * @param entryDN attribute that maps to 'entryDN' on 'auditSearch' object class.
+     */
+    public void setEntryDN( String entryDN )
+    {
+        this.entryDN = entryDN;
+    }
+
+
+    /**
+     * Get the attribute that contains the Universally Unique ID (UUID) of the corresponding 'auditSearch' record.
+     *
+     * @return value that maps to 'entryUUID' attribute on 'auditSearch' object class.
+     */
+    public String getEntryUUID()
+    {
+        return entryUUID;
+    }
+
+
+    /**
+     * Set the attribute that contains the Universally Unique ID (UUID) of the corresponding 'auditSearch' record.
+     *
+     * @param entryUUID that maps to 'entryUUID' attribute on 'auditSearch' object class.
+     */
+    public void setEntryUUID( String entryUUID )
+    {
+        this.entryUUID = entryUUID;
+    }
+
+
+    /**
+     * Get the attribute that corresponds to the boolean value hasSubordinates.
+     *
+     * @return value that maps to 'hasSubordinates' attribute on 'auditSearch' object class.
+     */
+    public String getHasSubordinates()
+    {
+        return hasSubordinates;
+    }
+
+
+    /**
+     * Set the attribute that corresponds to the boolean value hasSubordinates.
+     *
+     * @param hasSubordinates maps to same name on 'auditSearch' object class.
+     */
+    public void setHasSubordinates( String hasSubordinates )
+    {
+        this.hasSubordinates = hasSubordinates;
+    }
+
+
+    /**
+     * Return the user dn containing the identity of log user who last modified the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @return value that maps to 'modifiersName' attribute on 'auditSearch' object class.
+     */
+    public String getModifiersName()
+    {
+        return modifiersName;
+    }
+
+
+    /**
+     * Set the user dn containing the identity of log user who modified the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @param modifiersName maps to 'modifiersName' attribute on 'auditSearch' object class.
+     */
+    public void setModifiersName( String modifiersName )
+    {
+        this.modifiersName = modifiersName;
+    }
+
+
+    /**
+     * Get the attribute that maps to 'modifyTimestamp' which provides the last time audit record was changed.
+     * The time attributes use generalizedTime syntax.
+     *
+     * @return attribute that maps to 'modifyTimestamp' in 'auditSearch' object class.
+     */
+    public String getModifyTimestamp()
+    {
+        return modifyTimestamp;
+    }
+
+
+    /**
+     * Set the attribute that maps to 'modifyTimestamp' which provides the last time audit record was changed.
+     * The time attributes use generalizedTime syntax.
+     *
+     * @param modifyTimestamp attribute that maps to same name in 'auditSearch' object class.
+     */
+    public void setModifyTimestamp( String modifyTimestamp )
+    {
+        this.modifyTimestamp = modifyTimestamp;
+    }
+
+
+    /**
+     * Get the object class name of the audit record.  For this entity, this value will always be 'auditSearch'.
+     *
+     * @return value that maps to 'objectClass' attribute on 'auditSearch' obejct class.
+     */
+    public String getObjectClass()
+    {
+        return objectClass;
+    }
+
+
+    /**
+     * Set the object class name of the audit record.  For this entity, this value will always be 'auditSearch'.
+     *
+     * @param objectClass value that maps to same name on 'auditSearch' obejct class.
+     */
+    public void setObjectClass( String objectClass )
+    {
+        this.objectClass = objectClass;
+    }
+
+
+    /**
+     * The  reqAuthzID  attribute  is  the  distinguishedName of the user that
+     * performed the operation.  This will usually be the  same  name  as  was
+     * established  at  the  start of a session by a Bind request (if any) but
+     * may be altered in various circumstances.
+     * For Fortress bind operations this will map to {@link User#userId}
+     *
+     * @return value that maps to 'reqAuthzID' on 'auditSearch' object class.
+     */
+    public String getReqAuthzID()
+    {
+        return reqAuthzID;
+    }
+
+
+    /**
+     * The  reqAuthzID  attribute  is  the  distinguishedName of the user that
+     * performed the operation.  This will usually be the  same  name  as  was
+     * established  at  the  start of a session by a Bind request (if any) but
+     * may be altered in various circumstances.
+     * For Fortress bind operations this will map to {@link User#userId}
+     *
+     */
+    public void setReqAuthzID( String reqAuthzID )
+    {
+        this.reqAuthzID = reqAuthzID;
+    }
+
+
+    /**
+     * The reqControls and reqRespControls attributes carry any controls  sent
+     * by  the  client  on  the  request  and  returned  by  the server in the
+     * response, respectively. The attribute  values  are  just  uninterpreted
+     * octet strings.
+     *
+     * @return value that maps to 'reqControls' attribute on 'auditSearch' object class.
+     */
+    public String getReqControls()
+    {
+        return reqControls;
+    }
+
+
+    /**
+     * The reqControls and reqRespControls attributes carry any controls  sent
+     * by  the  client  on  the  request  and  returned  by  the server in the
+     * response, respectively. The attribute  values  are  just  uninterpreted
+     * octet strings.
+     *
+     * @param reqControls maps to same name attribute on 'auditSearch' object class.
+     */
+    public void setReqControls( String reqControls )
+    {
+        this.reqControls = reqControls;
+    }
+
+
+    /**
+     * The reqDN attribute is the  distinguishedName  of  the  target  of  the
+     * operation.  E.g.,  for  a Bind request, this is the Bind DN. For an Add
+     * request, this is the DN of the entry being added. For a Search request,
+     * this is the base DN of the search.
+     *
+     * @return value that map to 'reqDN' attribute on 'auditSearch' object class.
+     */
+    public String getReqDN()
+    {
+        return reqDN;
+    }
+
+
+    /**
+     * The reqDN attribute is the  distinguishedName  of  the  target  of  the
+     * operation.  E.g.,  for  a Bind request, this is the Bind DN. For an Add
+     * request, this is the DN of the entry being added. For a Search request,
+     * this is the base DN of the search.
+     *
+     * @param reqDN maps to 'reqDN' attribute on 'auditSearch' object class.
+     */
+    public void setReqDN( String reqDN )
+    {
+        this.reqDN = reqDN;
+    }
+
+
+    /**
+     * reqEnd provide the end time of the operation. It uses generalizedTime syntax.
+     *
+     * @return value that maps to 'reqEnd' attribute on 'auditSearch' object class.
+     */
+    public String getReqEnd()
+    {
+        return reqEnd;
+    }
+
+
+    /**
+     * reqEnd provide the end time of the operation. It uses generalizedTime syntax.
+     *
+     * @param reqEnd value that maps to same name on 'auditSearch' object class.
+     */
+    public void setReqEnd( String reqEnd )
+    {
+        this.reqEnd = reqEnd;
+    }
+
+
+    /**
+     * The  reqResult  attribute  is  the  numeric  LDAP  result  code  of the
+     * operation, indicating either success or a particular LDAP  error  code.
+     * An  error code may be accompanied by a text error message which will be
+     * recorded in the reqMessage attribute.
+     *
+     * @return value that maps to 'reqResult' attribute on 'auditSearch' object class.
+     */
+    public String getReqResult()
+    {
+        return reqResult;
+    }
+
+
+    /**
+     * The  reqResult  attribute  is  the  numeric  LDAP  result  code  of the
+     * operation, indicating either success or a particular LDAP  error  code.
+     * An  error code may be accompanied by a text error message which will be
+     * recorded in the reqMessage attribute.
+     *
+     * @param reqResult maps to same name on 'auditSearch' object class.
+     */
+    public void setReqResult( String reqResult )
+    {
+        this.reqResult = reqResult;
+    }
+
+
+    /**
+     * The reqSession attribute is an implementation-specific identifier  that
+     * is  common to all the operations associated with the same LDAP session.
+     * Currently this is slapd's internal connection ID, stored in decimal.
+     *
+     * @return value that maps to 'reqSession' attribute on 'auditSearch' object class.
+     */
+    public String getReqSession()
+    {
+        return reqSession;
+    }
+
+
+    /**
+     * The reqSession attribute is an implementation-specific identifier  that
+     * is  common to all the operations associated with the same LDAP session.
+     * Currently this is slapd's internal connection ID, stored in decimal.
+     *
+     * @param reqSession maps to same name on 'auditSearch' object class.
+     */
+    public void setReqSession( String reqSession )
+    {
+        this.reqSession = reqSession;
+    }
+
+
+    /**
+     * reqStart provide the start of the operation,  They  use generalizedTime syntax.
+     * The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @return value that maps to 'reqStart' attribute on 'auditSearch' object class.
+     */
+    public String getReqStart()
+    {
+        return reqStart;
+    }
+
+
+    /**
+     * reqStart provide the start of the operation,  They  use generalizedTime syntax.
+     * The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @param reqStart maps to same name on 'auditSearch' object class.
+     */
+    public void setReqStart( String reqStart )
+    {
+        this.reqStart = reqStart;
+    }
+
+
+    /**
+     * The  reqType  attribute  is  a  simple  string  containing  the type of
+     * operation being logged, e.g.  add, delete, search,  etc.  For  extended
+     * operations,  the  type also includes the OID of the extended operation,
+     * e.g.  extended(1.1.1.1)
+     *
+     * @return value that maps to 'reqType' attribute on 'auditSearch' object class.
+     */
+    public String getReqType()
+    {
+        return reqType;
+    }
+
+
+    /**
+     * The  reqType  attribute  is  a  simple  string  containing  the type of
+     * operation being logged, e.g.  add, delete, search,  etc.  For  extended
+     * operations,  the  type also includes the OID of the extended operation,
+     * e.g.  extended(1.1.1.1)
+     *
+     * @param reqType maps to same name on 'auditSearch' object class.
+     */
+    public void setReqType( String reqType )
+    {
+        this.reqType = reqType;
+    }
+
+
+    /**
+     * Get the Compare operation the reqAssertion attribute carries the Attribute Value Assertion used in the compare request.
+     *
+     * @return value that maps to 'reqAssertion' attribute on 'auditCompare' object class.
+     */
+    public String getReqAssertion()
+    {
+        return reqAssertion;
+    }
+
+
+    /**
+     * Set the Compare operation the reqAssertion attribute carries the Attribute Value Assertion used in the compare request.
+     *
+     * @param reqAssertion value maps to 'reqAssertion' attribute contained in the 'auditCompare' object class.
+     */
+    public void setReqAssertion( String reqAssertion )
+    {
+        this.reqAssertion = reqAssertion;
+    }
+
+
+    /**
+     * Returns the name of the structural object class that is used to log the event.  For this entity
+     * this value will always be 'auditSearch'.
+     *
+     * @return value that maps to 'structuralObjectClass' attribute that contains the name 'auditSearch'.
+     */
+    public String getStructuralObjectClass()
+    {
+        return structuralObjectClass;
+    }
+
+
+    /**
+     * Returns the name of the structural object class that is used to log the event.  For this entity
+     * this value will always be 'auditSearch'.
+     *
+     * @param structuralObjectClass maps to same name on 'auditSearch' object class.
+     */
+    public void setStructuralObjectClass( String structuralObjectClass )
+    {
+        this.structuralObjectClass = structuralObjectClass;
+    }
+
+
+    /**
+     * The reqEntries attribute is the integer count of  how  many entries  were  returned  by  this search request.
+     *
+     * @return value that maps to 'reqEntries' attribute on 'auditSearch' object class
+     */
+    public String getReqEntries()
+    {
+        return reqEntries;
+    }
+
+
+    /**
+     * The reqEntries attribute is the integer count of  how  many entries  were  returned  by  this search request.
+     *
+     * @param reqEntries maps to same name on 'auditSearch' object class
+     */
+    public void setReqEntries( String reqEntries )
+    {
+        this.reqEntries = reqEntries;
+    }
+
+
+    /**
+     * The reqAttr attribute lists the requested attributes if specific attributes were requested.
+     *
+     * @return value maps to 'reqAttr' on 'auditSearch' object class.
+     */
+    public String getReqAttr()
+    {
+        return reqAttr;
+    }
+
+
+    /**
+     * The reqAttr attribute lists the requested attributes if specific attributes were requested.
+     *
+     * @param reqAttr maps to same name on 'auditSearch' object class.
+     */
+    public void setReqAttr( String reqAttr )
+    {
+        this.reqAttr = reqAttr;
+    }
+
+
+    /**
+     * The reqAttrsOnly attribute is a Boolean value showing TRUE if only attribute names
+     * were  requested, or FALSE if attributes and their values were requested.
+     * For Fortress authorization requests this value will always be TRUE.
+     *
+     * @return value maps to 'reqAttrsOnly' on 'auditSearch' object class.
+     */
+    public String getReqAttrsOnly()
+    {
+        return reqAttrsOnly;
+    }
+
+
+    /**
+     * The reqAttrsOnly attribute is a Boolean value showing TRUE if only attribute names
+     * were  requested, or FALSE if attributes and their values were requested.
+     * For Fortress authorization requests this value will always be TRUE.
+     *
+     * @param reqAttrsOnly maps to same name on 'auditSearch' object class.
+     */
+    public void setReqAttrsOnly( String reqAttrsOnly )
+    {
+        this.reqAttrsOnly = reqAttrsOnly;
+    }
+
+
+    /**
+     * The reqFilter attribute carries the filter used in the search request.
+     * <p/>
+     * For Fortress authorization events this will contain the following:
+     * <ul>
+     * <li>userId: {@link User#userId}
+     * <li>activated roles: {@link UserRole#name}
+     * <li>object name: {@link Permission#objName}
+     * <li>operation name: {@link Permission#opName}
+     * </ul>
+     *
+     * @return value that maps to 'reqFilter' attribute on 'auditSearch' object class.
+     */
+    public String getReqFilter()
+    {
+        return reqFilter;
+    }
+
+
+    /**
+     * The reqFilter attribute carries the filter used in the search request.
+     * <p/>
+     * For Fortress authorization events this will contain the following:
+     * <ul>
+     * <li>userId: {@link User#userId}
+     * <li>activated roles: {@link UserRole#name}
+     * <li>object name: {@link Permission#objName}
+     * <li>operation name: {@link Permission#opName}
+     * </ul>
+     *
+     * @param reqFilter maps to same name on 'auditSearch' object class.
+     */
+    public void setReqFilter( String reqFilter )
+    {
+        this.reqFilter = reqFilter;
+    }
+
+
+    /**
+     * The reqScope attribute contains the scope of the original search request, using
+     * the values specified for the LDAP URL format. I.e. base, one, sub, or subord.
+     *
+     * @return value that maps to 'reqScope' attribute on 'auditSearch' object class.
+     */
+    public String getReqScope()
+    {
+        return reqScope;
+    }
+
+
+    /**
+     * The reqScope attribute contains the scope of the original search request, using
+     * the values specified for the LDAP URL format. I.e. base, one, sub, or subord.
+     *
+     * @param reqScope maps to same name on 'auditSearch' object class.
+     */
+    public void setReqScope( String reqScope )
+    {
+        this.reqScope = reqScope;
+    }
+
+
+    /**
+     * The reqSizeLimit attribute indicate what limits were requested on the search operation.
+     *
+     * @return value that maps to 'reqSizeLimit' attribute on 'auditSearch' object class.
+     */
+    public String getReqSizeLimit()
+    {
+        return reqSizeLimit;
+    }
+
+
+    /**
+     * The reqSizeLimit attribute indicate what limits were requested on the search operation.
+     *
+     * @param reqSizeLimit maps to same name on 'auditSearch' object class.
+     */
+    public void setReqSizeLimit( String reqSizeLimit )
+    {
+        this.reqSizeLimit = reqSizeLimit;
+    }
+
+
+    /**
+     * The reqTimeLimit attribute indicate what limits were requested on the search operation.
+     *
+     * @return value that maps to 'reqTimeLimit' attribute on 'auditSearch' object class.
+     */
+    public String getReqTimeLimit()
+    {
+        return reqTimeLimit;
+    }
+
+
+    /**
+     * The reqTimeLimit attribute indicate what limits were requested on the search operation.
+     *
+     * @param reqTimeLimit maps to same name on 'auditSearch' object class.
+     */
+    public void setReqTimeLimit( String reqTimeLimit )
+    {
+        this.reqTimeLimit = reqTimeLimit;
+    }
+
+
+    /**
+     * Return the subschemaSubentry attribute from the audit entry.
+     *
+     * @return value that maps to 'subschemaSubentry' on 'auditSearch' object class.
+     */
+    public String getSubschemaSubentry()
+    {
+        return subschemaSubentry;
+    }
+
+
+    /**
+     * Set the subschemaSubentry attribute from the audit entry.
+     *
+     * @param subschemaSubentry maps to same name on 'auditSearch' object class.
+     */
+    public void setSubschemaSubentry( String subschemaSubentry )
+    {
+        this.subschemaSubentry = subschemaSubentry;
+    }
+
+
+    /**
+     * The reqDerefAliases attribute is on of never, finding, searching, or always, denoting how aliases
+     * will be processed during the search.
+     *
+     * @return value that maps to 'reqDerefAliases' on 'auditSearch' object class.
+     */
+    public String getReqDerefAliases()
+    {
+        return reqDerefAliases;
+    }
+
+
+    /**
+     * The reqDerefAliases attribute is on of never, finding, searching, or always, denoting how aliases
+     * will be processed during the search.
+     *
+     * @param reqDerefAliases maps to same name on 'auditSearch' object class.
+     */
+    public void setReqDerefAliases( String reqDerefAliases )
+    {
+        this.reqDerefAliases = reqDerefAliases;
+    }
+
+
+    /**
+     * Sequence id is used internal to Fortress.
+     * @return long value contains sequence id.
+     */
+    public long getSequenceId()
+    {
+        return sequenceId;
+    }
+
+
+    /**
+     * Sequence id is used internal to Fortress
+     * @param sequenceId contains sequence to use.
+     */
+    public void setSequenceId( long sequenceId )
+    {
+        this.sequenceId = sequenceId;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/0c46e4de/src/main/java/org/apache/directory/fortress/core/model/Bind.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/Bind.java b/src/main/java/org/apache/directory/fortress/core/model/Bind.java
new file mode 100755
index 0000000..fc49e31
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/Bind.java
@@ -0,0 +1,624 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.core.model;
+
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+import java.io.Serializable;
+
+
+/**
+ * This entity class contains OpenLDAP slapd access log records that correspond to bind attempts made to the directory.
+ * <p/>
+ * The auditBind Structural object class is used to store authentication events that can later be queried via ldap API.<br />
+ * <code># The Bind class includes the reqVersion attribute which contains the LDAP</code>
+ * <code># protocol version specified in the Bind as well as the reqMethod attribute</code>
+ * <code># which contains the Bind Method used in the Bind. This will be the string</code>
+ * <code># SIMPLE for LDAP Simple Binds or SASL(mech) for SASL Binds. Note that unless</code>
+ * <code># configured as a global overlay, only Simple Binds using DNs that reside in</code>
+ * <code># the current database will be logged:</code>
+ * <pre>
+ * ------------------------------------------
+ * objectclass (  1.3.6.1.4.1.4203.666.11.5.2.6 NAME 'auditBind'</code>
+ * DESC 'Bind operation'</code>
+ * SUP auditObject STRUCTURAL</code>
+ * MUST ( reqVersion $ reqMethod ) )</code>
+ * ------------------------------------------
+ * </pre>
+ * <p/>
+ * Note this class used descriptions pulled from man pages on slapd access log.
+ * <p/>
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+@XmlRootElement(name = "fortBind")
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "bind", propOrder =
+    {
+        "createTimestamp",
+        "creatorsName",
+        "entryCSN",
+        "entryDN",
+        "entryUUID",
+        "hasSubordinates",
+        "modifiersName",
+        "modifyTimestamp",
+        "objectClass",
+        "reqAuthzID",
+        "reqControls",
+        "reqDN",
+        "reqEnd",
+        "reqMethod",
+        "reqResult",
+        "reqSession",
+        "reqStart",
+        "reqType",
+        "reqVersion",
+        "structuralObjectClass",
+        "sequenceId"
+})
+public class Bind extends FortEntity implements Serializable
+{
+    /** Default serialVersionUID */
+    private static final long serialVersionUID = 1L;
+    private String createTimestamp;
+    private String creatorsName;
+    private String entryCSN;
+    private String entryDN;
+    private String entryUUID;
+    private String hasSubordinates;
+    private String modifiersName;
+    private String modifyTimestamp;
+    private String objectClass;
+    private String reqAuthzID;
+    private String reqControls;
+    private String reqDN;
+    private String reqEnd;
+    private String reqMethod;
+    private String reqResult;
+    private String reqSession;
+    private String reqStart;
+    private String reqType;
+    private String reqVersion;
+    private String structuralObjectClass;
+    private long sequenceId;
+
+
+    /**
+     * Get the attribute that maps to 'reqStart' which provides the start time of the operation which is also the rDn for the node.
+     * These time attributes use generalizedTime syntax. The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @return attribute that maps to 'reqStart' in 'auditBind' object class.
+     */
+    public String getCreateTimestamp()
+    {
+        return createTimestamp;
+    }
+
+
+    /**
+     * Set the attribute that maps to 'reqStart' which provides the start time of the operation which is also the rDn for the node.
+     * These time attributes use generalizedTime syntax. The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @param createTimestamp attribute that maps to 'reqStart' in 'auditBind' object class.
+     */
+    public void setCreateTimestamp( String createTimestamp )
+    {
+        this.createTimestamp = createTimestamp;
+    }
+
+
+    /**
+     * Return the user dn containing the identity of log user who added the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @return value that maps to 'creatorsName' attribute on 'auditBind' object class.
+     */
+    public String getCreatorsName()
+    {
+        return creatorsName;
+    }
+
+
+    /**
+     * Set the user dn containing the identity of log user who added the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @param creatorsName maps to 'creatorsName' attribute on 'auditBind' object class.
+     */
+    public void setCreatorsName( String creatorsName )
+    {
+        this.creatorsName = creatorsName;
+    }
+
+
+    /**
+     * Return the Change Sequence Number (CSN) containing sequence number that is used for OpenLDAP synch replication functionality.
+     *
+     * @return attribute that maps to 'entryCSN' on 'auditBind' object class.
+     */
+    public String getEntryCSN()
+    {
+        return entryCSN;
+    }
+
+
+    /**
+     * Set the Change Sequence Number (CSN) containing sequence number that is used for OpenLDAP synch replication functionality.
+     *
+     * @param entryCSN maps to 'entryCSN' attribute on 'auditBind' object class.
+     */
+    public void setEntryCSN( String entryCSN )
+    {
+        this.entryCSN = entryCSN;
+    }
+
+
+    /**
+     * Get the entry dn for bind object stored in directory.  This attribute uses the 'reqStart' along with suffix for log.
+     *
+     * @return attribute that maps to 'entryDN' on 'auditBind' object class.
+     */
+    public String getEntryDN()
+    {
+        return entryDN;
+    }
+
+
+    /**
+     * Set the entry dn for bind object stored in directory.  This attribute uses the 'reqStart' along with suffix for log.
+     *
+     * @param entryDN attribute that maps to 'entryDN' on 'auditBind' object class.
+     */
+    public void setEntryDN( String entryDN )
+    {
+        this.entryDN = entryDN;
+    }
+
+
+    /**
+     * Get the attribute that contains the Universally Unique ID (UUID) of the corresponding 'auditBind' record.
+     *
+     * @return value that maps to 'entryUUID' attribute on 'auditBind' object class.
+     */
+    public String getEntryUUID()
+    {
+        return entryUUID;
+    }
+
+
+    /**
+     * Set the attribute that contains the Universally Unique ID (UUID) of the corresponding 'auditBind' record.
+     *
+     * @param entryUUID that maps to 'entryUUID' attribute on 'auditBind' object class.
+     */
+    public void setEntryUUID( String entryUUID )
+    {
+        this.entryUUID = entryUUID;
+    }
+
+
+    /**
+     * Get the attribute that corresponds to the boolean value hasSubordinates.
+     *
+     * @return value that maps to 'hasSubordinates' attribute on 'auditBind' object class.
+     */
+    public String getHasSubordinates()
+    {
+        return hasSubordinates;
+    }
+
+
+    /**
+     * Set the attribute that corresponds to the boolean value hasSubordinates.
+     *
+     * @param hasSubordinates maps to same name on 'auditBind' object class.
+     */
+    public void setHasSubordinates( String hasSubordinates )
+    {
+        this.hasSubordinates = hasSubordinates;
+    }
+
+
+    /**
+     * Return the user dn containing the identity of log user who last modified the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @return value that maps to 'modifiersName' attribute on 'auditBind' object class.
+     */
+    public String getModifiersName()
+    {
+        return modifiersName;
+    }
+
+
+    /**
+     * Set the user dn containing the identity of log user who modified the audit record.  This will be the system user that
+     * is configured for performing slapd access log operations on behalf of Fortress.
+     * The config property name {@link org.apache.directory.fortress.core.ldap.ApacheDsDataProvider#LDAP_LOG_POOL_UID} contains the audit log system user id.
+     *
+     * @param modifiersName maps to 'modifiersName' attribute on 'auditBind' object class.
+     */
+    public void setModifiersName( String modifiersName )
+    {
+        this.modifiersName = modifiersName;
+    }
+
+
+    /**
+     * Get the attribute that maps to 'modifyTimestamp' which provides the last time audit record was changed.
+     * The time attributes use generalizedTime syntax.
+     *
+     * @return attribute that maps to 'modifyTimestamp' in 'auditBind' object class.
+     */
+    public String getModifyTimestamp()
+    {
+        return modifyTimestamp;
+    }
+
+
+    /**
+     * Set the attribute that maps to 'modifyTimestamp' which provides the last time audit record was changed.
+     * The time attributes use generalizedTime syntax.
+     *
+     * @param modifyTimestamp attribute that maps to same name in 'auditBind' object class.
+     */
+    public void setModifyTimestamp( String modifyTimestamp )
+    {
+        this.modifyTimestamp = modifyTimestamp;
+    }
+
+
+    /**
+     * Get the object class name of the audit record.  For this entity, this value will always be 'auditBind'.
+     *
+     * @return value that maps to 'objectClass' attribute on 'auditBind' obejct class.
+     */
+    public String getObjectClass()
+    {
+        return objectClass;
+    }
+
+
+    /**
+     * Set the object class name of the audit record.  For this entity, this value will always be 'auditBind'.
+     *
+     * @param objectClass value that maps to same name on 'auditBind' obejct class.
+     */
+    public void setObjectClass( String objectClass )
+    {
+        this.objectClass = objectClass;
+    }
+
+
+    /**
+     * The  reqAuthzID  attribute  is  the  distinguishedName of the user that
+     * performed the operation.  This will usually be the  same  name  as  was
+     * established  at  the  start of a session by a Bind request (if any) but
+     * may be altered in various circumstances.
+     * For Fortress bind operations this will map to {@link User#userId}
+     *
+     * @return value that maps to 'reqAuthzID' on 'auditBind' object class.
+     */
+    public String getReqAuthzID()
+    {
+        return reqAuthzID;
+    }
+
+
+    /**
+     * The  reqAuthzID  attribute  is  the  distinguishedName of the user that
+     * performed the operation.  This will usually be the  same  name  as  was
+     * established  at  the  start of a session by a Bind request (if any) but
+     * may be altered in various circumstances.
+     * For Fortress bind operations this will map to {@link User#userId}
+     *
+     */
+    public void setReqAuthzID( String reqAuthzID )
+    {
+        this.reqAuthzID = reqAuthzID;
+    }
+
+
+    /**
+     * The reqControls and reqRespControls attributes carry any controls  sent
+     * by  the  client  on  the  request  and  returned  by  the server in the
+     * response, respectively. The attribute  values  are  just  uninterpreted
+     * octet strings.
+     *
+     * @return value that maps to 'reqControls' attribute on 'auditBind' object class.
+     */
+    public String getReqControls()
+    {
+        return reqControls;
+    }
+
+
+    /**
+     * The reqControls and reqRespControls attributes carry any controls  sent
+     * by  the  client  on  the  request  and  returned  by  the server in the
+     * response, respectively. The attribute  values  are  just  uninterpreted
+     * octet strings.
+     *
+     * @param reqControls maps to same name attribute on 'auditBind' object class.
+     */
+    public void setReqControls( String reqControls )
+    {
+        this.reqControls = reqControls;
+    }
+
+
+    /**
+     * The reqDN attribute is the  distinguishedName  of  the  target  of  the
+     * operation.  E.g.,  for  a Bind request, this is the Bind DN. For an Add
+     * request, this is the DN of the entry being added. For a Search request,
+     * this is the base DN of the search.
+     *
+     * @return value that map to 'reqDN' attribute on 'auditBind' object class.
+     */
+    public String getReqDN()
+    {
+        return reqDN;
+    }
+
+
+    /**
+     * The reqDN attribute is the  distinguishedName  of  the  target  of  the
+     * operation.  E.g.,  for  a Bind request, this is the Bind DN. For an Add
+     * request, this is the DN of the entry being added. For a Search request,
+     * this is the base DN of the search.
+     *
+     * @param reqDN maps to 'reqDN' attribute on 'auditBind' object class.
+     */
+    public void setReqDN( String reqDN )
+    {
+        this.reqDN = reqDN;
+    }
+
+
+    /**
+     * reqEnd provide the end time of the operation. It uses generalizedTime syntax.
+     *
+     * @return value that maps to 'reqEnd' attribute on 'auditBind' object class.
+     */
+    public String getReqEnd()
+    {
+        return reqEnd;
+    }
+
+
+    /**
+     * reqEnd provide the end time of the operation. It uses generalizedTime syntax.
+     *
+     * @param reqEnd value that maps to same name on 'auditBind' object class.
+     */
+    public void setReqEnd( String reqEnd )
+    {
+        this.reqEnd = reqEnd;
+    }
+
+
+    /**
+     * The reqMethod attribute contains the Bind Method used in the Bind. This will be
+     * the string SIMPLE for LDAP Simple Binds or SASL(<mech>) for SASL Binds.
+     * Note  that  unless  configured  as  a global overlay, only Simple Binds
+     * using DNs that reside in the current database will be logged.
+     *
+     * @return String that maps to 'reqMethod' attribute on 'auditBind' object class.
+     */
+    public String getReqMethod()
+    {
+        return reqMethod;
+    }
+
+
+    /**
+     * The reqMethod attribute contains the Bind Method used in the Bind. This will be
+     * the string SIMPLE for LDAP Simple Binds or SASL(<mech>) for SASL Binds.
+     * Note  that  unless  configured  as  a global overlay, only Simple Binds
+     * using DNs that reside in the current database will be logged.
+     *
+     * @param reqMethod maps to same name on 'auditBind' object class.
+     */
+    public void setReqMethod( String reqMethod )
+    {
+        this.reqMethod = reqMethod;
+    }
+
+
+    /**
+     * The  reqResult  attribute  is  the  numeric  LDAP  result  code  of the
+     * operation, indicating either success or a particular LDAP  error  code.
+     * An  error code may be accompanied by a text error message which will be
+     * recorded in the reqMessage attribute.
+     *
+     * @return value that maps to 'reqResult' attribute on 'auditBind' object class.
+     */
+    public String getReqResult()
+    {
+        return reqResult;
+    }
+
+
+    /**
+     * The  reqResult  attribute  is  the  numeric  LDAP  result  code  of the
+     * operation, indicating either success or a particular LDAP  error  code.
+     * An  error code may be accompanied by a text error message which will be
+     * recorded in the reqMessage attribute.
+     *
+     * @param reqResult maps to same name on 'auditBind' object class.
+     */
+    public void setReqResult( String reqResult )
+    {
+        this.reqResult = reqResult;
+    }
+
+
+    /**
+     * The reqSession attribute is an implementation-specific identifier  that
+     * is  common to all the operations associated with the same LDAP session.
+     * Currently this is slapd's internal connection ID, stored in decimal.
+     *
+     * @return value that maps to 'reqSession' attribute on 'auditBind' object class.
+     */
+    public String getReqSession()
+    {
+        return reqSession;
+    }
+
+
+    /**
+     * The reqSession attribute is an implementation-specific identifier  that
+     * is  common to all the operations associated with the same LDAP session.
+     * Currently this is slapd's internal connection ID, stored in decimal.
+     *
+     * @param reqSession maps to same name on 'auditBind' object class.
+     */
+    public void setReqSession( String reqSession )
+    {
+        this.reqSession = reqSession;
+    }
+
+
+    /**
+     * reqStart provide the start of the operation,  They  use generalizedTime syntax.
+     * The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @return value that maps to 'reqStart' attribute on 'auditBind' object class.
+     */
+    public String getReqStart()
+    {
+        return reqStart;
+    }
+
+
+    /**
+     * reqStart provide the start of the operation,  They  use generalizedTime syntax.
+     * The reqStart attribute is also used as the RDN for each log entry.
+     *
+     * @param reqStart maps to same name on 'auditBind' object class.
+     */
+    public void setReqStart( String reqStart )
+    {
+        this.reqStart = reqStart;
+    }
+
+
+    /**
+     * The  reqType  attribute  is  a  simple  string  containing  the type of
+     * operation being logged, e.g.  add, delete, search,  etc.  For  extended
+     * operations,  the  type also includes the OID of the extended operation,
+     * e.g.  extended(1.1.1.1)
+     *
+     * @return value that maps to 'reqType' attribute on 'auditBind' object class.
+     */
+    public String getReqType()
+    {
+        return reqType;
+    }
+
+
+    /**
+     * The  reqType  attribute  is  a  simple  string  containing  the type of
+     * operation being logged, e.g.  add, delete, search,  etc.  For  extended
+     * operations,  the  type also includes the OID of the extended operation,
+     * e.g.  extended(1.1.1.1)
+     *
+     * @param reqType maps to same name on 'auditBind' object class.
+     */
+    public void setReqType( String reqType )
+    {
+        this.reqType = reqType;
+    }
+
+
+    /**
+     * The reqVersion attribute which contains the
+     * LDAP protocol version specified in the Bind
+     *
+     * @return value that maps to the 'reqVersion' attribute on 'auditBind' object class.
+     */
+    public String getReqVersion()
+    {
+        return reqVersion;
+    }
+
+
+    /**
+     * The reqVersion attribute which contains the
+     * LDAP protocol version specified in the Bind
+     *
+     * @param reqVersion maps to same name on 'auditBind' object class.
+     */
+    public void setReqVersion( String reqVersion )
+    {
+        this.reqVersion = reqVersion;
+    }
+
+
+    /**
+     * Returns the name of the structural object class that is used to log the event.  For this entity
+     * this value will always be 'auditBind'.
+     *
+     * @return value that maps to 'structuralObjectClass' attribute that contains the name 'auditBind'.
+     */
+    public String getStructuralObjectClass()
+    {
+        return structuralObjectClass;
+    }
+
+
+    /**
+     * Returns the name of the structural object class that is used to log the event.  For this entity
+     * this value will always be 'auditBind'.
+     *
+     * @param structuralObjectClass maps to same name on 'auditBind' object class.
+     */
+    public void setStructuralObjectClass( String structuralObjectClass )
+    {
+        this.structuralObjectClass = structuralObjectClass;
+    }
+
+
+    /**
+     * Sequence id is used internal to Fortress.
+     * @return long value contains sequence id.
+     */
+    public long getSequenceId()
+    {
+        return sequenceId;
+    }
+
+
+    /**
+     * Sequence id is used internal to Fortress
+     * @param sequenceId contains sequence to use.
+     */
+    public void setSequenceId( long sequenceId )
+    {
+        this.sequenceId = sequenceId;
+    }
+}


Mime
View raw message