directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [3/7] directory-fortress-core git commit: FC-132 - Fix javadoc issues
Date Sat, 02 Jan 2016 03:52:56 GMT
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/d33ae957/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java b/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
index 42ebf43..9bf274b 100644
--- a/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
@@ -79,44 +79,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command creates a new RBAC user. The command is valid only if the new user is
-     * not already a member of the USERS data set. The USER data set is updated. The new user
-     * does not own any session at the time of its creation.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.User#userId} - maps to INetOrgPerson uid</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#password} - used to authenticate the User</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#ou} - contains the name of an already existing User OU node</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.User#pwPolicy} - contains the name of an already existing OpenLDAP password policy node</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#cn} - maps to INetOrgPerson common name attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#sn} - maps to INetOrgPerson surname attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#description} - maps to INetOrgPerson description attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#title} - maps to INetOrgPerson title attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#employeeType} - maps to INetOrgPerson employeeType attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#phones} * - multi-occurring attribute maps to organizationalPerson telephoneNumber  attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#mobiles} * - multi-occurring attribute maps to INetOrgPerson mobile attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#emails} * - multi-occurring attribute maps to INetOrgPerson mail attribute</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#address} * - multi-occurring attribute maps to organizationalPerson postalAddress, st, l, postalCode, postOfficeBox attributes</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#beginTime} - HHMM - determines begin hour user may activate session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#endTime} - HHMM - determines end hour user may activate session.</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#beginDate} - YYYYMMDD - determines date when user may sign on</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#endDate} - YYYYMMDD - indicates latest date user may sign on</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#endLockDate} - YYYYMMDD - determines end of enforced inactive status</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day of user may sign on</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#timeout} - number in seconds of session inactivity time allowed</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#props} * - multi-occurring attribute contains property key and values are separated with a ':'.  e.g. mykey1:myvalue1</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#roles} * - multi-occurring attribute contains the name of already existing role to assign to user</li>
-     * <li>{@link org.apache.directory.fortress.core.model.User#adminRoles} * - multi-occurring attribute contains the name of already existing adminRole to assign to user</li>
-     * </ul>
-     *
-     * @param user User entity must contain {@link org.apache.directory.fortress.core.model.User#userId} and {@link org.apache.directory.fortress.core.model.User#ou} (required) and optional {@link org.apache.directory.fortress.core.model.User#description},{@link org.apache.directory.fortress.core.model.User#roles} and many others.
-     * @return Returns entity containing user data that was added.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public User addUser( User user )
@@ -147,22 +110,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command disables an existing user in the RBAC database. The command is valid
-     * if and only if the user to be disabled is a member of the USERS data set. The USERS and
-     * UA data sets and the assigned_users function are updated.
-     * Method performs a "soft" delete.  It performs the following:
-     * - sets the user status to "deleted"
-     * - deassigns all roles from the user
-     * - locks the user's password in LDAP
-     * - revokes all perms that have been granted to user entity.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * </ul>
-     *
-     * @param user Contains the {@link User#userId} of the User targeted for deletion.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void disableUser( User user )
@@ -187,18 +135,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command deletes an existing user from the RBAC database. The command is valid
-     * if and only if the user to be deleted is a member of the USERS data set. The USERS and
-     * UA data sets and the assigned_users function are updated.
-     * This method performs a "hard" delete.  It completely removes all data associated with this user from the directory.
-     * User entity must exist in directory prior to making this call else exception will be thrown.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * </ul>
-     *
-     * @param user Contains the {@link User#userId} of the User targeted for deletion.
-     * @throws SecurityException Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deleteUser( User user )
@@ -223,40 +160,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method performs an update on User entity in directory.  Prior to making this call the entity must exist in
-     * directory.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link User#password} - used to authenticate the User</li>
-     * <li>{@link User#ou} - contains the name of an already existing User OU node</li>
-     * <li>{@link User#pwPolicy} - contains the name of an already existing OpenLDAP password policy node</li>
-     * <li>{@link User#cn} - maps to INetOrgPerson common name attribute</li>
-     * <li>{@link User#sn} - maps to INetOrgPerson surname attribute</li>
-     * <li>{@link User#description} - maps to INetOrgPerson description attribute</li>
-     * <li>{@link User#phones} * - multi-occurring attribute maps to organizationalPerson telephoneNumber  attribute</li>
-     * <li>{@link User#mobiles} * - multi-occurring attribute maps to INetOrgPerson mobile attribute</li>
-     * <li>{@link User#emails} * - multi-occurring attribute maps to INetOrgPerson mail attribute</li>
-     * <li>{@link User#address} * - multi-occurring attribute maps to organizationalPerson postalAddress, st, l, postalCode, postOfficeBox attributes</li>
-     * <li>{@link User#beginTime} - HHMM - determines begin hour user may activate session</li>
-     * <li>{@link User#endTime} - HHMM - determines end hour user may activate session.</li>
-     * <li>{@link User#beginDate} - YYYYMMDD - determines date when user may sign on</li>
-     * <li>{@link User#endDate} - YYYYMMDD - indicates latest date user may sign on</li>
-     * <li>{@link User#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status</li>
-     * <li>{@link User#endLockDate} - YYYYMMDD - determines end of enforced inactive status</li>
-     * <li>{@link User#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day of user may sign on</li>
-     * <li>{@link User#timeout} - number in seconds of session inactivity time allowed</li>
-     * <li>{@link User#props} * - multi-occurring attribute contains property key and values are separated with a ':'.  e.g. mykey1:myvalue1</li>
-     * <li>{@link User#roles} * - multi-occurring attribute contains the name of already existing role to assign to user</li>
-     * <li>{@link User#adminRoles} * - multi-occurring attribute contains the name of already existing adminRole to assign to user</li>
-     * </ul>
-     *
-     * @param user must contain {@link User#userId} and optional entity data to update i.e. desc, ou, properties, all attributes that are not set will be ignored.
-     * @return Updated user entity data.
-     * @throws SecurityException thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public User updateUser( User user )
@@ -287,19 +191,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * Method will change user's password.  This method will evaluate user's password policies.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * <li>{@link User#password} - contains the User's old password</li>
-     * <li>newPassword - contains the User's new password</li>
-     * </ul>
-     *
-     * @param user        contains {@link User#userId} and old user password {@link User#password}.
-     * @param newPassword contains new user password.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          Will be thrown in the event of password policy violation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void changePassword( User user, char[] newPassword )
@@ -326,15 +218,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * Method will lock user's password which will prevent the user from authenticating with directory.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * </ul>
-     *
-     * @param user entity contains {@link User#userId} of User to be locked.
-     * @throws SecurityException will be thrown in the event of pw policy violation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void lockUserAccount( User user )
@@ -359,15 +243,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * Method will unlock user's password which will enable user to authenticate with directory.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * </ul>
-     *
-     * @param user entity contains {@link org.apache.directory.fortress.core.model.User#userId} of User to be unlocked.
-     * @throws SecurityException will be thrown in the event of pw policy violation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void unlockUserAccount( User user )
@@ -392,17 +268,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * Method will reset user's password which will require user to change password before successful authentication with directory.
-     * This method will not evaluate password policies on the new user password as it must be changed before use.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * <li>newPassword - contains the User's new password</li>
-     * </ul>
-     *
-     * @param user entity contains {@link User#userId} of User to be reset.
-     * @throws SecurityException will be thrown in the event of pw policy violation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void resetPassword( User user, char[] newPassword )
@@ -429,15 +295,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * Method will delete user's password policy designation.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link User#userId} - maps to INetOrgPerson uid</li>
-     * <li>newPassword - contains the User's new password</li>
-     * </ul>
-     *
-     * @param user  contains {@link User#userId}.
-     * @throws SecurityException will be thrown in the event of password policy violation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deletePasswordPolicy( User user )
@@ -449,28 +307,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command creates a new role. The command is valid if and only if the new role is not
-     * already a member of the ROLES data set. The ROLES data set is updated.
-     * Initially, no user or permission is assigned to the new role.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#name} - contains the name to use for the Role to be created.</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#description} - maps to description attribute on organizationalRole object class</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#beginTime} - HHMM - determines begin hour role may be activated into user's RBAC session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#endTime} - HHMM - determines end hour role may be activated into user's RBAC session.</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#beginDate} - YYYYMMDD - determines date when role may be activated into user's RBAC session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#endDate} - YYYYMMDD - indicates latest date role may be activated into user's RBAC session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#endLockDate} - YYYYMMDD - determines end of enforced inactive status</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Role#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user's RBAC session</li>
-     * </ul>
-     *
-     * @param role must contains {@link org.apache.directory.fortress.core.model.Role#name} (required) and optional {@link org.apache.directory.fortress.core.model.Role#description}.
-     * @throws SecurityException Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public Role addRole( Role role )
@@ -501,18 +338,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command deletes an existing role from the RBAC database. The command is valid
-     * if and only if the role to be deleted is a member of the ROLES data set.  This command will
-     * also deassign role from all users.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Role#name} - contains the name to use for the Role to be deleted.</li>
-     * </ul>
-     *
-     * @param role Contains {@link Role#name} for Role to delete.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deleteRole( Role role )
@@ -537,27 +363,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * Method will update a Role entity in the directory.  The role must exist prior to this call.
-     * <p/>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Role#name} - contains the name to use for the Role to be updated.</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link Role#description} - maps to description attribute on organizationalRole object class</li>
-     * <li>{@link Role#beginTime} - HHMM - determines begin hour role may be activated into user's RBAC session</li>
-     * <li>{@link Role#endTime} - HHMM - determines end hour role may be activated into user's RBAC session.</li>
-     * <li>{@link Role#beginDate} - YYYYMMDD - determines date when role may be activated into user's RBAC session</li>
-     * <li>{@link Role#endDate} - YYYYMMDD - indicates latest date role may be activated into user's RBAC session</li>
-     * <li>{@link Role#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status</li>
-     * <li>{@link Role#endLockDate} - YYYYMMDD - determines end of enforced inactive status</li>
-     * <li>{@link Role#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user's RBAC session</li>
-     * </ul>
-     *
-     * @param role must contains {@link Role#name} and may contain new description or {@link org.apache.directory.fortress.core.model.Constraint}
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public Role updateRole( Role role )
@@ -588,53 +394,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command assigns a user to a role.
-     * <p>
-     * <ul>
-     * <li> The command is valid if and only if:
-     * <li> The user is a member of the USERS data set
-     * <li> The role is a member of the ROLES data set
-     * <li> The user is not already assigned to the role
-     * <li> The SSD constraints are satisfied after assignment.
-     * </ul>
-     * </p>
-     * <p>
-     * Successful completion of this op, the following occurs:
-     * </p>
-     * <ul>
-     * <li> User entity (resides in people container) has role assignment added to aux object class attached to actual user record.
-     * <li> Role entity (resides in role container) has userId added as role occupant.
-     * <li> (optional) Temporal constraints may be associated with <code>ftUserAttrs</code> aux object class based on:
-     * <ul>
-     * <li> timeout - number in seconds of session inactivity time allowed.
-     * <li> beginDate - YYYYMMDD - determines date when role may be activated.
-     * <li> endDate - YYMMDD - indicates latest date role may be activated.
-     * <li> beginLockDate - YYYYMMDD - determines beginning of enforced inactive status
-     * <li> endLockDate - YYMMDD - determines end of enforced inactive status.
-     * <li> beginTime - HHMM - determines begin hour role may be activated in user's session.
-     * <li> endTime - HHMM - determines end hour role may be activated in user's session.*
-     * <li> dayMask - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day of week role may be activated.
-     * </ul>
-     * </ul>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#name} - contains the name for already existing Role to be assigned</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#userId} - contains the userId for existing User</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#beginTime} - HHMM - determines begin hour role may be activated into user's RBAC session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#endTime} - HHMM - determines end hour role may be activated into user's RBAC session.</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#beginDate} - YYYYMMDD - determines date when role may be activated into user's RBAC session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#endDate} - YYYYMMDD - indicates latest date role may be activated into user's RBAC session</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#endLockDate} - YYYYMMDD - determines end of enforced inactive status</li>
-     * <li>{@link org.apache.directory.fortress.core.model.UserRole#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user's RBAC session</li>
-     * </ul>
-     *
-     * @param uRole must contain {@link org.apache.directory.fortress.core.model.UserRole#userId} and {@link org.apache.directory.fortress.core.model.UserRole#name} and optional {@code Constraints}.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void assignUser( UserRole uRole )
@@ -659,22 +419,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command deletes the assignment of the User from the Role entities. The command is
-     * valid if and only if the user is a member of the USERS data set, the role is a member of
-     * the ROLES data set, and the user is assigned to the role.
-     * Any sessions that currently have this role activated will not be effected.
-     * Successful completion includes:
-     * User entity in USER data set has role assignment removed.
-     * Role entity in ROLE data set has userId removed as role occupant.
-     * (optional) Temporal constraints will be removed from user aux object if set prior to call.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link UserRole#name} - contains the name for already existing Role to be deassigned</li>
-     * <li>{@link UserRole#userId} - contains the userId for existing User</li>
-     * </ul>
-     *
-     * @param uRole must contain {@link UserRole#userId} and {@link UserRole#name}.
-     * @throws SecurityException - in the event data error in user or role objects or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deassignUser( UserRole uRole )
@@ -699,25 +444,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method will add permission operation to an existing permission object which resides under {@code ou=Permissions,ou=RBAC,dc=yourHostName,dc=com} container in directory information tree.
-     * The perm operation entity may have {@link org.apache.directory.fortress.core.model.Role} or {@link org.apache.directory.fortress.core.model.User} associations.  The target {@link org.apache.directory.fortress.core.model.Permission} must not exist prior to calling.
-     * A Fortress Permission instance exists in a hierarchical, one-many relationship between its parent and itself as stored in ldap tree: ({@link org.apache.directory.fortress.core.model.PermObj}*->{@link org.apache.directory.fortress.core.model.Permission}).
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.Permission#objName} - contains the name of existing object being targeted for the permission add</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Permission#opName} - contains the name of new permission operation being added</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.Permission#roles} * - multi occurring attribute contains RBAC Roles that permission operation is being granted to</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Permission#users} * - multi occurring attribute contains Users that permission operation is being granted to</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Permission#props} * - multi-occurring property key and values are separated with a ':'.  e.g. mykey1:myvalue1</li>
-     * <li>{@link org.apache.directory.fortress.core.model.Permission#type} - any safe text</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link org.apache.directory.fortress.core.model.Permission#objName}, and operation, {@link org.apache.directory.fortress.core.model.Permission#opName}, that identifies target along with optional other attributes..
-     * @return copy of Permission entity.
-     * @throws SecurityException - thrown in the event of perm object data or system error.
+     * {@inheritDoc}
      */
     @Override
     public Permission addPermission( Permission perm )
@@ -748,26 +475,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method will update permission operation pre-existing in target directory under {@code ou=Permissions,ou=RBAC,dc=yourHostName,dc=com} container in directory information tree.
-     * The perm operation entity may also contain {@link org.apache.directory.fortress.core.model.Role} or {@link org.apache.directory.fortress.core.model.User} associations to add or remove using this function.
-     * The perm operation must exist before making this call.  Only non-null attributes will be updated.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Permission#objName} - contains the name of existing object being targeted for the permission update</li>
-     * <li>{@link Permission#opName} - contains the name of existing permission operation being updated</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link Permission#roles} * - multi occurring attribute contains RBAC Roles that permission operation is being granted to</li>
-     * <li>{@link Permission#users} * - multi occurring attribute contains Users that permission operation is being granted to</li>
-     * <li>{@link Permission#props} * - multi-occurring property key and values are separated with a ':'.  e.g. mykey1:myvalue1</li>
-     * <li>{@link Permission#type} - any safe text</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link Permission#objName}, and operation, {@link Permission#opName}, that identifies target and any optional data to update.  Null or empty attributes will be ignored.
-     * @return copy of permOp entity.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          - thrown in the event of perm object data or system error.
+     * {@inheritDoc}
      */
     @Override
     public Permission updatePermission( Permission perm )
@@ -798,17 +506,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method will remove permission operation entity from permission object. A Fortress permission is (object->operation).
-     * The perm operation must exist before making this call.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Permission#objName} - contains the name of existing object being targeted for the permission delete</li>
-     * <li>{@link Permission#opName} - contains the name of existing permission operation being removed</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link Permission#objName}, and operation, {@link Permission#opName}, that identifies target.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          - thrown in the event of perm object data or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deletePermission( Permission perm )
@@ -833,23 +531,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method will add permission object to perms container in directory. The perm object must not exist before making this call.
-     * A {@link org.apache.directory.fortress.core.model.PermObj} instance exists in a hierarchical, one-many relationship between itself and children as stored in ldap tree: ({@link org.apache.directory.fortress.core.model.PermObj}*->{@link Permission}).
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.PermObj#objName} - contains the name of new object being added</li>
-     * <li>{@link org.apache.directory.fortress.core.model.PermObj#ou} - contains the name of an existing PERMS OrgUnit this object is associated with</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.PermObj#description} - any safe text</li>
-     * <li>{@link org.apache.directory.fortress.core.model.PermObj#type} - contains any safe text</li>
-     * <li>{@link org.apache.directory.fortress.core.model.PermObj#props} * - multi-occurring property key and values are separated with a ':'.  e.g. mykey1:myvalue1</li>
-     * </ul>
-     *
-     * @param pObj must contain the {@link org.apache.directory.fortress.core.model.PermObj#objName} and {@link org.apache.directory.fortress.core.model.PermObj#ou}.  The other attributes are optional.
-     * @return copy of permObj entity.
-     * @throws SecurityException - thrown in the event of perm object data or system error.
+     * {@inheritDoc}
      */
     @Override
     public PermObj addPermObj( PermObj pObj )
@@ -880,24 +562,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method will update permission object in perms container in directory.  The perm object must exist before making this call.
-     * A {@link PermObj} instance exists in a hierarchical, one-many relationship between itself and children as stored in ldap tree: ({@link PermObj}*->{@link Permission}).
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link PermObj#objName} - contains the name of existing object being updated</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link PermObj#ou} - contains the name of an existing PERMS OrgUnit this object is associated with</li>
-     * <li>{@link PermObj#description} - any safe text</li>
-     * <li>{@link PermObj#type} - contains any safe text</li>
-     * <li>{@link PermObj#props} * - multi-occurring property key and values are separated with a ':'.  e.g. mykey1:myvalue1</li>
-     * </ul>
-     *
-     * @param pObj must contain the {@link PermObj#objName}. Only non-null attributes will be updated.
-     * @return copy of newly updated permObj entity.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          - thrown in the event of perm object data or system error.
+     * {@inheritDoc}
      */
     @Override
     public PermObj updatePermObj( PermObj pObj )
@@ -928,15 +593,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This method will remove permission object to perms container in directory.  This method will also remove
-     * in associated permission objects that are attached to this object.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link PermObj#objName} - contains the name of existing object targeted for removal</li>
-     * </ul>
-     *
-     * @param pObj must contain the {@link org.apache.directory.fortress.core.model.PermObj#objName} of object targeted for removal.
-     * @throws SecurityException - thrown in the event of perm object data or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deletePermObj( PermObj pObj )
@@ -961,22 +618,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command grants a role the permission to perform an operation on an object to a role.
-     * The command is implemented by granting permission by setting the access control list of
-     * the object involved.
-     * The command is valid if and only if the pair (operation, object) represents a permission,
-     * and the role is a member of the ROLES data set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Permission#objName} - contains the object name</li>
-     * <li>{@link Permission#opName} - contains the operation name</li>
-     * <li>{@link Role#name} - contains the role name</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link Permission#objName}, and operation, {@link Permission#opName}, that identifies target.
-     * @param role must contains {@link Role#name}.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void grantPermission( Permission perm, Role role )
@@ -1008,21 +650,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command revokes the permission to perform an operation on an object from the set
-     * of permissions assigned to a role. The command is implemented by setting the access control
-     * list of the object involved.
-     * The command is valid if and only if the pair (operation, object) represents a permission,
-     * the role is a member of the ROLES data set, and the permission is assigned to that role.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Permission#objName} - contains the object name</li>
-     * <li>{@link Permission#opName} - contains the operation name</li>
-     * <li>{@link Role#name} - contains the role name</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link Permission#objName}, and operation, {@link Permission#opName}, that identifies target.
-     * @param role must contains {@link Role#name}.
-     * @throws SecurityException Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void revokePermission( Permission perm, Role role )
@@ -1054,22 +682,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command grants a user the permission to perform an operation on an object to a role.
-     * The command is implemented by granting permission by setting the access control list of
-     * the object involved.
-     * The command is valid if and only if the pair (operation, object) represents a permission,
-     * and the user is a member of the USERS data set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Permission#objName} - contains the object name</li>
-     * <li>{@link Permission#opName} - contains the operation name</li>
-     * <li>{@link User#userId} - contains the userId</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link Permission#objName}, and operation, {@link Permission#opName}, that identifies target.
-     * @param user must contain {@link User#userId} of target User entity.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void grantPermission( Permission perm, User user )
@@ -1101,21 +714,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command revokes the permission to perform an operation on an object from the set
-     * of permissions assigned to a user. The command is implemented by setting the access control
-     * list of the object involved.
-     * The command is valid if and only if the pair (operation, object) represents a permission,
-     * the user is a member of the USERS data set, and the permission is assigned to that user.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link Permission#objName} - contains the object name</li>
-     * <li>{@link Permission#opName} - contains the operation name</li>
-     * <li>{@link User#userId} - contains the userId</li>
-     * </ul>
-     *
-     * @param perm must contain the object, {@link Permission#objName}, and operation, {@link Permission#opName}, that identifies target.
-     * @param user must contain {@link User#userId} of target User entity.
-     * @throws SecurityException Thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void revokePermission( Permission perm, User user )
@@ -1147,32 +746,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of
-     * the existing role parentRole. The command is valid if and only if childRole is not a member of the ROLES data set,
-     * and parentRole is a member of the ROLES data set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>parentRole - {@link Role#name} - contains the name of existing Role to be parent</li>
-     * <li>childRole - {@link Role#name} - contains the name of new Role to be child</li>
-     * </ul>
-     * <h4>optional parameters childRole</h4>
-     * <ul>
-     * <li>childRole - {@link Role#description} - maps to description attribute on organizationalRole object class for new child</li>
-     * <li>childRole - {@link Role#beginTime} - HHMM - determines begin hour role may be activated into user's RBAC session for new child</li>
-     * <li>childRole - {@link Role#endTime} - HHMM - determines end hour role may be activated into user's RBAC session for new child</li>
-     * <li>childRole - {@link Role#beginDate} - YYYYMMDD - determines date when role may be activated into user's RBAC session for new child</li>
-     * <li>childRole - {@link Role#endDate} - YYYYMMDD - indicates latest date role may be activated into user's RBAC session for new child</li>
-     * <li>childRole - {@link Role#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status for new child</li>
-     * <li>childRole - {@link Role#endLockDate} - YYYYMMDD - determines end of enforced inactive status for new child</li>
-     * <li>childRole - {@link Role#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user's RBAC session for new child</li>
-     * </ul>
-     *
-     * @param parentRole This entity must be present in ROLE data set.  Success will add role rel with childRole.
-     * @param childRole  This entity must not be present in ROLE data set.  Success will add the new role entity to ROLE data set.
-     *                   This method:
-     *                   1 - Adds new role.
-     *                   2 - Assigns role relationship between new childRole and pre-existing parentRole.
-     * @throws SecurityException thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void addDescendant( Role parentRole, Role childRole )
@@ -1201,32 +775,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of
-     * the existing role childRole. The command is valid if and only if parentRole is not a member of the ROLES data set,
-     * and childRole is a member of the ROLES data set.
-     * This method:
-     * 1 - Adds new role.
-     * 2 - Assigns role relationship between new parentRole and pre-existing childRole.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>childRole - {@link Role#name} - contains the name of existing child Role</li>
-     * <li>parentRole - {@link Role#name} - contains the name of new Role to be parent</li>
-     * </ul>
-     * <h4>optional parameters parentRole</h4>
-     * <ul>
-     * <li>parentRole - {@link Role#description} - maps to description attribute on organizationalRole object class for new parent</li>
-     * <li>parentRole - {@link Role#beginTime} - HHMM - determines begin hour role may be activated into user's RBAC session for new parent</li>
-     * <li>parentRole - {@link Role#endTime} - HHMM - determines end hour role may be activated into user's RBAC session for new parent</li>
-     * <li>parentRole - {@link Role#beginDate} - YYYYMMDD - determines date when role may be activated into user's RBAC session for new parent</li>
-     * <li>parentRole - {@link Role#endDate} - YYYYMMDD - indicates latest date role may be activated into user's RBAC session for new parent</li>
-     * <li>parentRole - {@link Role#beginLockDate} - YYYYMMDD - determines beginning of enforced inactive status for new parent</li>
-     * <li>parentRole - {@link Role#endLockDate} - YYYYMMDD - determines end of enforced inactive status for new parent</li>
-     * <li>parentRole - {@link Role#dayMask} - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user's RBAC session for new parent</li>
-     * </ul>
-     *
-     * @param parentRole completion of op assigns new child relationship with childRole.
-     * @param childRole  completion of op assigns new parent relationship with parentRole.
-     * @throws SecurityException thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void addAscendant( Role childRole, Role parentRole )
@@ -1255,20 +804,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command establishes a new immediate inheritance relationship parentRole <<-- childRole between existing
-     * roles parentRole, childRole. The command is valid if and only if parentRole and childRole are members of the ROLES data
-     * set, parentRole is not an immediate ascendant of childRole, and childRole does not properly inherit parentRole (in order to
-     * avoid cycle creation).
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>parentRole - {@link Role#name} - contains the name of existing Role to be parent</li>
-     * <li>childRole - {@link Role#name} - contains the name of existing Role to be child</li>
-     * </ul>
-     *
-     * @param parentRole completion of op deassigns child relationship with childRole.
-     * @param childRole  completion of op deassigns parent relationship with parentRole.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void addInheritance( Role parentRole, Role childRole )
@@ -1297,19 +833,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command deletes an existing immediate inheritance relationship parentRole <<-- childRole. The command is
-     * valid if and only if the roles parentRole and childRole are members of the ROLES data set, and parentRole is an
-     * immediate ascendant of childRole. The new inheritance relation is computed as the reflexive-transitive
-     * closure of the immediate inheritance relation resulted after deleting the relationship parentRole <<-- childRole.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>parentRole - {@link Role#name} - contains the name of existing Role to remove parent relationship</li>
-     * <li>childRole - {@link Role#name} - contains the name of existing Role to remove child relationship</li>
-     * </ul>
-     *
-     * @param parentRole completion of op removes child relationship with childRole.
-     * @param childRole  completion of op removes parent relationship with parentRole.
-     * @throws SecurityException thrown in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public void deleteInheritance( Role parentRole, Role childRole )
@@ -1338,27 +862,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command creates a named SSD set of roles and sets the cardinality n of its subsets
-     * that cannot have common users. The command is valid if and only if:
-     * 1 - the name of the SSD set is not already in use
-     * 2 - all the roles in the SSD set are members of the ROLES data set
-     * 3 - n is a natural number greater than or equal to 2 and less than or equal to the cardinality of the SSD role set,
-     * 4 - the SSD constraint for the new role set is satisfied.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.SDSet#name} - contains the name of new SSD role set to be added</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link org.apache.directory.fortress.core.model.SDSet#members} * - multi-occurring attribute contains the RBAC Role names to be added to this set</li>
-     * <li>{@link org.apache.directory.fortress.core.model.SDSet#cardinality} - default is 2 which is one more than maximum number of Roles that may be assigned to User from a particular set</li>
-     * <li>{@link org.apache.directory.fortress.core.model.SDSet#description} - contains any safe text</li>
-     * </ul>
-     *
-     * @param ssdSet contains an instantiated reference to new SSD set containing, name, members, and cardinality (default 2)
-     * @return reference to newly created SSDSet object.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet createSsdSet( SDSet ssdSet )
@@ -1389,30 +893,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command updates existing SSD set of roles and sets the cardinality n of its subsets
-     * that cannot have common users.
-     * <p>
-     * The command is valid if and only if:
-     * <ul>
-     * <li>The name of the SSD set already exists.
-     * <li> All the roles in the SSD set are members of the ROLES data set.
-     * <li> n is a natural number greater than or equal to 2 and less than or equal to the cardinality of the SSD role set.
-     * <li> The SSD constraint for the new role set is satisfied.
-     * </ul>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of existing SSD role set to be updated</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#members} * - multi-occurring attribute contains the RBAC Role names to be added to this set</li>
-     * <li>{@link SDSet#cardinality} - default is 2 which is one more than maximum number of Roles that may be assigned to User from a particular set</li>
-     * <li>{@link SDSet#description} - contains any safe text</li>
-     * </ul>
-     *
-     * @param ssdSet contains an instantiated reference to existing SSD set containing, name, members, and cardinality (default 2)
-     * @return reference to SSDSet object targeted for update.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     public SDSet updateSsdSet( SDSet ssdSet )
         throws SecurityException
@@ -1442,21 +923,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command adds a role to a named SSD set of roles. The cardinality associated with the role set remains unchanged.
-     * The command is valid if and only if:
-     * 1 - the SSD role set exists, and
-     * 2 - the role to be added is a member of the ROLES data set but not of a member of the SSD role set, and
-     * 3 - the SSD constraint is satisfied after the addition of the role to the SSD role set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of SSD role set to be modified</li>
-     * <li>{@link Role#name} - contains the name of new {@link SDSet#members} to be added</li>
-     * </ul>
-     *
-     * @param ssdSet contains an instantiated reference to new SSD set containing name.
-     * @param role   contains instantiated Role object with role name field set.
-     * @return reference to updated SSDSet object.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet addSsdRoleMember( SDSet ssdSet, Role role )
@@ -1489,22 +956,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command removes a role from a named SSD set of roles. The cardinality associated with the role set remains unchanged.
-     * The command is valid if and only if:
-     * 1 - the SSD role set exists, and
-     * 2 - the role to be removed is a member of the SSD role set, and
-     * 3 - the cardinality associated with the SSD role set is less than the number of elements of the SSD role set.
-     * Note that the SSD constraint should be satisfied after the removal of the role from the SSD role set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of SSD role set to be modified</li>
-     * <li>{@link Role#name} - contains the name of existing {@link SDSet#members} to be removed</li>
-     * </ul>
-     *
-     * @param ssdSet contains an instantiated reference to new SSD set containing name.
-     * @param role   contains instantiated Role object with role name field set.
-     * @return reference to updated SSDSet object.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet deleteSsdRoleMember( SDSet ssdSet, Role role )
@@ -1537,15 +989,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command deletes a SSD role set completely. The command is valid if and only if the SSD role set exists.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of new SSD role set to be removed</li>
-     * </ul>
-     *
-     * @param ssdSet contains an instantiated reference to SSD set targeted for removal.
-     * @return reference to deleted SSDSet object.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet deleteSsdSet( SDSet ssdSet )
@@ -1576,20 +1020,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command sets the cardinality associated with a given SSD role set. The command is valid if and only if:
-     * 1 - the SSD role set exists, and
-     * 2 - the new cardinality is a natural number greater than or equal to 2 and less than or equal to the number of elements of the SSD role set, and
-     * 3 - the SSD constraint is satisfied after setting the new cardinality.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of SSD role set to be modified</li>
-     * <li>cardinality - contains new cardinality setting for SSD</li>
-     * </ul>
-     *
-     * @param ssdSet      contains an instantiated reference to new SSD set containing name.
-     * @param cardinality integer value contains new cardinality value for data set.
-     * @return reference to updated SSDSet object.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet setSsdSetCardinality( SDSet ssdSet, int cardinality )
@@ -1621,27 +1052,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command creates a named DSD set of roles and sets an associated cardinality n.
-     * The DSD constraint stipulates that the DSD role set cannot contain n or more roles
-     * simultaneously active in the same session.  The command is valid if and only if:
-     * 1 - the name of the DSD set is not already in use
-     * 2 - all the roles in the DSD set are members of the ROLES data set
-     * 3 - n is a natural number greater than or equal to 2 and less than or equal to the cardinality of the DSD role set,
-     * 4 - the DSD constraint for the new role set is satisfied.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of new DSD role set to be added</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#members} * - multi-occurring attribute contains the RBAC Role names to be added to this set</li>
-     * <li>{@link SDSet#cardinality} - default is 2 which is one more than maximum number of Roles that may be assigned to User from a particular set</li>
-     * <li>{@link SDSet#description} - contains any safe text</li>
-     * </ul>
-     *
-     * @param dsdSet contains an instantiated reference to new DSD set containing, name, members, and cardinality (default 2)
-     * @return reference to newly created SSDSet object.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet createDsdSet( SDSet dsdSet )
@@ -1672,30 +1083,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command updates existing DSD set of roles and sets the cardinality n of its subsets
-     * that cannot have common users.
-     * <p>
-     * The command is valid if and only if:
-     * <ul>
-     * <li>The name of the DSD set already exists.
-     * <li> All the roles in the DSD set are members of the ROLES data set.
-     * <li> n is a natural number greater than or equal to 2 and less than or equal to the cardinality of the DSD role set.
-     * <li> The DSD constraint for the new role set is satisfied.
-     * </ul>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of existing DSD role set to be updated</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#members} * - multi-occurring attribute contains the RBAC Role names to be added to this set</li>
-     * <li>{@link SDSet#cardinality} - default is 2 which is one more than maximum number of Roles that may be assigned to User from a particular set</li>
-     * <li>{@link SDSet#description} - contains any safe text</li>
-     * </ul>
-     *
-     * @param dsdSet contains an instantiated reference to existing DSD set containing, name, members, and cardinality (default 2)
-     * @return reference to DSDSet object targeted for update.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     public SDSet updateDsdSet( SDSet dsdSet )
         throws SecurityException
@@ -1725,22 +1113,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command adds a role to a named DSD set of roles. The cardinality associated with
-     * the role set remains unchanged. The command is valid if and only if:
-     * 1 - the DSD role set exists, and
-     * 2 - the role to be added is a member of the ROLES data set but not of a member of the DSD role set, and
-     * 3 - the DSD constraint is satisfied after the addition of the role to the SSD role set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of DSD role set to be modified</li>
-     * <li>{@link Role#name} - contains the name of new {@link SDSet#members} to be added</li>
-     * </ul>
-     *
-     * @param dsdSet contains an instantiated reference to new DSD set containing name.
-     * @param role   contains instantiated Role object with role name field set.
-     * @return reference to updated DSDSet object.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet addDsdRoleMember( SDSet dsdSet, Role role )
@@ -1773,22 +1146,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command removes a role from a named DSD set of roles. The cardinality associated
-     * with the role set remains unchanged. The command is valid if and only if:
-     * 1 - the DSD role set exists, and
-     * 2 - the role to be removed is a member of the DSD role set, and
-     * 3 - the cardinality associated with the DSD role set is less than the number of elements of the DSD role set.
-     * Note that the DSD constraint should be satisfied after the removal of the role from the DSD role set.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of DSD role set to be modified</li>
-     * <li>{@link Role#name} - contains the name of existing {@link SDSet#members} to be removed</li>
-     * </ul>
-     *
-     * @param dsdSet contains an instantiated reference to new DSD set containing name.
-     * @param role   contains instantiated Role object with role name field set.
-     * @return reference to updated DSDSet object.
-     * @throws SecurityException in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet deleteDsdRoleMember( SDSet dsdSet, Role role )
@@ -1821,16 +1179,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command deletes a DSD role set completely. The command is valid if and only if the DSD role set exists.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of new DSD role set to be removed</li>
-     * </ul>
-     *
-     * @param dsdSet contains an instantiated reference to new DSD set containing, name
-     * @return reference to deleted DSDSet object.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet deleteDsdSet( SDSet dsdSet )
@@ -1861,21 +1210,7 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 
 
     /**
-     * This command sets the cardinality associated with a given DSD role set. The command is valid if and only if:
-     * 1 - the SSD role set exists, and
-     * 2 - the new cardinality is a natural number greater than or equal to 2 and less than or equal to the number of elements of the SSD role set, and
-     * 3 - the SSD constraint is satisfied after setting the new cardinality.
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link SDSet#name} - contains the name of DSD role set to be modified</li>
-     * <li>cardinality - contains new cardinality setting for SSD</li>
-     * </ul>
-     *
-     * @param dsdSet      contains an instantiated reference to new DSD set containing, name
-     * @param cardinality integer value contains new cardinality value for data set.
-     * @return reference to updated DSDSet object.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of data validation or system error.
+     * {@inheritDoc}
      */
     @Override
     public SDSet setDsdSetCardinality( SDSet dsdSet, int cardinality )

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/d33ae957/src/main/java/org/apache/directory/fortress/core/rest/AuditMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/AuditMgrRestImpl.java b/src/main/java/org/apache/directory/fortress/core/rest/AuditMgrRestImpl.java
index 0e86603..bc1cde6 100644
--- a/src/main/java/org/apache/directory/fortress/core/rest/AuditMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/AuditMgrRestImpl.java
@@ -84,20 +84,7 @@ public class AuditMgrRestImpl extends Manageable implements AuditMgr
     private static final String CLS_NM = AuditMgrRestImpl.class.getName();
 
     /**
-     * This method returns a list of authorization events for a particular user {@link org.apache.directory.fortress.core.model.UserAudit#userId}
-     * and given timestamp field {@link org.apache.directory.fortress.core.model.UserAudit#beginDate}.<BR>
-     * Method also can discriminate between all events or failed only by setting {@link org.apache.directory.fortress.core.model.UserAudit#failedOnly}.
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#userId} - contains the target userId</li>
-     * <li>{@link UserAudit#beginDate} - contains the date in which to begin search</li>
-     * <li>{@link UserAudit#failedOnly} - if set to 'true', return only failed authorization events</li>
-     * </ul>
-     *
-     * @param uAudit This entity is instantiated and populated before invocation.
-     * @return a List of objects of type AuthZ.  Each AuthZ object contains one authorization event.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          if a runtime system error occurs.
+     * {@inheritDoc}
      */
     @Override
     public List<AuthZ> getUserAuthZs(UserAudit uAudit)
@@ -133,23 +120,7 @@ public class AuditMgrRestImpl extends Manageable implements AuditMgr
 
 
     /**
-     * This method returns a list of authorization events for a particular user {@link org.apache.directory.fortress.core.model.UserAudit#userId},
-     * object {@link org.apache.directory.fortress.core.model.UserAudit#objName}, and given timestamp field {@link org.apache.directory.fortress.core.model.UserAudit#beginDate}.<BR>
-     * Method also can discriminate between all events or failed only by setting flag {@link org.apache.directory.fortress.core.model.UserAudit#failedOnly}..
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#userId} - contains the target userId<</li>
-     * <li>{@link UserAudit#objName} - contains the object (authorization resource) name</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#beginDate} - contains the date in which to begin search</li>
-     * <li>{@link UserAudit#failedOnly} - if set to 'true', return only failed authorization events</li>
-     * </ul>
-     *
-     * @param uAudit This entity is instantiated and populated before invocation.
-     * @return a List of objects of type AuthZ.  Each AuthZ object contains one authorization event.
-     * @throws SecurityException if a runtime system error occurs.
+     * {@inheritDoc}
      */
     @Override
     public List<AuthZ> searchAuthZs(UserAudit uAudit)
@@ -185,19 +156,7 @@ public class AuditMgrRestImpl extends Manageable implements AuditMgr
 
 
     /**
-     * This method returns a list of authentication audit events for a particular user {@link org.apache.directory.fortress.core.model.UserAudit#userId},
-     * and given timestamp field {@link org.apache.directory.fortress.core.model.UserAudit#beginDate}.<BR>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#userId} - contains the target userId<</li>
-     * <li>{@link UserAudit#beginDate} - contains the date in which to begin search</li>
-     * <li>{@link UserAudit#failedOnly} - if set to 'true', return only failed authorization events</li>
-     * </ul>
-     *
-     * @param uAudit This entity is instantiated and populated before invocation.
-     * @return a List of objects of type Bind.  Each Bind object contains one bind event.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          if a runtime system error occurs.
+     * {@inheritDoc}
      */
     @Override
     public List<Bind> searchBinds(UserAudit uAudit)
@@ -231,22 +190,9 @@ public class AuditMgrRestImpl extends Manageable implements AuditMgr
         return outRecords;
     }
 
+
     /**
-     * This method returns a list of sessions created for a given user {@link org.apache.directory.fortress.core.model.UserAudit#userId},
-     * and timestamp {@link org.apache.directory.fortress.core.model.UserAudit#beginDate}.<BR>
-     * <h4>required parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#userId} - contains the target userId<</li>
-     * </ul>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#beginDate} - contains the date in which to begin search</li>
-     * </ul>
-     *
-     * @param uAudit This entity is instantiated and populated before invocation.
-     * @return a List of objects of type Mod.  Each Mod object in list corresponds to one update or delete event on directory.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          if a runtime system error occurs.
+     * {@inheritDoc}
      */
     @Override
     public List<Mod> searchUserSessions(UserAudit uAudit)
@@ -280,25 +226,9 @@ public class AuditMgrRestImpl extends Manageable implements AuditMgr
         return outRecords;
     }
 
+
     /**
-     * This method returns a list of admin operations events for a particular entity {@link org.apache.directory.fortress.core.model.UserAudit#dn},
-     * object {@link org.apache.directory.fortress.core.model.UserAudit#objName} and timestamp {@link org.apache.directory.fortress.core.model.UserAudit#beginDate}.  If the internal
-     * userId {@link org.apache.directory.fortress.core.model.UserAudit#internalUserId} is set it will limit search by that field.
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#dn} - contains the LDAP distinguished name for the updated object.  For example if caller
-     * wants to find out what changes were made to John Doe's user object this would be 'uid=jdoe,ou=People,dc=example,dc=com'</li>
-     * <li>{@link UserAudit#objName} - contains the object (authorization resource) name corresponding to the event.  For example if caller
-     * wants to return events where User object was modified, this would be 'updateUser'</li>
-     * <li>{@link UserAudit#internalUserId} - maps to the internalUserId of user who changed the record in LDAP.  This maps to {@link org.apache.directory.fortress.core.model.User#internalId}.</li>
-     * <li>{@link UserAudit#beginDate} - contains the date in which to begin search</li>
-     * <li>{@link UserAudit#endDate} - contains the date in which to end search</li>
-     * </ul>
-     *
-     * @param uAudit This entity is instantiated and populated before invocation.
-     * @return a List of objects of type Mod.  Each Mod object in list corresponds to one update or delete event on directory.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          if a runtime system error occurs.
+     * {@inheritDoc}
      */
     @Override
     public List<Mod> searchAdminMods(UserAudit uAudit)
@@ -334,23 +264,7 @@ public class AuditMgrRestImpl extends Manageable implements AuditMgr
 
 
     /**
-     * This method returns a list of failed authentication events for a particular invalid user {@link org.apache.directory.fortress.core.model.UserAudit#userId},
-     * and given timestamp {@link org.apache.directory.fortress.core.model.UserAudit#beginDate}.  If the {@link org.apache.directory.fortress.core.model.UserAudit#failedOnly} is true it will
-     * return only authentication attempts made with invalid userId.
-     * </p>
-     * This is possible because Fortress performs read on user before the bind.
-     * </p>
-     * <h4>optional parameters</h4>
-     * <ul>
-     * <li>{@link UserAudit#userId} - contains the target userId</li>
-     * <li>{@link UserAudit#beginDate} - contains the date in which to begin search</li>
-     * <li>{@link UserAudit#failedOnly} - if set to 'true', return only failed authorization events</li>
-     * </ul>
-     *
-     * @param uAudit This entity is instantiated and populated before invocation.
-     * @return a List of objects of type AuthZ.  Each AuthZ object contains one failed authentication event.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          if a runtime system error occurs.
+     * {@inheritDoc}
      */
     @Override
     public List<AuthZ> searchInvalidUsers(UserAudit uAudit)

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/d33ae957/src/main/java/org/apache/directory/fortress/core/rest/ConfigMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/ConfigMgrRestImpl.java b/src/main/java/org/apache/directory/fortress/core/rest/ConfigMgrRestImpl.java
index d1a0b79..82fb742 100644
--- a/src/main/java/org/apache/directory/fortress/core/rest/ConfigMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/ConfigMgrRestImpl.java
@@ -46,15 +46,9 @@ public class ConfigMgrRestImpl implements ConfigMgr
 {
     private static final String CLS_NM = ConfigMgrRestImpl.class.getName();
 
+
     /**
-     * Create a new cfg node with given name and properties.  The name is required.  If node already exists,
-     * a {@link org.apache.directory.fortress.core.SecurityException} with error {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_ALREADY_EXISTS} will be thrown.
-     *
-     * @param name    attribute is required and maps to 'cn' attribute in 'device' object class.
-     * @param inProperties contains {@link Properties} with list of name/value pairs to add to existing config node.
-     * @return {@link java.util.Properties} containing the collection of name/value pairs just added.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event entry already present or other system error.
+     * {@inheritDoc}
      */
     @Override
     public Properties add(String name, Properties inProperties) throws SecurityException
@@ -81,15 +75,9 @@ public class ConfigMgrRestImpl implements ConfigMgr
         return retProperties;
     }
 
+
     /**
-     * Update existing cfg node with additional properties, or, replace existing properties.  The name is required.  If node does not exist,
-     * a {@link org.apache.directory.fortress.core.SecurityException} with error {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_NOT_FOUND} will be thrown.
-     *
-     * @param name    attribute is required and maps to 'cn' attribute in 'device' object class.
-     * @param inProperties contains {@link Properties} with list of name/value pairs to add or udpate from existing config node.
-     * @return {@link Properties} containing the collection of name/value pairs to be added to existing node.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event entry not present or other system error.
+     * {@inheritDoc}
      */
     @Override
     public Properties update(String name, Properties inProperties) throws SecurityException
@@ -116,17 +104,9 @@ public class ConfigMgrRestImpl implements ConfigMgr
         return retProperties;
     }
 
+
     /**
-      * Completely removes named cfg node from the directory.
-     * <p/>
-     * <font size="3" color="red">This method is destructive and will remove the cfg node completely from directory.<BR>
-     * Care should be taken during execution to ensure target name is correct and permanent removal of all parameters located
-     * there is intended.  There is no 'undo' for this operation.
-     * </font>
-     *
-     * @param name is required and maps to 'cn' attribute on 'device' object class of node targeted for operation.
-     * @throws org.apache.directory.fortress.core.SecurityException
-     *          in the event of system error.
+     * {@inheritDoc}
      */
     @Override
     public void delete(String name) throws SecurityException
@@ -143,12 +123,9 @@ public class ConfigMgrRestImpl implements ConfigMgr
         }
     }
 
+
     /**
-     * Delete properties from existing cfg node.  The name is required.  If node does not exist,
-     * a {@link org.apache.directory.fortress.core.SecurityException} with error {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_NOT_FOUND} will be thrown.
-     *
-     * @param name attribute is required and maps to 'cn' attribute in 'device' object class.
-     * @throws org.apache.directory.fortress.core.SecurityException in the event entry not present or other system error.
+     * {@inheritDoc}
      */
     @Override
     public void delete(String name, Properties inProperties) throws SecurityException
@@ -168,13 +145,9 @@ public class ConfigMgrRestImpl implements ConfigMgr
         }
     }
 
+
     /**
-     * Read an existing cfg node with given name and return to caller.  The name is required.  If node doesn't exist,
-     * a {@link org.apache.directory.fortress.core.SecurityException} with error {@link org.apache.directory.fortress.core.GlobalErrIds#FT_CONFIG_NOT_FOUND} will be thrown.
-     *
-     * @param name attribute is required and maps to 'cn' attribute in 'device' object class.
-     * @return {@link Properties} containing the collection of name/value pairs just added. Maps to 'ftProps' attribute in 'ftProperties' object class.
-     * @throws SecurityException in the event entry doesn't exist or other system error.
+     * {@inheritDoc}
      */
     @Override
     public Properties read(String name) throws SecurityException

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/d33ae957/src/main/java/org/apache/directory/fortress/core/rest/DelAccessMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/DelAccessMgrRestImpl.java b/src/main/java/org/apache/directory/fortress/core/rest/DelAccessMgrRestImpl.java
index 22da01a..f8d2907 100644
--- a/src/main/java/org/apache/directory/fortress/core/rest/DelAccessMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/DelAccessMgrRestImpl.java
@@ -62,15 +62,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
 {
     private static final String CLS_NM = DelAccessMgrRestImpl.class.getName();
 
+
     /**
-     * This function will determine if the user contains an AdminRole that is authorized assignment control over
-     * User-Role Assignment (URA).  This adheres to the ARBAC02 functional specification for can-assign URA.
-     *
-     * @param session This object must be instantiated by calling {@link org.apache.directory.fortress.core.AccessMgr#createSession(org.apache.directory.fortress.core.model.User, boolean)} before passing into the method.  No variables need to be set by client after returned from createSession.
-     * @param user    Instantiated User entity requires only valid userId attribute set.
-     * @param role    Instantiated Role entity requires only valid role name attribute set.
-     * @return boolean value true indicates access allowed.
-     * @throws org.apache.directory.fortress.core.SecurityException In the event of data validation error (i.e. invalid userId or role name) or system error.
+     * {@inheritDoc}
      */
     @Override
     public boolean canAssign(Session session, User user, Role role)
@@ -102,15 +96,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         return result;
     }
 
+
     /**
-     * This function will determine if the user contains an AdminRole that is authorized revoke control over
-     * User-Role Assignment (URA).  This adheres to the ARBAC02 functional specification for can-revoke URA.
-     *
-     * @param session This object must be instantiated by calling {@link org.apache.directory.fortress.core.AccessMgr#createSession} method before passing into the method.  No variables need to be set by client after returned from createSession.
-     * @param user    Instantiated User entity requires only valid userId attribute set.
-     * @param role    Instantiated Role entity requires only valid role name attribute set.
-     * @return boolean value true indicates access allowed.
-     * @throws SecurityException In the event of data validation error (i.e. invalid userId or role name) or system error.
+     * {@inheritDoc}
      */
     @Override
     public boolean canDeassign(Session session, User user, Role role)
@@ -142,15 +130,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         return result;
     }
 
+
     /**
-     * This function will determine if the user contains an AdminRole that is authorized assignment control over
-     * Permission-Role Assignment (PRA).  This adheres to the ARBAC02 functional specification for can-assign-p PRA.
-     *
-     * @param session This object must be instantiated by calling {@link org.apache.directory.fortress.core.AccessMgr#createSession} method before passing into the method.  No variables need to be set by client after returned from createSession.
-     * @param perm    Instantiated Permission entity requires valid object name and operation name attributes set.
-     * @param role    Instantiated Role entity requires only valid role name attribute set.
-     * @return boolean value true indicates access allowed.
-     * @throws org.apache.directory.fortress.core.SecurityException In the event of data validation error (i.e. invalid perm or role name) or system error.
+     * {@inheritDoc}
      */
     @Override
     public boolean canGrant(Session session, Role role, Permission perm)
@@ -184,15 +166,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         return result;
     }
 
+
     /**
-     * This function will determine if the user contains an AdminRole that is authorized revoke control over
-     * Permission-Role Assignment (PRA).  This adheres to the ARBAC02 functional specification for can-revoke-p PRA.
-     *
-     * @param session This object must be instantiated by calling {@link org.apache.directory.fortress.core.AccessMgr#createSession} method before passing into the method.  No variables need to be set by client after returned from createSession.
-     * @param perm    Instantiated Permission entity requires valid object name and operation name attributes set.
-     * @param role    Instantiated Role entity requires only valid role name attribute set.
-     * @return boolean value true indicates access allowed.
-     * @throws SecurityException In the event of data validation error (i.e. invalid perm or role name) or system error.
+     * {@inheritDoc}
      */
     @Override
     public boolean canRevoke(Session session, Role role, Permission perm)
@@ -226,20 +202,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         return result;
     }
 
+
     /**
-     * This function overrides same in RBAC's AccessMgrImpl, but instead processes permissions contained within AdminPerm dataset.
-     * Function returns a Boolean value containing result of a given administrator's access to perform a given operation on a given object.
-     * The function is valid if and only if the session is a valid Fortress session, the object is a member of the AdminPerm OBJS data set,
-     * and the operation is a member of the AdminPerms OPS data set. The session's subject has the permission
-     * to perform the operation on that object if and only if that permission is assigned to (at least)
-     * one of the session's active roles. This implementation will verify the roles or userId correspond
-     * to the subject's active roles are registered in the object's access control list.
-     *
-     * @param perm object contains obj attribute which is a String and contains the name of the object user is trying to access;
-     * perm object contains operation attribute which is also a String and contains the operation name for the object.
-     * @param session This object must be instantiated by calling {@link org.apache.directory.fortress.core.AccessMgr#createSession} method before passing into the method.  No variables need to be set by client after returned from createSession.
-     * @return True of user has access, false otherwise.
-     * @throws SecurityException In the event of data validation error (i.e. invalid perm name) or system error.
+     * {@inheritDoc}
      */
     @Override
     public boolean checkAccess(Session session, Permission perm)
@@ -273,20 +238,7 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
 
 
     /**
-     * This function adds an adminRole as an active role of a session whose owner is a given user.
-     * <p>
-     * The function is valid if and only if:
-     * <ul>
-     *  <li> the user is a member of the USERS data set
-     *  <li> the role is a member of the ADMIN ROLES data set
-     *  <li> the session is a valid Fortress session
-     *  <li> the user is authorized to that admin role
-     *  <li> the session is owned by that user.
-     * </ul>
-     * </p>
-     * @param session object contains the user's returned RBAC and ARBAC sessions from the createSession method.
-     * @param role    object contains the adminRole name to be activated into session.
-     * @throws org.apache.directory.fortress.core.SecurityException is thrown if user is not allowed to activate or runtime error occurs with system.
+     * {@inheritDoc}
      */
     @Override
     public void addActiveRole(Session session, UserAdminRole role)
@@ -313,15 +265,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         }
     }
 
+
     /**
-     * This function deactivates adminRole from the active adminRole set of a session owned by a given user.
-     * The function is valid if and only if the user is a member of the USERS data set, the
-     * session object contains a valid Fortress session, the session is owned by the user,
-     * and the adminRole is an active adminRole of that session.
-     *
-     * @param session object contains the user's returned RBAC and ARBAC sessions from the createSession method.
-     * @param role    object contains the adminRole name to be deactivated.
-     * @throws org.apache.directory.fortress.core.SecurityException is thrown if user is not allowed to deactivate or runtime error occurs with system.
+     * {@inheritDoc}
      */
     @Override
     public void dropActiveRole(Session session, UserAdminRole role)
@@ -348,12 +294,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         }
     }
 
+
     /**
-     * This function returns the active admin roles associated with a session. The function is valid if
-     * and only if the session is a valid Fortress session.
-     * @param session object contains the user's returned RBAC session from the createSession method.
-     * @return List<UserAdminRole> containing all adminRoles active in user's session.  This will NOT contain inherited roles.
-     * @throws SecurityException is thrown if session invalid or system. error.
+     * {@inheritDoc}
      */
     @Override
     public List<UserAdminRole> sessionAdminRoles(Session session)
@@ -380,13 +323,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         return roles;
     }
 
+
     /**
-     * This function returns the authorized admin roles associated with a session based on hierarchical relationships. The function is valid if
-     * and only if the session is a valid Fortress session.
-     *
-     * @param session object contains the user's returned ARBAC session from the createSession method.
-     * @return Set<String> containing all adminRoles authorized in user's session.  This will contain inherited roles.
-     * @throws SecurityException is thrown if session invalid or system. error.
+     * {@inheritDoc}
      */
     @Override
     public Set<String> authorizedAdminRoles(Session session)
@@ -416,13 +355,9 @@ public class DelAccessMgrRestImpl extends AccessMgrRestImpl implements DelAccess
         //throw new java.lang.UnsupportedOperationException();
     }
 
+
     /**
-     * This function returns the ARBAC (administrative) permissions of the session, i.e., the permissions assigned
-     * to its authorized admin roles. The function is valid if and only if the session is a valid Fortress session.
-     *
-     * @param session object contains the user's returned ARBAC session from the createSession method.
-     * @return List<Permission> containing admin permissions (op, obj) active for user's session.
-     * @throws SecurityException in the event runtime error occurs with system.
+     * {@inheritDoc}
      */
     @Override
     public List<Permission> sessionPermissions(Session session)


Mime
View raw message