directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Suriarachchi <amilasuriarach...@gmail.com>
Subject Re: Setting the Access control details
Date Thu, 28 Jan 2010 05:48:14 GMT
how to add a userPassoword filed as well. Could someone please help me on
this?

I use this to add new entries to the new partition.

LdapDN wso2dn = new LdapDN("ou=wso2");
                ServerEntry wso2Entry = service.newEntry(wso2dn);
                wso2Entry.add("objectClass", "top", "organizationalUnit",
"extensibleObject");
                wso2Entry.add("ou", "wso2");
                wso2Entry.add("administrativeRole",
"accessControlSpecificArea");
                service.getAdminSession().add(wso2Entry);

                // add the admin user
                LdapDN admindn = new LdapDN("uid=admin,ou=wso2");
                ServerEntry adminEntry = service.newEntry(admindn);
                adminEntry.add("objectClass", "inetOrgPerson",
"organizationalPerson", "person", "top");
                adminEntry.add("uid", "admin");
                adminEntry.add("sn", "admin");
                adminEntry.add("cn", "admin");
                adminEntry.put("userPassword","admin");

                service.getAdminSession().add(adminEntry);

but seems to be adminEntry.put("userPassword","admin"); is not working.

thanks,
Amila.

On Wed, Jan 27, 2010 at 10:33 PM, Amila Suriarachchi <
amilasuriarachchi@gmail.com> wrote:

> hi,
>
> Currently I am looking into the possibilities of setting the access control
> details with Apache directory service.
>
> As I saw if we create a user under ou=users,ou=system, then only that user
> (except admin) can access his details but others can not.
>
> How can I do the same thing under a different partition.
>
> eg ou=foo
>
> With the given user guide and using Directory studio I learned that I can
> use accessControlSubEntry and SubEntry Object classes for that
> by giving access control polices with prescriptiveACI. In fact I could get
> the given samples work.
>
> How can I write the prescriptiveACI for the above requirement. From the
> Directory Studio UI I saw user type called "This Entry" and Item type
> "self value". Can those values use for that?
>
> thanks,
> Amila.
>
> Amila Suriarachchi
> WSO2 Inc.
> blog: http://amilachinthaka.blogspot.com/
>



-- 
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/

Mime
View raw message