GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  OPENXPKI::SERVER::ACL (3)

.ds Aq ’

Name

OpenXPKI::Server::ACL

CONTENTS

Description

The ACL module implements the authorization for the OpenXPKI core system.

Functions

    new

is the constructor of the module. The constructor loads all ACLs of all PKI realms. Every PKI realm must include an ACL section in its configuration. This configuration includes a definition of all servers, all supported roles and all permissions.

    authorize

is the function which grant the right to execute an activity. The function needs two parameters ACTIVITY and AFFECTED_ROLE. The activity is the activity which is performed by the workflow engine. The affected role is the role of the object which is handled by the activity. If you create a request for a certificate with the role RA Operator then the affected role is RA Operator.

The other needed parameters will be automatically determined via the active session. It is not necessary to specify a PKI realm or the role of the logged in user.

If the access is granted then function returns a true value. If the access is denied then an exception is thrown.

    get_roles

returns all available roles for the actual PKI realm.

    get_servers

returns a hashref that lists all servers by PKI realm
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 OPENXPKI::SERVER::ACL (3) 2016-04-03

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.