DSEE Compatible Access Control Handler
The DSEE Compatible Access Control Handler provides an implementation that uses syntax compatible with the Sun Java System Directory Server Enterprise Edition access control handlers.
Parent
The DSEE Compatible Access Control Handler object inherits from Access Control Handler.
DSEE Compatible Access Control Handler properties
You can use configuration expressions to set property values at startup time. For details, see Property value substitution.
Basic Properties | Advanced Properties |
---|---|
enabled
Synopsis |
Indicates whether the Access Control Handler is enabled. If set to FALSE, then any client (including unauthenticated or anonymous clients) is allowed to bind to the server and any connection with the "bypass-acl" privilege is allowed to perform any operation. |
Default value |
None |
Allowed values |
true false |
Multi-valued |
No |
Required |
Yes |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
global-aci
Synopsis |
Defines global access control rules. |
Description |
Global access control rules apply to all entries anywhere in the data managed by the OpenDJ directory server. The global access control rules may be overridden by more specific access control rules placed in the data. |
Default value |
No global access control rules are defined, which means that no access is allowed for any data in the server unless specifically granted by access control rules in the data. |
Allowed values |
An access control instruction (ACI). |
Multi-valued |
Yes |
Required |
No |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
Advanced properties
Use the --advanced
option to access advanced properties.
java-class
Synopsis |
Specifies the fully-qualified name of the Java class that provides the DSEE Compatible Access Control Handler implementation. |
Default value |
org.opends.server.authorization.dseecompat.AciHandler |
Allowed values |
A Java class that extends or implements:
|
Multi-valued |
No |
Required |
Yes |
Admin action required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
Yes |
Read-only |
No |