Configuration Reference Home
OpenDJ - Access Control Handler

Access Control Handler

Note: this is an abstract component, that cannot be instantiated.

Access Control Handlers manage the application-wide access control. The OpenDJ access control handler is defined through an extensible interface, so that alternate implementations can be created. Only one access control handler may be active in the server at any given time.

Note that OpenDJ also has a privilege subsystem, which may have an impact on what clients may be allowed to do in the server. For example, any user with the bypass-acl privilege is not subject to access control checking regardless of whether the access control implementation is enabled.

Direct Subcomponents

The following Access Control Handlers are available in the server :

These Access Control Handlers inherit from the properties described below.

Properties

A description of each property follows.


Basic Properties: Advanced Properties:
↓ enabled  None
↓ java-class

Basic Properties

enabled

Description
Indicates whether the Access Control Handler is enabled. If set to FALSE, then no access control is enforced, and any client (including unauthenticated or anonymous clients) could be allowed to perform any operation if not subject to other restrictions, such as those enforced by the privilege subsystem.
Default Value
None
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No

java-class

Description
Specifies the fully-qualified name of the Java class that provides the Access Control Handler implementation.
Default Value
None
Allowed Values
A java class that implements or extends the class(es) :
org.opends.server.api.AccessControlHandler
Multi-valued
No
Required
Yes
Admin Action Required
The Access Control Handler must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No