4.33 - Enable Role Constraint
public void enableRoleConstraint( Role role, RoleConstraint roleConstraint ) throws SecurityException;
This method enables a role to be constrained by attributes.
The function is valid if and only if:
- The role is a member of the ROLES data set.
Required Parameters:
- Role#name - contains the name of a Role.
- RoleConstraint#type - type of role constraint: [USER, FILTER, OTHER].
- RoleConstraint#key - the name of an attribute set targeted for the User-Role.
Throws:
- SecurityException - is thrown if user is not allowed to activate or runtime error occurs with system.
enableRoleConstraint
import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.AdminMgrFactory;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.RoleConstraint;
@test
public static void testEnableRoleConstraint( Role role, String key )
{
String szLocation = ".testEnableRoleConstraint";
try
{
AdminMgr adminMgr = AdminMgrFactory.createInstance();
RoleConstraint constraint = new RoleConstraint();
constraint.setType(RoleConstraint.RCType.USER);
constraint.setKey( key );
RoleConstraint out = adminMgr.enableRoleConstraint( role, constraint );
}
catch ( SecurityException ex )
{
LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
fail( ex.getMessage() );
}
}