FreeBSD Manual Pages
OpenXPKI::Server::ACL(User Contributed Perl DocumentatOpenXPKI::Server::ACL(3) Name OpenXPKI::Server::ACL Description The ACL module implements the authorization for the OpenXPKI core system. Functions new is the constructor of the module. The constructor loads all ACLs of all PKI realms. Every PKI realm must include an ACL section in its configuration. This configuration includes a definition of all servers, all supported roles and all permissions. authorize is the function which grant the right to execute an activity. The function needs two parameters ACTIVITY and AFFECTED_ROLE. The activity is the activity which is performed by the workflow engine. The affected role is the role of the object which is handled by the activity. If you create a request for a certificate with the role "RA Operator" then the affected role is "RA Operator". The other needed parameters will be automatically determined via the active session. It is not necessary to specify a PKI realm or the role of the logged in user. If the access is granted then function returns a true value. If the access is denied then an exception is thrown. get_roles returns all available roles for the actual PKI realm. get_servers returns a hashref that lists all servers by PKI realm perl v5.32.0 2020-08-29 OpenXPKI::Server::ACL(3)
Name | Description | Functions
Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=OpenXPKI::Server::ACL&sektion=3&manpath=FreeBSD+12.2-RELEASE+and+Ports>