Administer access control list entries IBM Security Verify Access for Web

Administer access control list entries

We must create an ACL object before we can administer ACL entries for the object.
The administration API can be used to specify entries for each of the following ACL entry types:

Users
Groups
User any-other (also known as any-authenticated)
User unauthenticated

PDAclEntryUser

An ACL entry that applies to a particular user.

PDAclEntryGroup

An ACL entry that applies to all members of a particular group.

PDAclEntryAnyOther

The ACL entry that applies to any other authenticated users. Any user that is already authenticated into the ISAM secure domain, but is not covered by a separate user or group entry in the access control list, is allowed the permissions specified by this ACL entry.

PDAclEntryUnAuth

The ACL entry that applies to unauthenticated users. Any user that is not already authenticated is allowed the permissions specified by this ACL entry.

Be sure that we understand ACL entry syntax, ACL entry types, and ACL permission (action) attributes before we use the administration API methods in this section.
ISAM supports 18 default actions. For a list of the default Security Verify Access actions, see the section about default Security Verify Access permissions for actions in the IBM Security Verify Access for Web: Administration Guide.
See the section about ACL entry syntax in the IBM Security Verify Access for Web: Administration Guide.
Table 1 lists the methods for administering ACL entries.

Methods Description

PDAcl object.getPDAclEntryAnyOther Returns the PDAclEntryAnyOther object associated with the ACL.

PDAcl object.getPDAclEntryUnAuth Returns the PDAclEntryUnAuth object associated with the ACL.

PDAcl object.getPDAclEntriesUser Returns a Java™ HashMap of the PDAclEntryUser objects associated with the ACL.

PDAcl object.getPDAclEntriesGroup Returns a Java HashMap of the PDAclEntryGroup objects associated with the ACL.

PDAcl.removePDAclEntryAnyOther
PDAcl object.removePDAclEntryAnyOther Remove the ACL entry for the any-other user from the specified ACL.

PDAcl.removePDAclEntryGroup
PDAcl object.removePDAclEntryGroup Remove the ACL entry for the specified group from the specified ACL.

PDAcl.removePDAclEntryUnAuth
PDAcl object.removePDAclEntryUnAuth Remove the ACL entry for the unauthenticated user from the specified ACL.

PDAcl.removePDAclEntryUser
PDAcl object.removePDAclEntryUser Remove the ACL entry for the specified user from the specified ACL.

PDAcl.setPDAclEntryAnyOther
PDAcl object.setPDAclEntryAnyOther Sets or modifies the ACL entry for the any-other user in the ACL.
Call this function to specify permissions for all authenticated users who do not have a separate user or group entry in the specified ACL.

PDAcl.setPDAclEntryGroup
PDAcl object.setPDAclEntryGroup Sets or modifies the ACL entry for the specified group in the specified ACL.

PDAcl.setPDAclEntryUnAuth
PDAcl object.setPDAclEntryUnAuth Sets the ACL entry for the unauthenticated user in the specified ACL.
Call this function to specify permissions for those users that are not already authenticated.

PDAcl.setPDAclEntryUser
PDAcl object.setPDAclEntryUser Sets the entry for the specified user in the specified ACL. Use this function to specify the actions that a user is permitted to perform.

For detailed reference information about these methods, see the Javadoc HTML documentation.
Parent topic: Administer access control

Methods	Description
PDAcl object.getPDAclEntryAnyOther	Returns the PDAclEntryAnyOther object associated with the ACL.
PDAcl object.getPDAclEntryUnAuth	Returns the PDAclEntryUnAuth object associated with the ACL.
PDAcl object.getPDAclEntriesUser	Returns a Java™ HashMap of the PDAclEntryUser objects associated with the ACL.
PDAcl object.getPDAclEntriesGroup	Returns a Java HashMap of the PDAclEntryGroup objects associated with the ACL.
PDAcl.removePDAclEntryAnyOther PDAcl object.removePDAclEntryAnyOther	Remove the ACL entry for the any-other user from the specified ACL.
PDAcl.removePDAclEntryGroup PDAcl object.removePDAclEntryGroup	Remove the ACL entry for the specified group from the specified ACL.
PDAcl.removePDAclEntryUnAuth PDAcl object.removePDAclEntryUnAuth	Remove the ACL entry for the unauthenticated user from the specified ACL.
PDAcl.removePDAclEntryUser PDAcl object.removePDAclEntryUser	Remove the ACL entry for the specified user from the specified ACL.
PDAcl.setPDAclEntryAnyOther PDAcl object.setPDAclEntryAnyOther	Sets or modifies the ACL entry for the any-other user in the ACL. Call this function to specify permissions for all authenticated users who do not have a separate user or group entry in the specified ACL.
PDAcl.setPDAclEntryGroup PDAcl object.setPDAclEntryGroup	Sets or modifies the ACL entry for the specified group in the specified ACL.
PDAcl.setPDAclEntryUnAuth PDAcl object.setPDAclEntryUnAuth	Sets the ACL entry for the unauthenticated user in the specified ACL. Call this function to specify permissions for those users that are not already authenticated.
PDAcl.setPDAclEntryUser PDAcl object.setPDAclEntryUser	Sets the entry for the specified user in the specified ACL. Use this function to specify the actions that a user is permitted to perform.