[jboss-cvs] JBossAS SVN: r107793 - projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Wed Aug 25 18:13:28 EDT 2010 

Author: anil.saldhana at jboss.com
Date: 2010-08-25 18:13:27 -0400 (Wed, 25 Aug 2010)
New Revision: 107793

Modified:
   projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/LDAPAttributeLocator.java
Log:
doc

Modified: projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/LDAPAttributeLocator.java
===================================================================
--- projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/LDAPAttributeLocator.java	2010-08-25 21:37:26 UTC (rev 107792)
+++ projects/security/security-xacml/trunk/jboss-xacml/src/main/java/org/jboss/security/xacml/locators/attrib/LDAPAttributeLocator.java	2010-08-25 22:13:27 UTC (rev 107793)
@@ -45,6 +45,33 @@
 
 /**
  * An attribute locator getting attribute values from an LDAP
+ * 
+ * Configuration:
+    * url - The LDAP server URL to connect to.
+    * factory - The JNDI factory that is JDK specific such as "com.sun.jndi.ldap.LdapCtxFactory" which is the default.
+    * username - The username to connect to the LDAP server. This user must have search privileges
+    * password - The password of the user to connect to the LDAP server
+    * filter - The search filter to be used to find the entries that have a policy
+    * attribute - The name of the entry's attribute containing the XACML policy in the xml format
+    * searchScope - Scope of the search for entries. Default is SUBTREE
+    * searchTimeLimit - Search time limit. Default is 10000 (10 seconds)
+    * attributeSupportedId : Attribute that is supported by this locator for retrieval.
+    * substituteValue : This is the URI of the attribute available from the request that will be plugged into the ldap filter wildcard.
+    * valueDataType: The data type of the attribute that is being plugged into the filter of the wildcard. 
+    * name : the fully qualified name (FQN) of the class.
+
+     Masking the LDAP Password
+
+     Additionally, The password value can be masked using PBE.
+
+     To create a masked password invoke  org.jboss.security.xacml.util.PBEUtils salt iterationCount password
+     When using a masked password add also the options
+
+      * salt - the 8 character String
+      * iterationCount - an integer
+
+      NOTE:  Those options must have the same value used for encryption.
+ *
  * @author Anil.Saldhana at redhat.com
  * @since Aug 25, 2010
  */

More information about the jboss-cvs-commits mailing list