[FrontPage] [TitleIndex] [WordIndex

DRMAccess

1. General Information

First of all, please make sure to read the chapter on General Information for all deegreeTools.

2. Description

This program enables deegree sercurity administration using commandline calls. It should/must bs used instead of deegree's drm-admin web application if you want to

  1. defined complex rights using constraints defined as OGC FileterEncoding expressions (e.g. a user is just allowed to perform a GetMap request if the boundingbox intersects with a defined boundary and the mas spatial resolution is less than 10m.

  2. perform definition of rights by a batch-job

3. Library Dependancies

general libs

database specific libs

4. Usage

Two things are important to note:

  1. Even if you use Postgres, MS SQLServer, HSQLDB etc. Oracle library is required
  2. If rights manipulating actions a performed deegree user and rights management API requires adminstrator authentication. Since name of the admin always is SEC_ADMIN just his password must be defined. Because it is assumed that the admin password does not change frequently it will be read from org/deegree/tools/security/sec.properties (contained in deegree2.jar). If you do not use default password (it is strongly recomment not to do this and to change the admin password) you must adjust sec.properties.

The program will be invoked as follows (example shows how to define a right with a constraint):

Common for all operations are database connection parameters '-driver', '-logon', '-user', '-pw', and parameter '-action' defining what to do. In general following commandline parameter combinations are known: general definitions, possible actions.

4.1. general definitions

-driver

-logon

-user

-password

4.2. possible actions

-action

4.2.1. action = addUser

adds a user to the right management

-name

-password

-firstName

-lastName

-email

4.2.2. action = removeUser

removes a user from the right management

-name

4.2.3. action = addGroup

adds a group to the right management system

4.2.4. action = removeGroup

removes a group to the right management

-name

4.2.5. action = addRole

adds a role to the right management system

-name

4.2.6. action = addUserToGroup

adds a user to a named group

-userName

-groupName

4.2.7. action = addUserToGroup

assignes a group with a role

-groupName

-roleName

4.2.8. action = addSecuredObject

adds a new secured object to the right management system

-soType

-soName

-soTitle

4.2.9. action = removeSecuredObject

removes a new secured object from the right management system

-soType

-soName

4.2.10. action = assignRights

assigns rights on a named secured object to a role

 -constraints

-rights

-soName

-soType

-role

4.2.11. action = removeRights

removes rights on a named secured object to a role

-rights

-soName

-soType

-role

4.2.12. action = clean

cleans the complete right management system database by deleting all entries!


look for other deegreeTools


CategoryDeegree2


2018-04-20 12:04