SecAdmin (AMETAS 2.6 API (pub))

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

AMETAS.place
Class SecAdmin

java.lang.Object
  AMETAS.place.SecAdmin

public class SecAdmin
extends java.lang.Object

Stand-alone tool to configure the place security. SecAdmin allows to configure the security offline, that is, the place need not run, and is even recommended not to run. Most commands require the knowledge of the place's passphrase. After it has been entered correctly, the passphrase will not be queried again.

All commands are also available as command line arguments for the start of SecAdmin. In that case, the command will be executed, and SecAdmin terminates. In order to avoid writing the place passphrase in plain text into scripts, the pseudo passphrase ".QUERY." may be used. In that case, SecAdmin will request the user to type in the passphrase.

The following commands are defined in SecAdmin.

apropos	subject	Find help to subject
cfyidy	CAPass CAFile File msec	Certify identity
chksig	PlacePasshrase SPU	Check SPU signatures
crplidy	PlacePassphrase (PLACE\|CA)	Create the place identity
crpriv	PlacePassphrase Name[{Permission}]	Define a privilege
cruser	Name UserPass File	Create a new user
csccsig	PlacePassphrase SCC	Check SCC signatures
grpriv	PlacePassphrase (IDFile\|#UID) {Priv}	Grant privileges
help	[command]	This screen
impidy	PlacePassphrase File	Import identity
initdap	PlacePassphrase	Reset DomainAccessPolicy
pubidy	FullIdyFile PubIdyFile	Create a public identity
quit	or exit	Leave SecAdmin
rmallcert	IdentFile	Remove all certificates
rmpriv	PlacePassphrase PrivName	Remove a privilege
rmidy	PlacePassphrase (IDfile\|#UID)	Remove identity from database
rvallpriv	PlacePassphrase (IDfile\|#UID)	Revoke all privileges of this ID
rvpriv	PlacePassphrase (IDfile\|#UID) Priv	Revoke a privilege of this ID
setaup	PlacePassphrase MigAg? LocalAg? Service? User? AllowGuest?	Set the authentication policy
setcap	PlacePassphrase {CAname}	Accepted CAs
setdep	PlacePassphrase KnownAuthor?	Are unknown authors accepted?
setmip	PlacePassphrase MinIntLevel MaxIntLevel MinExtLevel MaxExtLevel	Set the migration policy
setpdp	PlacePassphrase DomAdminPl {Place}	Set the PlaceDomainPolicy
show	(aup\|cap\|dap\|dep\|mip\|pdp) PlacePassphrase	Show the respective policy
show	(idy\|pidy) PlacePassphrase	Show identities
verbose	(on\|off)	Turn on/off detail messages

Caution: The place passphrase must be used with extreme care. Knowledge of this passphrase will give complete control of the place. Although using the place passphrase in scripts may seem to be handy, we definitely discourage you from doing that.

Constructor Summary
`SecAdmin(java.lang.String sFile, boolean bDebug, java.io.OutputStream osOut, java.io.OutputStream osErr)` Constructor which does not process command line arguments.

Method Summary
`java.lang.String`	`getPlace()` Returns the name of the currently defined place.
`void`	`loadConfig(java.lang.String sFile)` Changes the places to be configured.
`static void`	`main(java.lang.String[] arg)` Start method.
`void`	`processCommand(java.lang.String sCommand)` Executed the given command as if it were provided at the command prompt of the interactive mode.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecAdmin

public SecAdmin(java.lang.String sFile,
                boolean bDebug,
                java.io.OutputStream osOut,
                java.io.OutputStream osErr)

Constructor which does not process command line arguments.
Parameters:: sFile - Config file.; bDebug - if true, detail messages are printed.; osOut - Output stream.; osErr - Error stream.

Method Detail

main

public static void main(java.lang.String[] arg)

Start method. You must at least provide the name of the place configuration file.

AMETAS.place.SecAdmin [-v] ConfigFile [Command {Arguments}]

with "-v" turning on the detail messages.

Parameters:: arg - Command line parameters.

processCommand

public void processCommand(java.lang.String sCommand)

Executed the given command as if it were provided at the command prompt of the interactive mode. The place it operates on must have been set before.

Parameters:: sCommand - command string which complies to the same syntax as if entered at the commmand prompt.

getPlace

public java.lang.String getPlace()

Returns the name of the currently defined place. This place is affected on subsequent calls to processCommand.

Returns:: Name of the currently referenced place

loadConfig

public void loadConfig(java.lang.String sFile)

Changes the places to be configured. This method allows to reuse the same SecAdmin instance for another place. All subsequent processCommand calls refer to this place.

Parameters:: sFile - Configuration file of the new place.