FC-265 - add external switch to enable arbac02 runtime checks.
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index 88b9f6f..f4f3864 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -212,7 +212,6 @@
* ** LDAP ATTRIBUTE NAMES AND CONSTANT VALUES
* ************************************************************************
*/
-
public static final String SERVER_TYPE = "ldap.server.type";
/*
@@ -383,7 +382,7 @@
*/
/**
- * RF2307bis uses this for groiups:
+ * RF2307bis uses this for groups:
*/
public static final String RFC2307_PROP = "rfc2307";
public static final String GID_NUMBER = "gidNumber";
@@ -611,7 +610,8 @@
*/
public static final String HTTP_PW_PROP = "http.pw";
-
-
-
+ /**
+ * Attribute name for property ARBAC02 enforcement boolean.
+ */
+ public static final String IS_ARBAC02 = "is.arbac02";
}
\ No newline at end of file
diff --git a/src/main/java/org/apache/directory/fortress/core/util/Config.java b/src/main/java/org/apache/directory/fortress/core/util/Config.java
index f459f57..cc70c70 100755
--- a/src/main/java/org/apache/directory/fortress/core/util/Config.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/Config.java
@@ -75,6 +75,7 @@
private static final String EXT_CONFIG_REALM = "fortress.config.realm";
private static final String EXT_CONFIG_ROOT_DN = "fortress.config.root";
private static final String EXT_SERVER_TYPE = "fortress.ldap.server.type";
+ private static final String EXT_IS_ARBAC02 = "fortress.is.arbac02";
// static reference contains this.
private static volatile Config sINSTANCE = null;
@@ -454,11 +455,6 @@
{
return GlobalIds.REALM_TYPE.equalsIgnoreCase( getProperty( GlobalIds.AUTHENTICATION_TYPE ) );
}
- /*
- if( ( Config.getInstance().getProperty( GlobalIds.ROLE_OCCUPANTS ) != null )
- && ( ! Config.getInstance().getProperty( GlobalIds.ROLE_OCCUPANTS ).equalsIgnoreCase( "false" ) ) )
-
- */
public boolean isRoleOccupant()
{
// misc LDAP:
@@ -715,6 +711,17 @@
config.setProperty( GlobalIds.SERVER_TYPE, szValue );
LOG.info( PREFIX, GlobalIds.SERVER_TYPE, szValue );
}
+
+ // Check to see if ARBAC02 checking enforced in service layer:
+ szValue = System.getProperty( EXT_IS_ARBAC02 );
+ LOG.info( PREFIX, GlobalIds.IS_ARBAC02, szValue );
+
+ if( StringUtils.isNotEmpty( szValue ))
+ {
+ Boolean isArbac02 = new Boolean(szValue);
+ config.setProperty( GlobalIds.IS_ARBAC02, isArbac02.booleanValue() );
+ LOG.info( PREFIX, GlobalIds.IS_ARBAC02, isArbac02.booleanValue() );
+ }
}
/**
