content/apacheds/advanced-ug/4.2.2-definitions.mdtext - directory-site - Git at Google

 Title: 4.2.2 - Definitions
 NavPrev: 4.2.1-introduction.html
 NavPrevText: 4.2.1 - Introduction
 NavUp: 4.2-authorization.html
 NavUpText: 4.2 - Authorization
 NavNext: 4.2.3-enabling-access-control.html
 NavNextText: 4.2.3 - Enabling Access Control
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
     regarding copyright ownership.  The ASF licenses this file
     to you under the Apache License, Version 2.0 (the
     "License"); you may not use this file except in compliance
     with the License.  You may obtain a copy of the License at
     .
     http://www.apache.org/licenses/LICENSE-2.0
     .
     Unless required by applicable law or agreed to in writing,
     software distributed under the License is distributed on an
     "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     KIND, either express or implied.  See the License for the
     specific language governing permissions and limitations
     under the License.

 # 4.2.2 - Definitions

 **ACI** :

 > Access Control Information. The set of all the information which might
 > be relevant to an access control decision for a given subject.

 **ACDF** :

 > Access Control Decision Function. It is the function used to decide
 > whether a particular subject has a particular access right by virtue of
 > applicable ACI items.

 **protected item** :

 > A protected item is the element of directory information being
 > accessed.  The protected items are entries, attributes, attribute values
 > and distinguished names.  Access to each protected item can be separately
 > controlled through ACI.

 **subject** :

 >  The entity acting on the server. It can be a person, a program, ... It
 > aggregates the identity and the security related attributes (passwords,
 > ceritifcates...) for this entity.
	Title: 4.2.2 - Definitions
	NavPrev: 4.2.1-introduction.html
	NavPrevText: 4.2.1 - Introduction
	NavUp: 4.2-authorization.html
	NavUpText: 4.2 - Authorization
	NavNext: 4.2.3-enabling-access-control.html
	NavNextText: 4.2.3 - Enabling Access Control
	Notice: Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at
	.
	http://www.apache.org/licenses/LICENSE-2.0
	.
	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.

	# 4.2.2 - Definitions

	ACI :

	> Access Control Information. The set of all the information which might
	> be relevant to an access control decision for a given subject.

	ACDF :

	> Access Control Decision Function. It is the function used to decide
	> whether a particular subject has a particular access right by virtue of
	> applicable ACI items.

	protected item :

	> A protected item is the element of directory information being
	> accessed. The protected items are entries, attributes, attribute values
	> and distinguished names. Access to each protected item can be separately
	> controlled through ACI.

	subject :

	> The entity acting on the server. It can be a person, a program, ... It
	> aggregates the identity and the security related attributes (passwords,
	> ceritifcates...) for this entity.