Realm Access Control List (nACL)
When you have connected to a realm and have a reference to an nRealmNode object, you can access the realm's ACL (Access Control List) object. This object contains a list of nRealmACLEntry objects that represent a subject and a set of permissions for various operations on a realm.
You can also, add, delete, and modify ACL entry objects. To obtain the realm ACL object, call the following method from a realm node:
nACL acl = realm.getACLs();
nRealmACLEntry
Once you have the ACL object, you can then add, remove, or modify ACL entries:
To find a specific ACL entry from the realm ACL, you can search the ACL using the subject. For example, if you want to change the default permissions for the *@* subject, which is the default permission for a realm, you can use the following code:
nRealmACLEntry entry = acl.find("Everyone");
entry.setFullPrivileges(false);
acl.replace(entry);
realm.setACLs(acl);
which would set the full privileges flag to false for the default subject.
Setting the Override Connection Count Permission
The Override Connection Count ACL permission lets users with an admin connection connect to
realms that exceed the connection limit set in the
MaxNoOfConnectionsPerUserName and MaxNoOfConnections
realm configuration properties. To set the permission, use code similar to the
following:
nRealmNode node = new nRealmNode(new nSessionAttributes("nhp://localhost:9000");
nRealmACLEntry acl = new nRealmACLEntry("user@host");
acl.setOverrideConnectionCount(true);
node.addACLEntry(acl);where nhp://localhost:9000 is the URL of the realm you want to modify and user@host represents the user and host to which you want to grant permission.
For more information about the MaxNoOfConnectionsPerUserName and
MaxNoOfConnections properties, see Realm
Configuration.