|
zookeeper-cpp
ZooKeeper Client for C++
|
An individual rule in an acl. More...
#include <zk/acl.hpp>
Public Member Functions | |
| acl_rule (std::string scheme, std::string id, permission permissions) | |
| Create an ACL under the given scheme and id with the given permissions. More... | |
| const std::string & | scheme () const |
| The authentication scheme this list is used for. More... | |
| const std::string & | id () const |
| The ID of the user under the scheme. More... | |
| const permission & | permissions () const |
| The permissions associated with this ACL. More... | |
An individual rule in an acl.
It consists of a scheme and id pair to identify the who and a permission set to determine what they are allowed to do.
See "Builtin ACL Schemes" in the ZooKeeper Programmer's Guide for more information.
| zk::acl_rule::acl_rule | ( | std::string | scheme, |
| std::string | id, | ||
| permission | permissions | ||
| ) |
|
inline |
|
inline |
|
inline |
The authentication scheme this list is used for.
The most common scheme is "auth", which allows any authenticated user to perform actions (see acls::creator_all).
ZooKeeper's authentication system is extensible, but the majority of use cases are covered by the built-in schemes:
"world" – This has a single ID "anyone" that represents any user of the system. The ACLs acls::open_unsafe and acls::read_unsafe use the "world" scheme."auth" – This represents any authenticated user. The id field is unused. The ACL acls::creator_all uses the "auth" scheme."digest" – This uses a "${username}:${password}" string to generate MD5 hash which is then used as an identity. Authentication is done by sending the string in clear text. When used in the ACL, the expression will be the "${username}:${digest}", where digest is the base 64 encoded SHA1 digest of password."ip" – This uses the client host IP as an identity. The id expression is an IP address or CIDR netmask, which will be matched against the client identity. 
1.8.7