Help-Site Computer Manuals
Software
Hardware
Programming
Networking
  Algorithms & Data Structures   Programming Languages   Revision Control
  Protocols
  Cameras   Computers   Displays   Keyboards & Mice   Motherboards   Networking   Printers & Scanners   Storage
  Windows   Linux & Unix   Mac

/var/sites/help-site.com/auto/tmp/CPAN/9677/Tivoli-AccessManager-Admin-1.11/Admin/POP.pm

/var/sites/help-site.com/auto/tmp/CPAN/9677/Tivoli-AccessManager-Admin-1.11/Admin/POP.pm


NAME

Tivoli::AccessManager::Admin::POP


SYNOPSIS


    use Tivoli::AccessManager::Admin;

    my ($pop,$resp,$obj);

    my $pd = Tivoli::AccessManager::Admin->new( password => $pswd);

    # Instantiate a new pop

    $pop = Tivoli::AccessManager::Admin::POP->new($pd, name => 'test');

    # Actually create the POP in the policy db

    $resp = $pop->create();

    # Set its description

    $resp = $pop->description( "POP goes the monkey" );

    # Attach it

    $resp = $pop->attach('/test/monkey');

    # See where it is now attached

    $resp = $pop->find;

    # Detach it now

    $resp = $pop->detach('/test/monkey');

    # Get a full list of POPs

    $resp = Tivoli::AccessManager::Admin::POP->list($pd);

    # Set the level for any other network

    $resp = $pop->anyothernw( 2 );

    # Forbid access from any other network

    $resp = $pop->anyothernw( 'forbidden' );

    # Set an IP auth level for a few networks

    $resp = $pop->ipauth(add => {'192.168.8.0' => {NETMASK => '255.255.255.0',

                                                   AUTHLEVEL => 1 }.

                                 '192.168.9.0' => {NETMASK => '255.255.255.0',

                                                   AUTHLEVEL => 2}

                                }

                        );

    # Forbid the entire 10.x.x.x network

    $resp = $pop->ipauth(forbidden => {'10.0.0.0' => {NETMASK=>'255.0.0.0'}});

    # Set the audit level

    $resp = $pop->audit( [qw/all/] );

    # Set the QoP level

    $resp = $pop->qop('privacy');

    # Set Time of Day access

    $resp = $pop->tod( days => [qw/monday tuesday wednesday/],

                       start => '0800',

                       end   => '1800',

                     );

    # Set the warn mode

    $resp = $pop->warnmode(1);

    # Set an extended attribute or two

    $resp = $pop->attributes( add => { foobar => 'baz',

                                       silly  => [qw/one two three/] }

                            );

    # Clean up after myself

    $pop->delete;


DESCRIPTION

the Tivoli::AccessManager::Admin::POP manpage allows manipulation of POPs via perl.


CONSTRUCTORS

new( PDADMIN[, name => NAME] )

Creates a blessed the Tivoli::AccessManager::Admin::POP manpage object. It should be noted that creating the object in perl is not the same thing as creating it in TAM's policy database. See create to do that.

Parameters

PDADMIN
An initialized the Tivoli::AccessManager::Admin::Context manpage object. This parameter is, as usual, required.

name => NAME
The POP's name. This is technically speaking optional, but it may have some unintentional side effects if not provided. Namely, the object will assume it doesn't exist, which will cause problems when trying to do anything to it.

In short, if you intend on calling create you can forget this parameter. Otherwise, include it.

Returns

A blessed the Tivoli::AccessManager::Admin::POP manpage object. If there is an error, you will get undef.

create(PDADMIN, name => NAME)

Creates the object in TAM's policy database and returns the blessed reference.

Parameters

PDADMIN
An initialized the Tivoli::AccessManager::Admin::Context manpage object. This parameter is required.

name => NAME
The POP's name. When using create as a constructor, this parameter is required.

Returns

A the Tivoli::AccessManager::Admin::Response manpage object containing the newly created object. I refer you to that module's documentation for digging the value out.


CLASS METHODS

Class methods behave like instance methods in that they all return a the Tivoli::AccessManager::Admin::Response manpage object.

list(PDADMIN)

List all of the POPs defined in TAM.

Parameters

PDADMIN
The standard, initialized the Tivoli::AccessManager::Admin::Context manpage object.

Returns

The list of all defined POPs.


METHODS

All of the methods return a the Tivoli::AccessManager::Admin::Response manpage object unless otherwise explicitly stated. See the documentation for that module on how to coax the values out.

The methods, for the most part, follow the same pattern. If the optional parameters are sent, it has the effect of setting the attributes. All methods calls will embed the results of a 'get' in the the Tivoli::AccessManager::Admin::Response manpage object.

create([name => NAME])

Creates a new POP in TAM's policy db. This method can be used as both class and instance method.

Parameters

name => NAME
The name of the new POP. This parameter is only required when you did not use it in the new call.

Returns

The success or failure of the create operation.

delete

Deletes the object.

Parameters

None

Returns

The success or failure of the operation. Please note that you really should detach a POP before trying to delete it.

objects( [detach => OBJECTS[, [attach => OBJECTS]] )

Attaches or detaches a POP. Weird little fact. The C API for ACLs does not contain an attach or detach method -- you have to use the methods for the protected objects. POPs have their own attach and detach calls.

If both parameters are used, all of the detaches will be done before attaching.

Parameters

detach => OBJECTS
Detach the POP from the listed objects. OBJECTS can be a list or a single value. It can be either a string (e.g., '/test/monkey') or a the Tivoli::AccessManager::Admin::ProtObject manpage object or a mix of them.

attach => OBJECTS
Attach the POP to the listed objects. The same combination of values can be used as listed above.

Returns

The success or failure of the operation. You will also get a list of the current places the POP is attached.

attach OBJECTS[,...]

A convenience method that wraps objects with an attach message. See objects for a full description of the parameters and returns.

detach OBJECTS[,...]

A convenience method that wraps objects with a detach message. See objects for a full description of the parameters and returns.

find

Finds and lists everyplace the POP is attached.

Parameters

None

Returns

A possibly empty list of everyplace the POP is attached,

list

list can also be used as an instance method, although I personally do not think it makes much sense.

Parameters

None, when used as an instance method.

Returns

A list of all defined POPs.

anyothernw([<NUMBER>|unset|forbidden])

Set the authentication level for any other network.

Parameters

<NUMBER>|unset|forbidden
Sets the authentication level to the provided number, unset or forbidden.

Returns

The success or failure of the operation, along with the current (possibly new) level.

description([STRING])

Sets or gets the POP's description.

Parameters

STRING
The new description. This parameter is optional.

Returns

The POP's description if set, an empty string otherwise.

audit( [BITMASK|[STRING[,STRING...]]] )

Sets the audit level on the POP.

Parameters

BITMASK|STRING|ARRAYREF
The underlying C library uses a bit mask to set the audit level. You can either send this bitmask, a single word that will be translated into a bitmask or a list of words that will be translated into a bit mask.

If the words ``all'' or ``none'' appear anywhere in the list, the bitmask will be set as indicated below.

The name to bitmask mapping looks like this:

Returns

The numeric bitmask if evaluated in scalar context; the wordier list if used in list context.

ipauth( [add => HASHREF, remove => HASHREF, forbidden => HASHREF] )

Sets the IP based authentication restrictions.

Parameters

add => HASHREF
Sets the required authentication level for an IP address and/or network. The referant of the hash ref is a hash of hashes, keyed off the IP address. The contents of the subhashes look like:
NETMASK => <NETMASK>
The netmask for the ip address. It should be requested in the quad-dot format (e.g., 255.255.255.0). I should likely be smart enough to handle CIDR notation and what ever IPV6 uses, but I am not.

AUTHLEVEL => <NUMBER>
Required only when adding, this specifies the authentication level for the IP/netmask. There is no default -- I didn't think it safe to guess.

remove => HASHREF
Removes the IP auth restriction from the POP. The referant of the hash ref should look just like it does for adding.

forbidden => HASHREF
Forbids access from some subnet. The referant of the hash ref should look just like it does for adding.

Returns

An array of hashes that look mostly like the parameter hashes. For the record, I dislike this function.

qop( [level] )

Sets the ``quality of protection'' on the POP.

Parameters

level
The level of protection, it must be one of these three options: none, integrity or privacy. You will need to refer to the WebSEAL Administration Guide for the meaning of those three values.

Returns

The current level of protection.

tod ( days => [array], start => N, end => N, reference => local | UTC )

Returns the current time of day access policy on the POP.

Parameters

days
days should be a reference to an array containing some combination of: mon, tue, wed, thu, fri, sat, sun or any.

If the word 'any' is found anywhere in the array, it will over ride all the others.

start
The beginning of the allowed access time, expressed in 24-hour format. Since perl will try to interpret any number starting with a 0 as an octal number ( leading to annoying problems with 09xx ), you need to either drop the preceding 0 ( eg, 900 ) or specify it as a string ( '0900' ).

end
The end of the allowed access time. See the previous item for the caveats.

UTC|local
Under the covers, start and end are calculated as minutes past midnight. TAM needs to know if you are referencing midnight UTC or midnight local time. The default is 'local'.

Returns

A the Tivoli::AccessManager::Admin::Response manpage object, the value of which is a hash with the key/value pairs:

days
An array reference to the days for which the policy is enforced. If the TOD policy is unset, this refers to an empty array.

start
The time of day when access is allowed, expressed in 24-hour format. If the TOD policy is unset, this will be zero.

end
The time of day when access is denied, expressed in 24-hour format. If the TOD policy is unset, this will be zero.

reference
UTC or local. If the policy is unset, this will be local.

warnmode([0|1])

Sets the warnmode on the POP.

Parameters

O | 1
Disble or enable the warn mode.

Returns

The current value

attributes([add => { attribute => value },][remove => { attribute => value },][removekey => attribute])

Adds keys and attributes to the POP, removes values from an attribute and removes a key.

Parameters

add => { attribute => value[,...] }
An anonymous hash pointing to the attributes and the value(s) for that attribute. If you want to set more than one value on the attribute, it must be sent as an anonymous array.

If the attribute does not already exist, it will be created.

remove => { attribute => value[,...] }
Removes the value(s) from the named attribute(s). If you are removing multiple values from an attribute, you must use an anonymous array. Note, this will not remove the attribute, only values from the attribute.

removekey => value[,...]
Removes attributes from the POP. As always, if you want to remove multiple attributes, you need to use an anonymous array.

Returns

A hash containing the defined attributes as the keys and the values. All of the values are returned as anonymous arrays.

exist

Returns true if the POP exists, false otherwise.

Programminig
Wy
Wy
yW
Wy
Programming
Wy
Wy
Wy
Wy