Universal Messaging 10.11 | Administration Guide | Universal Messaging Administration API | Security | Channel Access Control List (nACL)
 
Channel Access Control List (nACL)
When connected to a Universal Messaging realm server ,with a reference to an nRealmNode object (see nRealmNode) it is possible to get a reference to an nLeafNode (see nLeafNode (Channels and Queues)) that corresponds to a channel. This can then be used to get access the node's nACL . This object contains a list of nChannelACLEntry objects that represent a subject and a set permissions for various operations on a channel. There is a separate nChannelACLEntry object for each subject that has been permissioned on the nLeafNode.
You can also, add, delete and modify ACL entry objects.
In order to obtain a reference to the correct channel ACL object for a channel called "/products/prices", simply call the following method from a realm node:
Java, C#, C++:

nLeafNode chan = realm.findNode("/products/prices");
nACL acl = chan.getACLs();
C++:
nLeafNode* chan = realm->findNode("/products/prices");
nACL* acl = chan->getACLs();
nChannelACLEntry
Once you have the ACL object, you can then add, remove or modify acl entries:
To find a specific ACL entry from the channel ACL, the ACL object can be searched using the subject.
For example, to change the default permissions for the *@* subject (i.e. the default permission for the channel), the following code can be used:
Java, C#:
nChannelACLEntry entry = acl.find("Everyone");
entry.setFullPrivileges(false);
acl.replace(entry);
chan.setACLs(acl);
C++:
nChannelACLEntry* entry = acl->find("Everyone");
entry->setFullPrivileges(false);
acl->replace(entry);
chan->setACLs(acl);
which would set the full privileges flag to false for the default subject.
Click here to see example of how to modify channel ACLs programmatically or to see example of modifying ACLs using the enterprise manager.
For more information on Universal Messaging Administration, please see the API documentation, and the Enterprise Manager Guide.