Interfaces and shared classes to manage access control lists (ACLs) for domain object instances.


AccessControlEntry Represents an individual permission assignment within an Acl
Acl Represents an access control list (ACL) for a domain object. 
AclCache A caching layer for JdbcAclService
AclService Provides retrieval of Acl instances. 
AuditableAccessControlEntry Represents an ACE that provides auditing information. 
AuditableAcl A mutable ACL that provides audit capabilities. 
MutableAcl A mutable Acl
MutableAclService Provides support for creating and storing Acl instances. 
ObjectIdentity Represents the identity of an individual domain object instance. 
ObjectIdentityGenerator Strategy which creates an ObjectIdentity from an object identifier (such as a primary key) and type information. 
ObjectIdentityRetrievalStrategy Strategy interface that provides the ability to determine which ObjectIdentity will be returned for a particular domain object 
OwnershipAcl A mutable ACL that provides ownership capabilities. 
Permission Represents a permission granted to a Sid for a given domain object. 
PermissionGrantingStrategy Allow customization of the logic for determining whether a permission or permissions are granted to a particular sid or sids by an Acl
Sid A security identity recognised by the ACL system. 
SidRetrievalStrategy Strategy interface that provides an ability to determine the Sid instances applicable for an Authentication


AclDataAccessException Abstract base class for Acl data operations. 
AlreadyExistsException Thrown if an Acl entry already exists for the object. 
ChildrenExistException Thrown if an Acl cannot be deleted because children Acls exist. 
NotFoundException Thrown if an ACL-related object cannot be found. 
UnloadedSidException Thrown if an Acl cannot perform an operation because it only loaded a subset of Sids and the caller has requested details for an unloaded Sid