Provided by: dacs_1.4.40-2_amd64
NAME
dacs_admin - DACS administration service
SYNOPSIS
dacs_admin [dacsoptions[1]]
DESCRIPTION
This program is part of the DACS suite. The dacs_admin web service is a tool for administering various DACS resources at a jurisdiction. Providing both a browser-based interface and a simple, REST-oriented[2] HTTP interface that can be used by middleware, scripts, and web browsers, dacs_admin allows inspection (and sometimes modification) of a jurisdiction's access control rules, configuration directives, group definitions, DACS user accounts, revocation list, version information, authorization cache, DACS log files, user tracking records, and more. An administrator can manage a different jurisdiction simply by aiming a browser or other HTTP client at that jurisdiction's dacs_admin web service. Probably the best way to understand the tool is to simply use it interactively to browse through a jurisdiction's resources. Security This web service provides a way to view and change security-related DACS configuration, DACS passwords, and so on. The default access control rule denies all access to the web service - you must add a custom rule to enable access. All functionality should be restricted to an ADMIN_IDENTITY[3]. Notes • Some features of this program may require JavaScript to be enabled in the browser. • dacs_admin will eventually unify and replace several existing different DACS administrative web services. It may also include federation-wide functions, such as the capability of adding a new jurisdiction. Web Service Arguments The following web service argument is always recognized: FORMAT By default, output is emitted in HTML. Several varieties of XML output can be selected, however, using the FORMAT argument (please refer to dacs(1)[4]). Resources and Methods The interface provided by dacs_admin allows various DACS resources to be examined and modified using standard HTTP methods (see RFC 2616[5]). Not all DACS resources may be accessible using dacs_admin and not all methods may be valid for some resources. In keeping with the REST architectural style, every persistent resource is identified by a URI (RFC 2396[6] and RFC 3986[7]). Invoking the GET method on https://www.example.com/cgi-bin/dacs/dacs_admin, for example, will (assuming appropriate configuration and permission) return a list of root-level resources managed by dacs_admin. Invoking the GET method on a resource either returns a listing (by default, formatted as an HTML list or table) or an unadorned value (by default, formatted as an HTML encoded string). For instance, this URL might return a list of configuration directives and their current values: https://www.example.com/cgi-bin/dacs/dacs_admin/conf/current while this URL might return the current value of a particular configuration directive: https://www.example.com/cgi-bin/dacs/dacs_admin/conf/current/AUTH_SUCCESS The functionality of dacs_admin is described in terms of resources and methods supported on those resources. Depending on the particular service request, the result consists of an HTTP status code (usually "200 OK", "201 Created", "400 Bad Request", or "404 Not Found"), and possibly an HTML or XML document (selectable). The XML document is described by dacs_admin.dtd[8]. Arguments are passed in the query part of a URI. Unrecognized and context-inappropriate arguments are silently ignored.
OPTIONS
Only the standard dacsoptions[1] command line arguments are recognized.
FILES
dacs_admin.css[9]
DIAGNOSTICS
The program exits 0 if everything was fine, 1 if an error occurred.
SEE ALSO
dacsacl(1)[10], dacspasswd(1)[11], dacs.acls(5)[12], dacs_conf(8)[13], dacs_group(8)[14], dacs_list_jurisdictions(8)[15], dacs_passwd(8)[16], dacs_version(8)[17]
AUTHOR
Distributed Systems Software (www.dss.ca[18])
COPYING
Copyright © 2003-2014 Distributed Systems Software. See the LICENSE[19] file that accompanies the distribution for licensing information.
NOTES
1. dacsoptions http://dacs.dss.ca/man/dacs.1.html#dacsoptions 2. REST-oriented https://code.google.com/p/implementing-rest/ 3. ADMIN_IDENTITY http://dacs.dss.ca/man/dacs.conf.5.html#ADMIN_IDENTITY 4. dacs(1) http://dacs.dss.ca/man/dacs.1.html 5. RFC 2616 http://www.rfc-editor.org/rfc/rfc2616.txt 6. RFC 2396 http://www.rfc-editor.org/rfc/rfc2396.txt 7. RFC 3986 http://www.rfc-editor.org/rfc/rfc3986.txt 8. dacs_admin.dtd http://dacs.dss.ca/man/../dtd-xsd/dacs_admin.dtd 9. dacs_admin.css http://dacs.dss.ca/man//css/dacs_admin.css 10. dacsacl(1) http://dacs.dss.ca/man/dacsacl.1.html 11. dacspasswd(1) http://dacs.dss.ca/man/dacspasswd.1.html 12. dacs.acls(5) http://dacs.dss.ca/man/dacs.acls.5.html 13. dacs_conf(8) http://dacs.dss.ca/man/dacs_conf.8.html 14. dacs_group(8) http://dacs.dss.ca/man/dacs_group.8.html 15. dacs_list_jurisdictions(8) http://dacs.dss.ca/man/dacs_list_jurisdictions.8.html 16. dacs_passwd(8) http://dacs.dss.ca/man/dacs_passwd.8.html 17. dacs_version(8) http://dacs.dss.ca/man/dacs_version.8.html 18. www.dss.ca http://www.dss.ca 19. LICENSE http://dacs.dss.ca/man/../misc/LICENSE