Implementing Novell Entitlements in a Driver#
The Novell Entitlements framework utilises various aspects of EDirectory and DirXML to create the Novell Entitlements framework.Entitlements and Drivers#
Since an entitlement is only a flag that signals a DirXML driver to grant some arbitrary resource, in order for the grant or revoke of an entitlement to actual have any effect, there must be DirXML-Policies within the driver that handle the actual granting or revoking of access to the resource in the connected application.The DirXML Script contains explicit support for implementing entitlement policies. The <if-entitlement>
condition is used to determine if a given entitlement has been granted or is changing.
The <token-entitlement>, <token-added-entitlement>
, and <token-removed-entitlement>
tokens are used to get a list of the granted or revoked entitlements.
The <do-implement-entitlement> action is used to mark policy actions that implement entitlements so that the results of the entitlement can be automatically logged to DirXML-EntitlementResult.
The entitlement tokens return a nodeset containing 0 or more <entitlement-impl> elements that can be used to get information about the entitlements and can be passed as an arguments to <do-implement-entitlement>.