evaluate

Name

evaluate — evaluate a user’s permissions

Synopsis

Supported for RTacl: 

evaluate permission user host resource

Description

The evaluate command is provided as a development aid to determine a user’s permissions in the currently loaded ACL. Provide a user, host and resource, and the ACL is evaluated and reports whether the permission is allowed or denied. If a host name rather than an IP address is provided, a DNS lookup is performed on the host name to determine the actual IP address.

The values permitted for permission and resource are:

Permission
Resource
server
 
client
project
membership
group
publish
subject
subscribe
subject

If the permissions are not evaluated as you expect them to be, set the Trace_Level option to debug. This results in verbose output and can help determine which permissions are being invoked.

See Also

None

Examples

This example evaluates whether the user jdoe has permissions to subscribe to the subject /stock/tibx from the hostname neptune: 

ACL> evaluate subscribe jdoe neptune /stock/tibx 
ALLOW subscribe - user=<jdoe> host=<10.105.200.204> 
resource=</stock/tibx>

This example evaluates whether the user jdoe has permissions to publish to the subject /stock/tibx from the hostname neptune: 

ACL> evaluate publish jdoe neptune /stock/tibx 
DENY publish - user=<jdoe> host=<10.105.200.204> 
resource=</stock/tibx>
TIBCO SmartSockets™ User’s Guide
Software Release 6.8, July 2006
Copyright © TIBCO Software Inc. All rights reserved
www.tibco.com