User Tools

Site Tools


Directory Administration Tool

The Directory Administration Tool (DAT) is a unified console for managing resources in the Registry.



  1. Components must be testable via unit tests with regards to both functionality and authorization
  2. Must provide consistent handling of exceptions and error conditions, resulting in user-friendly, instructive messages.
  3. Must include logging sufficient to identify what action was requested when and by whom and, if an update action, the status of the action (success / failure).
  4. User data entry
    • Should provide the ability to make one submit for multiple data fields.
      • example: update email aliases, forwards, and JMM setting in on submission
    • Must provide consistent re-display of user-entered data that results in an error condition, with a visual indication of fields that are:
      • incorrect
      • contain data not yet stored in the Registry
    • Validation
      • Should include only minimal validation, deferring to the container business logic.
      • When required in the client code, should use a validation framework as much as possible.


  1. Must support managing multiple entities (people, groups, etc) at once
  2. Must reduce the lines of code maintained
  3. Must be deployable on JBoss 6
  4. Must support CAS for authentication and authorization
  5. Must support both ED groups and entitlements as potential authorization mechanisms
  1. Business process rules should be externalized to the greatest extent possible
  1. Integrate with an external best-in-class security framework
  2. Use the same security framework for both URIs and authorization

Documentation (Deprecated)

DAT User Guide The user guide for DAT administrators.
Example dat-authZ.XML File An example permissions XML file (DEPRECATED)
middleware/ed/dat.txt · Last modified: 2015/06/01 12:02 (external edit)