4.17 - Grant Permission

void grantPermission(Permission perm, Role role) throws SecurityException

This command grants a role the permission to perform an operation on an object to a role. The command is implemented by granting permission by setting the access control list of the object involved. The command is valid if and only if the pair (object, operation) represents a permission, and the role is a member of the ROLES data set.

required parameters:

  • Permission#objName - contains the object name
  • Permission#opName - contains the operation name
  • Role#name - contains the role name


  • SecurityException - Thrown in the event of data validation or system error.


import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.AdminMgrFactory;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.Permission;
import org.apache.directory.fortress.core.SecurityException;

public static void testGrantPermission(String roleName, String object, String operation)
    String szLocation = ".testGrantPermission";
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance();
        Role inRole = new Role(roleName);
        Permission inPerm = new Permission(object, operation);
        adminMgr.grantPermission(inPerm, inRole);
    catch (SecurityException ex)
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);