ADSContext.java revision 53c7e80ef538191e3492cc9324c600e166c57a92
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2007-2010 Sun Microsystems, Inc.
* Portions Copyright 2012-2015 ForgeRock AS
*/
/** Class used to update and read the contents of the Administration Data. */
public class ADSContext
{
/**
* Enumeration containing the different server properties syntaxes that could
* be stored in the ADS.
*/
public enum ADSPropertySyntax
{
/** String syntax. */
/** Integer syntax. */
/** Boolean syntax. */
/** Certificate;binary syntax. */
}
/** Enumeration containing the different server properties that are stored in the ADS. */
public enum ServerProperty
{
/** The ID used to identify the server. */
/** The host name of the server. */
/** The LDAP port of the server. */
/** The JMX port of the server. */
/** The JMX secure port of the server. */
/** The LDAPS port of the server. */
/** The administration connector port of the server. */
/** The certificate used by the server. */
/** The path where the server is installed. */
/** The description of the server. */
/** The OS of the machine where the server is installed. */
/** Whether LDAP is enabled or not. */
/** Whether LDAPS is enabled or not. */
/** Whether ADMIN is enabled or not. */
/** Whether StartTLS is enabled or not. */
/** Whether JMX is enabled or not. */
/** Whether JMX is enabled or not. */
/** The location of the server. */
/** The groups to which this server belongs. */
/** The unique name of the instance key public-key certificate. */
/**
* The instance key-pair public-key certificate. Note: This attribute
* belongs to an instance key entry, separate from the server entry and
* named by the ds-cfg-key-id attribute from the server entry.
*/
INSTANCE_PUBLIC_KEY_CERTIFICATE("ds-cfg-public-key-certificate", ADSPropertySyntax.CERTIFICATE_BINARY);
private ADSPropertySyntax attSyntax;
/**
* Private constructor.
*
* @param n
* the name of the attribute.
* @param s
* the name of the syntax.
*/
{
attrName = n;
attSyntax = s;
}
/**
* Returns the attribute name.
*
* @return the attribute name.
*/
public String getAttributeName()
{
return attrName;
}
/**
* Returns the attribute syntax.
*
* @return the attribute syntax.
*/
public ADSPropertySyntax getAttributeSyntax()
{
return attSyntax;
}
}
/** Default global admin UID. */
/**
* Get a ServerProperty associated to a name.
*
* @param name
* The name of the property to retrieve.
* @return The corresponding ServerProperty or null if name doesn't match with
* an existing property.
*/
{
if (NAME_TO_SERVER_PROPERTY == null)
{
NAME_TO_SERVER_PROPERTY = new HashMap<>();
{
}
}
}
/** The list of server properties that are multivalued. */
static
{
}
/** The default server group which will contain all registered servers. */
/** Enumeration containing the different server group properties that are stored in the ADS. */
public enum ServerGroupProperty
{
/** The UID of the server group. */
UID("cn"),
/** The description of the server group. */
DESCRIPTION("description"),
/** The members of the server group. */
MEMBERS("uniqueMember");
/**
* Private constructor.
*
* @param n
* the attribute name.
*/
private ServerGroupProperty(String n)
{
attrName = n;
}
/**
* Returns the attribute name.
*
* @return the attribute name.
*/
public String getAttributeName()
{
return attrName;
}
}
/** The list of server group properties that are multivalued. */
private static final Set<ServerGroupProperty> MULTIVALUED_SERVER_GROUP_PROPERTIES = new HashSet<>();
static
{
}
/** The enumeration containing the different Administrator properties. */
public enum AdministratorProperty
{
/** The UID of the administrator. */
/** The password of the administrator. */
/** The description of the administrator. */
/** The DN of the administrator. */
/** The administrator privilege. */
private ADSPropertySyntax attrSyntax;
/**
* Private constructor.
*
* @param n
* the name of the attribute.
* @param s
* the name of the syntax.
*/
{
attrName = n;
attrSyntax = s;
}
/**
* Returns the attribute name.
*
* @return the attribute name.
*/
public String getAttributeName()
{
return attrName;
}
/**
* Returns the attribute syntax.
*
* @return the attribute syntax.
*/
public ADSPropertySyntax getAttributeSyntax()
{
return attrSyntax;
}
}
/**
* Get a AdministratorProperty associated to a name.
*
* @param name
* The name of the property to retrieve.
* @return The corresponding AdministratorProperty or null if name doesn't
* match with an existing property.
*/
{
if (nameToAdminUserProperty == null)
{
nameToAdminUserProperty = new HashMap<>();
{
}
}
}
/** The context used to retrieve information. */
private final InitialLdapContext dirContext;
/**
* Constructor of the ADSContext.
*
* @param dirContext
* the DirContext that must be used to retrieve information.
*/
{
this.dirContext = dirContext;
}
/**
* Returns the DirContext used to retrieve information by this ADSContext.
*
* @return the DirContext used to retrieve information by this ADSContext.
*/
public InitialLdapContext getDirContext()
{
return dirContext;
}
/**
* Method called to register a server in the ADS.
*
* @param serverProperties
* the properties of the server.
* @throws ADSContextException
* if the server could not be registered.
*/
{
try
{
// This check is required because by default the server container entry
// does not exist.
{
}
{
}
// register this server into "all" groups
if (memberList == null)
{
memberList = new HashSet<>();
}
// Update the server property "GROUPS"
if (rawGroupList != null)
{
{
}
}
}
catch (ADSContextException ace)
{
throw ace;
}
catch (NameAlreadyBoundException x)
{
}
catch (Exception x)
{
}
}
/**
* Method called to update the properties of a server in the ADS.
*
* @param serverProperties
* the new properties of the server.
* @param newServerId
* The new server Identifier, or null.
* @throws ADSContextException
* if the server could not be registered.
*/
public void updateServer(Map<ServerProperty, Object> serverProperties, String newServerId) throws ADSContextException
{
try
{
if (newServerId != null)
{
}
{
}
}
catch (ADSContextException ace)
{
throw ace;
}
catch (NameNotFoundException x)
{
}
catch (Exception x)
{
}
}
/**
* Method called to unregister a server in the ADS. Note that the server's
* instance key-pair public-key certificate entry (created in
* <tt>registerServer()</tt>) is left untouched.
*
* @param serverProperties
* the properties of the server.
* @throws ADSContextException
* if the server could not be unregistered.
*/
public void unregisterServer(Map<ServerProperty, Object> serverProperties) throws ADSContextException
{
try
{
// Unregister the server from the server groups.
{
{
}
}
}
catch (NameNotFoundException x)
{
}
catch (NamingException x)
{
}
// Unregister the server in server groups
try
{
{
{
try
{
{
{
try
{
{
{
}
}
}
finally
{
}
}
}
}
finally
{
}
{
}
else
{
}
}
}
}
catch (NameNotFoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
finally
{
}
}
/**
* Returns whether a given server is already registered or not.
*
* @param serverProperties
* the server properties.
* @return <CODE>true</CODE> if the server was registered and
* <CODE>false</CODE> otherwise.
* @throws ADSContextException
* if something went wrong.
*/
public boolean isServerAlreadyRegistered(Map<ServerProperty, Object> serverProperties) throws ADSContextException
{
}
/**
* Returns whether a given administrator is already registered or not.
*
* @param uid
* the administrator UID.
* @return <CODE>true</CODE> if the administrator was registered and
* <CODE>false</CODE> otherwise.
* @throws ADSContextException
* if something went wrong.
*/
{
}
/**
* A convenience method that takes some server properties as parameter and if
* there is no server registered associated with those properties, registers
* it and if it is already registered, updates it.
*
* @param serverProperties
* the server properties.
* @return 0 if the server was registered; 1 if updated (i.e., the server
* entry was already in ADS).
* @throws ADSContextException
* if something goes wrong.
*/
public int registerOrUpdateServer(Map<ServerProperty, Object> serverProperties) throws ADSContextException
{
try
{
return 0;
}
catch (ADSContextException x)
{
{
return 1;
}
throw x;
}
}
/**
* Returns the member list of a group of server.
*
* @param serverGroupId
* The group name.
* @return the member list of a group of server.
* @throws ADSContextException
* if something goes wrong.
*/
{
LdapName dn = nameFromDN("cn=" + Rdn.escapeValue(serverGroupId) + "," + getServerGroupContainerDN());
try
{
{
return result;
}
{
{
continue;
}
// We have the members list
try
{
{
}
}
finally
{
}
break;
}
}
catch (NameNotFoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
finally
{
}
return result;
}
/**
* Returns a set containing the servers that are registered in the ADS.
*
* @return a set containing the servers that are registered in the ADS.
* @throws ADSContextException
* if something goes wrong.
*/
{
try
{
{
{
try
{
boolean found = false;
{
found = true;
}
if (!found)
{
}
}
catch (NameNotFoundException x)
{
}
finally
{
}
}
}
}
catch (NameNotFoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
finally
{
}
return result;
}
/**
* Creates a Server Group in the ADS.
*
* @param serverGroupProperties
* the properties of the server group to be created.
* @throws ADSContextException
* if something goes wrong.
*/
public void createServerGroup(Map<ServerGroupProperty, Object> serverGroupProperties) throws ADSContextException
{
// Add the objectclass attribute value
try
{
}
catch (NameAlreadyBoundException x)
{
}
catch (NamingException x)
{
}
}
/**
* Updates the properties of a Server Group in the ADS.
*
* @param serverGroupProperties
* the new properties of the server group to be updated.
* @param groupID
* The group name.
* @throws ADSContextException
* if something goes wrong.
*/
public void updateServerGroup(String groupID, Map<ServerGroupProperty, Object> serverGroupProperties)
throws ADSContextException
{
try
{
// Entry renaming ?
{
{
// Rename to entry
LdapName newDN = nameFromDN("cn=" + Rdn.escapeValue(newGroupId) + "," + getServerGroupContainerDN());
}
// In any case, we remove the "cn" attribute.
}
if (serverGroupProperties.isEmpty())
{
return;
}
// attribute modification
}
catch (NameNotFoundException x)
{
}
catch (NameAlreadyBoundException x)
{
}
catch (NamingException x)
{
}
}
/**
* Updates the properties of a Server Group in the ADS.
*
* @param serverGroupProperties
* the new properties of the server group to be updated.
* @param groupID
* The group name.
* @throws ADSContextException
* if something goes wrong.
*/
throws ADSContextException
{
try
{
}
catch (NameAlreadyBoundException x)
{
}
catch (NamingException x)
{
}
}
/**
* Deletes a Server Group in the ADS.
*
* @param serverGroupProperties
* the properties of the server group to be deleted.
* @throws ADSContextException
* if something goes wrong.
*/
public void deleteServerGroup(Map<ServerGroupProperty, Object> serverGroupProperties) throws ADSContextException
{
try
{
}
catch (NamingException x)
{
}
}
/**
* Returns a set containing the server groups that are defined in the ADS.
*
* @return a set containing the server groups that are defined in the ADS.
* @throws ADSContextException
* if something goes wrong.
*/
{
try
{
{
Map<ServerGroupProperty, Object> properties = makePropertiesFromServerGroupAttrs(sr.getAttributes());
}
}
catch (NameNotFoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
finally
{
}
return result;
}
/**
* Returns a set containing the administrators that are defined in the ADS.
*
* @return a set containing the administrators that are defined in the ADS.
* @throws ADSContextException
* if something goes wrong.
*/
public Set<Map<AdministratorProperty, Object>> readAdministratorRegistry() throws ADSContextException
{
try
{
{
}
}
catch (NameNotFoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
finally
{
}
return result;
}
/**
* Creates the Administration Data in the server. The call to this method
* assumes that OpenDS.jar has already been loaded. So this should not be
* called by the Java Web Start before being sure that this jar is loaded.
*
* @param backendName
* the backend name which will handle admin information.
* <CODE>null</CODE> to use the default backend name for the admin
* information.
* @throws ADSContextException
* if something goes wrong.
*/
{
// Add the administration suffix
}
/** Create container entries. */
private void createAdminDataContainers() throws ADSContextException
{
// Create the DIT below the administration suffix
{
}
{
}
{
}
{
}
// Add the default "all-servers" group
{
}
// Create the CryptoManager instance key DIT below the administration suffix
{
}
// Create the CryptoManager secret key DIT below the administration suffix
{
}
}
/**
* Removes the administration data.
*
* @param removeAdministrators
* {@code true} if administrators should be removed. It may not be
* possible to remove administrators if the operation is being
* performed by one of the administrators because it will cause the
* administrator to be disconnected.
* @throws ADSContextException
* if something goes wrong.
*/
{
try
{
try
{
{
{
if (isExistingEntry(ldapName))
{
}
}
}
}
finally
{
try
{
tmpContext.close();
}
{
logger.warn(LocalizableMessage.raw("Error while closing LDAP connection after removing admin data", ex));
}
}
// Recreate the container entries:
}
catch (NamingException x)
{
}
}
/**
* Returns <CODE>true</CODE> if the server contains Administration Data and
* <CODE>false</CODE> otherwise.
*
* @return <CODE>true</CODE> if the server contains Administration Data and
* <CODE>false</CODE> otherwise.
* @throws ADSContextException
* if something goes wrong.
*/
public boolean hasAdminData() throws ADSContextException
{
boolean hasAdminData = true;
{
}
return hasAdminData;
}
/**
* Returns the DN of the administrator for a given UID.
*
* @param uid
* the UID to be used to generate the DN.
* @return the DN of the administrator for the given UID:
*/
{
}
/**
* Creates an Administrator in the ADS.
*
* @param adminProperties
* the properties of the administrator to be created.
* @throws ADSContextException
* if something goes wrong.
*/
public void createAdministrator(Map<AdministratorProperty, Object> adminProperties) throws ADSContextException
{
try
{
}
catch (NameAlreadyBoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
}
/**
* Deletes the administrator in the ADS.
*
* @param adminProperties
* the properties of the administrator to be deleted.
* @throws ADSContextException
* if something goes wrong.
*/
public void deleteAdministrator(Map<AdministratorProperty, Object> adminProperties) throws ADSContextException
{
try
{
}
catch (NameNotFoundException | NotContextException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
}
/**
* Updates and administrator registered in the ADS.
*
* @param adminProperties
* the new properties of the administrator.
* @param newAdminUserId
* The new admin user Identifier, or null.
* @throws ADSContextException
* if something goes wrong.
*/
public void updateAdministrator(Map<AdministratorProperty, Object> adminProperties, String newAdminUserId)
throws ADSContextException
{
try
{
// Entry renaming
if (newAdminUserId != null)
{
}
// if modification includes 'privilege', we have to get first the
// current privileges list.
{
try
{
{
}
}
finally
{
}
}
// Replace properties, if needed.
{
}
}
catch (NameNotFoundException x)
{
}
catch (NoPermissionException x)
{
}
catch (NamingException x)
{
}
finally
{
}
}
/**
* Returns the DN of the suffix that contains the administration data.
*
* @return the DN of the suffix that contains the administration data.
*/
public static String getAdministrationSuffixDN()
{
return "cn=admin data";
}
/**
* This method returns the DN of the entry that corresponds to the given host
* name and installation path.
*
* @param hostname
* the host name.
* @param ipath
* the installation path.
* @return the DN of the entry that corresponds to the given host name and
* installation path.
* @throws ADSContextException
* if something goes wrong.
*/
private static LdapName makeDNFromHostnameAndPath(String hostname, String ipath) throws ADSContextException
{
}
/**
* This method returns the DN of the entry that corresponds to the given host
* name port representation.
*
* @param serverUniqueId
* the host name and port.
* @return the DN of the entry that corresponds to the given host name and
* port.
* @throws ADSContextException
* if something goes wrong.
*/
{
}
/**
* This method returns the DN of the entry that corresponds to the given
* server group properties.
*
* @param serverGroupProperties
* the server group properties
* @return the DN of the entry that corresponds to the given server group
* properties.
* @throws ADSContextException
* if something goes wrong.
*/
private static LdapName makeDNFromServerGroupProperties(Map<ServerGroupProperty, Object> serverGroupProperties)
throws ADSContextException
{
if (serverGroupId == null)
{
}
}
/**
* This method returns the DN of the entry that corresponds to the given
* server properties.
*
* @param serverProperties
* the server properties.
* @return the DN of the entry that corresponds to the given server
* properties.
* @throws ADSContextException
* if something goes wrong.
*/
throws ADSContextException
{
{
return makeDNFromServerUniqueId(serverID);
}
try
{
}
catch (ADSContextException ace)
{
return makeDNFromServerUniqueId(s.getHostPort(true));
}
}
/**
* This method returns the DN of the entry that corresponds to the given
* server properties.
*
* @param serverProperties
* the server properties.
* @return the DN of the entry that corresponds to the given server
* properties.
* @throws ADSContextException
* if something goes wrong.
*/
throws ADSContextException
{
}
/**
* This method returns the DN of the entry that corresponds to the given
* administrator properties.
*
* @param adminProperties
* the administrator properties.
* @return the DN of the entry that corresponds to the given administrator
* properties.
* @throws ADSContextException
* if something goes wrong.
*/
private static LdapName makeDNFromAdministratorProperties(Map<AdministratorProperty, Object> adminProperties)
throws ADSContextException
{
}
/**
* This method returns the DN of the entry that corresponds to the given
* administrator properties.
*
* @param adminUid
* the administrator uid.
* @return the DN of the entry that corresponds to the given administrator
* properties.
* @throws ADSContextException
* if something goes wrong.
*/
private static LdapName makeDNFromAdministratorProperties(String adminUid) throws ADSContextException
{
}
/**
* Returns the attributes for some administrator properties.
*
* @param adminProperties
* the administrator properties.
* @param passwordRequired
* Indicates if the properties should include the password.
* @param currentPrivileges
* The current privilege list or null.
* @return the attributes for the given administrator properties.
* @throws ADSContextException
* if something goes wrong.
*/
private static BasicAttributes makeAttrsFromAdministratorProperties(
{
if (passwordRequired)
{
}
{
}
{
// We assume that privilege strings provided in
// AdministratorProperty.PRIVILEGE
// are valid privileges represented as a LinkedList of string.
if (currentPrivileges != null)
{
while (currentPrivileges.hasMoreElements())
{
}
}
for (Object o : privileges)
{
if (p.startsWith("-"))
{
}
else
{
privilegeAtt.add(p);
}
}
}
else
{
}
// Add the RootDNs Password policy so the password do not expire.
return attrs;
}
/**
* Builds an attribute which contains 'root' privileges.
*
* @return The attribute which contains 'root' privileges.
*/
private static Attribute addRootPrivileges()
{
return privilege;
}
/**
* Returns the attributes for some server properties.
*
* @param serverProperties
* the server properties.
* @param addObjectClass
* Indicates if the object class has to be added.
* @return the attributes for the given server properties.
*/
private static BasicAttributes makeAttrsFromServerProperties(Map<ServerProperty, Object> serverProperties,
boolean addObjectClass)
{
// Transform 'properties' into 'attributes'
{
{
}
}
if (addObjectClass)
{
// Add the objectclass attribute value
// TODO: use another structural objectclass
}
return result;
}
/**
* Returns the attribute for a given server property.
*
* @param property
* the server property.
* @param value
* the value.
* @return the attribute for a given server property.
*/
{
switch (property)
{
break;
case GROUPS:
{
}
break;
default:
}
return result;
}
/**
* Returns the attributes for some server group properties.
*
* @param serverGroupProperties
* the server group properties.
* @return the attributes for the given server group properties.
*/
private static BasicAttributes makeAttrsFromServerGroupProperties(
{
// Transform 'properties' into 'attributes'
{
{
}
}
return result;
}
/**
* Returns the attributes for some server group properties.
*
* @param serverGroupProperties
* the server group properties.
* @return the attributes for the given server group properties.
*/
private static BasicAttributes makeAttrsFromServerGroupProperties(Set<ServerGroupProperty> serverGroupProperties)
{
// Transform 'properties' into 'attributes'
{
{
}
}
return result;
}
/**
* Returns the attribute for a given server group property.
*
* @param property
* the server group property.
* @param value
* the value.
* @return the attribute for a given server group property.
*/
private static Attribute makeAttrFromServerGroupProperty(ServerGroupProperty property, Object value)
{
switch (property)
{
case MEMBERS:
{
}
return result;
default:
}
}
/**
* Returns the properties of a server group for some LDAP attributes.
*
* @param attrs
* the LDAP attributes.
* @return the properties of a server group for some LDAP attributes.
* @throws ADSContextException
* if something goes wrong.
*/
throws ADSContextException
{
try
{
{
{
continue;
}
{
try
{
{
}
}
finally
{
}
}
else
{
}
}
}
catch (NamingException x)
{
}
return result;
}
/**
* Returns the properties of a server for some LDAP attributes.
*
* @param attrs
* the LDAP attributes.
* @return the properties of a server for some LDAP attributes.
* @throws ADSContextException
* if something goes wrong.
*/
private Map<ServerProperty, Object> makePropertiesFromServerAttrs(Attributes attrs) throws ADSContextException
{
try
{
{
{
}
{
if (attrID.equalsIgnoreCase(v))
{
}
}
{
// Do not handle it
}
else
{
{
try
{
{
}
}
finally
{
}
}
else
{
}
}
}
}
catch (NamingException x)
{
}
return result;
}
/**
* Returns the properties of an administrator for some rdn and LDAP
* attributes.
*
* @param rdn
* the RDN.
* @param attrs
* the LDAP attributes.
* @return the properties of an administrator for the given rdn and LDAP
* attributes.
* @throws ADSContextException
* if something goes wrong.
*/
private Map<AdministratorProperty, Object> makePropertiesFromAdministratorAttrs(String rdn, Attributes attrs)
throws ADSContextException
{
try
{
{
{
}
{
}
{
}
{
while (attValueList.hasMoreElements())
{
}
}
}
}
catch (NamingException x)
{
}
finally
{
}
return result;
}
/**
* Returns the parent entry of the server entries.
*
* @return the parent entry of the server entries.
*/
public static String getServerContainerDN()
{
return "cn=Servers," + getAdministrationSuffixDN();
}
/**
* Returns the parent entry of the administrator entries.
*
* @return the parent entry of the administrator entries.
*/
public static String getAdministratorContainerDN()
{
return "cn=Administrators," + getAdministrationSuffixDN();
}
/**
* Returns the parent entry of the server group entries.
*
* @return the parent entry of the server group entries.
*/
public static String getServerGroupContainerDN()
{
return "cn=Server Groups," + getAdministrationSuffixDN();
}
/**
* Returns the all server group entry DN.
*
* @return the all server group entry DN.
*/
private static String getAllServerGroupDN()
{
}
/**
* Returns the host name for the given properties.
*
* @param serverProperties
* the server properties.
* @return the host name for the given properties.
* @throws ADSContextException
* if the host name could not be found or its value is not valid.
*/
private static String getHostname(Map<ServerProperty, Object> serverProperties) throws ADSContextException
{
{
}
{
}
return result;
}
/**
* Returns the Server ID for the given properties.
*
* @param serverProperties
* the server properties.
* @return the server ID for the given properties or null.
*/
{
{
}
return result;
}
/**
* Returns the install path for the given properties.
*
* @param serverProperties
* the server properties.
* @return the install path for the given properties.
* @throws ADSContextException
* if the install path could not be found or its value is not valid.
*/
private static String getInstallPath(Map<ServerProperty, Object> serverProperties) throws ADSContextException
{
{
}
{
}
return result;
}
/**
* Returns the Administrator UID for the given properties.
*
* @param adminProperties
* the server properties.
* @return the Administrator UID for the given properties.
* @throws ADSContextException
* if the administrator UID could not be found.
*/
throws ADSContextException
{
{
}
return result;
}
/**
* Returns the Administrator password for the given properties.
*
* @param adminProperties
* the server properties.
* @return the Administrator password for the given properties.
* @throws ADSContextException
* if the administrator password could not be found.
*/
throws ADSContextException
{
{
}
return result;
}
// LDAP utilities
/**
* Returns the LdapName object for the given dn.
*
* @param dn
* the DN.
* @return the LdapName object for the given dn.
* @throws ADSContextException
* if a valid LdapName could not be retrieved for the given dn.
*/
{
try
{
}
catch (InvalidNameException x)
{
}
}
/**
* Returns the String rdn for the given search result name.
*
* @param rdnName
* the search result name.
* @return the String rdn for the given search result name.
* @throws ADSContextException
* if a valid String rdn could not be retrieved for the given result
* name.
*/
{
// Transform the JNDI name into a RDN string
try
{
}
catch (InvalidNameException x)
{
}
}
/**
* Tells whether an entry with the provided DN exists.
*
* @param dn
* the DN to check.
* @return <CODE>true</CODE> if the entry exists and <CODE>false</CODE> if it
* does not.
* @throws ADSContextException
* if an error occurred while checking if the entry exists or not.
*/
{
try
{
boolean result = false;
try
{
{
result = true;
}
}
finally
{
}
return result;
}
catch (NameNotFoundException x)
{
return false;
}
catch (NoPermissionException x)
{
}
{
}
}
/**
* Creates a container entry with the given dn.
*
* @param dn
* the entry of the new entry to be created.
* @throws ADSContextException
* if the entry could not be created.
*/
{
}
/**
* Creates the administrator container entry.
*
* @throws ADSContextException
* if the entry could not be created.
*/
private void createAdministratorContainerEntry() throws ADSContextException
{
}
/**
* Creates the top container entry.
*
* @throws ADSContextException
* if the entry could not be created.
*/
private void createTopContainerEntry() throws ADSContextException
{
}
/**
* Creates an entry with the provided dn and attributes.
*
* @param dn
* the dn of the entry.
* @param attrs
* the attributes of the entry.
* @throws ADSContextException
* if the entry could not be created.
*/
{
try
{
}
catch (NamingException x)
{
}
}
/**
* Creates the Administration Suffix.
*
* @param backendName
* the backend name to be used for the Administration Suffix. If this
* value is null the default backendName for the Administration
* Suffix will be used.
* @throws ADSContextException
* if something goes wrong.
*/
{
if (backendName == null)
{
ben = getDefaultBackendName();
}
}
/**
* Returns the default backend name of the administration data.
*
* @return the default backend name of the administration data.
*/
public static String getDefaultBackendName()
{
return "adminRoot";
}
/**
* Returns the LDIF file of the administration data.
*
* @return the LDIF file of the administration data.
*/
public static String getAdminLDIFFile()
{
}
/** CryptoManager related types, fields, and methods. */
/**
* Returns the parent entry of the server key entries in ADS.
*
* @return the parent entry of the server key entries in ADS.
*/
public static String getInstanceKeysContainerDN()
{
return "cn=instance keys," + getAdministrationSuffixDN();
}
/**
* Returns the parent entry of the secret key entries in ADS.
*
* @return the parent entry of the secret key entries in ADS.
*/
public static String getSecretKeysContainerDN()
{
return "cn=secret keys," + getAdministrationSuffixDN();
}
/**
* Tells whether the provided server is registered in the registry.
*
* @param server
* the server.
* @param registry
* the registry.
* @return <CODE>true</CODE> if the server is registered in the registry and
* <CODE>false</CODE> otherwise.
*/
public static boolean isRegistered(ServerDescriptor server, Set<Map<ADSContext.ServerProperty, Object>> registry)
{
{
{
return true;
}
}
return false;
}
/**
* Register instance key-pair public-key certificate provided in
* serverProperties: generate a key-id attribute if one is not provided (as
* expected); add an instance key public-key certificate entry for the key
* certificate; and associate the certificate entry with the server entry via
* the key ID attribute.
*
* @param serverProperties
* Properties of the server being registered to which the instance
* key entry belongs.
* @param serverEntryDn
* The server's ADS entry DN.
* @throws NamingException
* In case some JNDI operation fails.
* @throws CryptoManager.CryptoManagerException
* In case there is a problem getting the instance public key
* certificate ID.
*/
private void registerInstanceKeyCertificate(Map<ServerProperty, Object> serverProperties, LdapName serverEntryDn)
throws ADSContextException
{
}
/**
* Return the set of valid (i.e., not tagged as compromised) instance key-pair
* public-key certificate entries in ADS. NOTE: calling this method assumes
* that all the jar files are present in the classpath.
*
* @return The set of valid (i.e., not tagged as compromised) instance
* key-pair public-key certificate entries in ADS represented as a Map
* from ds-cfg-key-id value to ds-cfg-public-key-certificate;binary
* value. Note that the collection might be empty.
* @throws ADSContextException
* in case of problems with the entry search.
* @see org.opends.server.crypto.CryptoManagerImpl#getTrustedCertificates
*/
{
try
{
NamingEnumeration<SearchResult> keyEntries = dirContext.search(baseDN, searchFilter, searchControls);
try
{
while (keyEntries.hasMore())
{
{
continue;// schema viol.
}
}
}
finally
{
try
{
keyEntries.close();
}
{
}
}
}
catch (NamingException x)
{
}
return certificateMap;
}
/**
* Merge the contents of this ADSContext with the contents of the provided
* ADSContext. Note that only the contents of this ADSContext will be updated.
*
* @param adsCtx
* the other ADSContext to merge the contents with.
* @throws ADSContextException
* if there was an error during the merge.
*/
{
try
{
}
catch (ADSContextException adce)
{
}
}
/**
* Merge the administrator contents of this ADSContext with the contents of
* the provided ADSContext. Note that only the contents of this ADSContext
* will be updated.
*
* @param adsCtx
* the other ADSContext to merge the contents with.
* @throws ADSContextException
* if there was an error during the merge.
*/
{
{
{
}
}
if (!notDefinedAdmins.isEmpty())
{
joinAsString(Constants.LINE_SEPARATOR, notDefinedAdmins), ConnectionUtils.getHostPort(getDirContext()));
}
}
/**
* Merge the groups contents of this ADSContext with the contents of the
* provided ADSContext. Note that only the contents of this ADSContext will be
* updated.
*
* @param adsCtx
* the other ADSContext to merge the contents with.
* @throws ADSContextException
* if there was an error during the merge.
*/
{
{
{
{
break;
}
}
{
// Merge the members, keep the description on this ADS.
if (member1List == null)
{
member1List = new HashSet<>();
}
{
}
}
else
{
}
}
}
/**
* Merge the server contents of this ADSContext with the contents of the
* provided ADSContext. Note that only the contents of this ADSContext will be
* updated.
*
* @param adsCtx
* the other ADSContext to merge the contents with.
* @throws ADSContextException
* if there was an error during the merge.
*/
{
{
if (!isServerAlreadyRegistered(server2))
{
}
}
}
{
{
try
{
}
catch (NamingException ex)
{
}
}
}
}