ServerDescriptor.java revision 98e8aab354a385055392de7154758c1890a3265a
0N/A * The contents of this file are subject to the terms of the 0N/A * Common Development and Distribution License, Version 1.0 only 0N/A * (the "License"). You may not use this file except in compliance 0N/A * See the License for the specific language governing permissions 0N/A * and limitations under the License. 0N/A * When distributing Covered Code, include this CDDL HEADER in each 0N/A * If applicable, add the following below this CDDL HEADER, with the 0N/A * fields enclosed by brackets "[]" replaced with your own identifying 553N/A * Portions Copyright [yyyy] [name of copyright owner] 0N/A * Copyright 2007-2010 Sun Microsystems, Inc. 0N/A * Portion Copyright 2013-2014 ForgeRock AS. * The object of this class represent an OpenDS server. * Enumeration containing the different server properties that we can keep in * the ServerProperty object. /** The associated value is a String. */ /** The associated value is an ArrayList of Integer. */ /** The associated value is an ArrayList of Integer. */ /** The associated value is an Integer. */ /** The associated value is an ArrayList of Boolean. */ /** The associated value is an ArrayList of Boolean. */ /** The associated value is an ArrayList of Boolean. */ /** The associated value is an ArrayList of Boolean. */ /** The associated value is an ArrayList of Integer. */ /** The associated value is an ArrayList of Integer. */ /** The associated value is an ArrayList of Boolean. */ /** The associated value is an ArrayList of Boolean. */ /** The associated value is an Integer. */ /** The associated value is a Boolean. */ /** The associated value is a Boolean. */ /** The associated value is a Boolean. */ * List of servers specified in the Replication Server configuration. * This is a Set of String. /** The associated value is an Integer. */ * The instance key-pair public-key certificate. The associated value is a * byte[] (ds-cfg-public-key-certificate;binary). /** The schema generation ID. */ /** Default constructor. */ * Returns the replicas contained on the server. * @return the replicas contained on the server. * Sets the replicas contained on the server. * @param replicas the replicas contained on the server. * Returns a Map containing the ADS properties of the server. * @return a Map containing the ADS properties of the server. * Returns a Map containing the properties of the server. * @return a Map containing the properties of the server. * Tells whether this server is registered in the ADS or not. * @return <CODE>true</CODE> if the server is registered in the ADS and * <CODE>false</CODE> otherwise. * Tells whether this server is a replication server or not. * @return <CODE>true</CODE> if the server is a replication server and * <CODE>false</CODE> otherwise. * Tells whether replication is enabled on this server or not. * @return <CODE>true</CODE> if replication is enabled and * <CODE>false</CODE> otherwise. * Returns the String representation of this replication server based * on the information we have ("hostname":"replication port") and * <CODE>null</CODE> if this is not a replication server. * @return the String representation of this replication server based * on the information we have ("hostname":"replication port") and * <CODE>null</CODE> if this is not a replication server. * Returns the replication server ID of this server and -1 if this is not a * @return the replication server ID of this server and -1 if this is not a * Returns the replication port of this server and -1 if this is not a * @return the replication port of this server and -1 if this is not a * Returns whether the communication with the replication port on the server * @return <CODE>true</CODE> if the communication with the replication port on * the server is encrypted and <CODE>false</CODE> otherwise. * Sets the ADS properties of the server. * @param adsProperties a Map containing the ADS properties of the server. * Returns the host name of the server. * @return the host name of the server. * Returns the URL to access this server using LDAP. Returns * <CODE>null</CODE> if the server is not configured to listen on an LDAP * @return the URL to access this server using LDAP. for (
int i=
0; i<s.
size(); i++)
* Returns the URL to access this server using LDAPS. Returns * <CODE>null</CODE> if the server is not configured to listen on an LDAPS * @return the URL to access this server using LDAP. for (
int i=
0; i<s.
size(); i++)
* Returns the URL to access this server using the administration connector. * Returns <CODE>null</CODE> if the server cannot get the administration * @return the URL to access this server using the administration connector. for (
int i=
0; i<s.
size(); i++)
* Returns the list of enabled administration ports. * @return the list of enabled administration ports. for (
int i=
0; i<s.
size(); i++)
* Returns a String of type host-name:port-number for the server. If * the provided securePreferred is set to true the port that will be used * will be the administration connector port. * @param securePreferred whether to try to use the secure port as part * of the returning String or not. * @return a String of type host-name:port-number for the server. for (
int i=
0; i<s.
size(); i++)
for (
int i=
0; i<s.
size(); i++)
* Returns an Id that is unique for this server. * @return an Id that is unique for this server. * Returns the instance-key public-key certificate retrieved from the * truststore backend of the instance referenced through this descriptor. * @return The public-key certificate of the instance. * Returns the schema generation ID of the server. * @return the schema generation ID of the server. * Returns the last exception that was encountered reading the configuration * of the server. Returns null if there was no problem loading the * configuration of the server. * @return the last exception that was encountered reading the configuration * of the server. Returns null if there was no problem loading the * configuration of the server. * Sets the last exception that occurred while reading the configuration of * @param lastException the last exception that occurred while reading the * configuration of the server. * This methods updates the ADS properties (the ones that were read from * the ADS) with the contents of the server properties (the ones that were * read directly from the server). for (
int j=
0; j<s.
size(); j++)
* Creates a ServerDescriptor object based on some ADS properties provided. * @param adsProperties the ADS properties of the server. * @return a ServerDescriptor object that corresponds to the provided ADS * Creates a ServerDescriptor object based on the configuration that we read * using the provided InitialLdapContext. * @param ctx the InitialLdapContext that will be used to read the * configuration of the server. * @param filter the topology cache filter describing the information that * @return a ServerDescriptor object that corresponds to the read * @throws NamingException if a problem occurred reading the server "ds-cfg-allow-start-tls",
String filter =
"(objectclass=ds-cfg-ldap-connection-handler)";
String filter =
"(objectclass=ds-cfg-administration-connector)";
// we should have a single administration connector // Even if we have a single port, use an array to be consistent with String filter =
"(objectclass=ds-cfg-jmx-connection-handler)";
String filter =
"(objectclass=ds-cfg-synchronization-provider)";
"cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config");
"ds-cfg-replication-server",
filter =
"(objectclass=ds-cfg-replication-domain)";
"cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config");
"ds-cfg-replication-server");
// Keep the values of the replication servers in lower case // to make use of Sets as String simpler. "ds-cfg-replication-port",
"ds-cfg-replication-server",
"ds-cfg-replication-server-id" filter =
"(objectclass=ds-cfg-replication-server)";
"Synchronization,cn=Synchronization Providers,cn=config");
// Keep the values of the replication servers in lower case // to make use of Sets as String simpler. new String[] {
"ds-cfg-ssl-encryption"});
filter =
"(objectclass=ds-cfg-crypto-manager)";
Updates the instance key public-key certificate value of this context from the local truststore of the instance bound by this context. Any current value of the certificate is overwritten. The intent of this method is to retrieve the instance-key public-key certificate when this context is bound to an instance, and cache it for later use in registering the instance into @param desc The map to update with the instance key-pair public-key @param ctx The bound server instance. @throws NamingException if unable to retrieve certificate from bound /* TODO: this DN is declared in some core constants file. Create a constants file for the installer and import it into the core. */ final String dnStr =
"ds-cfg-key-id=ads-certificate,cn=ads-truststore";
for (
int i =
0; i <
2 ; ++i) {
/* If the entry does not exist in the instance's truststore backend, add it (which induces the CryptoManager to create the public-key certificate attribute), then repeat the search. */ final String attrIDs[] = {
"ds-cfg-public-key-certificate;binary" };
/* attribute ds-cfg-public-key-certificate is a MUST in the schema */ /* Poke CryptoManager to initialize truststore. Note the special attribute in the request. */ oc.
add(
"ds-cfg-self-signed-cert-request");
String filter =
"(|(objectclass=*)(objectclass=ldapsubentry))";
Seeds the bound instance's local ads-truststore with a set of instance key-pair public key certificates. The result is the instance will trust any instance posessing the private key corresponding to one of the public-key certificates. This trust is necessary at least to initialize replication, which uses the trusted certificate entries in the ads-truststore for server @param ctx The bound instance. @param keyEntryMap The set of valid (i.e., not tagged as compromised) instance key-pair public-key certificate entries in ADS represented as a map from keyID to public-key certificate (binary). @throws NamingException in case an error occurs while updating the instance's /* TODO: this DN is declared in some core constants file. Create a constants file for the installer and import it into the core. */ oc.
add(
"ds-cfg-instance-key");
* Cleans up the contents of the ads truststore. * @param ctx the bound instance. * @throws NamingException in case an error occurs while updating the * instance's ads-truststore via LDAP. "(objectclass=ds-cfg-instance-key)",
sc);
* Returns the values of the ds-base-dn-entry count attributes for the given * backend monitor entry using the provided InitialLdapContext. * @param ctx the InitialLdapContext to use to update the configuration. * @param backendID the id of the backend. * @return the values of the ds-base-dn-entry count attribute. * @throws NamingException if there was an error. * An convenience method to know if the provided ID corresponds to a * configuration backend or not. * @param id the backend ID to analyze * @return <CODE>true</CODE> if the the id corresponds to a configuration * backend and <CODE>false</CODE> otherwise. * An convenience method to know if the provided ID corresponds to the schema * @param id the backend ID to analyze * @return <CODE>true</CODE> if the the id corresponds to the schema backend * and <CODE>false</CODE> otherwise. * Returns <CODE>true</CODE> if the the provided strings represent the same * DN and <CODE>false</CODE> otherwise. * @param dn1 the first dn to compare. * @param dn2 the second dn to compare. * @return <CODE>true</CODE> if the the provided strings represent the same * DN and <CODE>false</CODE> otherwise. * Returns the replication server normalized String for a given host name * @param hostName the host name. * @param replicationPort the replication port. * @return the replication server normalized String for a given host name * Returns the normalized server representation for a given host name and * @param hostName the host name. * @return the normalized server representation for a given host name and * Returns a representation of a base DN for a set of servers. * @param baseDN the base DN. * @param servers the servers. * @return a representation of a base DN for a set of servers. * Tells whether the provided server descriptor represents the same server * @param server the server to make the comparison. * @return whether the provided server descriptor represents the same server