mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/ads/org/opends/admin/ads/ADSContext.java
@@ -186,8 +186,8 @@ * named by the ds-cfg-key-id attribute from the server entry. */ INSTANCE_PUBLIC_KEY_CERTIFICATE( "ds-cfg-public-key-certificate", ADSPropertySyntax.CERTIFICATE_BINARY); "ds-cfg-public-key-certificate", ADSPropertySyntax.CERTIFICATE_BINARY); private String attrName; private ADSPropertySyntax attSyntax; @@ -373,7 +373,7 @@ } private static HashMap<String, AdministratorProperty> nameToAdminUserProperty = null; nameToAdminUserProperty = null; /** * Get a AdministratorProperty associated to a name. @@ -439,7 +439,7 @@ } dirContext.createSubcontext(dn, attrs).close(); if (serverProperties.containsKey( ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) { registerInstanceKeyCertificate(serverProperties, dn); } @@ -452,7 +452,7 @@ memberList = new HashSet<String>(); } String newMember = "cn=" + Rdn.escapeValue(serverProperties.get(ServerProperty.ID)); + Rdn.escapeValue(serverProperties.get(ServerProperty.ID)); memberList.add(newMember); serverGroupProperties.put(ServerGroupProperty.MEMBERS, memberList); @@ -469,7 +469,7 @@ } groupList.add(ALL_SERVERGROUP_NAME); serverProperties.put(ServerProperty.GROUPS, groupList); updateServer(serverProperties, null); updateServer(serverProperties, null); } catch (ADSContextException ace) @@ -497,7 +497,7 @@ */ public void updateServer(Map<ServerProperty, Object> serverProperties, String newServerId) throws ADSContextException { { LdapName dn = makeDNFromServerProperties(serverProperties); try @@ -517,7 +517,7 @@ dirContext.modifyAttributes(dn, DirContext.REPLACE_ATTRIBUTE, attrs); if (serverProperties.containsKey( ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) { registerInstanceKeyCertificate(serverProperties, dn); } @@ -536,7 +536,7 @@ throw new ADSContextException( ADSContextException.ErrorType.ERROR_UNEXPECTED, x); } } } /** * Method called to unregister a server in the ADS. Note that the server's @@ -703,7 +703,7 @@ */ public int registerOrUpdateServer( Map<ServerProperty, Object> serverProperties) throws ADSContextException { { int result = 0; try { @@ -722,7 +722,7 @@ } } return result; } } /** * Returns the member list of a group of server. @@ -735,7 +735,7 @@ */ public Set<String> getServerGroupMemberList( String serverGroupId) throws ADSContextException { { LdapName dn = nameFromDN("cn=" + Rdn.escapeValue(serverGroupId) + "," + getServerGroupContainerDN()); @@ -788,7 +788,7 @@ ADSContextException.ErrorType.ERROR_UNEXPECTED, x); } return result; } } /** * Returns a set containing the servers that are registered in the @@ -924,7 +924,7 @@ if (serverGroupProperties.containsKey(ServerGroupProperty.UID)) { String newGroupId = serverGroupProperties .get(ServerGroupProperty.UID).toString(); .get(ServerGroupProperty.UID).toString(); if (!newGroupId.equals(groupID)) { // Rename to entry @@ -1079,7 +1079,7 @@ sc.setSearchScope(SearchControls.ONELEVEL_SCOPE); String[] attList = { "cn", "userpassword", "ds-privilege-name", "description" }; "description" }; sc.setReturningAttributes(attList); ne = dirContext.search(getAdministratorContainerDN(), "(objectclass=*)", sc); @@ -1314,7 +1314,7 @@ makeDNFromAdministratorProperties(adminProperties); boolean updatePassword = adminProperties .containsKey(AdministratorProperty.PASSWORD); .containsKey(AdministratorProperty.PASSWORD); try { // Entry renaming @@ -1343,7 +1343,7 @@ SearchResult sr = (SearchResult)ne.next(); currentPrivileges = sr.getAttributes().get("ds-privilege-name") .getAll(); .getAll(); } // Replace properties, if needed. @@ -1393,10 +1393,10 @@ */ private static LdapName makeDNFromHostnameAndPath(String hostname, String ipath) throws ADSContextException { { String cnValue = Rdn.escapeValue(hostname + "@" + ipath); return nameFromDN("cn=" + cnValue + "," + getServerContainerDN()); } } /** * This method returns the DN of the entry that corresponds to the given host @@ -1433,7 +1433,7 @@ throw new ADSContextException(ADSContextException.ErrorType.MISSING_NAME); } return nameFromDN("cn=" + Rdn.escapeValue(serverGroupId) + "," + getServerGroupContainerDN()); getServerGroupContainerDN()); } /** @@ -1446,7 +1446,7 @@ */ private static LdapName makeDNFromServerProperties( Map<ServerProperty, Object> serverProperties) throws ADSContextException { { String serverID ; if ( (serverID = getServerID(serverProperties)) != null ) { @@ -1464,7 +1464,7 @@ ServerDescriptor s = ServerDescriptor.createStandalone(serverProperties); return makeDNFromServerUniqueId(s.getHostPort(true)); } } } /** * This method returns the DN of the entry that corresponds to the given @@ -1476,12 +1476,12 @@ */ public static String getServerIdFromServerProperties( Map<ServerProperty, Object> serverProperties) throws ADSContextException { { LdapName ldapName = makeDNFromServerProperties(serverProperties); String rdn = ldapName.get(ldapName.size() -1); int pos = rdn.indexOf("="); return rdn.substring(pos+1); } } /** * This method returns the DN of the entry that corresponds to the given @@ -1547,7 +1547,7 @@ } LinkedList privileges = (LinkedList) adminProperties.get(AdministratorProperty.PRIVILEGE); adminProperties.get(AdministratorProperty.PRIVILEGE); for( Object o : privileges) { String p = o.toString() ; @@ -1643,17 +1643,17 @@ switch(property) { case INSTANCE_PUBLIC_KEY_CERTIFICATE: result = null; // used in separate instance key entry break; case GROUPS: result = new BasicAttribute(ServerProperty.GROUPS.getAttributeName()); for (Object o : ((Set) value)) { result.add(o); } break; default: result = new BasicAttribute(property.getAttributeName(), value); case INSTANCE_PUBLIC_KEY_CERTIFICATE: result = null; // used in separate instance key entry break; case GROUPS: result = new BasicAttribute(ServerProperty.GROUPS.getAttributeName()); for (Object o : ((Set) value)) { result.add(o); } break; default: result = new BasicAttribute(property.getAttributeName(), value); } return result; } @@ -1719,10 +1719,10 @@ case MEMBERS: result = new BasicAttribute( ServerGroupProperty.MEMBERS.getAttributeName()); for (Object o : ((Set) value)) { result.add(o); } break; for (Object o : ((Set) value)) { result.add(o); } break; default: result = new BasicAttribute(property.getAttributeName(), value); } @@ -1738,7 +1738,7 @@ */ private Map<ServerGroupProperty, Object> makePropertiesFromServerGroupAttrs( Attributes attrs) throws ADSContextException { { HashMap<ServerGroupProperty, Object> result = new HashMap<ServerGroupProperty, Object>(); try @@ -1778,7 +1778,7 @@ ADSContextException.ErrorType.ERROR_UNEXPECTED, x); } return result; } } /** * Returns the properties of a server for some LDAP attributes. @@ -1788,7 +1788,7 @@ */ private Map<ServerProperty, Object> makePropertiesFromServerAttrs( Attributes attrs) throws ADSContextException { { HashMap<ServerProperty, Object> result = new HashMap<ServerProperty, Object>(); try @@ -1847,7 +1847,7 @@ ADSContextException.ErrorType.ERROR_UNEXPECTED, x); } return result; } } /** @@ -1960,7 +1960,7 @@ */ private static String getHostname( Map<ServerProperty, Object> serverProperties) throws ADSContextException { { String result = (String)serverProperties.get(ServerProperty.HOST_NAME); if (result == null) { @@ -1973,7 +1973,7 @@ ADSContextException.ErrorType.NOVALID_HOSTNAME); } return result; } } /** * Returns the Server ID for the given properties. @@ -2003,7 +2003,7 @@ */ private static String getInstallPath( Map<ServerProperty, Object> serverProperties) throws ADSContextException { { String result = (String)serverProperties.get(ServerProperty.INSTANCE_PATH); if (result == null) { @@ -2016,7 +2016,7 @@ ADSContextException.ErrorType.NOVALID_IPATH); } return result; } } /** @@ -2176,7 +2176,7 @@ oc.add("groupofurls"); attrs.put(oc); attrs.put("memberURL", "ldap:///" + getAdministratorContainerDN() + "??one?(objectclass=*)"); "??one?(objectclass=*)"); attrs.put("description", "Group of identities which have full access."); createEntry(getAdministratorContainerDN(), attrs); } @@ -2241,12 +2241,12 @@ * Removes the administration suffix. * @throws ADSContextException if something goes wrong. */ // private void removeAdministrationSuffix() throws ADSContextException // { // ADSContextHelper helper = new ADSContextHelper(); // helper.removeAdministrationSuffix(getDirContext(), // getDefaultBackendName()); // } //private void removeAdministrationSuffix() throws ADSContextException //{ //ADSContextHelper helper = new ADSContextHelper(); //helper.removeAdministrationSuffix(getDirContext(), //getDefaultBackendName()); //} /** * Returns the default backend name of the administration data. @@ -2269,7 +2269,7 @@ /* *** CryptoManager related types, fields, and methods. *** *** CryptoManager related types, fields, and methods. *** */ /** @@ -2284,12 +2284,35 @@ /** Returns the parent entry of the secret key entries in ADS. @return the parent entry of the secret key entries in ADS. */ public static String getSecretKeysContainerDN() { return "cn=secret keys," + getAdministrationSuffixDN(); } */ public static String getSecretKeysContainerDN() { return "cn=secret keys," + getAdministrationSuffixDN(); } /** * Tells whether the provided server is registered in the registry. * @param server the server. * @param registry the registry. * @return <CODE>true</CODE> if the server is registered in the registry * and <CODE>false</CODE> otherwise. */ public static boolean isRegistered( ServerDescriptor server, Set<Map<ADSContext.ServerProperty, Object>> registry) { boolean isRegistered = false; for (Map<ADSContext.ServerProperty, Object> s : registry) { ServerDescriptor servInRegistry = ServerDescriptor.createStandalone(s); if (servInRegistry.getId().equals(server.getId())) { isRegistered = true; break; } } return isRegistered; } /** Register instance key-pair public-key certificate provided in @@ -2305,8 +2328,8 @@ getting the instance public key certificate ID. */ private void registerInstanceKeyCertificate( Map<ServerProperty, Object> serverProperties, LdapName serverEntryDn) Map<ServerProperty, Object> serverProperties, LdapName serverEntryDn) throws ADSContextException { ADSContextHelper helper = new ADSContextHelper(); helper.registerInstanceKeyCertificate(dirContext, serverProperties, @@ -2320,15 +2343,15 @@ the instance key entry belongs. @param serverEntryDn The server's ADS entry DN. @throws NamingException In case some JNDI operation fails. */ private void unregisterInstanceKeyCertificate( Map<ServerProperty, Object> serverProperties, LdapName serverEntryDn) throws ADSContextException { ADSContextHelper helper = new ADSContextHelper(); helper.unregisterInstanceKeyCertificate(dirContext, serverProperties, serverEntryDn); } */ private void unregisterInstanceKeyCertificate( Map<ServerProperty, Object> serverProperties, LdapName serverEntryDn) throws ADSContextException { ADSContextHelper helper = new ADSContextHelper(); helper.unregisterInstanceKeyCertificate(dirContext, serverProperties, serverEntryDn); } /** Return the set of valid (i.e., not tagged as compromised) instance key-pair @@ -2343,7 +2366,7 @@ @see org.opends.server.crypto.CryptoManagerImpl#getTrustedCertificates */ public Map<String,byte[]> getTrustedCertificates() throws ADSContextException throws ADSContextException { final Map<String, byte[]> certificateMap = new HashMap<String, byte[]>(); final String baseDNStr = getInstanceKeysContainerDN(); @@ -2351,25 +2374,25 @@ ADSContextHelper helper = new ADSContextHelper(); final LdapName baseDN = new LdapName(baseDNStr); final String FILTER_OC_INSTANCE_KEY = new StringBuilder("(objectclass=") .append(helper.getOcCryptoInstanceKey()) .append(")").toString(); = new StringBuilder("(objectclass=") .append(helper.getOcCryptoInstanceKey()) .append(")").toString(); final String FILTER_NOT_COMPROMISED = new StringBuilder("(!(") .append(helper.getAttrCryptoKeyCompromisedTime()) .append("=*))").toString(); .append(helper.getAttrCryptoKeyCompromisedTime()) .append("=*))").toString(); final String searchFilter = new StringBuilder("(&") .append(FILTER_OC_INSTANCE_KEY) .append(FILTER_NOT_COMPROMISED) .append(")").toString(); .append(FILTER_OC_INSTANCE_KEY) .append(FILTER_NOT_COMPROMISED) .append(")").toString(); final SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE); final String attrIDs[]= { ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(), ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE .getAttributeName() + ";binary"}; ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(), ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE .getAttributeName() + ";binary"}; searchControls.setReturningAttributes(attrIDs); NamingEnumeration<SearchResult> keyEntries = dirContext.search(baseDN, searchFilter, searchControls); = dirContext.search(baseDN, searchFilter, searchControls); while (keyEntries.hasMore()) { final SearchResult entry = keyEntries.next(); final Attributes attrs = entry.getAttributes(); @@ -2381,7 +2404,7 @@ } catch (NamingException x) { throw new ADSContextException( ADSContextException.ErrorType.ERROR_UNEXPECTED, x); ADSContextException.ErrorType.ERROR_UNEXPECTED, x); } return certificateMap; }
