mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/server/org/opends/server/extensions/SubjectDNToUserAttributeCertificateMapper.java
@@ -25,7 +25,6 @@ * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.extensions; import org.opends.messages.Message; @@ -34,11 +33,14 @@ import javax.security.auth.x500.X500Principal; import java.util.Collection; import java.util.List; import java.util.Set; import org.opends.messages.Message; import org.opends.server.admin.server.ConfigurationChangeListener; import org.opends.server.admin.std.server.CertificateMapperCfg; import org.opends.server.admin.std.server. SubjectDNToUserAttributeCertificateMapperCfg; import org.opends.server.api.Backend; import org.opends.server.api.CertificateMapper; import org.opends.server.config.ConfigException; import org.opends.server.core.DirectoryServer; @@ -52,15 +54,15 @@ import org.opends.server.types.DebugLogLevel; import org.opends.server.types.DN; import org.opends.server.types.Entry; import org.opends.server.types.IndexType; import org.opends.server.types.InitializationException; import org.opends.server.types.ResultCode; import org.opends.server.types.SearchFilter; import org.opends.server.types.SearchResultEntry; import org.opends.server.types.SearchScope; import static org.opends.server.loggers.debug.DebugLogger.*; import static org.opends.messages.ExtensionMessages.*; import static org.opends.server.loggers.debug.DebugLogger.*; import static org.opends.server.util.StaticUtils.*; @@ -114,6 +116,27 @@ currentConfig = configuration; configEntryDN = configuration.dn(); // Make sure that the subject attribute is configured for equality in all // appropriate backends. Set<DN> cfgBaseDNs = configuration.getUserBaseDN(); if ((cfgBaseDNs == null) || cfgBaseDNs.isEmpty()) { cfgBaseDNs = DirectoryServer.getPublicNamingContexts().keySet(); } AttributeType t = configuration.getSubjectAttribute(); for (DN baseDN : cfgBaseDNs) { Backend b = DirectoryServer.getBackend(baseDN); if ((b != null) && (! b.isIndexed(t, IndexType.EQUALITY))) { throw new ConfigException(ERR_SDTUACM_ATTR_UNINDEXED.get( configuration.dn().toString(), t.getNameOrOID(), b.getBackendID())); } } } @@ -239,9 +262,29 @@ configuration, List<Message> unacceptableReasons) { // If we've gotten to this point, then the configuration should be // acceptable. boolean configAcceptable = true; // Make sure that the subject attribute is configured for equality in all // appropriate backends. Set<DN> cfgBaseDNs = configuration.getUserBaseDN(); if ((cfgBaseDNs == null) || cfgBaseDNs.isEmpty()) { cfgBaseDNs = DirectoryServer.getPublicNamingContexts().keySet(); } AttributeType t = configuration.getSubjectAttribute(); for (DN baseDN : cfgBaseDNs) { Backend b = DirectoryServer.getBackend(baseDN); if ((b != null) && (! b.isIndexed(t, IndexType.EQUALITY))) { configAcceptable = false; unacceptableReasons.add(ERR_SDTUACM_ATTR_UNINDEXED.get( configuration.dn().toString(), t.getNameOrOID(), b.getBackendID())); } } return configAcceptable; }
