mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: dab4d5 | patch | commitdiff
neil_a_wilson
02.27.2007 b66654ad0e12d83f17b2e84422fefbaf31509e86
refs
author neil_a_wilson <neil_a_wilson@localhost>
Saturday, June 2, 2007 02:27 +0200
committer neil_a_wilson <neil_a_wilson@localhost>
Saturday, June 2, 2007 02:27 +0200
commitb66654ad0e12d83f17b2e84422fefbaf31509e86
tree dcbd4f0cbbf0bf62ce9f68b1fb9a94dfd011aeb6 tree | zip | gz
parent dab4d5e572b1e282270975e51bedc89bbabf37da view | diff 
Update the server to provide a lockdown mode.  This is a mode in which the
server will only allow client connections over loopback interfaces and will
reject requests from non-root users.  This can be used in cases where it would
be helpful for the server to be online to address a problem, but there might be
security risks in having it fully available (e.g., the server detects a
malformed access control rule on startup, and we don't want to allow normal
access to the server since that rule might be intended to prevent users from
seeing sensitive information and not having it interpreted properly could be
dangerous).

This mode is designed so that server components like the access control
subsystem can place the server in this mode if a problem is detected, but it
also includes tasks that can be used to manually place the server into and out
of the lockdown mode.  These tasks will only be allowed to be invoked by root
users over a loopback connection.

OpenDS Issue Number:  1758
3 files added
7 files modified
858 ■■■■■ changed files
opendj-sdk/opends/src/server/org/opends/server/core/BindOperation.java 46 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/core/DirectoryServer.java 106 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/messages/CoreMessages.java 58 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/messages/ProtocolMessages.java 3 ●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/messages/TaskMessages.java 52 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java 20 ●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/tasks/EnterLockdownModeTask.java 97 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/tasks/LeaveLockdownModeTask.java 97 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/util/ServerConstants.java 40 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/tasks/LockdownModeTaskTestCase.java 339 ●●●●● diff | view | raw | blame | history