mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: c2a059 | patch | commitdiff
neil_a_wilson
02.27.2007 f2a87ab4022947f0cd48715d7c37393f0ebfd60a
refs
author neil_a_wilson <neil_a_wilson@localhost>
Saturday, June 2, 2007 02:27 +0200
committer neil_a_wilson <neil_a_wilson@localhost>
Saturday, June 2, 2007 02:27 +0200
commitf2a87ab4022947f0cd48715d7c37393f0ebfd60a
tree 575d293d77ca1c6633b6ed7fbbf8587747506dd4 tree | zip | gz
parent c2a059d7cecbc4e6ee4ec33d1979bef6d6522819 view | diff 
Update the server to provide a lockdown mode.  This is a mode in which the
server will only allow client connections over loopback interfaces and will
reject requests from non-root users.  This can be used in cases where it would
be helpful for the server to be online to address a problem, but there might be
security risks in having it fully available (e.g., the server detects a
malformed access control rule on startup, and we don't want to allow normal
access to the server since that rule might be intended to prevent users from
seeing sensitive information and not having it interpreted properly could be
dangerous).

This mode is designed so that server components like the access control
subsystem can place the server in this mode if a problem is detected, but it
also includes tasks that can be used to manually place the server into and out
of the lockdown mode.  These tasks will only be allowed to be invoked by root
users over a loopback connection.

OpenDS Issue Number:  1758
3 files added
7 files modified
858 ■■■■■ changed files
opends/src/server/org/opends/server/core/BindOperation.java 46 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/core/DirectoryServer.java 106 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/messages/CoreMessages.java 58 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/messages/ProtocolMessages.java 3 ●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/messages/TaskMessages.java 52 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java 20 ●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/tasks/EnterLockdownModeTask.java 97 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/tasks/LeaveLockdownModeTask.java 97 ●●●●● diff | view | raw | blame | history
opends/src/server/org/opends/server/util/ServerConstants.java 40 ●●●●● diff | view | raw | blame | history
opends/tests/unit-tests-testng/src/server/org/opends/server/tasks/LockdownModeTaskTestCase.java 339 ●●●●● diff | view | raw | blame | history