mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/resource/config/config.ldif
@@ -72,7 +72,7 @@ ds-cfg-global-aci: (targetattr!="userPassword||authPassword")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetattr="*")(version 3.0; acl "Self entry modification"; allow (write) userdn="ldap:///self";) ds-cfg-global-aci: (target="ldap:///cn=schema")(targetscope="base")(targetattr="attributeTypes||dITContentRules||dITStructureRules||ldapSyntaxes||matchingRules||matchingRuleUse||nameForms||objectClasses")(version 3.0; acl "User-Visible Schema Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (target="ldap:///")(targetscope="base")(targetattr="namingContexts||supportedAuthPasswordSchemes||supportedControl||supportedExtension||supportedFeatures||supportedSASLMechanisms||vendorName||vendorVersion")(version 3.0; acl "User-Visible Root DSE Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (target="ldap:///")(targetscope="base")(targetattr="namingContexts||supportedAuthPasswordSchemes||supportedControl||supportedExtension||supportedFeatures||supportedLDAPVersion||supportedSASLMechanisms||vendorName||vendorVersion")(version 3.0; acl "User-Visible Root DSE Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) ds-cfg-global-aci: (targetattr="createTimestamp||creatorsName||modifiersName||modifyTimestamp||entryDN||entryUUID||subschemaSubentry")(version 3.0; acl "User-Visible Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";) cn: Access Control Handler ds-cfg-java-class: org.opends.server.authorization.dseecompat.AciHandler opends/src/server/org/opends/server/backends/RootDSEBackend.java
@@ -36,6 +36,7 @@ import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeSet; import java.util.concurrent.ConcurrentHashMap; import org.opends.messages.Message; @@ -636,6 +637,32 @@ } // Add the "supportedLDAPVersions" attribute. TreeSet<String> versionStrings = new TreeSet<String>(); for (Integer ldapVersion : DirectoryServer.getSupportedLDAPVersions()) { versionStrings.add(ldapVersion.toString()); } Attribute supportedLDAPVersionAttr = createAttribute(ATTR_SUPPORTED_LDAP_VERSION, ATTR_SUPPORTED_LDAP_VERSION_LC, versionStrings); ArrayList<Attribute> supportedLDAPVersionAttrs = new ArrayList<Attribute>(1); supportedLDAPVersionAttrs.add(supportedLDAPVersionAttr); if (showAllAttributes || (! supportedLDAPVersionAttr.getAttributeType().isOperational())) { dseUserAttrs.put(supportedLDAPVersionAttr.getAttributeType(), supportedLDAPVersionAttrs); } else { dseOperationalAttrs.put(supportedLDAPVersionAttr.getAttributeType(), supportedLDAPVersionAttrs); } // Add the "supportedAuthPasswordSchemes" attribute. Set<String> authPWSchemes = DirectoryServer.getAuthPasswordStorageSchemes().keySet(); opends/src/server/org/opends/server/core/DirectoryServer.java
@@ -438,6 +438,10 @@ // policy implementation. private ConcurrentHashMap<DN, RetentionPolicy> retentionPolicies; // The set supported LDAP protocol versions. private ConcurrentHashMap<Integer,List<ConnectionHandler>> supportedLDAPVersions; // The set of extended operation handlers registered with the server (mapped // between the OID of the extended operation and the handler). private ConcurrentHashMap<String,ExtendedOperationHandler> @@ -924,6 +928,8 @@ <SynchronizationProviderCfg>>(); directoryServer.supportedControls = new TreeSet<String>(); directoryServer.supportedFeatures = new TreeSet<String>(); directoryServer.supportedLDAPVersions = new ConcurrentHashMap<Integer,List<ConnectionHandler>>(); directoryServer.virtualAttributes = new CopyOnWriteArrayList<VirtualAttributeRule>(); directoryServer.connectionHandlers = @@ -7050,6 +7056,79 @@ /** * Retrieves the supported LDAP versions for the Directory Server. * * @return The supported LDAP versions for the Directory Server. */ public static Set<Integer> getSupportedLDAPVersions() { return directoryServer.supportedLDAPVersions.keySet(); } /** * Registers the provided LDAP protocol version as supported within the * Directory Server. * * @param supportedLDAPVersion The LDAP protocol version to register as * supported. * @param connectionHandler The connection handler that supports the * provided LDAP version. Note that multiple * connection handlers can provide support for * the same LDAP versions. */ public static synchronized void registerSupportedLDAPVersion( int supportedLDAPVersion, ConnectionHandler connectionHandler) { List<ConnectionHandler> handlers = directoryServer.supportedLDAPVersions.get(supportedLDAPVersion); if (handlers == null) { handlers = new LinkedList<ConnectionHandler>(); handlers.add(connectionHandler); directoryServer.supportedLDAPVersions.put(supportedLDAPVersion, handlers); } else { if (! handlers.contains(connectionHandler)) { handlers.add(connectionHandler); } } } /** * Deregisters the provided LDAP protocol version as supported within the * Directory Server. * * @param supportedLDAPVersion The LDAP protocol version to deregister. * @param connectionHandler The connection handler that no longer * supports the provided LDAP version. */ public static synchronized void deregisterSupportedLDAPVersion( int supportedLDAPVersion, ConnectionHandler connectionHandler) { List<ConnectionHandler> handlers = directoryServer.supportedLDAPVersions.get(supportedLDAPVersion); if (handlers != null) { handlers.remove(connectionHandler); if (handlers.isEmpty()) { directoryServer.supportedLDAPVersions.remove(supportedLDAPVersion); } } } /** * Retrieves the set of identity mappers defined in the Directory Server * configuration, as a mapping between the DN of the configuration entry and * the identity mapper. opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java
@@ -289,6 +289,15 @@ enabledSSLProtocols = protocols.toArray(new String[0]); } if (config.isAllowLDAPV2()) { DirectoryServer.registerSupportedLDAPVersion(2, this); } else { DirectoryServer.deregisterSupportedLDAPVersion(2, this); } return new ConfigChangeResult(resultCode, adminActionRequired, messages); } @@ -317,6 +326,9 @@ shutdownRequested = true; currentConfig.removeLDAPChangeListener(this); DirectoryServer.deregisterSupportedLDAPVersion(2, this); DirectoryServer.deregisterSupportedLDAPVersion(3, this); try { selector.wakeup(); } catch (Exception e) { @@ -744,6 +756,14 @@ } // Register the set of supported LDAP versions. DirectoryServer.registerSupportedLDAPVersion(3, this); if (config.isAllowLDAPV2()) { DirectoryServer.registerSupportedLDAPVersion(2, this); } // Register this as a change listener. config.addLDAPChangeListener(this); } opends/src/server/org/opends/server/util/ServerConstants.java
@@ -468,6 +468,24 @@ /** * The name of the standard attribute that is used to specify the names of the * LDAP protocol versions supported by the server, formatted in camel case. */ public static final String ATTR_SUPPORTED_LDAP_VERSION = "supportedLDAPVersion"; /** * The name of the standard attribute that is used to specify the names of the * LDAP protocol versions supported by the server, formatted in all lowercase. */ public static final String ATTR_SUPPORTED_LDAP_VERSION_LC = "supportedldapversion"; /** * The name of the standard attribute that is used to specify the names of the * SASL mechanisms supported by the server, formatted in camel case. */ public static final String ATTR_SUPPORTED_SASL_MECHANISMS =
