Issue 1484 fix (use new admin framework for password generation configuration)

lutoff

06.28.2007 445e7dacd8794fdaf8967748015a446668c261cc

Issue 1484 fix (use new admin framework for password generation configuration)

 opends/src/admin/defn/org/opends/server/admin/std/PasswordGeneratorConfiguration.xml

New file
@@ -0,0 +1,55 @@
<?xml version="1.0" encoding="utf-8"?>
<adm:managed-object name="password-generator" plural-name="password-generators"
  package="org.opends.server.admin.std"
  xmlns:adm="http://www.opends.org/admin"
  xmlns:ldap="http://www.opends.org/admin-ldap">
  <adm:synopsis>
    <adm:user-friendly-plural-name />
    are used by the password modify extended operation to construct
    a new password for the user.
  </adm:synopsis>
  <adm:profile name="ldap">
    <ldap:object-class>
      <ldap:oid>1.3.6.1.4.1.26027.1.2.60</ldap:oid>
      <ldap:name>ds-cfg-password-generator</ldap:name>
      <ldap:superior>top</ldap:superior>
    </ldap:object-class>
  </adm:profile>
  <adm:property name="enabled" mandatory="true">
    <adm:synopsis>
      Indicate whether the
      <adm:user-friendly-name />
      is enabled for use.
    </adm:synopsis>
    <adm:syntax>
      <adm:boolean />
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.173</ldap:oid>
        <ldap:name>ds-cfg-password-generator-enabled</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>
  <adm:property name="generator-class" mandatory="true">
    <adm:synopsis>
      The fully-qualified name of the Java class that provides the
      <adm:user-friendly-name />
      implementation.
    </adm:synopsis>
    <adm:syntax>
      <adm:java-class>
        <adm:instance-of>
          org.opends.server.api.PasswordGenerator
        </adm:instance-of>
      </adm:java-class>
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.172</ldap:oid>
        <ldap:name>ds-cfg-password-generator-class</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>
</adm:managed-object>


 opends/src/admin/defn/org/opends/server/admin/std/RandomPasswordGeneratorConfiguration.xml

New file
@@ -0,0 +1,70 @@
<?xml version="1.0" encoding="UTF-8"?>
<adm:managed-object name="random-password-generator"
  plural-name="random-password-generators"
  package="org.opends.server.admin.std" extends="password-generator"
  xmlns:adm="http://www.opends.org/admin"
  xmlns:ldap="http://www.opends.org/admin-ldap">
  <adm:synopsis>
    The
    <adm:user-friendly-name />
    is used to generate a random passwords based on fixed-length strings
    built from one or more character sets.
  </adm:synopsis>
  <adm:profile name="ldap">
    <ldap:object-class>
      <ldap:oid>1.3.6.1.4.1.26027.1.2.61</ldap:oid>
      <ldap:name>ds-cfg-random-password-generator</ldap:name>
      <ldap:superior>ds-cfg-password-generator</ldap:superior>
    </ldap:object-class>
  </adm:profile>
  <adm:property name="password-character-set" mandatory="true"
    multi-valued="true">
    <adm:synopsis>
      Specifies one or more named character sets.
    </adm:synopsis>
    <adm:description>
      Specifies one or more named character sets. This is a multivalued
      attribute, with each value defining a different character set. The
      format of the character set is the name of the set followed by a
      colon and the characters that should be in that set. For example,
      the value "alpha:abcdefghijklmnopqrstuvwxyz" would define a
      character set named "alpha" containing all of the lowercase ASCII
      alphabetic characters.
    </adm:description>
    <adm:syntax>
      <adm:string />
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.170</ldap:oid>
        <ldap:name>ds-cfg-password-character-set</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>
  <adm:property name="password-format" mandatory="true">
    <adm:synopsis>
      Specifies the format to use for the generated password.
    </adm:synopsis>
    <adm:description>
      Specifies the format to use for the generated password. The value
      is a comma-delimited list of elements in which each of those
      elements is comprised of the name of a character set defined in
      the ds-cfg-password-character- set attribute, a colon, and the
      number of characters to include from that set. For example, a
      value of "alpha:3,numeric:2,alpha:3" would generate an 8-character
      password in which the first three characters are from the "alpha"
      set, the next two are from the "numeric" set, and the final three
      are from the "alpha" set.
    </adm:description>
    <adm:syntax>
      <adm:string />
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.171</ldap:oid>
        <ldap:name>ds-cfg-password-format</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>
</adm:managed-object>


 opends/src/admin/defn/org/opends/server/admin/std/RootConfiguration.xml

@@ -53,6 +53,14 @@
      </ldap:rdn-sequence>
    </adm:profile>
  </adm:relation>
  <adm:relation name="password-generator">
    <adm:one-to-many />
    <adm:profile name="ldap">
      <ldap:rdn-sequence>
        cn=Password Generators,cn=config
      </ldap:rdn-sequence>
    </adm:profile>
  </adm:relation>
  <adm:relation name="plugin">
    <adm:one-to-many />
    <adm:profile name="ldap">

 opends/src/server/org/opends/server/api/PasswordGenerator.java

@@ -28,7 +28,7 @@



import org.opends.server.config.ConfigEntry;
import org.opends.server.admin.std.server.PasswordGeneratorCfg;
import org.opends.server.config.ConfigException;
import org.opends.server.types.ByteString;
import org.opends.server.types.DirectoryException;
@@ -45,8 +45,12 @@
 * of a password policy, and is used by the password modify extended
 * operation to construct a new password for the user if that option
 * is chosen.
 *
 * @param  <T>  The type of configuration handled by this password
 *              generator.
 */
public abstract class PasswordGenerator
       <T extends PasswordGeneratorCfg>
{


@@ -55,9 +59,8 @@
   * Initializes this password generator based on the information in
   * the provided configuration entry.
   *
   * @param  configEntry  The configuration entry that contains the
   *                      information to use to initialize this
   *                      password generator.
   * @param  configuration  The configuration to use to initialize
   *                        this password validator.
   *
   * @throws  ConfigException  If an unrecoverable problem arises in
   *                           the process of performing the
@@ -68,8 +71,7 @@
   *                                   related to the server
   *                                   configuration.
   */
  public abstract void initializePasswordGenerator(
                            ConfigEntry configEntry)
  public abstract void initializePasswordGenerator(T configuration)
         throws ConfigException, InitializationException;



 opends/src/server/org/opends/server/core/PasswordGeneratorConfigManager.java

@@ -28,22 +28,21 @@



import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;

import org.opends.server.api.ConfigAddListener;
import org.opends.server.api.ConfigChangeListener;
import org.opends.server.api.ConfigDeleteListener;
import org.opends.server.api.ConfigHandler;
import org.opends.server.api.ConfigurableComponent;
import org.opends.server.admin.ClassPropertyDefinition;
import org.opends.server.admin.server.ConfigurationAddListener;
import org.opends.server.admin.server.ConfigurationChangeListener;
import org.opends.server.admin.server.ConfigurationDeleteListener;
import org.opends.server.admin.server.ServerManagementContext;
import org.opends.server.admin.std.meta.PasswordGeneratorCfgDefn;
import org.opends.server.admin.std.server.PasswordGeneratorCfg;
import org.opends.server.admin.std.server.RootCfg;
import org.opends.server.api.PasswordGenerator;
import org.opends.server.config.BooleanConfigAttribute;
import org.opends.server.config.ConfigEntry;
import org.opends.server.config.ConfigException;
import org.opends.server.config.StringConfigAttribute;
import org.opends.server.types.ConfigChangeResult;
import org.opends.server.types.DN;
import org.opends.server.types.ErrorLogCategory;
@@ -51,14 +50,10 @@
import org.opends.server.types.InitializationException;
import org.opends.server.types.ResultCode;

import static org.opends.server.config.ConfigConstants.*;
import static org.opends.server.loggers.debug.DebugLogger.debugCaught;
import static org.opends.server.loggers.debug.DebugLogger.debugEnabled;
import org.opends.server.types.DebugLogLevel;
import static org.opends.server.loggers.Error.*;
import static org.opends.server.messages.ConfigMessages.*;
import static org.opends.server.messages.MessageHandler.*;
import static org.opends.server.util.ServerConstants.*;
import static org.opends.server.util.StaticUtils.stackTraceToSingleLineString;



@@ -70,26 +65,21 @@
 * running.
 */
public class PasswordGeneratorConfigManager
       implements ConfigChangeListener, ConfigAddListener, ConfigDeleteListener
       implements ConfigurationAddListener<PasswordGeneratorCfg>,
       ConfigurationDeleteListener<PasswordGeneratorCfg>,
       ConfigurationChangeListener<PasswordGeneratorCfg>
{



  // A mapping between the DNs of the config entries and the associated password
  // generators.
  private ConcurrentHashMap<DN,PasswordGenerator> passwordGenerators;

  // The configuration handler for the Directory Server.
  private ConfigHandler configHandler;



  /**
   * Creates a new instance of this password generator config manager.
   */
  public PasswordGeneratorConfigManager()
  {
    configHandler      = DirectoryServer.getConfigHandler();
    passwordGenerators = new ConcurrentHashMap<DN,PasswordGenerator>();
  }

@@ -110,846 +100,254 @@
  public void initializePasswordGenerators()
         throws ConfigException, InitializationException
  {
    // First, get the configuration base entry.
    ConfigEntry baseEntry;
    try
    // Get the root configuration object.
    ServerManagementContext managementContext =
         ServerManagementContext.getInstance();
    RootCfg rootConfiguration =
         managementContext.getRootConfiguration();

    // Register as an add and delete listener with the root configuration so we
    // can be notified if any password generator entries are added or removed.
    rootConfiguration.addPasswordGeneratorAddListener(this);
    rootConfiguration.addPasswordGeneratorDeleteListener(this);


    //Initialize the existing password generators.
    for (String generatorName : rootConfiguration.listPasswordGenerators())
    {
      DN generatorBase = DN.decode(DN_PWGENERATOR_CONFIG_BASE);
      baseEntry = configHandler.getConfigEntry(generatorBase);
    }
    catch (Exception e)
    {
      if (debugEnabled())
      PasswordGeneratorCfg generatorConfiguration =
           rootConfiguration.getPasswordGenerator(generatorName);
      generatorConfiguration.addChangeListener(this);

      if (generatorConfiguration.isEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int    msgID   = MSGID_CONFIG_PWGENERATOR_CANNOT_GET_BASE;
      String message = getMessage(msgID, String.valueOf(e));
      throw new ConfigException(msgID, message, e);
    }

    if (baseEntry == null)
    {
      // The password generator base entry does not exist.  This is not
      // acceptable, so throw an exception.
      int    msgID   = MSGID_CONFIG_PWGENERATOR_BASE_DOES_NOT_EXIST;
      String message = getMessage(msgID);
      throw new ConfigException(msgID, message);
    }


    // Register add and delete listeners with the generator base entry.  We
    // don't care about modifications to it.
    baseEntry.registerAddListener(this);
    baseEntry.registerDeleteListener(this);


    // See if the base entry has any children.  If not, then we don't need to do
    // anything else.
    if (! baseEntry.hasChildren())
    {
      return;
    }


    // Iterate through the child entries and process them as password generator
    // configuration entries.
    for (ConfigEntry childEntry : baseEntry.getChildren().values())
    {
      childEntry.registerChangeListener(this);

      StringBuilder unacceptableReason = new StringBuilder();
      if (! configAddIsAcceptable(childEntry, unacceptableReason))
      {
        logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR,
                 MSGID_CONFIG_PWGENERATOR_ENTRY_UNACCEPTABLE,
                 childEntry.getDN().toString(), unacceptableReason.toString());
        continue;
      }

      try
      {
        ConfigChangeResult result = applyConfigurationAdd(childEntry);
        if (result.getResultCode() != ResultCode.SUCCESS)
        String className = generatorConfiguration.getGeneratorClass();
        try
        {
          StringBuilder buffer = new StringBuilder();

          List<String> resultMessages = result.getMessages();
          if ((resultMessages == null) || (resultMessages.isEmpty()))
          {
            buffer.append(getMessage(MSGID_CONFIG_UNKNOWN_UNACCEPTABLE_REASON));
          }
          else
          {
            Iterator<String> iterator = resultMessages.iterator();

            buffer.append(iterator.next());
            while (iterator.hasNext())
            {
              buffer.append(EOL);
              buffer.append(iterator.next());
            }
          }

          PasswordGenerator<? extends PasswordGeneratorCfg>
               generator = loadGenerator(className, generatorConfiguration);
          passwordGenerators.put(generatorConfiguration.dn(), generator);
          DirectoryServer.registerPasswordGenerator(generatorConfiguration.dn(),
              generator);
        }
        catch (InitializationException ie)
        {
          logError(ErrorLogCategory.CONFIGURATION,
                   ErrorLogSeverity.SEVERE_ERROR,
                   MSGID_CONFIG_PWGENERATOR_CANNOT_CREATE_GENERATOR,
                   childEntry.getDN().toString(), buffer.toString());
                   ie.getMessage(), ie.getMessageID());
          continue;
        }
      }
      catch (Exception e)
      {
        logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR,
                 MSGID_CONFIG_PWGENERATOR_CANNOT_CREATE_GENERATOR,
                 childEntry.getDN().toString(), String.valueOf(e));
      }
    }
  }



  /**
   * Indicates whether the configuration entry that will result from a proposed
   * modification is acceptable to this change listener.
   *
   * @param  configEntry         The configuration entry that will result from
   *                             the requested update.
   * @param  unacceptableReason  A buffer to which this method can append a
   *                             human-readable message explaining why the
   *                             proposed change is not acceptable.
   *
   * @return  <CODE>true</CODE> if the proposed entry contains an acceptable
   *          configuration, or <CODE>false</CODE> if it does not.
   * {@inheritDoc}
   */
  public boolean configChangeIsAcceptable(ConfigEntry configEntry,
                                          StringBuilder unacceptableReason)
  public boolean isConfigurationChangeAcceptable(
                      PasswordGeneratorCfg configuration,
                      List<String> unacceptableReasons)
  {
    // Make sure that the entry has an appropriate objectclass for a password
    // generator.
    if (! configEntry.hasObjectClass(OC_PASSWORD_GENERATOR))
    if (configuration.isEnabled())
    {
      int    msgID   = MSGID_CONFIG_PWGENERATOR_INVALID_OBJECTCLASS;
      String message = getMessage(msgID, configEntry.getDN().toString());
      unacceptableReason.append(message);
      return false;
    }


    // Make sure that the entry specifies the generator class name.
    StringConfigAttribute classNameAttr;
    try
    {
      StringConfigAttribute classStub =
           new StringConfigAttribute(ATTR_PWGENERATOR_CLASS,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_CLASS_NAME),
                    true, false, true);
      classNameAttr = (StringConfigAttribute)
                      configEntry.getConfigAttribute(classStub);

      if (classNameAttr == null)
      // Get the name of the class and make sure we can instantiate it as a
      // password generator.
      String className = configuration.getGeneratorClass();
      try
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_CLASS_NAME;
        String message = getMessage(msgID, configEntry.getDN().toString());
        unacceptableReason.append(message);
        loadGenerator(className, null);
      }
      catch (InitializationException ie)
      {
        unacceptableReasons.add(ie.getMessage());
        return false;
      }
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS_NAME;
      String message = getMessage(msgID, configEntry.getDN().toString(),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }

    Class generatorClass;
    try
    {
      generatorClass = DirectoryServer.loadClass(classNameAttr.pendingValue());
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS_NAME;
      String message = getMessage(msgID, configEntry.getDN().toString(),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }

    try
    {
      PasswordGenerator generator =
           (PasswordGenerator) generatorClass.newInstance();
    }
    catch(Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS;
      String message = getMessage(msgID, generatorClass.getName(),
                                  String.valueOf(configEntry.getDN()),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }


    // See if this password generator should be enabled.
    BooleanConfigAttribute enabledAttr;
    try
    {
      BooleanConfigAttribute enabledStub =
           new BooleanConfigAttribute(ATTR_PWGENERATOR_ENABLED,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_ENABLED),
                               false);
      enabledAttr = (BooleanConfigAttribute)
                    configEntry.getConfigAttribute(enabledStub);

      if (enabledAttr == null)
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_ENABLED_ATTR;
        String message = getMessage(msgID, configEntry.getDN().toString());
        unacceptableReason.append(message);
        return false;
      }
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_ENABLED_VALUE;
      String message = getMessage(msgID, configEntry.getDN().toString(),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }


    // If we've gotten here then the password generator entry appears to be
    // acceptable.
    // If we've gotten here, then it's fine.
    return true;
  }



  /**
   * Attempts to apply a new configuration to this Directory Server component
   * based on the provided changed entry.
   *
   * @param  configEntry  The configuration entry that containing the updated
   *                      configuration for this component.
   *
   * @return  Information about the result of processing the configuration
   *          change.
   * {@inheritDoc}
   */
  public ConfigChangeResult applyConfigurationChange(ConfigEntry configEntry)
  public ConfigChangeResult applyConfigurationChange(
                                 PasswordGeneratorCfg configuration)
  {
    DN                configEntryDN       = configEntry.getDN();
    ResultCode        resultCode          = ResultCode.SUCCESS;
    boolean           adminActionRequired = false;
    ArrayList<String> messages            = new ArrayList<String>();


    // Make sure that the entry has an appropriate objectclass for a password
    // generator.
    if (! configEntry.hasObjectClass(OC_PASSWORD_GENERATOR))
    // Get the existing generator if it's already enabled.
    PasswordGenerator existingGenerator =
         passwordGenerators.get(configuration.dn());


    // If the new configuration has the generator disabled, then disable it if
    // it is enabled, or do nothing if it's already disabled.
    if (! configuration.isEnabled())
    {
      int    msgID   = MSGID_CONFIG_PWGENERATOR_INVALID_OBJECTCLASS;
      messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
      resultCode = ResultCode.UNWILLING_TO_PERFORM;
      if (existingGenerator != null)
      {
        DirectoryServer.deregisterPasswordGenerator(configuration.dn());

        PasswordGenerator passwordGenerator =
             passwordGenerators.remove(configuration.dn());
        if (passwordGenerator != null)
        {
          passwordGenerator.finalizePasswordGenerator();
        }
      }

      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }


    // Get the corresponding password generator if it is active.
    PasswordGenerator generator = passwordGenerators.get(configEntryDN);
    // Get the class for the password generator.  If the generator is already
    // enabled, then we shouldn't do anything with it although if the class has
    // changed then we'll at least need to indicate that administrative action
    // is required.  If the generator is disabled, then instantiate the class
    // and initialize and register it as a password generator.
    String className = configuration.getGeneratorClass();
    if (existingGenerator != null)
    {
      if (! className.equals(existingGenerator.getClass().getName()))
      {
        adminActionRequired = true;
      }

      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }

    // See if this generator should be enabled or disabled.
    boolean needsEnabled = false;
    BooleanConfigAttribute enabledAttr;
    PasswordGenerator<? extends PasswordGeneratorCfg>
         passwordGenerator = null;
    try
    {
      BooleanConfigAttribute enabledStub =
           new BooleanConfigAttribute(ATTR_PWGENERATOR_ENABLED,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_ENABLED),
                               false);
      enabledAttr = (BooleanConfigAttribute)
                    configEntry.getConfigAttribute(enabledStub);

      if (enabledAttr == null)
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_ENABLED_ATTR;
        messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
        resultCode = ResultCode.UNWILLING_TO_PERFORM;
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }

      if (enabledAttr.activeValue())
      {
        if (generator == null)
        {
          needsEnabled = true;
        }
        else
        {
          // The generator is already active, so no action is required.
        }
      }
      else
      {
        if (generator == null)
        {
          // The generator is already disabled, so no action is required and we
          // can short-circuit out of this processing.
          return new ConfigChangeResult(resultCode, adminActionRequired,
                                        messages);
        }
        else
        {
          // The generator is active, so it needs to be disabled.  Do this and
          // return that we were successful.
          passwordGenerators.remove(configEntryDN);
          generator.finalizePasswordGenerator();

          DirectoryServer.deregisterPasswordGenerator(configEntryDN);

          return new ConfigChangeResult(resultCode, adminActionRequired,
                                        messages);
        }
      }
      passwordGenerator = loadGenerator(className, configuration);
    }
    catch (Exception e)
    catch (InitializationException ie)
    {
      if (debugEnabled())
      if (resultCode == ResultCode.SUCCESS)
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_ENABLED_VALUE;
      messages.add(getMessage(msgID, String.valueOf(configEntryDN),
                              String.valueOf(e)));
      resultCode = DirectoryServer.getServerErrorResultCode();
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }


    // Make sure that the entry specifies the generator class name.  If it has
    // changed, then we will not try to dynamically apply it.
    String className;
    try
    {
      StringConfigAttribute classStub =
           new StringConfigAttribute(ATTR_PWGENERATOR_CLASS,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_CLASS_NAME),
                    true, false, true);
      StringConfigAttribute classNameAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(classStub);

      if (classNameAttr == null)
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_CLASS_NAME;
        messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
        resultCode = ResultCode.OBJECTCLASS_VIOLATION;
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }

      className = classNameAttr.pendingValue();
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS_NAME;
      messages.add(getMessage(msgID, String.valueOf(configEntryDN),
                              String.valueOf(e)));
      resultCode = DirectoryServer.getServerErrorResultCode();
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }


    boolean classChanged = false;
    String  oldClassName = null;
    if (generator != null)
    {
      oldClassName = generator.getClass().getName();
      classChanged = (! className.equals(oldClassName));
    }


    if (classChanged)
    {
      // This will not be applied dynamically.  Add a message to the response
      // and indicate that admin action is required.
      adminActionRequired = true;
      messages.add(getMessage(MSGID_CONFIG_PWGENERATOR_CLASS_ACTION_REQUIRED,
                              String.valueOf(oldClassName),
                              String.valueOf(className),
                              String.valueOf(configEntryDN)));
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }


    if (needsEnabled)
    {
      try
      {
        Class generatorClass = DirectoryServer.loadClass(className);
        generator = (PasswordGenerator) generatorClass.newInstance();
      }
      catch (Exception e)
      {
        if (debugEnabled())
        {
          debugCaught(DebugLogLevel.ERROR, e);
        }

        int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS;
        messages.add(getMessage(msgID, className,
                                String.valueOf(configEntryDN),
                                String.valueOf(e)));
        resultCode = DirectoryServer.getServerErrorResultCode();
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }

      try
      {
        generator.initializePasswordGenerator(configEntry);
      }
      catch (Exception e)
      {
        if (debugEnabled())
        {
          debugCaught(DebugLogLevel.ERROR, e);
        }

        int msgID = MSGID_CONFIG_PWGENERATOR_INITIALIZATION_FAILED;
        messages.add(getMessage(msgID, className,
                                String.valueOf(configEntryDN),
                                String.valueOf(e)));
        resultCode = DirectoryServer.getServerErrorResultCode();
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }


      passwordGenerators.put(configEntryDN, generator);
      DirectoryServer.registerPasswordGenerator(configEntryDN, generator);
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
      messages.add(ie.getMessage());
    }

    if (resultCode == ResultCode.SUCCESS)
    {
      passwordGenerators.put(configuration.dn(), passwordGenerator);
      DirectoryServer.registerPasswordGenerator(configuration.dn(),
                                                passwordGenerator);
    }

    // If we've gotten here, then there haven't been any changes to anything
    // that we care about.
    return new ConfigChangeResult(resultCode, adminActionRequired, messages);
  }



  /**
   * Indicates whether the configuration entry that will result from a proposed
   * add is acceptable to this add listener.
   *
   * @param  configEntry         The configuration entry that will result from
   *                             the requested add.
   * @param  unacceptableReason  A buffer to which this method can append a
   *                             human-readable message explaining why the
   *                             proposed entry is not acceptable.
   *
   * @return  <CODE>true</CODE> if the proposed entry contains an acceptable
   *          configuration, or <CODE>false</CODE> if it does not.
   * {@inheritDoc}
   */
  public boolean configAddIsAcceptable(ConfigEntry configEntry,
                                       StringBuilder unacceptableReason)
  public boolean isConfigurationAddAcceptable(
                      PasswordGeneratorCfg configuration,
                      List<String> unacceptableReasons)
  {
    // Make sure that no entry already exists with the specified DN.
    DN configEntryDN = configEntry.getDN();
    if (passwordGenerators.containsKey(configEntryDN))
    if (configuration.isEnabled())
    {
      int    msgID   = MSGID_CONFIG_PWGENERATOR_EXISTS;
      String message = getMessage(msgID, String.valueOf(configEntryDN));
      unacceptableReason.append(message);
      return false;
    }


    // Make sure that the entry has an appropriate objectclass for a password
    // generator.
    if (! configEntry.hasObjectClass(OC_PASSWORD_GENERATOR))
    {
      int    msgID   = MSGID_CONFIG_PWGENERATOR_INVALID_OBJECTCLASS;
      String message = getMessage(msgID, configEntry.getDN().toString());
      unacceptableReason.append(message);
      return false;
    }


    // Make sure that the entry specifies the password generator class.
    StringConfigAttribute classNameAttr;
    try
    {
      StringConfigAttribute classStub =
           new StringConfigAttribute(ATTR_PWGENERATOR_CLASS,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_CLASS_NAME),
                    true, false, true);
      classNameAttr = (StringConfigAttribute)
                      configEntry.getConfigAttribute(classStub);

      if (classNameAttr == null)
      // Get the name of the class and make sure we can instantiate it as a
      // password generator.
      String className = configuration.getGeneratorClass();
      try
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_CLASS_NAME;
        String message = getMessage(msgID, configEntry.getDN().toString());
        unacceptableReason.append(message);
        return false;
        loadGenerator(className, null);
      }
    }
    catch (Exception e)
    {
      if (debugEnabled())
      catch (InitializationException ie)
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS_NAME;
      String message = getMessage(msgID, configEntry.getDN().toString(),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }

    Class generatorClass;
    try
    {
      generatorClass = DirectoryServer.loadClass(classNameAttr.pendingValue());
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS_NAME;
      String message = getMessage(msgID, configEntry.getDN().toString(),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }

    PasswordGenerator generator;
    try
    {
      generator = (PasswordGenerator) generatorClass.newInstance();
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS;
      String message = getMessage(msgID, generatorClass.getName(),
                                  String.valueOf(configEntryDN),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }


    // If the generator is a configurable component, then make sure that
    // its configuration is valid.
    if (generator instanceof ConfigurableComponent)
    {
      ConfigurableComponent cc = (ConfigurableComponent) generator;
      LinkedList<String> errorMessages = new LinkedList<String>();
      if (! cc.hasAcceptableConfiguration(configEntry, errorMessages))
      {
        if (errorMessages.isEmpty())
        {
          int msgID = MSGID_CONFIG_PWGENERATOR_UNACCEPTABLE_CONFIG;
          unacceptableReason.append(getMessage(msgID,
                                               String.valueOf(configEntryDN)));
        }
        else
        {
          Iterator<String> iterator = errorMessages.iterator();
          unacceptableReason.append(iterator.next());
          while (iterator.hasNext())
          {
            unacceptableReason.append("  ");
            unacceptableReason.append(iterator.next());
          }
        }

        unacceptableReasons.add(ie.getMessage());
        return false;
      }
    }


    // See if this generator should be enabled.
    BooleanConfigAttribute enabledAttr;
    try
    {
      BooleanConfigAttribute enabledStub =
           new BooleanConfigAttribute(ATTR_PWGENERATOR_ENABLED,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_ENABLED),
                               false);
      enabledAttr = (BooleanConfigAttribute)
                    configEntry.getConfigAttribute(enabledStub);

      if (enabledAttr == null)
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_ENABLED_ATTR;
        String message = getMessage(msgID, configEntry.getDN().toString());
        unacceptableReason.append(message);
        return false;
      }
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_ENABLED_VALUE;
      String message = getMessage(msgID, configEntry.getDN().toString(),
                                  String.valueOf(e));
      unacceptableReason.append(message);
      return false;
    }


    // If we've gotten here then the generator entry appears to be acceptable.
    // If we've gotten here, then it's fine.
    return true;
  }



  /**
   * Attempts to apply a new configuration based on the provided added entry.
   *
   * @param  configEntry  The new configuration entry that contains the
   *                      configuration to apply.
   *
   * @return  Information about the result of processing the configuration
   *          change.
   * {@inheritDoc}
   */
  public ConfigChangeResult applyConfigurationAdd(ConfigEntry configEntry)
  public ConfigChangeResult applyConfigurationAdd(
                                 PasswordGeneratorCfg configuration)
  {
    DN                configEntryDN       = configEntry.getDN();
    ResultCode        resultCode          = ResultCode.SUCCESS;
    boolean           adminActionRequired = false;
    ArrayList<String> messages            = new ArrayList<String>();

    configuration.addChangeListener(this);

    // Make sure that the entry has an appropriate objectclass for a password
    // generator.
    if (! configEntry.hasObjectClass(OC_PASSWORD_GENERATOR))
    if (! configuration.isEnabled())
    {
      int    msgID   = MSGID_CONFIG_PWGENERATOR_INVALID_OBJECTCLASS;
      messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
      resultCode = ResultCode.UNWILLING_TO_PERFORM;
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }

    PasswordGenerator<? extends PasswordGeneratorCfg>
         passwordGenerator = null;

    // See if this generator should be enabled or disabled.
    BooleanConfigAttribute enabledAttr;
    // Get the name of the class and make sure we can instantiate it as a
    // password generator.
    String className = configuration.getGeneratorClass();
    try
    {
      BooleanConfigAttribute enabledStub =
           new BooleanConfigAttribute(ATTR_PWGENERATOR_ENABLED,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_ENABLED),
                               false);
      enabledAttr = (BooleanConfigAttribute)
                    configEntry.getConfigAttribute(enabledStub);

      if (enabledAttr == null)
      {
        // The attribute doesn't exist, so it will be disabled by default.
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_ENABLED_ATTR;
        messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
        resultCode = ResultCode.SUCCESS;
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }
      else if (! enabledAttr.activeValue())
      {
        // It is explicitly configured as disabled, so we don't need to do
        // anything.
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }
      passwordGenerator = loadGenerator(className, configuration);
    }
    catch (Exception e)
    catch (InitializationException ie)
    {
      if (debugEnabled())
      if (resultCode == ResultCode.SUCCESS)
      {
        debugCaught(DebugLogLevel.ERROR, e);
        resultCode = DirectoryServer.getServerErrorResultCode();
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_ENABLED_VALUE;
      messages.add(getMessage(msgID, String.valueOf(configEntryDN),
                              String.valueOf(e)));
      resultCode = DirectoryServer.getServerErrorResultCode();
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
      messages.add(ie.getMessage());
    }


    // Make sure that the entry specifies the generator class name.
    String className;
    try
    if (resultCode == ResultCode.SUCCESS)
    {
      StringConfigAttribute classStub =
           new StringConfigAttribute(ATTR_PWGENERATOR_CLASS,
                    getMessage(MSGID_CONFIG_PWGENERATOR_DESCRIPTION_CLASS_NAME),
                    true, false, true);
      StringConfigAttribute classNameAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(classStub);

      if (classNameAttr == null)
      {
        int msgID = MSGID_CONFIG_PWGENERATOR_NO_CLASS_NAME;
        messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
        resultCode = ResultCode.OBJECTCLASS_VIOLATION;
        return new ConfigChangeResult(resultCode, adminActionRequired,
                                      messages);
      }

      className = classNameAttr.pendingValue();
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS_NAME;
      messages.add(getMessage(msgID, String.valueOf(configEntryDN),
                              String.valueOf(e)));
      resultCode = DirectoryServer.getServerErrorResultCode();
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
      passwordGenerators.put(configuration.dn(), passwordGenerator);
      DirectoryServer.registerPasswordGenerator(configuration.dn(),
                                                passwordGenerator);
    }


    // Load and initialize the generator class, and register it with the
    // Directory Server.
    PasswordGenerator generator;
    try
    {
      Class generatorClass = DirectoryServer.loadClass(className);
      generator = (PasswordGenerator) generatorClass.newInstance();
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INVALID_CLASS;
      messages.add(getMessage(msgID, className, String.valueOf(configEntryDN),
                              String.valueOf(e)));
      resultCode = DirectoryServer.getServerErrorResultCode();
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }

    try
    {
      generator.initializePasswordGenerator(configEntry);
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        debugCaught(DebugLogLevel.ERROR, e);
      }

      int msgID = MSGID_CONFIG_PWGENERATOR_INITIALIZATION_FAILED;
      messages.add(getMessage(msgID, className, String.valueOf(configEntryDN),
                              String.valueOf(e)));
      resultCode = DirectoryServer.getServerErrorResultCode();
      return new ConfigChangeResult(resultCode, adminActionRequired, messages);
    }


    passwordGenerators.put(configEntryDN, generator);
    DirectoryServer.registerPasswordGenerator(configEntryDN, generator);
    return new ConfigChangeResult(resultCode, adminActionRequired, messages);
  }



  /**
   * Indicates whether it is acceptable to remove the provided configuration
   * entry.
   *
   * @param  configEntry         The configuration entry that will be removed
   *                             from the configuration.
   * @param  unacceptableReason  A buffer to which this method can append a
   *                             human-readable message explaining why the
   *                             proposed delete is not acceptable.
   *
   * @return  <CODE>true</CODE> if the proposed entry may be removed from the
   *          configuration, or <CODE>false</CODE> if not.
   * {@inheritDoc}
   */
  public boolean configDeleteIsAcceptable(ConfigEntry configEntry,
                                          StringBuilder unacceptableReason)
  public boolean isConfigurationDeleteAcceptable(
      PasswordGeneratorCfg configuration, List<String> unacceptableReasons)
  {
    // A delete should always be acceptable, so just return true.
    return true;
  }



  /**
   * Attempts to apply a new configuration based on the provided deleted entry.
   *
   * @param  configEntry  The new configuration entry that has been deleted.
   *
   * @return  Information about the result of processing the configuration
   *          change.
   * {@inheritDoc}
   */
  public ConfigChangeResult applyConfigurationDelete(ConfigEntry configEntry)
  public ConfigChangeResult applyConfigurationDelete(
      PasswordGeneratorCfg configuration)
  {
    DN         configEntryDN       = configEntry.getDN();
    ResultCode resultCode          = ResultCode.SUCCESS;
    boolean    adminActionRequired = false;


    // See if the entry is registered as a password generator.  If so,
    // deregister it and stop the generator.
    PasswordGenerator generator = passwordGenerators.remove(configEntryDN);
    PasswordGenerator generator = passwordGenerators.remove(configuration.dn());
    if (generator != null)
    {
      DirectoryServer.deregisterPasswordGenerator(configEntryDN);
      DirectoryServer.deregisterPasswordGenerator(configuration.dn());

      generator.finalizePasswordGenerator();
    }
@@ -957,5 +355,57 @@

    return new ConfigChangeResult(resultCode, adminActionRequired);
  }

  /**
   * Loads the specified class, instantiates it as a password generator, and
   * optionally initializes that instance.
   *
   * @param  className      The fully-qualified name of the password generator
   *                        class to load, instantiate, and initialize.
   * @param  configuration  The configuration to use to initialize the
   *                        password generator, or {@code null} if the
   *                        password generator should not be initialized.
   *
   * @return  The possibly initialized password validator.
   *
   * @throws  InitializationException  If a problem occurred while attempting to
   *                                   initialize the password generator.
   */
  private PasswordGenerator<? extends PasswordGeneratorCfg>
               loadGenerator(String className,
                             PasswordGeneratorCfg configuration)
          throws InitializationException
  {
    try
    {
      PasswordGeneratorCfgDefn definition =
           PasswordGeneratorCfgDefn.getInstance();
      ClassPropertyDefinition propertyDefinition =
           definition.getGeneratorClassPropertyDefinition();
      Class<? extends PasswordGenerator> generatorClass =
           propertyDefinition.loadClass(className, PasswordGenerator.class);
      PasswordGenerator<? extends PasswordGeneratorCfg> generator =
           (PasswordGenerator<? extends PasswordGeneratorCfg>)
           generatorClass.newInstance();

      if (configuration != null)
      {
        Method method =
          generator.getClass().getMethod("initializePasswordGenerator",
                  configuration.definition().getServerConfigurationClass());
        method.invoke(generator, configuration);
      }

      return generator;
    }
    catch (Exception e)
    {
      int msgID = MSGID_CONFIG_PWGENERATOR_INITIALIZATION_FAILED;
      String message = getMessage(msgID, className,
                                  String.valueOf(configuration.dn()),
                                  stackTraceToSingleLineString(e));
      throw new InitializationException(msgID, message, e);
    }
  }
}


 opends/src/server/org/opends/server/extensions/RandomPasswordGenerator.java

@@ -32,13 +32,14 @@
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.SortedSet;
import java.util.StringTokenizer;
import java.util.concurrent.locks.ReentrantLock;

import org.opends.server.api.ConfigurableComponent;
import org.opends.server.admin.server.ConfigurationChangeListener;
import org.opends.server.admin.std.server.RandomPasswordGeneratorCfg;
import org.opends.server.api.PasswordGenerator;
import org.opends.server.config.ConfigAttribute;
import org.opends.server.config.ConfigEntry;
import org.opends.server.config.ConfigException;
import org.opends.server.config.StringConfigAttribute;
import org.opends.server.core.DirectoryServer;
@@ -68,14 +69,15 @@
 * built from one or more character sets.
 */
public class RandomPasswordGenerator
       extends PasswordGenerator
       implements ConfigurableComponent
       extends PasswordGenerator<RandomPasswordGeneratorCfg>
       implements ConfigurationChangeListener<RandomPasswordGeneratorCfg>
{


  // The current configuration for this password validator.
  private RandomPasswordGeneratorCfg currentConfig;

  // The encoded list of character sets defined for this password generator.
  private List<String> encodedCharacterSets;
  private SortedSet<String> encodedCharacterSets;

  // The DN of the configuration entry for this password generator.
  private DN configEntryDN;
@@ -100,61 +102,45 @@


  /**
   * Initializes this password generator based on the information in the
   * provided configuration entry.
   *
   * @param  configEntry  The configuration entry that contains the information
   *                      to use to initialize this password generator.
   *
   * @throws  ConfigException  If an unrecoverable problem arises in the
   *                           process of performing the initialization.
   *
   * @throws  InitializationException  If a problem occurs during initialization
   *                                   that is not related to the server
   *                                   configuration.
   * {@inheritDoc}
   */
  public void initializePasswordGenerator(ConfigEntry configEntry)
  @Override()
  public void initializePasswordGenerator(
      RandomPasswordGeneratorCfg configuration)
         throws ConfigException, InitializationException
  {
    this.configEntryDN = configEntry.getDN();
    this.configEntryDN = configuration.dn();
    generatorLock = new ReentrantLock();

    int msgID ;

    // Get the character sets for use in generating the password.  At least one
    // must have been provided.
    HashMap<String,NamedCharacterSet> charsets =
         new HashMap<String,NamedCharacterSet>();
    int msgID = MSGID_RANDOMPWGEN_DESCRIPTION_CHARSET;
    StringConfigAttribute charsetStub =
         new StringConfigAttribute(ATTR_PASSWORD_CHARSET, getMessage(msgID),
                                   true, true, false);

    try
    {
      StringConfigAttribute charsetAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(charsetStub);
      if (charsetAttr == null)
      encodedCharacterSets = configuration.getPasswordCharacterSet();

      if (encodedCharacterSets.size() == 0)
      {
        msgID = MSGID_RANDOMPWGEN_NO_CHARSETS;
        String message = getMessage(msgID, String.valueOf(configEntryDN));
        throw new ConfigException(msgID, message);
      }
      else
      for (NamedCharacterSet s : NamedCharacterSet
          .decodeCharacterSets(encodedCharacterSets))
      {
        encodedCharacterSets = charsetAttr.activeValues();
        for (NamedCharacterSet s :
             NamedCharacterSet.decodeCharacterSets(encodedCharacterSets))
        if (charsets.containsKey(s.getName()))
        {
          if (charsets.containsKey(s.getName()))
          {
            msgID = MSGID_RANDOMPWGEN_CHARSET_NAME_CONFLICT;
            String message = getMessage(msgID, String.valueOf(configEntryDN),
                                        s.getName());
            throw new ConfigException(msgID, message);
          }
          else
          {
            charsets.put(s.getName(), s);
          }
          msgID = MSGID_RANDOMPWGEN_CHARSET_NAME_CONFLICT;
          String message = getMessage(msgID, String.valueOf(configEntryDN), s
              .getName());
          throw new ConfigException(msgID, message);
        }
        else
        {
          charsets.put(s.getName(), s);
        }
      }
    }
@@ -177,80 +163,65 @@

    // Get the value that describes which character set(s) and how many
    // characters from each should be used.
    msgID = MSGID_RANDOMPWGEN_DESCRIPTION_PWFORMAT;
    StringConfigAttribute pwFormatStub =
         new StringConfigAttribute(ATTR_PASSWORD_FORMAT, getMessage(msgID),
                                   true, false, false);

    try
    {
      StringConfigAttribute pwFormatAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(pwFormatStub);
      if (pwFormatAttr == null)
      formatString = configuration.getPasswordFormat();
      StringTokenizer tokenizer = new StringTokenizer(formatString, ", ");

      ArrayList<NamedCharacterSet> setList = new ArrayList<NamedCharacterSet>();
      ArrayList<Integer> countList = new ArrayList<Integer>();

      while (tokenizer.hasMoreTokens())
      {
        msgID = MSGID_RANDOMPWGEN_NO_PWFORMAT;
        String message = getMessage(msgID);
        throw new ConfigException(msgID, message);
        String token = tokenizer.nextToken();

        try
        {
          int colonPos = token.indexOf(':');
          String name = token.substring(0, colonPos);
          int count = Integer.parseInt(token.substring(colonPos + 1));

          NamedCharacterSet charset = charsets.get(name);
          if (charset == null)
          {
            msgID = MSGID_RANDOMPWGEN_UNKNOWN_CHARSET;
            String message = getMessage(msgID, String.valueOf(formatString),
                String.valueOf(name));
            throw new ConfigException(msgID, message);
          }
          else
          {
            setList.add(charset);
            countList.add(count);
          }
        }
        catch (ConfigException ce)
        {
          throw ce;
        }
        catch (Exception e)
        {
          if (debugEnabled())
          {
            debugCaught(DebugLogLevel.ERROR, e);
          }

          msgID = MSGID_RANDOMPWGEN_INVALID_PWFORMAT;
          String message = getMessage(msgID, String.valueOf(formatString));
          throw new ConfigException(msgID, message, e);
        }
      }
      else

      characterSets = new NamedCharacterSet[setList.size()];
      characterCounts = new int[characterSets.length];

      totalLength = 0;
      for (int i = 0; i < characterSets.length; i++)
      {
        formatString = pwFormatAttr.activeValue();
        StringTokenizer tokenizer = new StringTokenizer(formatString, ", ");

        ArrayList<NamedCharacterSet> setList =
             new ArrayList<NamedCharacterSet>();
        ArrayList<Integer> countList = new ArrayList<Integer>();

        while (tokenizer.hasMoreTokens())
        {
          String token = tokenizer.nextToken();

          try
          {
            int    colonPos = token.indexOf(':');
            String name     = token.substring(0, colonPos);
            int    count    = Integer.parseInt(token.substring(colonPos+1));

            NamedCharacterSet charset = charsets.get(name);
            if (charset == null)
            {
              msgID = MSGID_RANDOMPWGEN_UNKNOWN_CHARSET;
              String message = getMessage(msgID, String.valueOf(formatString),
                                          String.valueOf(name));
              throw new ConfigException(msgID, message);
            }
            else
            {
              setList.add(charset);
              countList.add(count);
            }
          }
          catch (ConfigException ce)
          {
            throw ce;
          }
          catch (Exception e)
          {
            if (debugEnabled())
            {
              debugCaught(DebugLogLevel.ERROR, e);
            }

            msgID = MSGID_RANDOMPWGEN_INVALID_PWFORMAT;
            String message = getMessage(msgID, String.valueOf(formatString));
            throw new ConfigException(msgID, message, e);
          }
        }

        characterSets   = new NamedCharacterSet[setList.size()];
        characterCounts = new int[characterSets.length];

        totalLength = 0;
        for (int i=0; i < characterSets.length; i++)
        {
          characterSets[i]    = setList.get(i);
          characterCounts[i]  = countList.get(i);
          totalLength        += characterCounts[i];
        }
        characterSets[i] = setList.get(i);
        characterCounts[i] = countList.get(i);
        totalLength += characterCounts[i];
      }
    }
    catch (ConfigException ce)
@@ -269,19 +240,19 @@
      throw new InitializationException(msgID, message, e);
    }


    DirectoryServer.registerConfigurableComponent(this);
    configuration.addRandomChangeListener(this) ;
    currentConfig = configuration;
  }



  /**
   * Performs any finalization work that may be necessary when this password
   * generator is taken out of service.
   * {@inheritDoc}
   */
  @Override()
  public void finalizePasswordGenerator()
  {
    DirectoryServer.deregisterConfigurableComponent(this);
    currentConfig.removeRandomChangeListener(this);
  }


@@ -375,58 +346,43 @@


  /**
   * Indicates whether the provided configuration entry has an acceptable
   * configuration for this component.  If it does not, then detailed
   * information about the problem(s) should be added to the provided list.
   *
   * @param  configEntry          The configuration entry for which to make the
   *                              determination.
   * @param  unacceptableReasons  A list that can be used to hold messages about
   *                              why the provided entry does not have an
   *                              acceptable configuration.
   *
   * @return  <CODE>true</CODE> if the provided entry has an acceptable
   *          configuration for this component, or <CODE>false</CODE> if not.
   * {@inheritDoc}
   */
  public boolean hasAcceptableConfiguration(ConfigEntry configEntry,
                                            List<String> unacceptableReasons)
  public boolean isConfigurationChangeAcceptable(
      RandomPasswordGeneratorCfg configuration,
      List<String> unacceptableReasons)
  {
    // Get the character sets for use in generating the password.  At least one
    int msgID;

    // Get the character sets for use in generating the password. At
    // least one
    // must have been provided.
    HashMap<String,NamedCharacterSet> charsets =
         new HashMap<String,NamedCharacterSet>();
    int msgID = MSGID_RANDOMPWGEN_DESCRIPTION_CHARSET;
    StringConfigAttribute charsetStub =
         new StringConfigAttribute(ATTR_PASSWORD_CHARSET, getMessage(msgID),
                                   true, true, false);
    try
    {
      StringConfigAttribute charsetAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(charsetStub);
      if (charsetAttr == null)
      SortedSet<String> currentPasSet = configuration.getPasswordCharacterSet();
      if (currentPasSet.size() == 0)
      {
        msgID = MSGID_RANDOMPWGEN_NO_CHARSETS;
        String message = getMessage(msgID, String.valueOf(configEntryDN));
        unacceptableReasons.add(message);
        return false;
        throw new ConfigException(msgID, message);
      }
      else

      for (NamedCharacterSet s : NamedCharacterSet
          .decodeCharacterSets(currentPasSet))
      {
        for (NamedCharacterSet s :
             NamedCharacterSet.decodeCharacterSets(charsetAttr.activeValues()))
        if (charsets.containsKey(s.getName()))
        {
          if (charsets.containsKey(s.getName()))
          {
            msgID = MSGID_RANDOMPWGEN_CHARSET_NAME_CONFLICT;
            String message = getMessage(msgID, String.valueOf(configEntryDN),
                                        s.getName());
            unacceptableReasons.add(message);
            return false;
          }
          else
          {
            charsets.put(s.getName(), s);
          }
          msgID = MSGID_RANDOMPWGEN_CHARSET_NAME_CONFLICT;
          String message = getMessage(msgID, String.valueOf(configEntryDN), s
              .getName());
          unacceptableReasons.add(message);
          return false;
        }
        else
        {
          charsets.put(s.getName(), s);
        }
      }
    }
@@ -451,22 +407,9 @@

    // Get the value that describes which character set(s) and how many
    // characters from each should be used.
    msgID = MSGID_RANDOMPWGEN_DESCRIPTION_PWFORMAT;
    StringConfigAttribute pwFormatStub =
         new StringConfigAttribute(ATTR_PASSWORD_FORMAT, getMessage(msgID),
                                   true, false, false);
    try
    {
      StringConfigAttribute pwFormatAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(pwFormatStub);
      if (pwFormatAttr == null)
      {
        unacceptableReasons.add(getMessage(MSGID_RANDOMPWGEN_NO_PWFORMAT));
        return false;
      }
      else
      {
        String formatString = pwFormatAttr.activeValue();
        String formatString = configuration.getPasswordFormat() ;
        StringTokenizer tokenizer = new StringTokenizer(formatString, ", ");

        while (tokenizer.hasMoreTokens())
@@ -502,12 +445,6 @@
            return false;
          }
        }
      }
    }
    catch (ConfigException ce)
    {
      unacceptableReasons.add(ce.getMessage());
      return false;
    }
    catch (Exception e)
    {
@@ -530,43 +467,26 @@


  /**
   * Makes a best-effort attempt to apply the configuration contained in the
   * provided entry.  Information about the result of this processing should be
   * added to the provided message list.  Information should always be added to
   * this list if a configuration change could not be applied.  If detailed
   * results are requested, then information about the changes applied
   * successfully (and optionally about parameters that were not changed) should
   * also be included.
   *
   * @param  configEntry      The entry containing the new configuration to
   *                          apply for this component.
   * @param  detailedResults  Indicates whether detailed information about the
   *                          processing should be added to the list.
   *
   * @return  Information about the result of the configuration update.
   * {@inheritDoc}
   */
  public ConfigChangeResult applyNewConfiguration(ConfigEntry configEntry,
                                                  boolean detailedResults)
  public ConfigChangeResult applyConfigurationChange(
      RandomPasswordGeneratorCfg configuration)
  {
    ResultCode        resultCode          = ResultCode.SUCCESS;
    boolean           adminActionRequired = false;
    ArrayList<String> messages            = new ArrayList<String>();
    int msgID;


    // Get the character sets for use in generating the password.  At least one
    // must have been provided.
    List<String> newEncodedCharacterSets = null;
    SortedSet<String> newEncodedCharacterSets = null;
    HashMap<String,NamedCharacterSet> charsets =
         new HashMap<String,NamedCharacterSet>();
    int msgID = MSGID_RANDOMPWGEN_DESCRIPTION_CHARSET;
    StringConfigAttribute charsetStub =
         new StringConfigAttribute(ATTR_PASSWORD_CHARSET, getMessage(msgID),
                                   true, true, false);
    try
    {
      StringConfigAttribute charsetAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(charsetStub);
      if (charsetAttr == null)
      newEncodedCharacterSets = configuration.getPasswordCharacterSet();
      if (newEncodedCharacterSets.size() == 0)
      {
        msgID = MSGID_RANDOMPWGEN_NO_CHARSETS;
        messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
@@ -578,9 +498,8 @@
      }
      else
      {
        newEncodedCharacterSets = charsetAttr.activeValues();
        for (NamedCharacterSet s :
             NamedCharacterSet.decodeCharacterSets(encodedCharacterSets))
             NamedCharacterSet.decodeCharacterSets(newEncodedCharacterSets))
        {
          if (charsets.containsKey(s.getName()))
          {
@@ -633,83 +552,54 @@
    ArrayList<Integer> newCountList = new ArrayList<Integer>();
    String newFormatString = null;

    msgID = MSGID_RANDOMPWGEN_DESCRIPTION_PWFORMAT;
    StringConfigAttribute pwFormatStub =
         new StringConfigAttribute(ATTR_PASSWORD_FORMAT, getMessage(msgID),
                                   true, false, false);
    try
    {
      StringConfigAttribute pwFormatAttr =
           (StringConfigAttribute) configEntry.getConfigAttribute(pwFormatStub);
      if (pwFormatAttr == null)
      newFormatString = configuration.getPasswordFormat();
      StringTokenizer tokenizer = new StringTokenizer(newFormatString, ", ");

      while (tokenizer.hasMoreTokens())
      {
        msgID = MSGID_RANDOMPWGEN_NO_PWFORMAT;
        messages.add(getMessage(MSGID_RANDOMPWGEN_NO_PWFORMAT));
        String token = tokenizer.nextToken();

        if (resultCode == ResultCode.SUCCESS)
        try
        {
          resultCode = ResultCode.OBJECTCLASS_VIOLATION;
        }
      }
      else
      {
        newFormatString = pwFormatAttr.activeValue();
        StringTokenizer tokenizer = new StringTokenizer(newFormatString, ", ");
          int colonPos = token.indexOf(':');
          String name = token.substring(0, colonPos);
          int count = Integer.parseInt(token.substring(colonPos + 1));


        while (tokenizer.hasMoreTokens())
        {
          String token = tokenizer.nextToken();

          try
          NamedCharacterSet charset = charsets.get(name);
          if (charset == null)
          {
            int    colonPos = token.indexOf(':');
            String name     = token.substring(0, colonPos);
            int    count    = Integer.parseInt(token.substring(colonPos+1));

            NamedCharacterSet charset = charsets.get(name);
            if (charset == null)
            {
              msgID = MSGID_RANDOMPWGEN_UNKNOWN_CHARSET;
              messages.add(getMessage(msgID, String.valueOf(newFormatString),
                                      String.valueOf(name)));

              if (resultCode == ResultCode.SUCCESS)
              {
                resultCode = ResultCode.CONSTRAINT_VIOLATION;
              }
            }
            else
            {
              newSetList.add(charset);
              newCountList.add(count);
            }
          }
          catch (Exception e)
          {
            if (debugEnabled())
            {
              debugCaught(DebugLogLevel.ERROR, e);
            }

            msgID = MSGID_RANDOMPWGEN_INVALID_PWFORMAT;
            messages.add(getMessage(msgID, String.valueOf(newFormatString)));
            msgID = MSGID_RANDOMPWGEN_UNKNOWN_CHARSET;
            messages.add(getMessage(msgID, String.valueOf(newFormatString),
                String.valueOf(name)));

            if (resultCode == ResultCode.SUCCESS)
            {
              resultCode = DirectoryServer.getServerErrorResultCode();
              resultCode = ResultCode.CONSTRAINT_VIOLATION;
            }
          }
          else
          {
            newSetList.add(charset);
            newCountList.add(count);
          }
        }
      }
    }
    catch (ConfigException ce)
    {
      messages.add(ce.getMessage());
        catch (Exception e)
        {
          if (debugEnabled())
          {
            debugCaught(DebugLogLevel.ERROR, e);
          }

      if (resultCode == ResultCode.SUCCESS)
      {
        resultCode = DirectoryServer.getServerErrorResultCode();
          msgID = MSGID_RANDOMPWGEN_INVALID_PWFORMAT;
          messages.add(getMessage(msgID, String.valueOf(newFormatString)));

          if (resultCode == ResultCode.SUCCESS)
          {
            resultCode = DirectoryServer.getServerErrorResultCode();
          }
        }
      }
    }
    catch (Exception e)

 opends/src/server/org/opends/server/types/NamedCharacterSet.java

@@ -28,8 +28,8 @@



import java.util.List;
import java.util.Random;
import java.util.SortedSet;

import org.opends.server.config.ConfigException;

@@ -233,13 +233,13 @@
   *                           decode the character set definitions.
   */
  public static NamedCharacterSet[]
                     decodeCharacterSets(List<String> values)
                     decodeCharacterSets(SortedSet<String> values)
         throws ConfigException
  {
    NamedCharacterSet[] sets = new NamedCharacterSet[values.size()];
    for (int i=0; i < sets.length; i++)
    int i = 0 ;
    for (String value : values)
    {
      String value = values.get(i);
      int colonPos = value.indexOf(':');
      if (colonPos < 0)
      {
@@ -265,6 +265,7 @@
        char[] characters = value.substring(colonPos+1).toCharArray();
        sets[i] = new NamedCharacterSet(name, characters);
      }
      i++;
    }

    return sets;

 opends/tests/unit-tests-testng/src/server/org/opends/server/extensions/RandomPasswordGeneratorTestCase.java

@@ -35,6 +35,9 @@
import org.testng.annotations.Test;

import org.opends.server.TestCaseUtils;
import org.opends.server.admin.server.AdminTestCaseUtils;
import org.opends.server.admin.std.meta.RandomPasswordGeneratorCfgDefn;
import org.opends.server.admin.std.server.RandomPasswordGeneratorCfg;
import org.opends.server.config.ConfigEntry;
import org.opends.server.config.ConfigException;
import org.opends.server.core.DirectoryServer;
@@ -79,9 +82,14 @@
                      "cn=config");
    ConfigEntry configEntry = DirectoryServer.getConfigEntry(dn);
    assertNotNull(configEntry);
    
    RandomPasswordGeneratorCfg configuration =
      AdminTestCaseUtils.getConfiguration(
          RandomPasswordGeneratorCfgDefn.getInstance(),
           configEntry.getEntry());

    RandomPasswordGenerator generator = new RandomPasswordGenerator();
    generator.initializePasswordGenerator(configEntry);
    generator.initializePasswordGenerator(configuration);
    assertNotNull(generator.generatePassword(null));
    generator.finalizePasswordGenerator();
  }
@@ -199,13 +207,13 @@
  public void testInvalidConfigurations(Entry entry)
         throws Exception
  {
    String parentDNStr = "cn=Password Generators,cn=config";
    ConfigEntry parentEntry =
         DirectoryServer.getConfigEntry(DN.decode(parentDNStr));
    ConfigEntry configEntry = new ConfigEntry(entry, parentEntry);
    RandomPasswordGeneratorCfg configuration =
      AdminTestCaseUtils.getConfiguration(
          RandomPasswordGeneratorCfgDefn.getInstance(),
           entry);

    RandomPasswordGenerator generator = new RandomPasswordGenerator();
    generator.initializePasswordGenerator(configEntry);
    generator.initializePasswordGenerator(configuration);
  }
}