Fix for 2306: configure replication encryption on or off in dsreplication a...

jvergara

26.57.2007 486ffa6d0abfa0b91dc7ab22ee71758b5eecfb88

Fix for 2306: configure replication encryption on or off in dsreplication and setup-gui

Provide new options in the command line and new GUI in order to be able to configure secure replication.

The dsreplication status command-line has also been modified to display information about the replication security configuration.

 opends/src/ads/org/opends/admin/ads/ServerDescriptor.java

@@ -113,6 +113,10 @@
     */
    IS_REPLICATION_ENABLED,
    /**
     * The associated value is a Boolean.
     */
    IS_REPLICATION_SECURE,
    /**
     * List of servers specified in the Replication Server configuration.
     * This is a Set of String.
     */
@@ -245,6 +249,27 @@
  }

  /**
   * Returns whether the communication with the replication port on the server
   * is encrypted or not.
   * @return <CODE>true</CODE> if the communication with the replication port on
   * the server is encrypted and <CODE>false</CODE> otherwise.
   */
  public boolean isReplicationSecure()
  {
    boolean isReplicationSecure;
    if (isReplicationServer())
    {
      isReplicationSecure = Boolean.TRUE.equals(serverProperties.get(
          ServerProperty.IS_REPLICATION_SECURE));
    }
    else
    {
      isReplicationSecure = false;
    }
    return isReplicationSecure;
  }

  /**
   * Sets the ADS properties of the server.
   * @param adsProperties a Map containing the ADS properties of the server.
   */
@@ -873,6 +898,30 @@
      {
      }
    }

    boolean replicationSecure = false;
    if (replicationEnabled)
    {
      ctls = new SearchControls();
      ctls.setSearchScope(SearchControls.OBJECT_SCOPE);
      ctls.setReturningAttributes(
      new String[] {"ds-cfg-ssl-encryption"});
      filter = "(objectclass=ds-cfg-crypto-manager)";

      jndiName = new LdapName("cn=Crypto Manager,cn=config");

      NamingEnumeration entries = ctx.search(jndiName, filter, ctls);

      while(entries.hasMore())
      {
        SearchResult sr = (SearchResult)entries.next();

        String v = getFirstValue(sr, "ds-cfg-ssl-encryption");
        replicationSecure = "true".equalsIgnoreCase(v);
      }
    }
    desc.serverProperties.put(ServerProperty.IS_REPLICATION_SECURE,
        replicationSecure ? Boolean.TRUE : Boolean.FALSE);
  }

  /**

 opends/src/guitools/org/opends/guitools/replicationcli/EnableReplicationUserData.java

@@ -42,6 +42,7 @@
  private boolean useStartTLS1;
  private boolean useSSL1;
  private int replicationPort1;
  private boolean secureReplication1;
  private String hostName2;
  private int port2;
  private String pwd2;
@@ -49,6 +50,7 @@
  private boolean useStartTLS2;
  private boolean useSSL2;
  private int replicationPort2;
  private boolean secureReplication2;
  private boolean replicateSchema = true;

  /**
@@ -343,4 +345,48 @@
  {
    this.replicateSchema = replicateSchema;
  }

  /**
   * Returns <CODE>true</CODE> if the user asked to have secure replication
   * communication with the first server and <CODE>false</CODE> otherwise.
   * @return <CODE>true</CODE> if the user asked to have secure replication
   * communication with the first server and <CODE>false</CODE> otherwise.
   */
  public boolean isSecureReplication1()
  {
    return secureReplication1;
  }

  /**
   * Sets whether to have secure replication communication with the first server
   * or not.
   * @param secureReplication1 whether to have secure replication communication
   * with the first server or not.
   */
  public void setSecureReplication1(boolean secureReplication1)
  {
    this.secureReplication1 = secureReplication1;
  }

  /**
   * Returns <CODE>true</CODE> if the user asked to have secure replication
   * communication with the second server and <CODE>false</CODE> otherwise.
   * @return <CODE>true</CODE> if the user asked to have secure replication
   * communication with the second server and <CODE>false</CODE> otherwise.
   */
  public boolean isSecureReplication2()
  {
    return secureReplication2;
  }

  /**
   * Sets whether to have secure replication communication with the second
   * server or not.
   * @param secureReplication2 whether to have secure replication communication
   * with the second server or not.
   */
  public void setSecureReplication2(boolean secureReplication2)
  {
    this.secureReplication2 = secureReplication2;
  }
}

 opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliArgumentParser.java

@@ -104,6 +104,11 @@
  private IntegerArgument replicationPort1Arg = null;

  /**
   * The 'secureReplication' argument for the first server.
   */
  private BooleanArgument secureReplication1Arg = null;

  /**
   * The 'hostName' argument for the second server.
   */
  private StringArgument hostName2Arg = null;
@@ -144,6 +149,11 @@
  private IntegerArgument replicationPort2Arg = null;

  /**
   * The 'secureReplication' argument for the second server.
   */
  private BooleanArgument secureReplication2Arg = null;

  /**
   * The 'skipPortCheckArg' argument to not check replication ports.
   */
  private BooleanArgument skipPortCheckArg;
@@ -471,6 +481,10 @@
        "replicationPort1", false, false, true, OPTION_VALUE_PORT, 8989, null,
        INFO_DESCRIPTION_ENABLE_REPLICATION_PORT1.get());

    secureReplication1Arg = new BooleanArgument("secureReplication1", null,
        "secureReplication1",
        INFO_DESCRIPTION_ENABLE_SECURE_REPLICATION1.get());

    hostName2Arg = new StringArgument("host2", 'O',
        "host2", false, false, true, OPTION_VALUE_HOST, "localhost",
        null, INFO_DESCRIPTION_ENABLE_REPLICATION_HOST2.get());
@@ -505,6 +519,10 @@
        "replicationPort2", false, false, true, OPTION_VALUE_PORT, 8989, null,
        INFO_DESCRIPTION_ENABLE_REPLICATION_PORT2.get());

    secureReplication2Arg = new BooleanArgument("secureReplication2", null,
        "secureReplication2",
        INFO_DESCRIPTION_ENABLE_SECURE_REPLICATION2.get());

    skipPortCheckArg = new BooleanArgument(
        "skipportcheck", 'S', "skipPortCheck",
        INFO_DESCRIPTION_ENABLE_REPLICATION_SKIPPORT.get());
@@ -520,8 +538,10 @@
    Argument[] argsToAdd = {
        hostName1Arg, port1Arg, bindDn1Arg, bindPassword1Arg,
        bindPasswordFile1Arg, useStartTLS1Arg, useSSL1Arg, replicationPort1Arg,
        secureReplication1Arg,
        hostName2Arg, port2Arg, bindDn2Arg, bindPassword2Arg,
        bindPasswordFile2Arg, useStartTLS2Arg, useSSL2Arg, replicationPort2Arg,
        secureReplication2Arg,
        skipPortCheckArg, noSchemaReplicationArg
    };
    for (int i=0; i<argsToAdd.length; i++)
@@ -1030,6 +1050,17 @@
  }

  /**
   * Returns whether the user asked to have replication communication with the
   * first server or not.
   * @return <CODE>true</CODE> the user asked to have replication communication
   * with the first server and <CODE>false</CODE> otherwise.
   */
  public boolean isSecureReplication1()
  {
    return secureReplication1Arg.isPresent();
  }

  /**
   * Returns the second host name explicitly provided in the enable replication
   * subcommand.
   * @return the second host name explicitly provided in the enable replication
@@ -1119,6 +1150,17 @@
  }

  /**
   * Returns whether the user asked to have replication communication with the
   * second server or not.
   * @return <CODE>true</CODE> the user asked to have replication communication
   * with the second server and <CODE>false</CODE> otherwise.
   */
  public boolean isSecureReplication2()
  {
    return secureReplication2Arg.isPresent();
  }

  /**
   * Returns whether the user asked to skip the replication port checks (if the
   * ports are free) or not.
   * @return <CODE>true</CODE> the user asked to skip the replication port

 opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliMain.java

@@ -599,6 +599,7 @@
      uData.setUseStartTLS1(useStartTLS1);
    }
    int replicationPort1 = -1;
    boolean secureReplication1 = argParser.isSecureReplication1();
    if (ctx1 != null)
    {
      // Try to get the replication port for server 1 only if it is required.
@@ -642,6 +643,12 @@
            }
          }
        }
        if (!secureReplication1)
        {
          secureReplication1 =
            confirm(INFO_REPLICATION_ENABLE_SECURE1_PROMPT.get(
                String.valueOf(replicationPort1)), false);
        }
      }
      // If the server contains an ADS. Try to load it and only load it: if
      // there are issues with the ADS they will be encountered in the
@@ -657,6 +664,7 @@
      }
    }
    uData.setReplicationPort1(replicationPort1);
    uData.setSecureReplication1(secureReplication1);

    /*
     * Prompt for information on the second server.
@@ -802,6 +810,7 @@
      uData.setUseStartTLS2(useStartTLS2);
    }
    int replicationPort2 = -1;
    boolean secureReplication2 = argParser.isSecureReplication2();
    if (ctx2 != null)
    {
      if (!hasReplicationPort(ctx2))
@@ -845,16 +854,23 @@
          }
          if (host1.equalsIgnoreCase(host2))
          {
            if (replicationPort1 == replicationPort2)
            if ((replicationPort1 > 0) &&
                (replicationPort1 == replicationPort2))
            {
              printLineBreak();
              printErrorMessage(ERR_REPLICATION_SAME_REPLICATION_PORT.get(
                      String.valueOf(replicationPort1), host1));
                      String.valueOf(replicationPort2), host1));
              printLineBreak();
              replicationPort2 = -1;
            }
          }
        }
        if (!secureReplication2)
        {
          secureReplication2 =
            confirm(INFO_REPLICATION_ENABLE_SECURE2_PROMPT.get(
                String.valueOf(replicationPort2)), false);
        }
      }
      // If the server contains an ADS. Try to load it and only load it: if
      // there are issues with the ADS they will be encountered in the
@@ -869,6 +885,7 @@
      }
    }
    uData.setReplicationPort2(replicationPort2);
    uData.setSecureReplication2(secureReplication2);

    // If the adminUid and adminPwd are not set in the EnableReplicationUserData
    // object, that means that there are no administrators and that they
@@ -1721,6 +1738,7 @@
    int replicationPort1 = getValue(argParser.getReplicationPort1(),
        argParser.getDefaultReplicationPort1());
    uData.setReplicationPort1(replicationPort1);
    uData.setSecureReplication1(argParser.isSecureReplication1());

    String host2Name = getValue(argParser.getHostName2(),
        argParser.getDefaultHostName2());
@@ -1760,6 +1778,7 @@
    int replicationPort2 = getValue(argParser.getReplicationPort2(),
        argParser.getDefaultReplicationPort2());
    uData.setReplicationPort2(replicationPort2);
    uData.setSecureReplication2(argParser.isSecureReplication2());
    uData.setReplicateSchema(!argParser.noSchemaReplication());
  }

@@ -1887,9 +1906,6 @@
      ReplicationSynchronizationProviderCfgClient sync = null;
      sync = (ReplicationSynchronizationProviderCfgClient)
      root.getSynchronizationProvider("Multimaster Synchronization");
      /*
       * Configure the replication server.
       */
      if (sync.hasReplicationServer())
      {
        ReplicationServerCfgClient replicationServer =
@@ -3482,7 +3498,8 @@
      try
      {
        configureAsReplicationServer(ctx1, uData.getReplicationPort1(),
          allRepServers, usedReplicationServerIds);
            uData.isSecureReplication1(), allRepServers,
            usedReplicationServerIds);
      }
      catch (OpenDsException ode)
      {
@@ -3512,7 +3529,8 @@
      try
      {
        configureAsReplicationServer(ctx2, uData.getReplicationPort2(),
            allRepServers, usedReplicationServerIds);
            uData.isSecureReplication2(), allRepServers,
            usedReplicationServerIds);
      }
      catch (OpenDsException ode)
      {
@@ -3897,27 +3915,28 @@
        }
      }
    }
    int nCols;
    final int SERVERPORT = 0;
    final int NUMBER_ENTRIES = 1;
    final int MISSING_CHANGES = 2;
    final int AGE_OF_OLDEST_MISSING_CHANGE = 3;
    final int REPLICATION_PORT = 4;
    final int SECURE = 5;
    Message[] headers;
    if (scriptFriendly)
    {
      if (isReplicated)
      {
        nCols = 4;
        headers = new Message[] {
            INFO_REPLICATION_STATUS_LABEL_SERVERPORT.get(),
            INFO_REPLICATION_STATUS_LABEL_NUMBER_ENTRIES.get(),
            INFO_REPLICATION_STATUS_LABEL_MISSING_CHANGES.get(),
            INFO_REPLICATION_STATUS_LABEL_AGE_OF_OLDEST_MISSING_CHANGE.get()
            INFO_REPLICATION_STATUS_LABEL_AGE_OF_OLDEST_MISSING_CHANGE.get(),
            INFO_REPLICATION_STATUS_LABEL_REPLICATION_PORT.get(),
            INFO_REPLICATION_STATUS_LABEL_SECURE.get()
        };
      }
      else
      {
        nCols = 2;
        headers = new Message[] {
            INFO_REPLICATION_STATUS_LABEL_SERVERPORT.get(),
            INFO_REPLICATION_STATUS_LABEL_NUMBER_ENTRIES.get()
@@ -3928,26 +3947,26 @@
    {
      if (isReplicated)
      {
        nCols = 4;
        headers = new Message[] {
            INFO_REPLICATION_STATUS_HEADER_SERVERPORT.get(),
            INFO_REPLICATION_STATUS_HEADER_NUMBER_ENTRIES.get(),
            INFO_REPLICATION_STATUS_HEADER_MISSING_CHANGES.get(),
            INFO_REPLICATION_STATUS_HEADER_AGE_OF_OLDEST_MISSING_CHANGE.get()
            INFO_REPLICATION_STATUS_HEADER_AGE_OF_OLDEST_MISSING_CHANGE.get(),
            INFO_REPLICATION_STATUS_HEADER_REPLICATION_PORT.get(),
            INFO_REPLICATION_STATUS_HEADER_SECURE.get()
        };
      }
      else
      {
        nCols = 2;
        headers = new Message[] {
            INFO_REPLICATION_STATUS_HEADER_SERVERPORT.get(),
            INFO_REPLICATION_STATUS_HEADER_NUMBER_ENTRIES.get()
        };
      }
    }
    Message[][] values = new Message[orderedReplicas.size()][nCols];
    Message[][] values = new Message[orderedReplicas.size()][headers.length];

    int[] maxWidths = new int[nCols];
    int[] maxWidths = new int[headers.length];
    int i;
    for (i=0; i<maxWidths.length; i++)
    {
@@ -3958,7 +3977,7 @@
    for (ReplicaDescriptor replica : orderedReplicas)
    {
      Message v;
      for (int j=0; j<nCols; j++)
      for (int j=0; j<headers.length; j++)
      {
        switch (j)
        {
@@ -3973,7 +3992,7 @@
          }
          else
          {
            v = INFO_NOT_AVAILABLE_LABEL.get();
            v = INFO_NOT_AVAILABLE_SHORT_LABEL.get();
          }
          break;
        case MISSING_CHANGES:
@@ -3984,7 +4003,7 @@
          }
          else
          {
            v = INFO_NOT_AVAILABLE_LABEL.get();
            v = INFO_NOT_AVAILABLE_SHORT_LABEL.get();
          }
          break;
        case AGE_OF_OLDEST_MISSING_CHANGE:
@@ -3995,7 +4014,28 @@
          }
          else
          {
            v = INFO_NOT_AVAILABLE_LABEL.get();
            v = INFO_NOT_AVAILABLE_SHORT_LABEL.get();
          }
          break;
        case REPLICATION_PORT:
          int replicationPort = replica.getServer().getReplicationServerPort();
          if (replicationPort >= 0)
          {
            v = Message.raw(String.valueOf(replicationPort));
          }
          else
          {
            v = INFO_NOT_AVAILABLE_SHORT_LABEL.get();
          }
          break;
        case SECURE:
          if (replica.getServer().isReplicationSecure())
          {
            v = INFO_REPLICATION_STATUS_SECURITY_ENABLED.get();
          }
          else
          {
            v = INFO_REPLICATION_STATUS_SECURITY_DISABLED.get();
          }
          break;
        default:
@@ -4031,7 +4071,7 @@
      };
      for (i=0; i<labels.length; i++)
      {
        printProgressMessage(labels[i]+": "+vs[i]);
        printProgressMessage(labels[i]+" "+vs[i]);
        printProgressLineBreak();
      }

@@ -4041,7 +4081,7 @@
        printProgressLineBreak();
        for (int j=0; j<values[i].length; j++)
        {
          printProgressMessage(headers[j]+": "+values[i][j]);
          printProgressMessage(headers[j]+" "+values[i][j]);
          printProgressLineBreak();
        }
      }
@@ -4050,13 +4090,13 @@
    {
      if (isReplicated)
      {
        printProgressMessage(
        printProgressMessageNoWrap(
            INFO_REPLICATION_STATUS_REPLICATED.get(dn));
        printProgressLineBreak();
      }
      else
      {
        printProgressMessage(
        printProgressMessageNoWrap(
            INFO_REPLICATION_STATUS_NOT_REPLICATED.get(dn));
        printProgressLineBreak();
      }
@@ -4077,16 +4117,16 @@
      {
        builder.append("=");
      }
      printProgressMessage(builder.toString());
      printProgressMessageNoWrap(builder.toString());
      printProgressLineBreak();
      printProgressMessage(headerLine.toMessage());
      printProgressMessageNoWrap(headerLine.toMessage());
      printProgressLineBreak();
      builder = new StringBuilder();
      for (i=0; i<headerLine.length(); i++)
      {
        builder.append("-");
      }
      printProgressMessage(builder.toString());
      printProgressMessageNoWrap(builder.toString());
      printProgressLineBreak();

      for (i=0; i<values.length; i++)
@@ -4102,7 +4142,7 @@
            line.append(" ");
          }
        }
        printProgressMessage(line.toMessage());
        printProgressMessageNoWrap(line.toMessage());
        printProgressLineBreak();
      }
    }
@@ -4233,6 +4273,8 @@
   * port.
   * @param ctx the context connected to the server that we want to configure.
   * @param replicationPort the replication port of the replication server.
   * @param useSecureReplication whether to have encrypted communication with
   * the replication port or not.
   * @param replicationServers the list of replication servers to which the
   * replication server will communicate with.
   * @param usedReplicationServerIds the set of replication server IDs that
@@ -4241,7 +4283,8 @@
   * @throws OpenDsException if there is an error updating the configuration.
   */
  private void configureAsReplicationServer(InitialLdapContext ctx,
      int replicationPort, LinkedHashSet<String> replicationServers,
      int replicationPort, boolean useSecureReplication,
      LinkedHashSet<String> replicationServers,
      Set<Integer> usedReplicationServerIds) throws OpenDsException
  {
    printProgressMessage(formatter.getFormattedWithPoints(
@@ -4296,6 +4339,12 @@

    if (!sync.hasReplicationServer())
    {
      CryptoManagerCfgClient crypto = root.getCryptoManager();
      if (useSecureReplication != crypto.isSSLEncryption())
      {
        crypto.setSSLEncryption(useSecureReplication);
        crypto.commit();
      }
      int id = InstallerHelper.getReplicationId(usedReplicationServerIds);
      usedReplicationServerIds.add(id);
      replicationServer = sync.createReplicationServer(

 opends/src/messages/messages/admin_tool.properties

@@ -242,6 +242,7 @@
INFO_NO_LISTENERS_FOUND=-No Listener Ports Found-
INFO_NOT_APPLICABLE_LABEL=--
INFO_NOT_AVAILABLE_AUTHENTICATION_REQUIRED_CLI_LABEL=<not available> (*)
INFO_NOT_AVAILABLE_SHORT_LABEL=N/A
INFO_NOT_AVAILABLE_AUTHENTICATION_REQUIRED_CLI_LEGEND=* Information only \
 available if you provide authentication information when launching the status \
 command.
@@ -411,6 +412,10 @@
 the replication mechanism in the first server to communicate with the other \
 servers.  You have to specify this option only if replication was not \
 previously configured in the first server.
INFO_DESCRIPTION_ENABLE_SECURE_REPLICATION1=Specifies whether or not the \
 communication through the replication port of the first server is encrypted \
 or not.  This option will only be taken into account the first time \
 replication is configured on the first server.
INFO_DESCRIPTION_ENABLE_REPLICATION_HOST2=Directory server hostname or IP \
 address of the second server whose contents will be replicated
INFO_DESCRIPTION_ENABLE_REPLICATION_SERVER_PORT2=Directory server port \
@@ -432,10 +437,14 @@
 password of the global administrator will be used to bind
INFO_DESCRIPTION_ENABLE_REPLICATION_USE_SSL2=Use SSL for secure \
 communication with the second server
INFO_DESCRIPTION_ENABLE_REPLICATION_PORT2=Specifies the port that will be used by \
 the replication mechanism in the second server to communicate with the other \
 servers.  You have to specify this option only if replication was not \
INFO_DESCRIPTION_ENABLE_REPLICATION_PORT2=Specifies the port that will be used \
 by the replication mechanism in the second server to communicate with the \
 other servers.  You have to specify this option only if replication was not \
 previously configured in the second server.
INFO_DESCRIPTION_ENABLE_SECURE_REPLICATION2=Specifies whether or not the \
 communication through the replication port of the second server is encrypted \
 or not.  This option will only be taken into account the first time \
 replication is configured on the second server.
INFO_DESCRIPTION_ENABLE_REPLICATION_STARTTLS2=Use StartTLS to secure \
 communication with the second server
INFO_DESCRIPTION_REPLICATION_BASEDNS=Specifies the Base DN of \
@@ -547,6 +556,8 @@
INFO_REPLICATION_ENABLE_PORT1_PROMPT=LDAP port of the first server
INFO_REPLICATION_ENABLE_REPLICATIONPORT1_PROMPT=Replication port for the first \
 server (the port must be free)
INFO_REPLICATION_ENABLE_SECURE1_PROMPT=Use encrypted communication with \
 replication port %s for the first server?
INFO_REPLICATION_ENABLE_BINDDN1_PROMPT=Bind DN for the first server
INFO_REPLICATION_ENABLE_PASSWORD1_PROMPT=Password for %s on the first server:
INFO_REPLICATION_ENABLE_USESSL1_PROMPT=Use SSL to connect to the first server?
@@ -556,6 +567,8 @@
INFO_REPLICATION_ENABLE_PORT2_PROMPT=LDAP port of the second server
INFO_REPLICATION_ENABLE_REPLICATIONPORT2_PROMPT=Replication port for the \
 second server (the port must be free)
INFO_REPLICATION_ENABLE_SECURE2_PROMPT=Use encrypted communication with \
 replication port %s for the second server?
INFO_REPLICATION_ENABLE_BINDDN2_PROMPT=Bind DN for the second server
INFO_REPLICATION_ENABLE_PASSWORD2_PROMPT=Password for %s on the second server:
INFO_REPLICATION_ENABLE_USESSL2_PROMPT=Use SSL to connect to the second server?
@@ -688,17 +701,27 @@
INFO_REPLICATION_STATUS_IS_REPLICATED=Replication
INFO_REPLICATION_STATUS_REPLICATED=%s - Replication Enabled
INFO_REPLICATION_STATUS_NOT_REPLICATED=%s - Replication Disabled
INFO_REPLICATION_STATUS_HEADER_SERVERPORT=Server:port
INFO_REPLICATION_STATUS_HEADER_SERVERPORT=Server
INFO_REPLICATION_STATUS_HEADER_NUMBER_ENTRIES=Entries
INFO_REPLICATION_STATUS_HEADER_MISSING_CHANGES=Missing Changes (1)
INFO_REPLICATION_STATUS_HEADER_MISSING_CHANGES=M.C. (1)
INFO_REPLICATION_STATUS_HEADER_AGE_OF_OLDEST_MISSING_CHANGE=A.O.M.C. (2)
INFO_REPLICATION_STATUS_HEADER_REPLICATION_PORT=Port (3)
INFO_REPLICATION_STATUS_HEADER_SECURE=Security (4)
INFO_REPLICATION_STATUS_REPLICATED_LEGEND=[1] The number of changes that are \
 still missing on this server (and that have been at least applied to one of \
 the other servers).%n[2] Age of oldest missing change: the age (in \
 seconds) of the oldest change that has not arrived to this server.
INFO_REPLICATION_STATUS_LABEL_SERVERPORT=Server
INFO_REPLICATION_STATUS_LABEL_NUMBER_ENTRIES=Entries
INFO_REPLICATION_STATUS_LABEL_MISSING_CHANGES=Missing Changes
 seconds) of the oldest change that has not arrived to this server.%n[3] The \
 port used to communicate between the servers whose contents are being \
 replicated.%n[4] Whether the replication communication through the \
 replication port is encrypted or not.
INFO_REPLICATION_STATUS_LABEL_SERVERPORT=Server:
INFO_REPLICATION_STATUS_LABEL_NUMBER_ENTRIES=Entries:
INFO_REPLICATION_STATUS_LABEL_MISSING_CHANGES=Missing Changes:
INFO_REPLICATION_STATUS_LABEL_AGE_OF_OLDEST_MISSING_CHANGE=Age of oldest \
missing change
missing change:
INFO_REPLICATION_STATUS_LABEL_REPLICATION_PORT=Replication Port:
INFO_REPLICATION_STATUS_LABEL_SECURE=Security:
INFO_REPLICATION_STATUS_SECURITY_ENABLED=Enabled
INFO_REPLICATION_STATUS_SECURITY_DISABLED=Disabled



 opends/src/messages/messages/quicksetup.properties

@@ -1008,6 +1008,10 @@
INFO_TOPOLOGY_EXISTS_LABEL=There is already a server in the topology
INFO_TOPOLOGY_EXISTS_TOOLTIP=Check this if you already created a server that \
 you want to replicate data with.
INFO_SECURE_REPLICATION_PORT_LABEL=%s (Secure)
INFO_SECURE_REPLICATION_LABEL=Configure as Secure
INFO_SECURE_REPLICATION_TOOLTIP=Check this if you want to encrypt the \
 communication when other servers connect to this replication port.
INFO_UPGRADE_BUILD_ID_LABEL=Build Version:
INFO_UPGRADE_BUILD_ID_TOOLTIP=The ID of the build version installed in the \
 above location

 opends/src/quicksetup/org/opends/quicksetup/CliApplicationHelper.java

@@ -580,6 +580,34 @@
          Utils.getCommandLineMaxLineWidth()));
      out.flush();
    }
    LOG.log(Level.INFO, msg);
  }

  /**
   * Displays a progress message in the error output.
   * @param msg the error message to be displayed.
   */
  protected void printProgressMessageNoWrap(String msg)
  {
    if (!isQuiet())
    {
      out.print(msg);
      out.flush();
    }
    LOG.log(Level.INFO, msg);
  }

  /**
   * Displays a progress message in the error output.
   * @param msg the error message to be displayed.
   */
  protected void printProgressMessageNoWrap(Message msg)
  {
    if (!isQuiet())
    {
      out.print(msg);
      out.flush();
    }
    LOG.log(Level.INFO, msg.toString());
  }


 opends/src/quicksetup/org/opends/quicksetup/Constants.java

@@ -91,4 +91,6 @@
  /** The cli java system property. */
  public static final String CLI_JAVA_PROPERTY = "org.opends.quicksetup.cli";

  /** The default replication port. */
  public static final int DEFAULT_REPLICATION_PORT = 8989;
}

 opends/src/quicksetup/org/opends/quicksetup/UserData.java

@@ -80,7 +80,7 @@

  private SuffixesToReplicateOptions suffixesToReplicateOptions;

  private Map<ServerDescriptor, Integer> remoteWithNoReplicationPort;
  private Map<ServerDescriptor, AuthenticationData> remoteWithNoReplicationPort;

  private boolean quiet;

@@ -119,12 +119,7 @@
    setDirectoryManagerDn(Constants.DIRECTORY_MANAGER_DN);

    setNewSuffixOptions(defaultNewSuffixOptions);
    AuthenticationData data = new AuthenticationData();
    data.setDn(Constants.DIRECTORY_MANAGER_DN);
    data.setPort(389);
    DataReplicationOptions repl = new DataReplicationOptions(
        DataReplicationOptions.Type.STANDALONE, data,
        getDefaultReplicationPort());
    DataReplicationOptions repl = DataReplicationOptions.createStandalone();
    setReplicationOptions(repl);
    setGlobalAdministratorUID(Constants.GLOBAL_ADMIN_UID);

@@ -138,7 +133,8 @@
    sec.setSslPort(getDefaultSslPort());
    setSecurityOptions(sec);

    remoteWithNoReplicationPort = new HashMap<ServerDescriptor, Integer>();
    remoteWithNoReplicationPort =
      new HashMap<ServerDescriptor, AuthenticationData>();
  }

  /**
@@ -596,29 +592,6 @@
  }

  /**
   * Provides the port that will be proposed to the user in the replication
   * options panel of the installation wizard. It will check whether we can use
   * ports of type X989 and if not it will return -1.
   *
   * @return the free port of type X989 if it is available and we can use and -1
   * if not.
   */
  static int getDefaultReplicationPort()
  {
    int defaultPort = -1;

    for (int i=0;i<10000 && (defaultPort == -1);i+=1000)
    {
      int port = i + 8989;
      if (Utils.canUseAsPort(port))
      {
        defaultPort = port;
      }
    }
    return defaultPort;
  }

  /**
   * Provides the default host name that will be displayed.
   */
  private String getDefaultHostName()
@@ -639,13 +612,15 @@
   * corresponding to the Replication Port chosen by the user.
   *
   * Only the servers that have no replication port appear on this map.
   * @return a Map containing as key a ServerDescriptor and as value an Integer
   * corresponding to the Replication Port chosen by the user.
   * @return a Map containing as key a ServerDescriptor and as value an
   * AuthenticationData corresponding to the Replication Port chosen by the
   * user.
   */
  public Map<ServerDescriptor, Integer> getRemoteWithNoReplicationPort()
  public Map<ServerDescriptor, AuthenticationData>
  getRemoteWithNoReplicationPort()
  {
    HashMap<ServerDescriptor, Integer> copy =
      new HashMap<ServerDescriptor, Integer>();
    HashMap<ServerDescriptor, AuthenticationData> copy =
      new HashMap<ServerDescriptor, AuthenticationData>();
    copy.putAll(remoteWithNoReplicationPort);
    return copy;
  }
@@ -653,11 +628,11 @@
  /**
   * Sets a the Replication Ports chosen by the user in the remote servers.
   * @param remoteWithNoReplicationPort the Map containing as key a
   * ServerDescriptor and as value an Integer corresponding to the Replication
   * Port chosen by the user.
   * ServerDescriptor and as value an AuthenticationData corresponding to the
   * Replication Port chosen by the user.
   */
  public void setRemoteWithNoReplicationPort(
      Map<ServerDescriptor, Integer> remoteWithNoReplicationPort)
      Map<ServerDescriptor, AuthenticationData> remoteWithNoReplicationPort)
  {
    this.remoteWithNoReplicationPort.clear();
    this.remoteWithNoReplicationPort.putAll(remoteWithNoReplicationPort);

 opends/src/quicksetup/org/opends/quicksetup/installer/ConfiguredReplication.java

@@ -39,6 +39,7 @@
{
  private boolean synchProviderCreated;
  private boolean synchProviderEnabled;
  private boolean secureReplicationEnabled;
  private boolean replicationServerCreated;
  private Set<String> newReplicationServers;
  private Set<ConfiguredDomain> domainsConf;
@@ -49,6 +50,8 @@
   * created or not.
   * @param synchProviderEnabled whether the synchronization provider was
   * enabled or not.
   * @param secureReplicationEnabled whether we enabled security for
   * replication.
   * @param replicationServerCreated whether the replication server was
   * created or not.
   * @param newReplicationServers the set of replication servers added to
@@ -58,11 +61,13 @@
   */
  ConfiguredReplication(boolean synchProviderCreated,
      boolean synchProviderEnabled, boolean replicationServerCreated,
      Set<String> newReplicationServers, Set<ConfiguredDomain> domainsConf)
      boolean secureReplicationEnabled, Set<String> newReplicationServers,
      Set<ConfiguredDomain> domainsConf)
  {
    this.synchProviderCreated = synchProviderCreated;
    this.synchProviderEnabled = synchProviderEnabled;
    this.replicationServerCreated = replicationServerCreated;
    this.secureReplicationEnabled = secureReplicationEnabled;
    this.newReplicationServers = new HashSet<String>();
    this.newReplicationServers.addAll(newReplicationServers);
    this.domainsConf = new HashSet<ConfiguredDomain>();
@@ -104,6 +109,17 @@
  }

  /**
   * Returns <CODE>true</CODE> if the Security was enabled for replication and
   * <CODE>false</CODE> otherwise.
   * @return <CODE>true</CODE> if the Security was enabled for replication and
   * <CODE>false</CODE> otherwise.
   */
  boolean isSecureReplicationEnabled()
  {
    return secureReplicationEnabled;
  }

  /**
   * Returns <CODE>true</CODE> if the Synchronization Provider was created and
   * <CODE>false</CODE> otherwise.
   * @return <CODE>true</CODE> if the Synchronization Provider was created and

 opends/src/quicksetup/org/opends/quicksetup/installer/DataReplicationOptions.java

@@ -28,6 +28,9 @@

package org.opends.quicksetup.installer;

import org.opends.quicksetup.Constants;
import org.opends.quicksetup.util.Utils;

/**
 * This class is used to provide a data model for the Data Replication
 * Options panel of the installer.
@@ -57,41 +60,67 @@
  }

  private Type type;
  private int replicationPort;
  private AuthenticationData authenticationData;
  private int replicationPort = getDefaultReplicationPort();
  private boolean secureReplication;
  private AuthenticationData authenticationData = new AuthenticationData();
  {
    authenticationData.setDn(Constants.DIRECTORY_MANAGER_DN);
    authenticationData.setPort(389);
  };

  /**
   * Constructor for the DataReplicationOptions object.
   *
   * If the Data Replication Options is STANDALONE or FIRST_IN_TOPOLOGY no
   * args are considered.
   *
   * If the Data Options is IN_EXISTING_TOPOLOGY the args is the authentication
   * data on the remote server (AuthenticationData object).
   *
   * @param type the Type of DataReplicationOptions.
   * @param args the different argument objects (depending on the Type
   * specified)
   * Private constructor for the DataReplicationOptions object.
   */
  public DataReplicationOptions(Type type, Object... args)
  private DataReplicationOptions()
  {
    this.type = type;
  }

    switch (type)
    {
    case IN_EXISTING_TOPOLOGY:
      authenticationData = (AuthenticationData)args[0];
      replicationPort = (Integer)args[1];
      break;
  /**
   * Construct an FIRST_IN_TOPOLOGY object.
   * @param replicationPort the replication port.
   * @param secureReplication whether servers must encrypt data for the
   * replication communication with this server.
   * @return the FIRST_IN_TOPOLOGY object.
   */
  public static DataReplicationOptions createFirstInTopology(
      int replicationPort, boolean secureReplication)
  {
    DataReplicationOptions options = new DataReplicationOptions();
    options.type = Type.FIRST_IN_TOPOLOGY;
    options.replicationPort = replicationPort;
    options.secureReplication = secureReplication;
    return options;
  }

    default:
      // If there is something put it.
      if ((args != null) && (args.length > 0))
      {
        authenticationData = (AuthenticationData)args[0];
        replicationPort = (Integer)args[1];
      }
    }
  /**
   * Construct an STANDALONE object.
   * @return the STANDALONE object.
   */
  public static DataReplicationOptions createStandalone()
  {
    DataReplicationOptions options = new DataReplicationOptions();
    options.type = Type.STANDALONE;
    return options;
  }

  /**
   * Construct an IN_EXISTING_TOPOLOGY object.
   * @param authenticationData the authentication data.
   * @param replicationPort the replication port.
   * @param secureReplication whether servers must encrypt data for the
   * replication communication with this server.
   * @return the IN_EXISTING_TOPOLOGY object.
   */
  public static DataReplicationOptions createInExistingTopology(
      AuthenticationData authenticationData, int replicationPort,
      boolean secureReplication)
  {
    DataReplicationOptions options = new DataReplicationOptions();
    options.type = Type.IN_EXISTING_TOPOLOGY;
    options.authenticationData = authenticationData;
    options.replicationPort = replicationPort;
    options.secureReplication = secureReplication;
    return options;
  }

  /**
@@ -125,5 +154,40 @@
  {
    return replicationPort;
  }

  /**
   * Returns whether servers must encrypt data for the replication communication
   * with this server.
   *
   * @return <CODE>true</CODE> if the servers must encrypt data for the
   * replication communication and <CODE>false</CODE> otherwise.
   */
  public boolean useSecureReplication()
  {
    return secureReplication;
  }

  /**
   * Provides the port that will be proposed to the user in the replication
   * options panel of the installation wizard. It will check whether we can use
   * ports of type X989 and if not it will return -1.
   *
   * @return the free port of type X989 if it is available and we can use and -1
   * if not.
   */
  static int getDefaultReplicationPort()
  {
    int defaultPort = -1;

    for (int i=0;i<10000 && (defaultPort == -1);i+=1000)
    {
      int port = i + Constants.DEFAULT_REPLICATION_PORT;
      if (Utils.canUseAsPort(port))
      {
        defaultPort = port;
      }
    }
    return defaultPort;
  }
}


 opends/src/quicksetup/org/opends/quicksetup/installer/Installer.java

@@ -1400,12 +1400,12 @@
        for (ReplicaDescriptor replica : suffix.getReplicas())
        {
          ServerDescriptor server = replica.getServer();
          Integer replicationPort
          AuthenticationData repPort
                  = getUserData().getRemoteWithNoReplicationPort().get(server);
          if (replicationPort != null)
          if (repPort != null)
          {
            h.add(server.getHostName()+":"+replicationPort);
            adsServers.add(server.getHostName()+":"+replicationPort);
            h.add(server.getHostName()+":"+repPort.getPort());
            adsServers.add(server.getHostName()+":"+repPort.getPort());
          }
        }
        replicationServers.put(suffix.getDN(), h);
@@ -1422,6 +1422,7 @@
      ctx = createLocalContext();
      helper.configureReplication(ctx, dns, replicationServers,
          getUserData().getReplicationOptions().getReplicationPort(),
          getUserData().getReplicationOptions().useSecureReplication(),
          getLocalHostPort(),
          knownReplicationServerIds, knownServerIds);
    }
@@ -1480,14 +1481,28 @@
        Integer v = (Integer)server.getServerProperties().get(
            ServerDescriptor.ServerProperty.REPLICATION_SERVER_PORT);
        int replicationPort;
        boolean enableSecureReplication;
        if (v != null)
        {
          replicationPort = v;
          enableSecureReplication = false;
        }
        else
        {
          replicationPort =
          AuthenticationData authData =
            getUserData().getRemoteWithNoReplicationPort().get(server);
          if (authData != null)
          {
            replicationPort = authData.getPort();
            enableSecureReplication = authData.useSecureConnection();
          }
          else
          {
            replicationPort = Constants.DEFAULT_REPLICATION_PORT;
            enableSecureReplication = false;
            LOG.log(Level.WARNING, "Could not find replication port for: "+
                server.getHostPort(true));
          }
        }
        dns = new HashSet<String>();
        for (ReplicaDescriptor replica : hm.get(server))
@@ -1499,8 +1514,9 @@
        ctx = getRemoteConnection(server, getTrustManager());
        ConfiguredReplication repl =
          helper.configureReplication(ctx, dns, replicationServers,
              replicationPort, server.getHostPort(true),
              knownReplicationServerIds, knownServerIds);
              replicationPort, enableSecureReplication,
              server.getHostPort(true), knownReplicationServerIds,
              knownServerIds);
        hmConfiguredRemoteReplication.put(server, repl);

        try
@@ -2610,6 +2626,7 @@
      throws UserDataException {
    boolean hasGlobalAdministrators = false;
    Integer replicationPort = -1;
    boolean secureReplication = false;
    String host = null;
    Integer port = null;
    String dn = null;
@@ -2628,6 +2645,8 @@
    {
      // Check replication port
      replicationPort = checkReplicationPort(qs, errorMsgs);
      secureReplication =
        (Boolean)qs.getFieldValue(FieldName.REPLICATION_SECURE);
    }

    UserDataConfirmationException confirmEx = null;
@@ -2693,8 +2712,30 @@
      auth.setPwd(pwd);
      auth.setUseSecureConnection(isSecure);

      DataReplicationOptions repl = new DataReplicationOptions(type,
          auth, replicationPort);
      DataReplicationOptions repl;
      switch (type)
      {
      case IN_EXISTING_TOPOLOGY:
      {
        repl = DataReplicationOptions.createInExistingTopology(auth,
            replicationPort, secureReplication);
        break;
      }
      case STANDALONE:
      {
        repl = DataReplicationOptions.createStandalone();
        break;
      }
      case FIRST_IN_TOPOLOGY:
      {
        repl = DataReplicationOptions.createFirstInTopology(replicationPort,
            secureReplication);
        break;
      }
      default:
        throw new IllegalStateException("Do not know what to do with type: "+
            type);
      }
      getUserData().setReplicationOptions(repl);

      getUserData().createAdministrator(!hasGlobalAdministrators &&
@@ -3205,13 +3246,15 @@
      throws UserDataException
  {
    ArrayList<Message> errorMsgs = new ArrayList<Message>();
    Map<ServerDescriptor, Integer> servers =
    Map<ServerDescriptor, AuthenticationData> servers =
      getUserData().getRemoteWithNoReplicationPort();
    Map hm = (Map) qs.getFieldValue(FieldName.REMOTE_REPLICATION_PORT);
    Map hmSecure = (Map) qs.getFieldValue(FieldName.REMOTE_REPLICATION_SECURE);
    for (ServerDescriptor server : servers.keySet())
    {
      String hostName = server.getHostName();
      int replicationPort = -1;
      boolean secureReplication = (Boolean)hmSecure.get(server.getId());
      String sPort = (String)hm.get(server.getId());
      try
      {
@@ -3242,7 +3285,10 @@
                          .get(server.getHostPort(true)));
          }
        }
        servers.put(server, replicationPort);
        AuthenticationData authData = new AuthenticationData();
        authData.setPort(replicationPort);
        authData.setUseSecureConnection(secureReplication);
        servers.put(server, authData);
      } catch (NumberFormatException nfe)
      {
        errorMsgs.add(INFO_INVALID_REMOTE_REPLICATION_PORT_VALUE_RANGE.get(
@@ -3656,11 +3702,11 @@
    return generatedChar;
  }

  private Map<ServerDescriptor, Integer> getRemoteWithNoReplicationPort(
      UserData userData)
  private Map<ServerDescriptor, AuthenticationData>
  getRemoteWithNoReplicationPort(UserData userData)
  {
    Map<ServerDescriptor, Integer> servers =
      new HashMap<ServerDescriptor, Integer>();
    Map<ServerDescriptor, AuthenticationData> servers =
      new HashMap<ServerDescriptor, AuthenticationData>();
    Set<SuffixDescriptor> suffixes =
      userData.getSuffixesToReplicateOptions().getSuffixes();
    for (SuffixDescriptor suffix : suffixes)
@@ -3672,7 +3718,10 @@
            ServerDescriptor.ServerProperty.IS_REPLICATION_SERVER);
        if (!Boolean.TRUE.equals(v))
        {
          servers.put(server, 8989);
          AuthenticationData authData = new AuthenticationData();
          authData.setPort(Constants.DEFAULT_REPLICATION_PORT);
          authData.setUseSecureConnection(false);
          servers.put(server, authData);
        }
      }
    }
@@ -4101,9 +4150,7 @@
            "ds-task-log-message",
            "ds-task-state"
        });
    Message lastDisplayedMsg = null;
    String lastLogMsg = null;
    long lastTimeMsgDisplayed = -1;
    while (!isOver)
    {
      try

 opends/src/quicksetup/org/opends/quicksetup/installer/InstallerHelper.java

@@ -218,6 +218,8 @@
   * the value is the list of replication servers for that base dn (or domain).
   * @param replicationPort the replicationPort of the server that is being
   * configured (it might not exist and the user specified it in the setup).
   * @param useSecureReplication whether to encrypt connections with the
   * replication port or not.
   * @param serverDisplay the server display.
   * @param usedReplicationServerIds the list of replication server ids that
   * are already used.
@@ -229,13 +231,14 @@
  public ConfiguredReplication configureReplication(
      InitialLdapContext remoteCtx, Set<String> dns,
      Map<String,Set<String>> replicationServers,
      int replicationPort, String serverDisplay,
      int replicationPort, boolean useSecureReplication, String serverDisplay,
      Set<Integer> usedReplicationServerIds, Set<Integer> usedServerIds)
  throws ApplicationException
  {
    boolean synchProviderCreated;
    boolean synchProviderEnabled;
    boolean replicationServerCreated;
    boolean secureReplicationEnabled;
    try
    {
      ManagementContext mCtx = LDAPManagementContext.createFromContext(
@@ -291,6 +294,25 @@

      if (!sync.hasReplicationServer())
      {
        if (useSecureReplication)
        {
         CryptoManagerCfgClient crypto = root.getCryptoManager();
         if (!crypto.isSSLEncryption())
         {
           crypto.setSSLEncryption(true);
           crypto.commit();
           secureReplicationEnabled = true;
         }
         else
         {
           // Only mark as true if we actually change the configuration
           secureReplicationEnabled = false;
         }
        }
        else
        {
          secureReplicationEnabled = false;
        }
        int id = getReplicationId(usedReplicationServerIds);
        usedReplicationServerIds.add(id);
        replicationServer = sync.createReplicationServer(
@@ -302,6 +324,7 @@
      }
      else
      {
        secureReplicationEnabled = false;
        replicationServer = sync.getReplicationServer();
        usedReplicationServerIds.add(
            replicationServer.getReplicationServerId());
@@ -390,7 +413,8 @@
        domainsConf.add(domainConf);
      }
      return new ConfiguredReplication(synchProviderCreated,
          synchProviderEnabled, replicationServerCreated, newReplicationServers,
          synchProviderEnabled, replicationServerCreated,
          secureReplicationEnabled, newReplicationServers,
          domainsConf);
    }
    catch (Throwable t)
@@ -496,6 +520,15 @@
          // It does not exist.
        }
      }
      if (replConf.isSecureReplicationEnabled())
      {
        CryptoManagerCfgClient crypto = root.getCryptoManager();
        if (crypto.isSSLEncryption())
        {
          crypto.setSSLEncryption(false);
          crypto.commit();
        }
      }
    }
    catch (Throwable t)
    {

 opends/src/quicksetup/org/opends/quicksetup/installer/ui/DataReplicationPanel.java

@@ -72,6 +72,7 @@

  private JRadioButton rbStandalone;
  private JRadioButton rbReplicated;
  private JCheckBox cbSecureReplication;
  private JCheckBox cbTopologyExists;
  private JCheckBox cbRemoteServerPortSecure;
  private HashMap<FieldName, JLabel> hmLabels =
@@ -128,6 +129,17 @@
        value = Boolean.FALSE;
      }
    }
    else if (fieldName == FieldName.REPLICATION_SECURE)
    {
      if (cbSecureReplication.isSelected())
      {
        value = Boolean.TRUE;
      }
      else
      {
        value = Boolean.FALSE;
      }
    }
    else
    {
      JTextComponent field = getField(fieldName);
@@ -187,18 +199,23 @@
    panel.add(auxPanel, gbc);
    panel.add(cbTopologyExists, gbc);
    gbc.insets = UIFactory.getEmptyInsets();
    gbc.gridwidth = 3;
    gbc.gridwidth = 4;
    gbc.weightx = 0.0;
    gbc.insets.left = 0;
    gbc.anchor = GridBagConstraints.WEST;
    auxPanel.add(getLabel(FieldName.REPLICATION_PORT), gbc);

    gbc.gridwidth = GridBagConstraints.RELATIVE;
    gbc.gridwidth--;
    gbc.insets.left = UIFactory.LEFT_INSET_SECONDARY_FIELD;
    gbc.fill = GridBagConstraints.HORIZONTAL;
    gbc.weightx = 0.0;
    auxPanel.add(getField(FieldName.REPLICATION_PORT), gbc);

    gbc.gridwidth = GridBagConstraints.RELATIVE;
    gbc.fill = GridBagConstraints.HORIZONTAL;
    gbc.weightx = 0.0;
    auxPanel.add(cbSecureReplication, gbc);

    gbc.gridwidth = GridBagConstraints.REMAINDER;
    gbc.insets.left = 0;
    gbc.weightx = 1.0;
@@ -482,6 +499,12 @@
      DataReplicationOptions.Type.STANDALONE);
    rbReplicated.setSelected(type !=
      DataReplicationOptions.Type.STANDALONE);
    cbSecureReplication = UIFactory.makeJCheckBox(
        INFO_SECURE_REPLICATION_LABEL.get(),
        INFO_SECURE_REPLICATION_TOOLTIP.get(),
        UIFactory.TextStyle.SECONDARY_FIELD_VALID);
    cbSecureReplication.setSelected(
        defaultUserData.getReplicationOptions().useSecureReplication());
    cbTopologyExists.setSelected(type ==
      DataReplicationOptions.Type.IN_EXISTING_TOPOLOGY);
    cbRemoteServerPortSecure = UIFactory.makeJCheckBox(
@@ -564,6 +587,7 @@
    rbReplicated.addFocusListener(l);
    rbStandalone.addFocusListener(l);
    cbTopologyExists.addFocusListener(l);
    cbSecureReplication.addFocusListener(l);

    lastFocusComponent = rbStandalone;
  }
@@ -619,6 +643,7 @@
    cbTopologyExists.setEnabled(rbReplicated.isSelected());
    getLabel(FieldName.REPLICATION_PORT).setEnabled(rbReplicated.isSelected());
    getField(FieldName.REPLICATION_PORT).setEnabled(rbReplicated.isSelected());
    cbSecureReplication.setEnabled(rbReplicated.isSelected());
    cbRemoteServerPortSecure.setEnabled(enableFields);
  }


 opends/src/quicksetup/org/opends/quicksetup/installer/ui/InstallReviewPanel.java

@@ -356,7 +356,7 @@
    SuffixesToReplicateOptions suf =
      userInstallData.getSuffixesToReplicateOptions();

    Map<ServerDescriptor, Integer> remotePorts =
    Map<ServerDescriptor, AuthenticationData> remotePorts =
      userInstallData.getRemoteWithNoReplicationPort();

    if ((repl.getType() == DataReplicationOptions.Type.IN_EXISTING_TOPOLOGY) &&
@@ -375,9 +375,19 @@
      {
        serverToConnectDisplay = "";
      }
      buf.append(String.valueOf(
                      userInstallData.getReplicationOptions()
                              .getReplicationPort()));
      String s;
      if (userInstallData.getReplicationOptions().useSecureReplication())
      {
        s = INFO_SECURE_REPLICATION_PORT_LABEL.get(
            String.valueOf(userInstallData.getReplicationOptions()
                .getReplicationPort())).toString();
      }
      else
      {
        s = String.valueOf(userInstallData.getReplicationOptions()
            .getReplicationPort());
      }
      buf.append(s);
      TreeSet<Message> remoteServerLines = new TreeSet<Message>();
      for (ServerDescriptor server : remotePorts.keySet())
      {
@@ -390,8 +400,17 @@
        {
          serverDisplay = server.getHostPort(true);
        }
        remoteServerLines.add(INFO_REMOTE_SERVER_REPLICATION_PORT.get(
                String.valueOf(remotePorts.get(server)),
        AuthenticationData repPort = remotePorts.get(server);
        if (repPort.useSecureConnection())
        {
          s = INFO_SECURE_REPLICATION_PORT_LABEL.get(
              String.valueOf(repPort.getPort())).toString();
        }
        else
        {
          s = String.valueOf(repPort.getPort());
        }
        remoteServerLines.add(INFO_REMOTE_SERVER_REPLICATION_PORT.get(s,
                serverDisplay));
      }
      for (Message line : remoteServerLines)

 opends/src/quicksetup/org/opends/quicksetup/installer/ui/RemoteReplicationPortsPanel.java

@@ -42,6 +42,7 @@
import java.util.TreeSet;

import javax.swing.Box;
import javax.swing.JCheckBox;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
@@ -71,6 +72,8 @@
    new HashMap<String, JLabel>();
  private HashMap<String, JTextComponent> hmFields =
    new HashMap<String, JTextComponent>();
  private HashMap<String, JCheckBox> hmCbs =
    new HashMap<String, JCheckBox>();
  private JScrollPane scroll;
  private JPanel fieldsPanel;
  private TreeSet<ServerDescriptor> orderedServers =
@@ -105,6 +108,15 @@
      }
      value = hm;
    }
    else if (fieldName == FieldName.REMOTE_REPLICATION_SECURE)
    {
      Map<String, Boolean> hm = new HashMap<String, Boolean>();
      for (String id : hmCbs.keySet())
      {
        hm.put(id, hmCbs.get(id).isSelected());
      }
      value = hm;
    }
    return value;
  }

@@ -243,9 +255,16 @@
      {
        hmOldValues.put(id, hmFields.get(id).getText());
      }
      HashMap<String, Boolean> hmOldSecureValues =
        new HashMap<String, Boolean>();
      for (String id : hmCbs.keySet())
      {
        hmOldSecureValues.put(id, hmCbs.get(id).isSelected());
      }
      orderedServers.clear();
      orderedServers.addAll(array);
      hmFields.clear();
      hmCbs.clear();
      hmLabels.clear();
      for (ServerDescriptor server : orderedServers)
      {
@@ -264,10 +283,10 @@
                LabelFieldDescriptor.FieldType.TEXTFIELD,
                LabelFieldDescriptor.LabelType.PRIMARY,
                UIFactory.PORT_FIELD_SIZE);
        Integer defaultValue =
        AuthenticationData auth =
          data.getRemoteWithNoReplicationPort().get(server);
        JTextComponent field = UIFactory.makeJTextComponent(desc,
            String.valueOf(defaultValue));
            String.valueOf(auth.getPort()));
        String oldValue = hmOldValues.get(server.getId());
        if (oldValue != null)
        {
@@ -285,6 +304,18 @@
        }

        hmLabels.put(server.getId(), label);

        JCheckBox cb = UIFactory.makeJCheckBox(
            INFO_SECURE_REPLICATION_LABEL.get(),
            INFO_SECURE_REPLICATION_TOOLTIP.get(),
            UIFactory.TextStyle.SECONDARY_FIELD_VALID);
        cb.setSelected(auth.useSecureConnection());
        Boolean oldSecureValue = hmOldSecureValues.get(server.getId());
        if (oldSecureValue != null)
        {
          cb.setSelected(oldSecureValue);
        }
        hmCbs.put(server.getId(), cb);
      }
      populateFieldsPanel();
    }
@@ -316,11 +347,14 @@
      {
        gbc.insets.top = UIFactory.TOP_INSET_SECONDARY_FIELD;
      }
      gbc.gridwidth = 3;
      gbc.gridwidth = 4;
      fieldsPanel.add(hmLabels.get(server.getId()), gbc);
      gbc.insets.left = UIFactory.LEFT_INSET_PRIMARY_FIELD;
      gbc.gridwidth = GridBagConstraints.RELATIVE;
      gbc.gridwidth--;
      fieldsPanel.add(hmFields.get(server.getId()), gbc);
      gbc.insets.left = UIFactory.LEFT_INSET_SECONDARY_FIELD;
      gbc.gridwidth = GridBagConstraints.RELATIVE;
      fieldsPanel.add(hmCbs.get(server.getId()), gbc);
      gbc.gridwidth = GridBagConstraints.REMAINDER;
      gbc.weightx = 1.0;
      fieldsPanel.add(Box.createHorizontalGlue(), gbc);

 opends/src/quicksetup/org/opends/quicksetup/ui/FieldName.java

@@ -110,6 +110,10 @@
   */
  SUFFIXES_TO_REPLICATE,
  /**
   * The value associated with this is a Boolean.
   */
  REPLICATION_SECURE,
  /**
   * The value associated with this is a String.
   */
  REPLICATION_PORT,
@@ -147,11 +151,16 @@
   */
  GLOBAL_ADMINISTRATOR_PWD_CONFIRM,
  /**
   * The value associated with this is a Map where the key is a ServerDescriptor
   * and the value an Integer.
   * The value associated with this is a Map where the key is a String and the
   * value a String.
   */
  REMOTE_REPLICATION_PORT,
  /**
   * The value associated with this is a Map where the key is a String and the
   * value a Boolean.
   */
  REMOTE_REPLICATION_SECURE,
  /**
   * The value associated with this is a Boolean.
   */
  SERVER_START,