mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-server-legacy/src/main/java/org/opends/guitools/controlpanel/ui/ViewEntryPanel.java
@@ -24,7 +24,6 @@ * Copyright 2008-2010 Sun Microsystems, Inc. * Portions Copyright 2011-2016 ForgeRock AS */ package org.opends.guitools.controlpanel.ui; import static org.opends.messages.AdminToolMessages.*; @@ -46,6 +45,7 @@ import org.forgerock.i18n.LocalizableMessage; import org.forgerock.opendj.ldap.ByteString; import org.forgerock.opendj.ldap.schema.AttributeType; import org.forgerock.opendj.ldap.schema.ObjectClassType; import org.forgerock.opendj.ldap.schema.Syntax; import org.opends.guitools.controlpanel.datamodel.BinaryValue; @@ -57,7 +57,6 @@ import org.opends.guitools.controlpanel.ui.nodes.BasicNode; import org.opends.guitools.controlpanel.util.Utilities; import org.opends.server.schema.SchemaConstants; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.Attributes; import org.opends.server.types.Entry; import org.opends.server.types.ObjectClass; @@ -70,39 +69,27 @@ /** * Abstract class containing code shared by the different LDAP entry view * panels (Simplified View, Attribute View and LDIF View). * */ public abstract class ViewEntryPanel extends StatusGenericPanel { private static final long serialVersionUID = -1908757626234678L; /** * The read-only attributes as they appear on the schema. */ /** The read-only attributes as they appear on the schema. */ protected SortedSet<String> schemaReadOnlyAttributes = new TreeSet<>(); /** * The read-only attributes in lower case. */ /** The read-only attributes in lower case. */ protected SortedSet<String> schemaReadOnlyAttributesLowerCase = new TreeSet<>(); /** * The editable operational attributes. */ /** The editable operational attributes. */ protected SortedSet<String> editableOperationalAttrNames = new TreeSet<>(); private JLabel title= Utilities.createDefaultLabel(); private Set<LDAPEntryChangedListener> listeners = new LinkedHashSet<>(); /** * Whether the entry change events should be ignored or not. */ /** Whether the entry change events should be ignored or not. */ protected boolean ignoreEntryChangeEvents; /** * Static boolean used to know whether only attributes with values should be * displayed or not. */ /** Static boolean used to know whether only attributes with values should be displayed or not. */ protected static boolean displayOnlyWithAttrs = true; /** {@inheritDoc} */ @Override public void okClicked() { // No ok button @@ -163,7 +150,7 @@ listeners.remove(listener); } /** {@inheritDoc} */ @Override public boolean requiresBorder() { return true; @@ -281,26 +268,22 @@ { structuralObjectClass = objectClass; } else else if (objectClass.isDescendantOf(structuralObjectClass)) { if (objectClass.isDescendantOf(structuralObjectClass)) { structuralObjectClass = objectClass; } structuralObjectClass = objectClass; } } else { String name = objectClass.getNameOrOID(); if (!name.equals(SchemaConstants.TOP_OBJECTCLASS_NAME)) if (!SchemaConstants.TOP_OBJECTCLASS_NAME.equals(name)) { auxiliaryClasses.add(objectClass.getNameOrOID()); } } } } String structural = structuralObjectClass != null ? structuralObjectClass.getNameOrOID() : null; String structural = structuralObjectClass != null ? structuralObjectClass.getNameOrOID() : null; return new ObjectClassValue(structural, auxiliaryClasses); } @@ -310,24 +293,18 @@ */ protected void addValuesInRDN(Entry entry) { // Add the values in the RDN if they are not there // Add the values in the RDN if they are not there RDN rdn = entry.getName().rdn(); for (int i=0; i<rdn.getNumValues(); i++) { String attrName = rdn.getAttributeName(i); ByteString value = rdn.getAttributeValue(i); List<org.opends.server.types.Attribute> attrs = entry.getAttribute(attrName.toLowerCase()); boolean done = false; for (org.opends.server.types.Attribute attr : attrs) for (org.opends.server.types.Attribute attr : entry.getAttribute(attrName.toLowerCase())) { if (attr.getNameWithOptions().equals(attrName)) { ArrayList<ByteString> newValues = new ArrayList<>(); Iterator<ByteString> it = attr.iterator(); while (it.hasNext()) { newValues.add(it.next()); } List<ByteString> newValues = getValues(attr); newValues.add(value); entry.addAttribute(attr, newValues); done = true; @@ -336,20 +313,29 @@ } if (!done) { org.opends.server.types.Attribute attr = Attributes.create(rdn.getAttributeType(i), value); entry.addAttribute(attr, newArrayList(value)); entry.addAttribute(Attributes.create(rdn.getAttributeType(i), value), newArrayList(value)); } } } /** {@inheritDoc} */ private List<ByteString> getValues(org.opends.server.types.Attribute attr) { List<ByteString> newValues = new ArrayList<>(); Iterator<ByteString> it = attr.iterator(); while (it.hasNext()) { newValues.add(it.next()); } return newValues; } @Override public LocalizableMessage getTitle() { return INFO_CTRL_PANEL_EDIT_LDAP_ENTRY_TITLE.get(); } /** {@inheritDoc} */ @Override public void configurationChanged(ConfigurationChangeEvent ev) { Schema schema = ev.getNewDescriptor().getSchema(); @@ -494,8 +480,7 @@ Syntax syntax = attr.getSyntax(); if (syntax != null) { isCertificate = syntax.getOID().equals( SchemaConstants.SYNTAX_CERTIFICATE_OID); isCertificate = SchemaConstants.SYNTAX_CERTIFICATE_OID.equals(syntax.getOID()); } } } @@ -546,12 +531,9 @@ throw new RuntimeException("Unexpected error: "+pe, pe); } } else else if (String.valueOf(value).trim().length() > 0) { if (String.valueOf(value).trim().length() > 0) { valuesToSet.add(String.valueOf(value)); } valuesToSet.add(String.valueOf(value)); } } if (!valuesToSet.isEmpty()) opendj-server-legacy/src/main/java/org/opends/server/admin/AdministrationDataSync.java
@@ -36,13 +36,13 @@ import org.forgerock.opendj.ldap.ModificationType; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.SearchScope; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.core.DirectoryServer; import org.opends.server.protocols.internal.InternalClientConnection; import org.opends.server.protocols.internal.InternalSearchOperation; import org.opends.server.protocols.internal.Requests; import org.opends.server.protocols.internal.SearchRequest; import org.opends.server.types.Attribute; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.Attributes; import org.opends.server.types.DN; import org.opends.server.types.DirectoryException; @@ -250,20 +250,19 @@ } // Read the port from the PORT attribute SearchResultEntry adminConnectorEntry = null; LinkedList<SearchResultEntry> result = search.getSearchEntries(); if (!result.isEmpty()) { adminConnectorEntry = result.getFirst(); SearchResultEntry adminConnectorEntry = result.getFirst(); AttributeType attrType = DirectoryServer.getAttributeType(attrName); List<Attribute> attrs = adminConnectorEntry.getAttribute(attrType); if (!attrs.isEmpty()) { // Get the attribute value return attrs.get(0).iterator().next().toString(); } } AttributeType attrType = DirectoryServer.getAttributeType(attrName); List<Attribute> attrs = adminConnectorEntry.getAttribute(attrType); if (!attrs.isEmpty()) { // Get the attribute value return attrs.get(0).iterator().next().toString(); } // Can not happen. Best effort. // TODO Log an Error. return null; opendj-server-legacy/src/main/java/org/opends/server/api/AuthenticationPolicyState.java
@@ -26,8 +26,6 @@ */ package org.opends.server.api; import java.util.List; import org.forgerock.i18n.LocalizableMessage; import org.forgerock.i18n.slf4j.LocalizedLogger; import org.forgerock.opendj.ldap.ByteString; @@ -108,8 +106,7 @@ protected static ConditionResult getBoolean(final Entry entry, final AttributeType attributeType) throws DirectoryException { final List<Attribute> attrList = entry.getAttribute(attributeType); for (final Attribute a : attrList) for (final Attribute a : entry.getAttribute(attributeType)) { if (a.isEmpty()) { opendj-server-legacy/src/main/java/org/opends/server/authorization/dseecompat/UserAttr.java
@@ -229,36 +229,28 @@ */ private EnumEvalResult evalURL(AciEvalContext evalCtx) { EnumEvalResult matched= EnumEvalResult.FALSE; boolean undefined=false; AttributeType attrType = DirectoryServer.getAttributeType(attrStr); List<Attribute> attrs=evalCtx.getResourceEntry().getAttribute(attrType); if(!attrs.isEmpty()) { for(Attribute a : attrs) { for(ByteString v : a) { LDAPURL url; try { url = LDAPURL.decode(v.toString(), true); } catch (DirectoryException e) { break; } matched=UserDN.evalURL(evalCtx, url); if(matched != EnumEvalResult.FALSE) { break; } } if (matched == EnumEvalResult.TRUE) { for(Attribute a : attrs) { for(ByteString v : a) { LDAPURL url; try { url = LDAPURL.decode(v.toString(), true); } catch (DirectoryException e) { break; } if (matched == EnumEvalResult.ERR) matched=UserDN.evalURL(evalCtx, url); if(matched != EnumEvalResult.FALSE) { undefined=true; break; } } if (matched == EnumEvalResult.TRUE) { break; } } return matched.getRet(type, undefined); return matched.getRet(type, matched == EnumEvalResult.ERR); } /** opendj-server-legacy/src/main/java/org/opends/server/authorization/dseecompat/UserDN.java
@@ -388,20 +388,18 @@ */ public static EnumEvalResult evaluate(Entry e, DN clientDN, AttributeType attrType) { EnumEvalResult matched= EnumEvalResult.FALSE; List<Attribute> attrs = e.getAttribute(attrType); for(ByteString v : attrs.get(0)) { try { DN dn = DN.valueOf(v.toString()); if(dn.equals(clientDN)) { matched=EnumEvalResult.TRUE; break; return EnumEvalResult.TRUE; } } catch (DirectoryException ex) { break; } } return matched; return EnumEvalResult.FALSE; } /** {@inheritDoc} */ opendj-server-legacy/src/main/java/org/opends/server/backends/BackupBackend.java
@@ -35,7 +35,14 @@ import java.io.File; import java.io.IOException; import java.util.*; import java.util.Collections; import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.Set; import org.forgerock.i18n.LocalizableMessage; import org.forgerock.i18n.slf4j.LocalizedLogger; @@ -45,6 +52,7 @@ import org.forgerock.opendj.ldap.ConditionResult; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.SearchScope; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.admin.server.ConfigurationChangeListener; import org.opends.server.admin.std.server.BackupBackendCfg; import org.opends.server.api.Backend; @@ -56,8 +64,24 @@ import org.opends.server.core.SearchOperation; import org.opends.server.core.ServerContext; import org.opends.server.schema.GeneralizedTimeSyntax; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.*; import org.opends.server.types.Attribute; import org.opends.server.types.AttributeBuilder; import org.opends.server.types.Attributes; import org.opends.server.types.BackupConfig; import org.opends.server.types.BackupDirectory; import org.opends.server.types.BackupInfo; import org.opends.server.types.DN; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; import org.opends.server.types.IndexType; import org.opends.server.types.InitializationException; import org.opends.server.types.LDIFExportConfig; import org.opends.server.types.LDIFImportConfig; import org.opends.server.types.LDIFImportResult; import org.opends.server.types.ObjectClass; import org.opends.server.types.RDN; import org.opends.server.types.RestoreConfig; import org.opends.server.types.SearchFilter; /** * This class defines a backend used to present information about Directory @@ -397,23 +421,19 @@ long count = 0; Entry backupDirEntry = getBackupDirectoryEntry(entryDN); AttributeType t = DirectoryServer.getAttributeType(ATTR_BACKUP_DIRECTORY_PATH); AttributeType t = DirectoryServer.getAttributeType(ATTR_BACKUP_DIRECTORY_PATH); List<Attribute> attrList = backupDirEntry.getAttribute(t); if (!attrList.isEmpty()) for (ByteString v : attrList.get(0)) { for (ByteString v : attrList.get(0)) try { try { File dir = new File(v.toString()); BackupDirectory backupDirectory = backupDirectories.get(dir).getBackupDirectory(); count += backupDirectory.getBackups().keySet().size(); } catch (Exception e) { return -1; } File dir = new File(v.toString()); BackupDirectory backupDirectory = backupDirectories.get(dir).getBackupDirectory(); count += backupDirectory.getBackups().keySet().size(); } catch (Exception e) { return -1; } } return count; opendj-server-legacy/src/main/java/org/opends/server/core/PasswordPolicyState.java
@@ -56,6 +56,7 @@ import org.forgerock.opendj.ldap.GeneralizedTime; import org.forgerock.opendj.ldap.ModificationType; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.admin.std.meta.PasswordPolicyCfgDefn; import org.opends.server.api.AccountStatusNotificationHandler; import org.opends.server.api.AuthenticationPolicyState; @@ -72,7 +73,6 @@ import org.opends.server.types.AccountStatusNotificationType; import org.opends.server.types.Attribute; import org.opends.server.types.AttributeBuilder; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.Attributes; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; @@ -2093,14 +2093,13 @@ */ public List<ByteString> getClearPasswords() { LinkedList<ByteString> clearPasswords = new LinkedList<>(); final List<Attribute> attrList = userEntry.getAttribute(passwordPolicy.getPasswordAttribute()); if (attrList.isEmpty()) { return clearPasswords; return Collections.emptyList(); } LinkedList<ByteString> clearPasswords = new LinkedList<>(); for (Attribute a : attrList) { for (ByteString v : a) opendj-server-legacy/src/main/java/org/opends/server/crypto/CryptoManagerSync.java
@@ -35,6 +35,7 @@ import static org.opends.server.util.ServerConstants.*; import static org.opends.server.util.StaticUtils.*; import java.util.ArrayList; import java.util.EnumSet; import java.util.HashMap; import java.util.LinkedHashMap; @@ -45,6 +46,7 @@ import org.forgerock.i18n.slf4j.LocalizedLogger; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.SearchScope; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.admin.ads.ADSContext; import org.opends.server.api.Backend; import org.opends.server.api.BackendInitializationListener; @@ -60,7 +62,6 @@ import org.opends.server.protocols.internal.SearchRequest; import org.opends.server.protocols.ldap.LDAPControl; import org.opends.server.types.Attribute; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.Control; import org.opends.server.types.CryptoManagerException; import org.opends.server.types.DN; @@ -399,18 +400,8 @@ ocMap.put(ocInstanceKey, OC_CRYPTO_INSTANCE_KEY); Map<AttributeType, List<Attribute>> userAttrs = new HashMap<>(); List<Attribute> attrList; attrList = srcEntry.getAttribute(attrAlias); if (!attrList.isEmpty()) { userAttrs.put(attrAlias, attrList); } attrList = srcEntry.getAttribute(attrCert); if (!attrList.isEmpty()) { userAttrs.put(attrCert, attrList); } putAttributeTypeIfExist(userAttrs, srcEntry, attrAlias); putAttributeTypeIfExist(userAttrs, srcEntry, attrCert); Entry addEntry = new Entry(dstDN, ocMap, userAttrs, null); AddOperation addOperation = getRootConnection().processAdd(addEntry); @@ -420,6 +411,16 @@ } } private void putAttributeTypeIfExist(Map<AttributeType, List<Attribute>> userAttrs, Entry srcEntry, AttributeType attrType) { List<Attribute> attrList = srcEntry.getAttribute(attrType); if (!attrList.isEmpty()) { userAttrs.put(attrType, new ArrayList<>(attrList)); } } @Override public PostResponse doPostResponse(PostResponseAddOperation op) { opendj-server-legacy/src/main/java/org/opends/server/extensions/ExternalSASLMechanismHandler.java
@@ -35,6 +35,7 @@ import org.forgerock.opendj.config.server.ConfigException; import org.forgerock.opendj.ldap.ByteString; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.admin.server.ConfigurationChangeListener; import org.opends.server.admin.std.server.ExternalSASLMechanismHandlerCfg; import org.opends.server.admin.std.server.SASLMechanismHandlerCfg; @@ -44,8 +45,12 @@ import org.opends.server.core.BindOperation; import org.opends.server.core.DirectoryServer; import org.opends.server.protocols.ldap.LDAPClientConnection; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.*; import org.opends.server.types.Attribute; import org.opends.server.types.AuthenticationInfo; import org.opends.server.types.DN; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; import org.opends.server.types.InitializationException; import static org.opends.messages.ExtensionMessages.*; import static org.opends.server.config.ConfigConstants.*; @@ -94,9 +99,6 @@ super(); } /** {@inheritDoc} */ @Override public void initializeSASLMechanismHandler( ExternalSASLMechanismHandlerCfg configuration) @@ -107,18 +109,7 @@ // See if we should attempt to validate client certificates against those in // the corresponding user's entry. switch (configuration.getCertificateValidationPolicy()) { case NEVER: validationPolicy = CertificateValidationPolicy.NEVER; break; case IFPRESENT: validationPolicy = CertificateValidationPolicy.IFPRESENT; break; case ALWAYS: validationPolicy = CertificateValidationPolicy.ALWAYS; break; } validationPolicy = toCertificateValidationPolicy(configuration); // Get the attribute type to use for validating the certificates. If none @@ -134,9 +125,19 @@ DirectoryServer.registerSASLMechanismHandler(SASL_MECHANISM_EXTERNAL, this); } private CertificateValidationPolicy toCertificateValidationPolicy(ExternalSASLMechanismHandlerCfg cfg) { switch (cfg.getCertificateValidationPolicy()) { case NEVER: return CertificateValidationPolicy.NEVER; case IFPRESENT: return CertificateValidationPolicy.IFPRESENT; default: return CertificateValidationPolicy.ALWAYS; } } /** {@inheritDoc} */ @Override public void finalizeSASLMechanismHandler() { @@ -144,10 +145,6 @@ DirectoryServer.deregisterSASLMechanismHandler(SASL_MECHANISM_EXTERNAL); } /** {@inheritDoc} */ @Override public void processSASLBind(BindOperation bindOperation) { @@ -240,7 +237,7 @@ try { ByteString certBytes = ByteString.wrap(clientCertChain[0].getEncoded()); if (!find(certAttrList, certBytes)) if (!findAttributeValue(certAttrList, certBytes)) { bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS); @@ -269,7 +266,7 @@ try { ByteString certBytes = ByteString.wrap(clientCertChain[0].getEncoded()); if (!find(certAttrList, certBytes)) if (!findAttributeValue(certAttrList, certBytes)) { bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS); @@ -299,9 +296,7 @@ bindOperation.setResultCode(ResultCode.SUCCESS); } private boolean find(List<Attribute> certAttrList, ByteString certBytes) private boolean findAttributeValue(List<Attribute> certAttrList, ByteString certBytes) { for (Attribute a : certAttrList) { @@ -313,9 +308,6 @@ return false; } /** {@inheritDoc} */ @Override public boolean isPasswordBased(String mechanism) { @@ -323,9 +315,6 @@ return false; } /** {@inheritDoc} */ @Override public boolean isSecure(String mechanism) { @@ -333,9 +322,6 @@ return true; } /** {@inheritDoc} */ @Override public boolean isConfigurationAcceptable( SASLMechanismHandlerCfg configuration, @@ -346,9 +332,7 @@ return isConfigurationChangeAcceptable(config, unacceptableReasons); } /** {@inheritDoc} */ @Override public boolean isConfigurationChangeAcceptable( ExternalSASLMechanismHandlerCfg configuration, List<LocalizableMessage> unacceptableReasons) @@ -356,9 +340,7 @@ return true; } /** {@inheritDoc} */ @Override public ConfigChangeResult applyConfigurationChange( ExternalSASLMechanismHandlerCfg configuration) { @@ -367,20 +349,7 @@ // See if we should attempt to validate client certificates against those in // the corresponding user's entry. CertificateValidationPolicy newValidationPolicy = CertificateValidationPolicy.ALWAYS; switch (configuration.getCertificateValidationPolicy()) { case NEVER: newValidationPolicy = CertificateValidationPolicy.NEVER; break; case IFPRESENT: newValidationPolicy = CertificateValidationPolicy.IFPRESENT; break; case ALWAYS: newValidationPolicy = CertificateValidationPolicy.ALWAYS; break; } CertificateValidationPolicy newValidationPolicy = toCertificateValidationPolicy(configuration); // Get the attribute type to use for validating the certificates. If none @@ -403,4 +372,3 @@ return ccr; } }
@@ -35,6 +35,7 @@ import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; import org.forgerock.i18n.LocalizableMessage; @@ -43,6 +44,7 @@ import org.forgerock.opendj.config.server.ConfigException; import org.forgerock.opendj.ldap.ByteString; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.admin.server.ConfigurationChangeListener; import org.opends.server.admin.std.meta.PluginCfgDefn; import org.opends.server.admin.std.server.PasswordPolicyImportPluginCfg; @@ -59,8 +61,13 @@ import org.opends.server.core.SubentryPasswordPolicy; import org.opends.server.schema.AuthPasswordSyntax; import org.opends.server.schema.UserPasswordSyntax; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.*; import org.opends.server.types.Attribute; import org.opends.server.types.AttributeBuilder; import org.opends.server.types.DN; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; import org.opends.server.types.LDIFImportConfig; import org.opends.server.types.SubEntry; /** * This class implements a Directory Server plugin that performs various @@ -74,37 +81,22 @@ { private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass(); /** The attribute type used to specify the password policy for an entry. */ private AttributeType customPolicyAttribute; /** * The set of attribute types defined in the schema with the auth password * syntax. */ /** The set of attribute types defined in the schema with the auth password syntax. */ private AttributeType[] authPasswordTypes; /** * The set of attribute types defined in the schema with the user password * syntax. */ /** The set of attribute types defined in the schema with the user password syntax. */ private AttributeType[] userPasswordTypes; /** * The set of password storage schemes to use for the various password * policies defined in the server. */ private HashMap<DN,PasswordStorageScheme<?>[]> schemesByPolicy; private Map<DN, PasswordStorageScheme<?>[]> schemesByPolicy; /** The default password storage schemes for auth password attributes. */ private PasswordStorageScheme<?>[] defaultAuthPasswordSchemes; /** The default password storage schemes for user password attributes. */ private PasswordStorageScheme<?>[] defaultUserPasswordSchemes; /** * Creates a new instance of this Directory Server plugin. Every plugin must * implement a default constructor (it is the only one that will be used to @@ -125,7 +117,6 @@ customPolicyAttribute = DirectoryServer.getAttributeType(OP_ATTR_PWPOLICY_POLICY_DN); // Make sure that the plugin has been enabled for the appropriate types. for (PluginType t : pluginTypes) { @@ -140,7 +131,6 @@ } } // Get the set of default password storage schemes for auth password // attributes. PasswordPolicy defaultPolicy = DirectoryServer.getDefaultPasswordPolicy(); @@ -191,7 +181,6 @@ } } // Get the set of default password storage schemes for user password // attributes. Set<DN> userSchemeDNs = @@ -249,17 +238,16 @@ HashSet<AttributeType> userPWTypes = new HashSet<>(); for (AttributeType t : DirectoryServer.getAttributeTypes()) { if (t.getSyntax().getOID().equals(SYNTAX_AUTH_PASSWORD_OID)) if (SYNTAX_AUTH_PASSWORD_OID.equals(t.getSyntax().getOID())) { authPWTypes.add(t); } else if (t.getSyntax().getOID().equals(SYNTAX_USER_PASSWORD_OID)) else if (SYNTAX_USER_PASSWORD_OID.equals(t.getSyntax().getOID())) { userPWTypes.add(t); } } // Get the set of password policies defined in the server and get the // attribute types associated with them. HashMap<DN,PasswordStorageScheme<?>[]> schemeMap = new HashMap<>(); @@ -277,7 +265,6 @@ } } AttributeType[] authTypesArray = new AttributeType[authPWTypes.size()]; AttributeType[] userTypesArray = new AttributeType[userPWTypes.size()]; authPWTypes.toArray(authTypesArray); @@ -398,32 +385,28 @@ builder.add(value); } } else if (!UserPasswordSyntax.isEncoded(value)) { try { for (PasswordStorageScheme<?> s : schemes) { builder.add(s.encodePasswordWithScheme(value)); } } catch (Exception e) { logger.traceException(e); logger.error(ERR_PLUGIN_PWPIMPORT_ERROR_ENCODING_PASSWORD, policy.getPasswordAttribute() .getNameOrOID(), entry.getName(), stackTraceToSingleLineString(e)); gotError = true; break; } } else { if (!UserPasswordSyntax.isEncoded(value)) { try { for (PasswordStorageScheme<?> s : schemes) { builder.add(s.encodePasswordWithScheme(value)); } } catch (Exception e) { logger.traceException(e); logger.error(ERR_PLUGIN_PWPIMPORT_ERROR_ENCODING_PASSWORD, policy.getPasswordAttribute().getNameOrOID(), entry.getName(), stackTraceToSingleLineString(e)); gotError = true; break; } } else { builder.add(value); } builder.add(value); } } @@ -438,19 +421,12 @@ } } // Iterate through the list of auth password attributes. If any of them // are present and their values are not encoded, then encode them with all // appropriate schemes. for (AttributeType t : authPasswordTypes) { attrList = entry.getAttribute(t); if (attrList.isEmpty()) { continue; } for (Attribute a : attrList) for (Attribute a : entry.getAttribute(t)) { AttributeBuilder builder = new AttributeBuilder(a, true); boolean gotError = false; @@ -488,19 +464,12 @@ } } // Iterate through the list of user password attributes. If any of them // are present and their values are not encoded, then encode them with all // appropriate schemes. for (AttributeType t : userPasswordTypes) { attrList = entry.getAttribute(t); if (attrList.isEmpty()) { continue; } for (Attribute a : attrList) for (Attribute a : entry.getAttribute(t)) { AttributeBuilder builder = new AttributeBuilder(a, true); boolean gotError = false; @@ -538,7 +507,6 @@ } } return PluginResult.ImportLDIF.continueEntryProcessing(); } @@ -567,14 +535,12 @@ // This is the only acceptable type. break; default: unacceptableReasons.add(ERR_PLUGIN_PWPIMPORT_INVALID_PLUGIN_TYPE.get(pluginType)); configAcceptable = false; } } // Get the set of default password storage schemes for auth password // attributes. Set<DN> authSchemeDNs = @@ -617,7 +583,6 @@ } } // Get the set of default password storage schemes for user password // attributes. Set<DN> userSchemeDNs = @@ -655,7 +620,6 @@ } } return configAcceptable; } @@ -717,7 +681,6 @@ } } // Get the set of default password storage schemes for user password // attributes. PasswordStorageScheme<?>[] defaultUserSchemes; opendj-server-legacy/src/test/java/org/opends/server/core/AddOperationTestCase.java
@@ -35,6 +35,7 @@ import org.forgerock.i18n.LocalizableMessage; import org.forgerock.opendj.ldap.ByteString; import org.forgerock.opendj.ldap.ResultCode; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.TestCaseUtils; import org.opends.server.api.Backend; import org.opends.server.plugins.DisconnectClientPlugin; @@ -50,7 +51,6 @@ import org.opends.server.tools.LDAPReader; import org.opends.server.tools.LDAPWriter; import org.opends.server.types.Attribute; import org.forgerock.opendj.ldap.schema.AttributeType; import org.opends.server.types.Attributes; import org.opends.server.types.CancelRequest; import org.opends.server.types.CancelResult; @@ -75,14 +75,11 @@ import static org.opends.server.util.CollectionUtils.*; import static org.testng.Assert.*; /** * A set of test cases for add operations. */ /** A set of test cases for add operations. */ @SuppressWarnings("javadoc") public class AddOperationTestCase extends OperationTestCase { /** Some of the tests disable the backends, so we reenable them here. */ @AfterMethod(alwaysRun=true) public void reenableBackend() throws DirectoryException { @@ -139,10 +136,6 @@ return objArray; } /** {@inheritDoc} */ @Override protected Operation[] createTestOperations() throws Exception { @@ -156,8 +149,6 @@ return ops; } /** * Tests the <CODE>getRawEntryDN</CODE> and <CODE>setRawEntryDN</CODE> * methods. @@ -180,8 +171,6 @@ assertEquals(addOperation.getRawEntryDN(), originalDN); } /** * Tests the <CODE>getEntryDN</CODE> method for the case in which we expect * the rawEntryDN to be decoded. @@ -238,8 +227,6 @@ assertNotNull(addOperation.getEntryDN()); } /** * Tests the <CODE>getEntryDN</CODE> method for the case in which we expect * the DN to be initially non-null but then becomes null after the raw DN is @@ -267,8 +254,6 @@ assertNotNull(addOperation.getEntryDN()); } /** * Tests the <CODE>getRawAttributes</CODE>, <CODE>addRawAttribute</CODE>, and * <CODE>setRawAttributes</CODE> methods. @@ -305,8 +290,6 @@ return false; } /** * Tests the <CODE>addObjectClass</CODE> method. * @@ -338,8 +321,6 @@ UpdatePreOpPlugin.reset(); } /** * Tests the <CODE>removeObjectClass</CODE> method. * @@ -372,8 +353,6 @@ UpdatePreOpPlugin.reset(); } /** * Tests the <CODE>setAttribute</CODE> method for an attribute that already * exists. @@ -426,8 +405,6 @@ UpdatePreOpPlugin.reset(); } /** * Tests the <CODE>setAttribute</CODE> method for an attribute that doesn't * exist. @@ -460,8 +437,6 @@ UpdatePreOpPlugin.reset(); } /** * Tests the <CODE>removeAttribute</CODE> method. * @@ -494,8 +469,6 @@ UpdatePreOpPlugin.reset(); } /** * Invokes methods to retrieve members of an add operation after it has * completed. @@ -511,8 +484,6 @@ assertTrue(addOperation.getProcessingTime() >= 0); } /** * Tests an internal add operation that should be successful using raw * arguments. @@ -555,8 +526,6 @@ retrieveCompletedOperationElements(addOperation); } /** * Tests an internal add operation that fails because it contains a malformed * DN. @@ -576,8 +545,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests an internal add operation that fails because it contains the DN of * an entry that already exists. @@ -597,8 +564,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests an internal add operation that fails because it is a suffix that * doesn't exist. @@ -618,8 +583,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests an internal add operation that fails because it is below a suffix * that doesn't exist. @@ -639,8 +602,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests an internal add operation that fails because its parent does not exist. * @@ -659,8 +620,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests an external add operation that fails because it contains an attribute * that is marked no-user-modification. @@ -745,8 +704,6 @@ retrieveCompletedOperationElements(addOperation); } /** * Tests a successful internal add operation that contains an attribute with * multiple values where the values are spread throughout the entry. @@ -789,8 +746,6 @@ assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a successful internal add operation that contains raw attributes with * options and an attribute that doesn't have any values without options. @@ -843,8 +798,6 @@ retrieveCompletedOperationElements(addOperation); } /** * Tests an internal add operation that fails because it attempts to add the * root DSE. @@ -889,8 +842,6 @@ assertThat(attrList).isNotEmpty(); } /** * Tests a failed internal add operation that is missing RDN attributes. * @@ -914,8 +865,6 @@ DirectoryServer.setAddMissingRDNAttributes(true); } /** * Tests a successful internal add operation that is missing an objectclass * in the hierarchical chain. @@ -942,24 +891,24 @@ Entry e = DirectoryServer.getEntry(DN.valueOf("uid=test.user,o=test")); List<Attribute> attrList = e.getAttribute(DirectoryServer.getObjectClassAttributeType()); assertTrue(findAttributeValueIgnoreCase(attrList, "top")); } boolean found = false; for (Attribute a : attrList) private boolean findAttributeValueIgnoreCase(List<Attribute> attrs, String valueToFind) { for (Attribute a : attrs) { for (ByteString v : a) { if ("top".equalsIgnoreCase(v.toString())) if (valueToFind.equalsIgnoreCase(v.toString())) { found = true; break; return true; } } } assertTrue(found); return false; } /** * Tests a failed internal add operation that doesn't have any objectclasses. * @@ -978,8 +927,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation that only has an abstract * objectclass. @@ -1000,8 +947,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation that doesn't have any structural * objectclass (only abstract and auxiliary). @@ -1023,8 +968,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation that has multiple structural * objectclasses. @@ -1049,8 +992,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation that is missing a required attribute. * @@ -1076,8 +1017,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation that is missing a required attribute * but has the extensibleObject objectClass (which shouldn't change anything). @@ -1105,8 +1044,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation that contains an attribute not * allowed by any objectclass. @@ -1135,8 +1072,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a successful internal add operation that contains an attribute not * allowed by any standard objectclass in the entry but is allowed by @@ -1168,8 +1103,6 @@ retrieveCompletedOperationElements(addOperation); } /** * Tests the behavior of the server when attempting to perform an add \ * operation with an entry containing an attribute with zero values. @@ -1195,8 +1128,6 @@ assertNotEquals(addOperation.getResultCode(), ResultCode.SUCCESS); } /** * Tests a failed internal add operation with the server in complete read-only * mode. @@ -1228,8 +1159,6 @@ DirectoryServer.setWritabilityMode(WritabilityMode.ENABLED); } /** * Tests a successful internal add operation with the server in read-only mode * for external operations but allowed for internal operations. @@ -1262,8 +1191,6 @@ DirectoryServer.setWritabilityMode(WritabilityMode.ENABLED); } /** * Tests a failed external add operation with the server in read-only mode * for external operations but allowed for internal operations. @@ -1354,8 +1281,6 @@ b.setWritabilityMode(WritabilityMode.ENABLED); } /** * Tests a successful internal add operation with the backend in read-only * mode for external operations but allowed for internal operations. @@ -1389,8 +1314,6 @@ b.setWritabilityMode(WritabilityMode.ENABLED); } /** * Tests a failed external add operation with the backend in read-only mode * for external operations but allowed for internal operations. @@ -1429,8 +1352,6 @@ b.setWritabilityMode(WritabilityMode.ENABLED); } /** * Tests to ensure that any registered add notification listeners are invoked * for a successful add operation. @@ -1464,8 +1385,6 @@ } } /** * Tests to ensure that any registered add notification listeners are not * invoked for a failed add operation. @@ -1498,8 +1417,6 @@ } } /** * Tests an add operation that gets canceled before startup. * @@ -1561,15 +1478,13 @@ assertEquals(cancelResult.getResultCode(), ResultCode.TOO_LATE); } /** * Tests an add operation in which the server cannot obtain a lock on the * target entry because there is already a read lock held on it. * * @throws Exception If an unexpected problem occurs. */ @Test(groups = { "slow" }) @Test(groups = "slow") public void testCannotLockEntry() throws Exception { TestCaseUtils.initializeTestBackend(true); @@ -1592,8 +1507,6 @@ } } /** * Tests an add operation that should be disconnected in a pre-parse plugin. * @@ -1644,8 +1557,6 @@ w.writeMessage(new LDAPMessage(2, addRequest, controls)); } /** * Tests an add operation that should be disconnected in a pre-operation * plugin. @@ -1813,8 +1724,6 @@ assertFalse(LDAPModify.mainModify(args, false, null, null) == 0); } /** * Tests an add operation that attempts to add an entry with an operational * attribute marked OBSOLETE in the server schema. @@ -1871,8 +1780,6 @@ assertFalse(LDAPModify.mainModify(args, false, null, null) == 0); } /** * Tests an add operation that attempts to add an entry with an auxiliary * objectclass marked OBSOLETE in the server schema. @@ -1927,8 +1834,6 @@ assertFalse(LDAPModify.mainModify(args, false, null, null) == 0); } /** * Tests the behavior of the server when short-circuiting out of an add * operation in the pre-parse phase with a success result code. opendj-server-legacy/src/test/java/org/opends/server/core/ModifyOperationTestCase.java
@@ -3419,15 +3419,7 @@ List<Attribute> attrList = e.getAttribute(DirectoryServer.getAttributeType("userpassword")); String passwd = null; for (Attribute a : attrList) { for (ByteString v : a) { passwd = v.toString(); } } String passwd = firstValue(attrList); assertNotNull(passwd); String path = TestCaseUtils.createTempFile( @@ -3451,6 +3443,18 @@ assertEquals(LDAPModify.mainModify(args, false, null, System.err), 0); } private String firstValue(List<Attribute> attrs) { for (Attribute a : attrs) { for (ByteString v : a) { return v.toString(); } } return null; } /** * Tests that it is possible to delete userPassword attributes which have * options. Options are not allowed for passwords, but we should allow users @@ -3485,9 +3489,9 @@ e = DirectoryServer.getEntry(DN.valueOf("cn=Test User,o=test")); List<Attribute> attrList = e.getAttribute("userpassword"); assertEquals(attrList.size(), 1); assertThat(attrList).hasSize(1); assertFalse(attrList.get(0).hasOptions()); assertEquals(attrList.get(0).size(), 1); assertThat(attrList.get(0)).hasSize(1); } /** @@ -3525,9 +3529,9 @@ e = DirectoryServer.getEntry(DN.valueOf("cn=Test User,o=test")); List<Attribute> attrList = e.getAttribute("userpassword"); assertEquals(attrList.size(), 1); assertThat(attrList).hasSize(1); assertFalse(attrList.get(0).hasOptions()); assertEquals(attrList.get(0).size(), 1); assertThat(attrList.get(0)).hasSize(1); } /** @@ -3561,9 +3565,9 @@ Entry e = DirectoryServer.getEntry(DN.valueOf("cn=Test User,o=test")); List<Attribute> attrList = e.getAttribute("userpassword"); assertEquals(attrList.size(), 1); assertThat(attrList).hasSize(1); assertFalse(attrList.get(0).hasOptions()); assertEquals(attrList.get(0).size(), 1); assertThat(attrList.get(0)).hasSize(1); } /** @@ -3597,9 +3601,9 @@ Entry e = DirectoryServer.getEntry(DN.valueOf("cn=Test User,o=test")); List<Attribute> attrList = e.getAttribute("userpassword"); assertEquals(attrList.size(), 1); assertThat(attrList).hasSize(1); assertFalse(attrList.get(0).hasOptions()); assertEquals(attrList.get(0).size(), 1); assertThat(attrList.get(0)).hasSize(1); } /** opendj-server-legacy/src/test/java/org/opends/server/plugins/SambaPasswordPluginTestCase.java
@@ -22,7 +22,7 @@ * * * Copyright 2011-2012 profiq s.r.o. * Portions Copyright 2011-2015 ForgeRock AS. * Portions Copyright 2011-2016 ForgeRock AS. */ package org.opends.server.plugins; @@ -33,7 +33,6 @@ import static org.testng.Assert.*; import java.util.LinkedList; import java.util.List; import org.forgerock.opendj.io.ASN1; import org.forgerock.opendj.io.ASN1Writer; @@ -49,9 +48,19 @@ import org.opends.server.plugins.SambaPasswordPlugin.MD4MessageDigest; import org.opends.server.plugins.SambaPasswordPlugin.TimeStampProvider; import org.opends.server.protocols.internal.InternalClientConnection; import org.opends.server.types.*; import org.opends.server.types.Attribute; import org.opends.server.types.Attributes; import org.opends.server.types.AuthenticationInfo; import org.opends.server.types.DN; import org.opends.server.types.DirectoryException; import org.opends.server.types.Entry; import org.opends.server.types.Modification; import org.opends.server.util.ServerConstants; import org.testng.annotations.*; import org.testng.annotations.AfterClass; import org.testng.annotations.BeforeClass; import org.testng.annotations.BeforeMethod; import org.testng.annotations.DataProvider; import org.testng.annotations.Test; /** * Unit tests for the Samba password synchronization plugin. @@ -240,29 +249,22 @@ Entry entry = DirectoryServer.getEntry(testEntry.getName()); assertNotNull(entry); List<Attribute> sambaAttribute = entry.getAttribute("sambantpassword"); boolean foundNTPassword = false; for (Attribute a : sambaAttribute) { for (ByteString val : a) { foundNTPassword = true; assertEquals(val.toString(), ntPassword); } } assertTrue(foundNTPassword, "NT password not found in test entry"); assertTrue(contains(entry, "sambantpassword", ntPassword), "NT password not found in test entry"); assertTrue(contains(entry, "sambalmpassword", lmPassword), "LanMan password not found in test entry"); } sambaAttribute = entry.getAttribute("sambalmpassword"); boolean foundLMPassword = false; for (Attribute a : sambaAttribute) private boolean contains(Entry entry, String attrName, String password) { boolean foundPwd = false; for (Attribute a : entry.getAttribute(attrName)) { for (ByteString val : a) { foundLMPassword = true; assertEquals(val.toString(), lmPassword); foundPwd = true; assertEquals(val.toString(), password); } } assertTrue(foundLMPassword, "LanMan password not found in test entry"); return foundPwd; } @@ -793,18 +795,7 @@ Attribute sambaPwdLastSetAttr = Attributes.create("sambapwdlastset", String.valueOf(1339012789L)); boolean attrPresent = false; for (Attribute attr : entry.getAttribute("sambapwdlastset")) { if (attr.equals(sambaPwdLastSetAttr)) { attrPresent = true; break; } } assertTrue(attrPresent); assertThat(entry.getAttribute("sambapwdlastset")).contains(sambaPwdLastSetAttr); TestCaseUtils.deleteEntry(testEntry); } finally
