From 4b46c259bc66195f4fc2aa78dce27f36899800c1 Mon Sep 17 00:00:00 2001
From: floblanc <floblanc@localhost>
Date: Wed, 29 Oct 2008 10:40:13 +0000
Subject: [PATCH] Implement a network group dedicated to the admin connector: - this network group is not configurable, and unbreakable - all connections handled by the admin connector are managed by this network group - all JMX connections are managed by this network group - this network group provides access to all private and public suffixes

---
 opendj-sdk/opends/src/server/org/opends/server/api/ClientConnection.java |   24 +++++++++++++++++++++++-
 1 files changed, 23 insertions(+), 1 deletions(-)

diff --git a/opendj-sdk/opends/src/server/org/opends/server/api/ClientConnection.java b/opendj-sdk/opends/src/server/org/opends/server/api/ClientConnection.java
index 815f009..8e4acc4 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/api/ClientConnection.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/api/ClientConnection.java
@@ -59,9 +59,11 @@
 import org.opends.server.types.Entry;
 import org.opends.server.types.IntermediateResponse;
 import org.opends.server.types.Operation;
+import org.opends.server.types.OperationType;
 import org.opends.server.types.Privilege;
 import org.opends.server.types.SearchResultEntry;
 import org.opends.server.types.SearchResultReference;
+import org.opends.server.types.operation.PreParseOperation;
 import org.opends.server.util.TimeThread;
 
 import static org.opends.messages.CoreMessages.*;
@@ -541,9 +543,29 @@
   /**
    * Indicates whether the network group must be evaluated for
    * the next connection.
+   * @param operation The operation going to be performed. Bind
+   *                  operations imply a network group evaluation.
    * @return boolean indicating if the network group must be evaluated
    */
-  public boolean mustEvaluateNetworkGroup() {
+  public boolean mustEvaluateNetworkGroup(
+          PreParseOperation operation) {
+    //  Connections inside the internal network group MUST NOT
+    // change network group
+    if (this.networkGroup == NetworkGroup.getInternalNetworkGroup()) {
+      return false;
+    }
+    // Connections inside the admin network group MUST NOT
+    // change network group
+    if (this.networkGroup == NetworkGroup.getAdminNetworkGroup()) {
+      return false;
+    }
+
+    // If the operation is a BIND, the network group MUST be evaluated
+    if (operation != null
+        && operation.getOperationType() == OperationType.BIND) {
+      return true;
+    }
+
     return mustEvaluateNetworkGroup;
   }
 

--
Gitblit v1.10.0