From b66654ad0e12d83f17b2e84422fefbaf31509e86 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Sat, 02 Jun 2007 00:27:17 +0000
Subject: [PATCH] Update the server to provide a lockdown mode.  This is a mode in which the server will only allow client connections over loopback interfaces and will reject requests from non-root users.  This can be used in cases where it would be helpful for the server to be online to address a problem, but there might be security risks in having it fully available (e.g., the server detects a malformed access control rule on startup, and we don't want to allow normal access to the server since that rule might be intended to prevent users from seeing sensitive information and not having it interpreted properly could be dangerous).

---
 opendj-sdk/opends/src/server/org/opends/server/util/ServerConstants.java |   40 ++++++++++++++++++++++++++++++++++++++++
 1 files changed, 40 insertions(+), 0 deletions(-)

diff --git a/opendj-sdk/opends/src/server/org/opends/server/util/ServerConstants.java b/opendj-sdk/opends/src/server/org/opends/server/util/ServerConstants.java
index 4f873d4..74178c8 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/util/ServerConstants.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/util/ServerConstants.java
@@ -1286,6 +1286,46 @@
 
   /**
    * The description for the alert type that will be used for the alert
+   * notification generated upon entering lockdown mode.
+   */
+  public static final String ALERT_DESCRIPTION_ENTERING_LOCKDOWN_MODE =
+       "This alert type will be used to notify administrators that the " +
+       "Directory Server is entering lockdown mode, in which only root " +
+       "users will be allowed to perform operations and only over the " +
+       "loopback address.";
+
+
+
+  /**
+   * The alert type that will be used when the Directory Server enters lockdown
+   * mode.
+   */
+  public static final String ALERT_TYPE_ENTERING_LOCKDOWN_MODE =
+       "org.opends.server.EnteringLockdownMode";
+
+
+
+  /**
+   * The description for the alert type that will be used for the alert
+   * notification generated upon leaving lockdown mode.
+   */
+  public static final String ALERT_DESCRIPTION_LEAVING_LOCKDOWN_MODE =
+       "This alert type will be used to notify administrators that the " +
+       "Directory Server is leaving lockdown mode.";
+
+
+
+  /**
+   * The alert type that will be used when the Directory Server leaves lockdown
+   * mode.
+   */
+  public static final String ALERT_TYPE_LEAVING_LOCKDOWN_MODE =
+       "org.opends.server.LeavingLockdownMode";
+
+
+
+  /**
+   * The description for the alert type that will be used for the alert
    * notification generated if the server detects that the configuration has
    * been manually edited with the server online and those edits would have been
    * lost by an online config change.

--
Gitblit v1.10.0