From 79456ab528b185983884c14443e0fe64425874da Mon Sep 17 00:00:00 2001
From: Jean-Noël Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Thu, 07 Jul 2016 13:03:32 +0000
Subject: [PATCH] Partial OPENDJ-2625 Convert all code that uses JNDI to use the SDK instead
---
opendj-server-legacy/src/main/java/org/opends/admin/ads/ServerDescriptor.java | 713 ++++++++++++++++++++--------------------------------------
1 files changed, 251 insertions(+), 462 deletions(-)
diff --git a/opendj-server-legacy/src/main/java/org/opends/admin/ads/ServerDescriptor.java b/opendj-server-legacy/src/main/java/org/opends/admin/ads/ServerDescriptor.java
index 6e8131c..1d5d889 100644
--- a/opendj-server-legacy/src/main/java/org/opends/admin/ads/ServerDescriptor.java
+++ b/opendj-server-legacy/src/main/java/org/opends/admin/ads/ServerDescriptor.java
@@ -16,9 +16,12 @@
*/
package org.opends.admin.ads;
+import static org.forgerock.opendj.ldap.SearchScope.*;
+import static org.forgerock.opendj.ldap.requests.Requests.*;
import static org.opends.admin.ads.util.ConnectionUtils.*;
-import static org.opends.quicksetup.util.Utils.*;
+import static org.opends.server.util.CollectionUtils.*;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -27,21 +30,19 @@
import java.util.Map;
import java.util.Set;
-import javax.naming.NameAlreadyBoundException;
-import javax.naming.NameNotFoundException;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.BasicAttribute;
-import javax.naming.directory.BasicAttributes;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.slf4j.LocalizedLogger;
+import org.forgerock.opendj.ldap.Attribute;
+import org.forgerock.opendj.ldap.Connection;
+import org.forgerock.opendj.ldap.DN;
+import org.forgerock.opendj.ldap.LdapException;
+import org.forgerock.opendj.ldap.ResultCode;
+import org.forgerock.opendj.ldap.requests.AddRequest;
+import org.forgerock.opendj.ldap.requests.SearchRequest;
+import org.forgerock.opendj.ldap.responses.SearchResultEntry;
+import org.forgerock.opendj.ldif.ConnectionEntryReader;
import org.opends.admin.ads.util.ConnectionWrapper;
import org.opends.quicksetup.Constants;
import org.opends.server.config.ConfigConstants;
@@ -179,8 +180,7 @@
*/
public boolean isReplicationEnabled()
{
- return Boolean.TRUE.equals(
- serverProperties.get(ServerProperty.IS_REPLICATION_ENABLED));
+ return Boolean.TRUE.equals(serverProperties.get(ServerProperty.IS_REPLICATION_ENABLED));
}
/**
@@ -193,11 +193,7 @@
*/
public String getReplicationServerHostPort()
{
- if (isReplicationServer())
- {
- return getReplicationServer(getHostName(), getReplicationServerPort());
- }
- return null;
+ return isReplicationServer() ? getReplicationServer(getHostName(), getReplicationServerPort()) : null;
}
/**
@@ -208,11 +204,7 @@
*/
public int getReplicationServerId()
{
- if (isReplicationServer())
- {
- return (Integer) serverProperties.get(ServerProperty.REPLICATION_SERVER_ID);
- }
- return -1;
+ return isReplicationServer() ? (Integer) serverProperties.get(ServerProperty.REPLICATION_SERVER_ID) : -1;
}
/**
@@ -223,12 +215,7 @@
*/
public int getReplicationServerPort()
{
- if (isReplicationServer())
- {
- return (Integer) serverProperties.get(
- ServerProperty.REPLICATION_SERVER_PORT);
- }
- return -1;
+ return isReplicationServer() ? (Integer) serverProperties.get(ServerProperty.REPLICATION_SERVER_PORT) : -1;
}
/**
@@ -413,20 +400,15 @@
private ADSContext.ServerProperty getPortProperty(ADSContext.ServerProperty prop)
{
- if (prop == ADSContext.ServerProperty.ADMIN_ENABLED)
+ switch (prop)
{
+ case ADMIN_ENABLED:
return ADSContext.ServerProperty.ADMIN_PORT;
- }
- else if (prop == ADSContext.ServerProperty.LDAPS_ENABLED)
- {
+ case LDAPS_ENABLED:
return ADSContext.ServerProperty.LDAPS_PORT;
- }
- else if (prop == ADSContext.ServerProperty.LDAP_ENABLED)
- {
+ case LDAP_ENABLED:
return ADSContext.ServerProperty.LDAP_PORT;
- }
- else
- {
+ default:
throw new IllegalStateException("Unexpected prop: "+prop);
}
}
@@ -639,10 +621,9 @@
* @param filter the topology cache filter describing the information that
* must be retrieved.
* @return a ServerDescriptor object that corresponds to the read configuration.
- * @throws NamingException if a problem occurred reading the server configuration.
+ * @throws IOException if a problem occurred reading the server configuration.
*/
- public static ServerDescriptor createStandalone(ConnectionWrapper conn, TopologyCacheFilter filter)
- throws NamingException
+ public static ServerDescriptor createStandalone(ConnectionWrapper conn, TopologyCacheFilter filter) throws IOException
{
ServerDescriptor desc = new ServerDescriptor();
@@ -660,26 +641,18 @@
}
private static void updateLdapConfiguration(ServerDescriptor desc, ConnectionWrapper conn)
- throws NamingException
+ throws IOException
{
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-enabled",
- "ds-cfg-listen-address",
- "ds-cfg-listen-port",
- "ds-cfg-use-ssl",
- "ds-cfg-allow-start-tls",
- "objectclass"
- });
String filter = "(objectclass=ds-cfg-ldap-connection-handler)";
- LdapName jndiName = new LdapName("cn=config");
- NamingEnumeration<SearchResult> listeners =
- conn.getLdapContext().search(jndiName, filter, ctls);
-
- try
+ SearchRequest request = newSearchRequest("cn=config", WHOLE_SUBTREE, filter,
+ "ds-cfg-enabled",
+ "ds-cfg-listen-address",
+ "ds-cfg-listen-port",
+ "ds-cfg-use-ssl",
+ "ds-cfg-allow-start-tls",
+ "objectclass");
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
ArrayList<Integer> ldapPorts = new ArrayList<>();
ArrayList<Integer> ldapsPorts = new ArrayList<>();
@@ -691,22 +664,15 @@
desc.serverProperties.put(ServerProperty.LDAPS_PORT, ldapsPorts);
desc.serverProperties.put(ServerProperty.LDAP_ENABLED, ldapEnabled);
desc.serverProperties.put(ServerProperty.LDAPS_ENABLED, ldapsEnabled);
- desc.serverProperties.put(ServerProperty.STARTTLS_ENABLED,
- startTLSEnabled);
+ desc.serverProperties.put(ServerProperty.STARTTLS_ENABLED, startTLSEnabled);
- while(listeners.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = listeners.next();
+ SearchResultEntry sr = entryReader.readEntry();
- String port = getFirstValue(sr, "ds-cfg-listen-port");
-
- boolean isSecure = "true".equalsIgnoreCase(
- getFirstValue(sr, "ds-cfg-use-ssl"));
-
- boolean enabled = "true".equalsIgnoreCase(
- getFirstValue(sr, "ds-cfg-enabled"));
- final Integer portNumber = Integer.valueOf(port);
- if (isSecure)
+ Integer portNumber = asInteger(sr, "ds-cfg-listen-port");
+ boolean enabled = asBoolean(sr, "ds-cfg-enabled");
+ if (asBoolean(sr, "ds-cfg-use-ssl"))
{
ldapsPorts.add(portNumber);
ldapsEnabled.add(enabled);
@@ -715,81 +681,36 @@
{
ldapPorts.add(portNumber);
ldapEnabled.add(enabled);
- enabled = "true".equalsIgnoreCase(
- getFirstValue(sr, "ds-cfg-allow-start-tls"));
- startTLSEnabled.add(enabled);
+ startTLSEnabled.add(asBoolean(sr, "ds-cfg-allow-start-tls"));
}
}
}
- finally
- {
- listeners.close();
- }
}
private static void updateAdminConnectorConfiguration(ServerDescriptor desc, ConnectionWrapper conn)
- throws NamingException
+ throws IOException
{
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-listen-port",
- "objectclass"
- });
- String filter = "(objectclass=ds-cfg-administration-connector)";
+ SearchRequest request = newSearchRequest(
+ "cn=config", WHOLE_SUBTREE, "(objectclass=ds-cfg-administration-connector)",
+ "ds-cfg-listen-port", "objectclass");
+ SearchResultEntry sr = conn.getConnection().searchSingleEntry(request);
+ Integer adminConnectorPort = asInteger(sr, "ds-cfg-listen-port");
- LdapName jndiName = new LdapName("cn=config");
- NamingEnumeration<SearchResult> listeners =
- conn.getLdapContext().search(jndiName, filter, ctls);
-
- try
+ // Even if we have a single port, use an array to be consistent with
+ // other protocols.
+ ArrayList<Integer> adminPorts = new ArrayList<>();
+ ArrayList<Boolean> adminEnabled = new ArrayList<>();
+ if (adminConnectorPort != null)
{
- Integer adminConnectorPort = null;
-
- // we should have a single administration connector
- while (listeners.hasMore()) {
- SearchResult sr = listeners.next();
- String port = getFirstValue(sr, "ds-cfg-listen-port");
- adminConnectorPort = Integer.valueOf(port);
- }
-
- // Even if we have a single port, use an array to be consistent with
- // other protocols.
- ArrayList<Integer> adminPorts = new ArrayList<>();
- ArrayList<Boolean> adminEnabled = new ArrayList<>();
- if (adminConnectorPort != null)
- {
- adminPorts.add(adminConnectorPort);
- adminEnabled.add(Boolean.TRUE);
- }
- desc.serverProperties.put(ServerProperty.ADMIN_PORT, adminPorts);
- desc.serverProperties.put(ServerProperty.ADMIN_ENABLED, adminEnabled);
+ adminPorts.add(adminConnectorPort);
+ adminEnabled.add(Boolean.TRUE);
}
- finally
- {
- listeners.close();
- }
+ desc.serverProperties.put(ServerProperty.ADMIN_PORT, adminPorts);
+ desc.serverProperties.put(ServerProperty.ADMIN_ENABLED, adminEnabled);
}
- private static void updateJmxConfiguration(ServerDescriptor desc, ConnectionWrapper conn) throws NamingException
+ private static void updateJmxConfiguration(ServerDescriptor desc, ConnectionWrapper conn) throws IOException
{
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-enabled",
- "ds-cfg-listen-address",
- "ds-cfg-listen-port",
- "ds-cfg-use-ssl",
- "objectclass"
- });
- String filter = "(objectclass=ds-cfg-jmx-connection-handler)";
-
- LdapName jndiName = new LdapName("cn=config");
- NamingEnumeration<SearchResult> listeners =
- conn.getLdapContext().search(jndiName, filter, ctls);
-
ArrayList<Integer> jmxPorts = new ArrayList<>();
ArrayList<Integer> jmxsPorts = new ArrayList<>();
ArrayList<Boolean> jmxEnabled = new ArrayList<>();
@@ -800,21 +721,22 @@
desc.serverProperties.put(ServerProperty.JMX_ENABLED, jmxEnabled);
desc.serverProperties.put(ServerProperty.JMXS_ENABLED, jmxsEnabled);
- try
+ String filter = "(objectclass=ds-cfg-jmx-connection-handler)";
+ SearchRequest request = newSearchRequest("cn=config", WHOLE_SUBTREE, filter,
+ "ds-cfg-enabled",
+ "ds-cfg-listen-address",
+ "ds-cfg-listen-port",
+ "ds-cfg-use-ssl",
+ "objectclass");
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
- while(listeners.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = listeners.next();
+ SearchResultEntry sr = entryReader.readEntry();
- String port = getFirstValue(sr, "ds-cfg-listen-port");
-
- boolean isSecure = "true".equalsIgnoreCase(
- getFirstValue(sr, "ds-cfg-use-ssl"));
-
- boolean enabled = "true".equalsIgnoreCase(
- getFirstValue(sr, "ds-cfg-enabled"));
- Integer portNumber = Integer.valueOf(port);
- if (isSecure)
+ Integer portNumber = asInteger(sr, "ds-cfg-listen-port");
+ boolean enabled = asBoolean(sr, "ds-cfg-enabled");
+ if (asBoolean(sr, "ds-cfg-use-ssl"))
{
jmxsPorts.add(portNumber);
jmxsEnabled.add(enabled);
@@ -826,45 +748,30 @@
}
}
}
- finally
- {
- listeners.close();
- }
}
- private static void updateReplicas(ServerDescriptor desc,
- ConnectionWrapper conn, TopologyCacheFilter cacheFilter)
- throws NamingException
+ private static void updateReplicas(ServerDescriptor desc, ConnectionWrapper conn, TopologyCacheFilter cacheFilter)
+ throws IOException
{
if (!cacheFilter.searchBaseDNInformation())
{
return;
}
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-base-dn",
- "ds-cfg-backend-id",
- ConfigConstants.ATTR_OBJECTCLASS
- });
- String filter = "(objectclass=ds-cfg-backend)";
- LdapName jndiName = new LdapName("cn=config");
- NamingEnumeration<SearchResult> databases =
- conn.getLdapContext().search(jndiName, filter, ctls);
-
- try
+ SearchRequest request = newSearchRequest("cn=config", WHOLE_SUBTREE, "(objectclass=ds-cfg-backend)",
+ "ds-cfg-base-dn",
+ "ds-cfg-backend-id",
+ ConfigConstants.ATTR_OBJECTCLASS);
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
- while(databases.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = databases.next();
+ SearchResultEntry sr = entryReader.readEntry();
- String id = getFirstValue(sr, "ds-cfg-backend-id");
-
+ String id = firstValueAsString(sr, "ds-cfg-backend-id");
if (!isConfigBackend(id) || isSchemaBackend(id))
{
- Set<String> baseDns = getValues(sr, "ds-cfg-base-dn");
+ Set<DN> baseDns = asSetOfDN(sr, "ds-cfg-base-dn");
Set<String> entries;
if (cacheFilter.searchMonitoringInformation())
@@ -877,29 +784,29 @@
}
Set<ReplicaDescriptor> replicas = desc.getReplicas();
- for (String baseDn : baseDns)
+ for (DN baseDn : baseDns)
{
if (isAddReplica(cacheFilter, baseDn))
{
- SuffixDescriptor suffix = new SuffixDescriptor();
- suffix.setDN(baseDn);
ReplicaDescriptor replica = new ReplicaDescriptor();
replica.setServer(desc);
- replica.setObjectClasses(getValues(sr, ConfigConstants.ATTR_OBJECTCLASS));
+ replica.setObjectClasses(asSetOfString(sr, ConfigConstants.ATTR_OBJECTCLASS));
replica.setBackendName(id);
replicas.add(replica);
- HashSet<ReplicaDescriptor> r = new HashSet<>();
- r.add(replica);
- suffix.setReplicas(r);
+
+ SuffixDescriptor suffix = new SuffixDescriptor();
+ suffix.setDN(baseDn);
+ suffix.setReplicas(newHashSet(replica));
replica.setSuffix(suffix);
+
int nEntries = -1;
for (String s : entries)
{
int index = s.indexOf(" ");
if (index != -1)
{
- String dn = s.substring(index + 1);
- if (areDnsEqual(baseDn, dn))
+ DN dn = DN.valueOf(s.substring(index + 1));
+ if (baseDn.equals(dn))
{
try
{
@@ -920,13 +827,9 @@
}
}
}
- finally
- {
- databases.close();
- }
}
- private static boolean isAddReplica(TopologyCacheFilter cacheFilter, String baseDn)
+ private static boolean isAddReplica(TopologyCacheFilter cacheFilter, DN baseDn)
{
if (cacheFilter.searchAllBaseDNs())
{
@@ -935,7 +838,7 @@
for (String dn : cacheFilter.getBaseDNsToSearch())
{
- if (areDnsEqual(dn, baseDn))
+ if (DN.valueOf(dn).equals(baseDn))
{
return true;
}
@@ -943,97 +846,47 @@
return false;
}
- private static void updateReplication(ServerDescriptor desc,
- ConnectionWrapper conn, TopologyCacheFilter cacheFilter)
- throws NamingException
+ private static void updateReplication(ServerDescriptor desc, ConnectionWrapper conn, TopologyCacheFilter cacheFilter)
+ throws IOException
{
- boolean replicationEnabled = false;
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.OBJECT_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-enabled"
- });
- String filter = "(objectclass=ds-cfg-synchronization-provider)";
-
- LdapName jndiName = new LdapName(
- "cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config");
- NamingEnumeration<SearchResult> syncProviders = null;
-
- try
- {
- syncProviders = conn.getLdapContext().search(jndiName, filter, ctls);
-
- while(syncProviders.hasMore())
- {
- SearchResult sr = syncProviders.next();
-
- if ("true".equalsIgnoreCase(getFirstValue(sr,
- "ds-cfg-enabled")))
- {
- replicationEnabled = true;
- }
- }
- }
- catch (NameNotFoundException nse)
- {
- /* ignore */
- }
- finally
- {
- if (syncProviders != null)
- {
- syncProviders.close();
- }
- }
- desc.serverProperties.put(ServerProperty.IS_REPLICATION_ENABLED,
- Boolean.valueOf(replicationEnabled));
+ SearchRequest request = newSearchRequest(
+ "cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config",
+ WHOLE_SUBTREE,
+ "(objectclass=ds-cfg-synchronization-provider)",
+ "ds-cfg-enabled");
+ SearchResultEntry sre = conn.getConnection().searchSingleEntry(request);
+ Boolean replicationEnabled = asBoolean(sre, "ds-cfg-enabled");
+ desc.serverProperties.put(ServerProperty.IS_REPLICATION_ENABLED, replicationEnabled);
Set<String> allReplicationServers = new LinkedHashSet<>();
if (cacheFilter.searchBaseDNInformation())
{
- ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-base-dn",
- "ds-cfg-replication-server",
- "ds-cfg-server-id"
- });
- filter = "(objectclass=ds-cfg-replication-domain)";
-
- jndiName = new LdapName(
- "cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config");
-
- syncProviders = null;
- try
+ request = newSearchRequest(
+ "cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config",
+ WHOLE_SUBTREE,
+ "(objectclass=ds-cfg-replication-domain)",
+ "ds-cfg-base-dn",
+ "ds-cfg-replication-server",
+ "ds-cfg-server-id"
+ );
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
- syncProviders = conn.getLdapContext().search(jndiName, filter, ctls);
-
- while(syncProviders.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = syncProviders.next();
+ SearchResultEntry sr = entryReader.readEntry();
- int id = Integer.parseInt(
- getFirstValue(sr, "ds-cfg-server-id"));
- Set<String> replicationServers = getValues(sr,
- "ds-cfg-replication-server");
- Set<String> dns = getValues(sr, "ds-cfg-base-dn");
- for (String dn : dns)
+ int id = asInteger(sr, "ds-cfg-server-id");
+ Set<String> replicationServers = asSetOfString(sr, "ds-cfg-replication-server");
+ Set<DN> dns = asSetOfDN(sr, "ds-cfg-base-dn");
+ for (DN dn : dns)
{
for (ReplicaDescriptor replica : desc.getReplicas())
{
- if (areDnsEqual(replica.getSuffix().getDN(), dn))
+ if (replica.getSuffix().getDnAsDn().equals(dn))
{
replica.setReplicationId(id);
- // Keep the values of the replication servers in lower case
- // to make use of Sets as String simpler.
- LinkedHashSet<String> repServers = new LinkedHashSet<>();
- for (String s: replicationServers)
- {
- repServers.add(s.toLowerCase());
- }
+ LinkedHashSet<String> repServers = toLowercase(replicationServers);
replica.setReplicationServers(repServers);
allReplicationServers.addAll(repServers);
}
@@ -1041,191 +894,139 @@
}
}
}
- catch (NameNotFoundException nse)
- {
- /* ignore */
- }
- finally
- {
- if (syncProviders != null)
- {
- syncProviders.close();
- }
- }
}
- ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-cfg-replication-port", "ds-cfg-replication-server",
- "ds-cfg-replication-server-id"
- });
- filter = "(objectclass=ds-cfg-replication-server)";
+ desc.serverProperties.put(ServerProperty.IS_REPLICATION_SERVER, Boolean.FALSE);
- jndiName = new LdapName("cn=Multimaster "+
- "Synchronization,cn=Synchronization Providers,cn=config");
-
- desc.serverProperties.put(ServerProperty.IS_REPLICATION_SERVER,
- Boolean.FALSE);
- NamingEnumeration<SearchResult> entries = null;
- try
+ request = newSearchRequest(
+ "cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config",
+ WHOLE_SUBTREE,
+ "(objectclass=ds-cfg-replication-server)",
+ "ds-cfg-replication-port",
+ "ds-cfg-replication-server",
+ "ds-cfg-replication-server-id"
+ );
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
- entries = conn.getLdapContext().search(jndiName, filter, ctls);
-
- while (entries.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = entries.next();
+ SearchResultEntry sr = entryReader.readEntry();
- desc.serverProperties.put(ServerProperty.IS_REPLICATION_SERVER,
- Boolean.TRUE);
- String v = getFirstValue(sr, "ds-cfg-replication-port");
- desc.serverProperties.put(ServerProperty.REPLICATION_SERVER_PORT,
- Integer.parseInt(v));
- v = getFirstValue(sr, "ds-cfg-replication-server-id");
- desc.serverProperties.put(ServerProperty.REPLICATION_SERVER_ID,
- Integer.parseInt(v));
- Set<String> values = getValues(sr, "ds-cfg-replication-server");
- // Keep the values of the replication servers in lower case
- // to make use of Sets as String simpler.
- LinkedHashSet<String> repServers = new LinkedHashSet<>();
- for (String s: values)
- {
- repServers.add(s.toLowerCase());
- }
+ desc.serverProperties.put(ServerProperty.IS_REPLICATION_SERVER, Boolean.TRUE);
+ Integer port = asInteger(sr, "ds-cfg-replication-port");
+ desc.serverProperties.put(ServerProperty.REPLICATION_SERVER_PORT, port);
+ Integer serverId = asInteger(sr, "ds-cfg-replication-server-id");
+ desc.serverProperties.put(ServerProperty.REPLICATION_SERVER_ID, serverId);
+ LinkedHashSet<String> repServers = toLowercase(asSetOfString(sr, "ds-cfg-replication-server"));
allReplicationServers.addAll(repServers);
- desc.serverProperties.put(ServerProperty.EXTERNAL_REPLICATION_SERVERS,
- allReplicationServers);
- }
- }
- catch (NameNotFoundException nse)
- {
- /* ignore */
- }
- finally
- {
- if (entries != null)
- {
- entries.close();
+ desc.serverProperties.put(ServerProperty.EXTERNAL_REPLICATION_SERVERS, allReplicationServers);
}
}
- boolean replicationSecure = false;
- if (replicationEnabled)
- {
- ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.OBJECT_SCOPE);
- ctls.setReturningAttributes(
- new String[] {"ds-cfg-ssl-encryption"});
- filter = "(objectclass=ds-cfg-crypto-manager)";
-
- jndiName = new LdapName("cn=Crypto Manager,cn=config");
-
- entries = conn.getLdapContext().search(jndiName, filter, ctls);
-
- try
- {
- while (entries.hasMore())
- {
- SearchResult sr = entries.next();
-
- String v = getFirstValue(sr, "ds-cfg-ssl-encryption");
- replicationSecure = "true".equalsIgnoreCase(v);
- }
- }
- finally
- {
- entries.close();
- }
- }
- desc.serverProperties.put(ServerProperty.IS_REPLICATION_SECURE,
- Boolean.valueOf(replicationSecure));
+ Boolean replicationSecure = isReplicationSecure(conn, replicationEnabled);
+ desc.serverProperties.put(ServerProperty.IS_REPLICATION_SECURE, replicationSecure);
}
/**
- Updates the instance key public-key certificate value of this context from
- the local truststore of the instance bound by this context. Any current
- value of the certificate is overwritten. The intent of this method is to
- retrieve the instance-key public-key certificate when this context is bound
- to an instance, and cache it for later use in registering the instance into
- ADS.
- @param desc The map to update with the instance key-pair public-key
- certificate.
- @param conn The connection to the server.
- @throws NamingException if unable to retrieve certificate from bound
- instance.
+ * Keep the values of the replication servers in lower case to make use of Sets as String simpler.
*/
- private static void updatePublicKeyCertificate(ServerDescriptor desc, ConnectionWrapper conn) throws NamingException
+ private static LinkedHashSet<String> toLowercase(Set<String> values)
+ {
+ LinkedHashSet<String> repServers = new LinkedHashSet<>();
+ for (String s: values)
+ {
+ repServers.add(s.toLowerCase());
+ }
+ return repServers;
+ }
+
+ private static boolean isReplicationSecure(ConnectionWrapper conn, boolean replicationEnabled) throws IOException
+ {
+ if (replicationEnabled)
+ {
+ SearchRequest request = newSearchRequest(
+ "cn=Crypto Manager,cn=config", BASE_OBJECT, "(objectclass=ds-cfg-crypto-manager)",
+ "ds-cfg-ssl-encryption");
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
+ {
+ while (entryReader.hasNext())
+ {
+ SearchResultEntry sr = entryReader.readEntry();
+ return asBoolean(sr, "ds-cfg-ssl-encryption");
+ }
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Updates the instance key public-key certificate value of this context from the local truststore
+ * of the instance bound by this context. Any current value of the certificate is overwritten. The
+ * intent of this method is to retrieve the instance-key public-key certificate when this context
+ * is bound to an instance, and cache it for later use in registering the instance into ADS.
+ *
+ * @param desc
+ * The map to update with the instance key-pair public-key certificate.
+ * @param connWrapper
+ * The connection to the server.
+ * @throws LdapException
+ * if unable to retrieve certificate from bound instance.
+ */
+ private static void updatePublicKeyCertificate(ServerDescriptor desc, ConnectionWrapper connWrapper)
+ throws LdapException
{
/* TODO: this DN is declared in some core constants file. Create a constants
file for the installer and import it into the core. */
- final String dnStr = "ds-cfg-key-id=ads-certificate,cn=ads-truststore";
- final LdapName dn = new LdapName(dnStr);
+ String dn = "ds-cfg-key-id=ads-certificate,cn=ads-truststore";
+ Connection conn = connWrapper.getConnection();
for (int i = 0; i < 2 ; ++i) {
/* If the entry does not exist in the instance's truststore backend, add
it (which induces the CryptoManager to create the public-key
certificate attribute), then repeat the search. */
try {
- final SearchControls searchControls = new SearchControls();
- searchControls.setSearchScope(SearchControls.OBJECT_SCOPE);
- final String attrIDs[] = { "ds-cfg-public-key-certificate;binary" };
- searchControls.setReturningAttributes(attrIDs);
- final SearchResult certEntry = conn.getLdapContext().search(dn,
- "(objectclass=ds-cfg-instance-key)", searchControls).next();
- final Attribute certAttr = certEntry.getAttributes().get(attrIDs[0]);
+ SearchRequest request = newSearchRequest(
+ dn,
+ BASE_OBJECT,
+ "(objectclass=ds-cfg-instance-key)",
+ "ds-cfg-public-key-certificate;binary");
+ SearchResultEntry certEntry = conn.searchSingleEntry(request);
+ final Attribute certAttr = certEntry.getAttribute("ds-cfg-public-key-certificate;binary");
if (null != certAttr) {
/* attribute ds-cfg-public-key-certificate is a MUST in the schema */
desc.serverProperties.put(
ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE,
- certAttr.get());
+ certAttr.firstValue().toByteArray());
}
break;
}
- catch (NameNotFoundException x) {
- if (0 == i) {
- // Poke CryptoManager to initialize truststore. Note the special attribute in the request.
- final Attributes attrs = new BasicAttributes();
- final Attribute oc = new BasicAttribute("objectclass");
- oc.add("top");
- oc.add("ds-cfg-self-signed-cert-request");
- attrs.put(oc);
- conn.getLdapContext().createSubcontext(dn, attrs).close();
+ catch (LdapException e)
+ {
+ if (0 != i || e.getResult().getResultCode() != ResultCode.NO_SUCH_OBJECT)
+ {
+ throw e;
}
- else {
- throw x;
- }
+ // Poke CryptoManager to initialize truststore. Note the special attribute in the request.
+ AddRequest request = newAddRequest(dn)
+ .addAttribute("objectclass", "top", "ds-cfg-self-signed-cert-request");
+ conn.add(request);
}
}
}
- private static void updateMiscellaneous(ServerDescriptor desc, ConnectionWrapper conn) throws NamingException
+ private static void updateMiscellaneous(ServerDescriptor desc, ConnectionWrapper conn) throws IOException
{
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.OBJECT_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-sync-generation-id"
- });
String filter = "(|(objectclass=*)(objectclass=ldapsubentry))";
-
- LdapName jndiName = new LdapName("cn=schema");
- NamingEnumeration<SearchResult> listeners =
- conn.getLdapContext().search(jndiName, filter, ctls);
-
- try
+ SearchRequest request = newSearchRequest("cn=schema", BASE_OBJECT, filter, "ds-sync-generation-id");
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
- while(listeners.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = listeners.next();
+ SearchResultEntry sr = entryReader.readEntry();
desc.serverProperties.put(ServerProperty.SCHEMA_GENERATION_ID,
- getFirstValue(sr, "ds-sync-generation-id"));
+ firstValueAsString(sr, "ds-sync-generation-id"));
}
}
- finally
- {
- listeners.close();
- }
}
/**
@@ -1235,82 +1036,70 @@
certificates. This trust is necessary at least to initialize replication,
which uses the trusted certificate entries in the ads-truststore for server
authentication.
- @param conn The connection to the server.
+ @param connWrapper The connection to the server.
@param keyEntryMap The set of valid (i.e., not tagged as compromised)
instance key-pair public-key certificate entries in ADS represented as a map
from keyID to public-key certificate (binary).
- @throws NamingException in case an error occurs while updating the instance's
+ @throws LdapException in case an error occurs while updating the instance's
ads-truststore via LDAP.
*/
- public static void seedAdsTrustStore(
- ConnectionWrapper conn,
- Map<String, byte[]> keyEntryMap)
- throws NamingException
+ public static void seedAdsTrustStore(ConnectionWrapper connWrapper, Map<String, byte[]> keyEntryMap)
+ throws LdapException
{
+ Connection conn = connWrapper.getConnection();
/* TODO: this DN is declared in some core constants file. Create a
constants file for the installer and import it into the core. */
- final Attribute oc = new BasicAttribute("objectclass");
- oc.add("top");
- oc.add("ds-cfg-instance-key");
for (Map.Entry<String, byte[]> keyEntry : keyEntryMap.entrySet()){
- final BasicAttributes keyAttrs = new BasicAttributes();
- keyAttrs.put(oc);
- final Attribute rdnAttr = new BasicAttribute(
- ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(),
- keyEntry.getKey());
- keyAttrs.put(rdnAttr);
- keyAttrs.put(new BasicAttribute(
- ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE.
- getAttributeName() + ";binary", keyEntry.getValue()));
- final LdapName keyDn = new LdapName(rdnAttr.getID() + "=" + Rdn.escapeValue(rdnAttr.get()) + "," + TRUSTSTORE_DN);
- try {
- conn.getLdapContext().createSubcontext(keyDn, keyAttrs).close();
+ String instanceKeyId = ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName();
+ String instancePublicKeyCertificate =
+ ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE.getAttributeName() + ";binary";
+ String dn = instanceKeyId + "=" + Rdn.escapeValue(keyEntry.getKey()) + "," + TRUSTSTORE_DN;
+ AddRequest request = newAddRequest(dn)
+ .addAttribute("objectclass", "top", "ds-cfg-instance-key")
+ .addAttribute(instanceKeyId, keyEntry.getKey())
+ .addAttribute(instancePublicKeyCertificate, keyEntry.getValue());
+ try
+ {
+ conn.add(request);
}
- catch(NameAlreadyBoundException x){
- conn.getLdapContext().destroySubcontext(keyDn);
- conn.getLdapContext().createSubcontext(keyDn, keyAttrs).close();
+ catch (LdapException e)
+ {
+ if (e.getResult().getResultCode() != ResultCode.ENTRY_ALREADY_EXISTS)
+ {
+ throw e;
+ }
+ conn.delete(dn);
+ conn.add(request);
}
}
}
/**
- * Returns the values of the ds-base-dn-entry count attributes for the given
- * backend monitor entry using the provided connection.
- * @param conn the connection to use to update the configuration.
- * @param backendID the id of the backend.
+ * Returns the values of the ds-base-dn-entry count attributes for the given backend monitor entry
+ * using the provided connection.
+ *
+ * @param conn
+ * the connection to use to update the configuration.
+ * @param backendID
+ * the id of the backend.
* @return the values of the ds-base-dn-entry count attribute.
- * @throws NamingException if there was an error.
+ * @throws IOException
+ * if there was an error.
*/
- private static Set<String> getBaseDNEntryCount(ConnectionWrapper conn,
- String backendID) throws NamingException
+ private static Set<String> getBaseDNEntryCount(ConnectionWrapper conn, String backendID) throws IOException
{
- LinkedHashSet<String> v = new LinkedHashSet<>();
- SearchControls ctls = new SearchControls();
- ctls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
- ctls.setReturningAttributes(
- new String[] {
- "ds-base-dn-entry-count"
- });
- String filter = "(ds-backend-id="+backendID+")";
-
- LdapName jndiName = new LdapName("cn=monitor");
- NamingEnumeration<SearchResult> listeners =
- conn.getLdapContext().search(jndiName, filter, ctls);
-
- try
+ LinkedHashSet<String> results = new LinkedHashSet<>();
+ SearchRequest request =
+ newSearchRequest("cn=monitor", SINGLE_LEVEL, "(ds-backend-id=" + backendID + ")", "ds-base-dn-entry-count");
+ try (ConnectionEntryReader entryReader = conn.getConnection().search(request))
{
- while(listeners.hasMore())
+ while (entryReader.hasNext())
{
- SearchResult sr = listeners.next();
-
- v.addAll(getValues(sr, "ds-base-dn-entry-count"));
+ SearchResultEntry sr = entryReader.readEntry();
+ results.addAll(asSetOfString(sr, "ds-base-dn-entry-count"));
}
}
- finally
- {
- listeners.close();
- }
- return v;
+ return results;
}
/**
--
Gitblit v1.10.0