From 7c30dbb5403772b323df3ad907d9ed15d23b5aee Mon Sep 17 00:00:00 2001
From: ludovicp <ludovicp@localhost>
Date: Thu, 29 Apr 2010 20:35:40 +0000
Subject: [PATCH] Last batch of changes for this week. This adds support for the IETF based Password Policy for LDAP as SubEntry. Also resolves the following issues : - 4544 :  initializeBackend() should not set JE env config params directly. - 4478 : ECL in draft compat mode / search lastchangenumber can be very long - 4538 : Virtual attributes not retrieved when entry cache configured - 4547 : Search Filter Matching differ for cn=Directory Manager and plain user. - 4514 : Logs shows unexpected message with replication monitoring data missing (Partial fix) - 4534 : Replication using security does not work after server restart - 4516 : SEVERE_ERROR: servers (...) have the same ServerId In addition, they also improve reliability and performance in various areas including CollectiveAttributes, Virtual Attributes and Subentries management, Schema loading, Replication...

---
 opends/src/server/org/opends/server/core/PasswordPolicy.java |   46 +++++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 43 insertions(+), 3 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/PasswordPolicy.java b/opends/src/server/org/opends/server/core/PasswordPolicy.java
index 9cbd63c..aa4f303 100644
--- a/opends/src/server/org/opends/server/core/PasswordPolicy.java
+++ b/opends/src/server/org/opends/server/core/PasswordPolicy.java
@@ -22,7 +22,7 @@
  * CDDL HEADER END
  *
  *
- *      Copyright 2006-2008 Sun Microsystems, Inc.
+ *      Copyright 2006-2010 Sun Microsystems, Inc.
  */
 package org.opends.server.core;
 
@@ -36,6 +36,7 @@
 import java.util.LinkedList;
 import java.util.SortedSet;
 import java.util.TimeZone;
+import java.util.TreeSet;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.CopyOnWriteArrayList;
 import java.util.concurrent.CopyOnWriteArraySet;
@@ -154,11 +155,17 @@
     if (defaultScheme != null) defaultStorageSchemes.add(defaultScheme);
   }
 
+  // DNs of password storage schemes for this password policy.
+  private SortedSet<DN> storageSchemeDNs = new TreeSet<DN>();
+
   // The names of the deprecated password storage schemes for this password
   // policy.
   private CopyOnWriteArraySet<String> deprecatedStorageSchemes =
        new CopyOnWriteArraySet<String>();
 
+  // DNs of deprecated password storage schemes for this password policy.
+  private SortedSet<DN> deprecatedStorageSchemeDNs = new TreeSet<DN>();
+
   // The DN of the password validator for this password policy.
   private DN passwordGeneratorDN = null;
 
@@ -285,7 +292,7 @@
 
     // Get the default storage schemes.  They must all reference valid storage
     // schemes that support the syntax for the specified password attribute.
-    SortedSet<DN> storageSchemeDNs =
+    storageSchemeDNs =
       configuration.getDefaultPasswordStorageSchemeDNs();
     try
     {
@@ -329,7 +336,7 @@
 
 
     // Get the names of the deprecated storage schemes.
-    SortedSet<DN> deprecatedStorageSchemeDNs =
+    deprecatedStorageSchemeDNs =
       configuration.getDeprecatedPasswordStorageSchemeDNs();
     try
     {
@@ -750,6 +757,21 @@
 
 
   /**
+   * Retrieves the default set of password storage scheme DNs that will
+   * be used for this password policy.  The returned set should not be
+   * modified by the caller.
+   *
+   * @return  The default set of password storage scheme DNs that will
+   *          be used for this password policy.
+   */
+  public SortedSet<DN> getDefaultStorageSchemeDNs()
+  {
+    return storageSchemeDNs;
+  }
+
+
+
+  /**
    * Indicates whether the specified storage scheme is a default scheme for this
    * password policy.
    *
@@ -810,6 +832,24 @@
 
 
   /**
+   * Retrieves DNs of the password storage schemes that have been
+   * deprecated.  If an authenticating user has one or more of
+   * these deprecated storage schemes in use in their entry, then
+   * they will be removed and replaced with the passwords encoded
+   * in the default storage scheme(s).  The returned set should
+   * not be altered by the caller.
+   *
+   * @return  DNs of the password storage schemes that have been
+   *          deprecated.
+   */
+  public SortedSet<DN> getDeprecatedStorageSchemeDNs()
+  {
+    return deprecatedStorageSchemeDNs;
+  }
+
+
+
+  /**
    * Indicates whether the specified storage scheme is deprecated.
    *
    * @param  name  The name of the password storage scheme for which to make the

--
Gitblit v1.10.0