From feb5d90ec016c99712f19c5485cf7633cd38f111 Mon Sep 17 00:00:00 2001
From: matthew_swift <matthew_swift@localhost>
Date: Fri, 23 Mar 2007 14:26:04 +0000
Subject: [PATCH] Merge admin framework from config-prototype-branch onto trunk.
---
opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java | 1029 +++++++++++++-------------------------------------------
1 files changed, 245 insertions(+), 784 deletions(-)
diff --git a/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java b/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java
index e79619f..eec576b 100644
--- a/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java
+++ b/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java
@@ -28,22 +28,21 @@
+import java.lang.reflect.Method;
import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
-import org.opends.server.api.ConfigAddListener;
-import org.opends.server.api.ConfigChangeListener;
-import org.opends.server.api.ConfigDeleteListener;
-import org.opends.server.api.ConfigHandler;
-import org.opends.server.api.ConfigurableComponent;
+import org.opends.server.admin.ClassPropertyDefinition;
+import org.opends.server.admin.server.ConfigurationAddListener;
+import org.opends.server.admin.server.ConfigurationChangeListener;
+import org.opends.server.admin.server.ConfigurationDeleteListener;
+import org.opends.server.admin.std.meta.PasswordValidatorCfgDefn;
+import org.opends.server.admin.std.server.PasswordValidatorCfg;
+import org.opends.server.admin.std.server.RootCfg;
+import org.opends.server.admin.server.ServerManagementContext;
import org.opends.server.api.PasswordValidator;
-import org.opends.server.config.BooleanConfigAttribute;
-import org.opends.server.config.ConfigEntry;
import org.opends.server.config.ConfigException;
-import org.opends.server.config.StringConfigAttribute;
import org.opends.server.types.ConfigChangeResult;
import org.opends.server.types.DN;
import org.opends.server.types.ErrorLogCategory;
@@ -51,36 +50,30 @@
import org.opends.server.types.InitializationException;
import org.opends.server.types.ResultCode;
-import static org.opends.server.config.ConfigConstants.*;
-import static org.opends.server.loggers.debug.DebugLogger.debugCaught;
-import static org.opends.server.loggers.debug.DebugLogger.debugEnabled;
-import org.opends.server.types.DebugLogLevel;
import static org.opends.server.loggers.Error.*;
import static org.opends.server.messages.ConfigMessages.*;
import static org.opends.server.messages.MessageHandler.*;
-import static org.opends.server.util.ServerConstants.*;
+import static org.opends.server.util.StaticUtils.*;
+
/**
- * This class defines a utility that will be used to manage the set of password
- * validators defined in the Directory Server. It will initialize the
+ * This class defines a utility that will be used to manage the set of
+ * password validators defined in the Directory Server. It will initialize the
* validators when the server starts, and then will manage any additions,
* removals, or modifications to any password validators while the server is
* running.
*/
public class PasswordValidatorConfigManager
- implements ConfigChangeListener, ConfigAddListener, ConfigDeleteListener
+ implements ConfigurationChangeListener<PasswordValidatorCfg>,
+ ConfigurationAddListener<PasswordValidatorCfg>,
+ ConfigurationDeleteListener<PasswordValidatorCfg>
+
{
-
-
-
- // A mapping between the DNs of the config entries and the associated password
- // validators.
+ // A mapping between the DNs of the config entries and the associated
+ // password validators.
private ConcurrentHashMap<DN,PasswordValidator> passwordValidators;
- // The configuration handler for the Directory Server.
- private ConfigHandler configHandler;
-
/**
@@ -88,7 +81,6 @@
*/
public PasswordValidatorConfigManager()
{
- configHandler = DirectoryServer.getConfigHandler();
passwordValidators = new ConcurrentHashMap<DN,PasswordValidator>();
}
@@ -109,856 +101,325 @@
public void initializePasswordValidators()
throws ConfigException, InitializationException
{
- // First, get the configuration base entry.
- ConfigEntry baseEntry;
- try
+ // Get the root configuration object.
+ ServerManagementContext managementContext =
+ ServerManagementContext.getInstance();
+ RootCfg rootConfiguration =
+ managementContext.getRootConfiguration();
+
+
+ // Register as an add and delete listener with the root configuration so we
+ // can be notified if any password validator entries are added or removed.
+ rootConfiguration.addPasswordValidatorAddListener(this);
+ rootConfiguration.addPasswordValidatorDeleteListener(this);
+
+
+ //Initialize the existing password validators.
+ for (String validatorName : rootConfiguration.listPasswordValidators())
{
- DN validatorBase = DN.decode(DN_PWVALIDATOR_CONFIG_BASE);
- baseEntry = configHandler.getConfigEntry(validatorBase);
- }
- catch (Exception e)
- {
- if (debugEnabled())
+ PasswordValidatorCfg validatorConfiguration =
+ rootConfiguration.getPasswordValidator(validatorName);
+ validatorConfiguration.addChangeListener(this);
+
+ if (validatorConfiguration.isEnabled())
{
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_CANNOT_GET_BASE;
- String message = getMessage(msgID, String.valueOf(e));
- throw new ConfigException(msgID, message, e);
- }
-
- if (baseEntry == null)
- {
- // The password validator base entry does not exist. This is not
- // acceptable, so throw an exception.
- int msgID = MSGID_CONFIG_PWVALIDATOR_BASE_DOES_NOT_EXIST;
- String message = getMessage(msgID);
- throw new ConfigException(msgID, message);
- }
-
-
- // Register add and delete listeners with the validator base entry. We
- // don't care about modifications to it.
- baseEntry.registerAddListener(this);
- baseEntry.registerDeleteListener(this);
-
-
- // See if the base entry has any children. If not, then we don't need to do
- // anything else.
- if (! baseEntry.hasChildren())
- {
- return;
- }
-
-
- // Iterate through the child entries and process them as password validator
- // configuration entries.
- for (ConfigEntry childEntry : baseEntry.getChildren().values())
- {
- childEntry.registerChangeListener(this);
-
- StringBuilder unacceptableReason = new StringBuilder();
- if (! configAddIsAcceptable(childEntry, unacceptableReason))
- {
- logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR,
- MSGID_CONFIG_PWVALIDATOR_ENTRY_UNACCEPTABLE,
- childEntry.getDN().toString(), unacceptableReason.toString());
- continue;
- }
-
- try
- {
- ConfigChangeResult result = applyConfigurationAdd(childEntry);
- if (result.getResultCode() != ResultCode.SUCCESS)
+ String className = validatorConfiguration.getValidatorClass();
+ try
{
- StringBuilder buffer = new StringBuilder();
-
- List<String> resultMessages = result.getMessages();
- if ((resultMessages == null) || (resultMessages.isEmpty()))
- {
- buffer.append(getMessage(MSGID_CONFIG_UNKNOWN_UNACCEPTABLE_REASON));
- }
- else
- {
- Iterator<String> iterator = resultMessages.iterator();
-
- buffer.append(iterator.next());
- while (iterator.hasNext())
- {
- buffer.append(EOL);
- buffer.append(iterator.next());
- }
- }
-
+ PasswordValidator<? extends PasswordValidatorCfg>
+ validator = loadValidator(className, validatorConfiguration);
+ passwordValidators.put(validatorConfiguration.dn(), validator);
+ DirectoryServer.registerPasswordValidator(validatorConfiguration.dn(),
+ validator);
+ }
+ catch (InitializationException ie)
+ {
logError(ErrorLogCategory.CONFIGURATION,
ErrorLogSeverity.SEVERE_ERROR,
- MSGID_CONFIG_PWVALIDATOR_CANNOT_CREATE_VALIDATOR,
- childEntry.getDN().toString(), buffer.toString());
+ ie.getMessage(), ie.getMessageID());
+ continue;
}
}
- catch (Exception e)
- {
- logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR,
- MSGID_CONFIG_PWVALIDATOR_CANNOT_CREATE_VALIDATOR,
- childEntry.getDN().toString(), String.valueOf(e));
- }
}
}
/**
- * Indicates whether the configuration entry that will result from a proposed
- * modification is acceptable to this change listener.
- *
- * @param configEntry The configuration entry that will result from
- * the requested update.
- * @param unacceptableReason A buffer to which this method can append a
- * human-readable message explaining why the
- * proposed change is not acceptable.
- *
- * @return <CODE>true</CODE> if the proposed entry contains an acceptable
- * configuration, or <CODE>false</CODE> if it does not.
+ * {@inheritDoc}
*/
- public boolean configChangeIsAcceptable(ConfigEntry configEntry,
- StringBuilder unacceptableReason)
+ public boolean isConfigurationAddAcceptable(
+ PasswordValidatorCfg configuration,
+ List<String> unacceptableReasons)
{
- // Make sure that the entry has an appropriate objectclass for a password
- // validator.
- if (! configEntry.hasObjectClass(OC_PASSWORD_VALIDATOR))
+ if (configuration.isEnabled())
{
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_OBJECTCLASS;
- String message = getMessage(msgID, configEntry.getDN().toString());
- unacceptableReason.append(message);
- return false;
- }
-
-
- // Make sure that the entry specifies the validator class name.
- StringConfigAttribute classNameAttr;
- try
- {
- StringConfigAttribute classStub =
- new StringConfigAttribute(ATTR_PWVALIDATOR_CLASS,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_CLASS_NAME),
- true, false, true);
- classNameAttr = (StringConfigAttribute)
- configEntry.getConfigAttribute(classStub);
-
- if (classNameAttr == null)
+ // Get the name of the class and make sure we can instantiate it as a
+ // password validator.
+ String className = configuration.getValidatorClass();
+ try
{
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_CLASS_NAME;
- String message = getMessage(msgID, configEntry.getDN().toString());
- unacceptableReason.append(message);
+ loadValidator(className, null);
+ }
+ catch (InitializationException ie)
+ {
+ unacceptableReasons.add(ie.getMessage());
return false;
}
}
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS_NAME;
- String message = getMessage(msgID, configEntry.getDN().toString(),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
- Class validatorClass;
- try
- {
- // FIXME -- Should this be done with a custom class loader?
- validatorClass = Class.forName(classNameAttr.pendingValue());
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS_NAME;
- String message = getMessage(msgID, configEntry.getDN().toString(),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
- try
- {
- PasswordValidator validator =
- (PasswordValidator) validatorClass.newInstance();
- }
- catch(Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS;
- String message = getMessage(msgID, validatorClass.getName(),
- String.valueOf(configEntry.getDN()),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
-
- // See if this password validator should be enabled.
- BooleanConfigAttribute enabledAttr;
- try
- {
- BooleanConfigAttribute enabledStub =
- new BooleanConfigAttribute(ATTR_PWVALIDATOR_ENABLED,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_ENABLED),
- false);
- enabledAttr = (BooleanConfigAttribute)
- configEntry.getConfigAttribute(enabledStub);
-
- if (enabledAttr == null)
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_ENABLED_ATTR;
- String message = getMessage(msgID, configEntry.getDN().toString());
- unacceptableReason.append(message);
- return false;
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_ENABLED_VALUE;
- String message = getMessage(msgID, configEntry.getDN().toString(),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
-
- // If we've gotten here then the password validator entry appears to be
- // acceptable.
+ // If we've gotten here, then it's fine.
return true;
}
/**
- * Attempts to apply a new configuration to this Directory Server component
- * based on the provided changed entry.
- *
- * @param configEntry The configuration entry that containing the updated
- * configuration for this component.
- *
- * @return Information about the result of processing the configuration
- * change.
+ * {@inheritDoc}
*/
- public ConfigChangeResult applyConfigurationChange(ConfigEntry configEntry)
+ public ConfigChangeResult applyConfigurationAdd(
+ PasswordValidatorCfg configuration)
{
- DN configEntryDN = configEntry.getDN();
ResultCode resultCode = ResultCode.SUCCESS;
boolean adminActionRequired = false;
ArrayList<String> messages = new ArrayList<String>();
+ configuration.addChangeListener(this);
- // Make sure that the entry has an appropriate objectclass for a password
- // validator.
- if (! configEntry.hasObjectClass(OC_PASSWORD_VALIDATOR))
+ if (! configuration.isEnabled())
{
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_OBJECTCLASS;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
- resultCode = ResultCode.UNWILLING_TO_PERFORM;
return new ConfigChangeResult(resultCode, adminActionRequired, messages);
}
+ PasswordValidator<? extends PasswordValidatorCfg>
+ passwordValidator = null;
- // Get the corresponding password validator if it is active.
- PasswordValidator validator = passwordValidators.get(configEntryDN);
-
-
- // See if this validator should be enabled or disabled.
- boolean needsEnabled = false;
- BooleanConfigAttribute enabledAttr;
+ // Get the name of the class and make sure we can instantiate it as a
+ // password validator.
+ String className = configuration.getValidatorClass();
try
{
- BooleanConfigAttribute enabledStub =
- new BooleanConfigAttribute(ATTR_PWVALIDATOR_ENABLED,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_ENABLED),
- false);
- enabledAttr = (BooleanConfigAttribute)
- configEntry.getConfigAttribute(enabledStub);
-
- if (enabledAttr == null)
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_ENABLED_ATTR;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
- resultCode = ResultCode.UNWILLING_TO_PERFORM;
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
-
- if (enabledAttr.activeValue())
- {
- if (validator == null)
- {
- needsEnabled = true;
- }
- else
- {
- // The validator is already active, so no action is required.
- }
- }
- else
- {
- if (validator == null)
- {
- // The validator is already disabled, so no action is required and we
- // can short-circuit out of this processing.
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
- else
- {
- // The validator is active, so it needs to be disabled. Do this and
- // return that we were successful.
- passwordValidators.remove(configEntryDN);
- validator.finalizePasswordValidator();
-
- DirectoryServer.deregisterPasswordValidator(configEntryDN);
-
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
- }
+ passwordValidator = loadValidator(className, configuration);
}
- catch (Exception e)
+ catch (InitializationException ie)
{
- if (debugEnabled())
+ if (resultCode == ResultCode.SUCCESS)
{
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_ENABLED_VALUE;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
- }
-
-
- // Make sure that the entry specifies the validator class name. If it has
- // changed, then we will not try to dynamically apply it.
- String className;
- try
- {
- StringConfigAttribute classStub =
- new StringConfigAttribute(ATTR_PWVALIDATOR_CLASS,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_CLASS_NAME),
- true, false, true);
- StringConfigAttribute classNameAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(classStub);
-
- if (classNameAttr == null)
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_CLASS_NAME;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
- resultCode = ResultCode.OBJECTCLASS_VIOLATION;
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
-
- className = classNameAttr.pendingValue();
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS_NAME;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
- }
-
-
- boolean classChanged = false;
- String oldClassName = null;
- if (validator != null)
- {
- oldClassName = validator.getClass().getName();
- classChanged = (! className.equals(oldClassName));
- }
-
-
- if (classChanged)
- {
- // This will not be applied dynamically. Add a message to the response
- // and indicate that admin action is required.
- adminActionRequired = true;
- messages.add(getMessage(MSGID_CONFIG_PWVALIDATOR_CLASS_ACTION_REQUIRED,
- String.valueOf(oldClassName),
- String.valueOf(className),
- String.valueOf(configEntryDN)));
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
- }
-
-
- if (needsEnabled)
- {
- try
- {
- // FIXME -- Should this be done with a dynamic class loader?
- Class validatorClass = Class.forName(className);
- validator = (PasswordValidator) validatorClass.newInstance();
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS;
- messages.add(getMessage(msgID, className,
- String.valueOf(configEntryDN),
- String.valueOf(e)));
resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
}
- try
- {
- validator.initializePasswordValidator(configEntry);
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INITIALIZATION_FAILED;
- messages.add(getMessage(msgID, className,
- String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
-
-
- passwordValidators.put(configEntryDN, validator);
- DirectoryServer.registerPasswordValidator(configEntryDN, validator);
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
+ messages.add(ie.getMessage());
}
+ if (resultCode == ResultCode.SUCCESS)
+ {
+ passwordValidators.put(configuration.dn(), passwordValidator);
+ DirectoryServer.registerPasswordValidator(configuration.dn(),
+ passwordValidator);
+ }
- // If we've gotten here, then there haven't been any changes to anything
- // that we care about.
return new ConfigChangeResult(resultCode, adminActionRequired, messages);
}
/**
- * Indicates whether the configuration entry that will result from a proposed
- * add is acceptable to this add listener.
- *
- * @param configEntry The configuration entry that will result from
- * the requested add.
- * @param unacceptableReason A buffer to which this method can append a
- * human-readable message explaining why the
- * proposed entry is not acceptable.
- *
- * @return <CODE>true</CODE> if the proposed entry contains an acceptable
- * configuration, or <CODE>false</CODE> if it does not.
+ * {@inheritDoc}
*/
- public boolean configAddIsAcceptable(ConfigEntry configEntry,
- StringBuilder unacceptableReason)
+ public boolean isConfigurationDeleteAcceptable(
+ PasswordValidatorCfg configuration,
+ List<String> unacceptableReasons)
{
- // Make sure that no entry already exists with the specified DN.
- DN configEntryDN = configEntry.getDN();
- if (passwordValidators.containsKey(configEntryDN))
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_EXISTS;
- String message = getMessage(msgID, String.valueOf(configEntryDN));
- unacceptableReason.append(message);
- return false;
- }
-
-
- // Make sure that the entry has an appropriate objectclass for a password
- // validator.
- if (! configEntry.hasObjectClass(OC_PASSWORD_VALIDATOR))
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_OBJECTCLASS;
- String message = getMessage(msgID, configEntry.getDN().toString());
- unacceptableReason.append(message);
- return false;
- }
-
-
- // Make sure that the entry specifies the password validator class.
- StringConfigAttribute classNameAttr;
- try
- {
- StringConfigAttribute classStub =
- new StringConfigAttribute(ATTR_PWVALIDATOR_CLASS,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_CLASS_NAME),
- true, false, true);
- classNameAttr = (StringConfigAttribute)
- configEntry.getConfigAttribute(classStub);
-
- if (classNameAttr == null)
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_CLASS_NAME;
- String message = getMessage(msgID, configEntry.getDN().toString());
- unacceptableReason.append(message);
- return false;
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS_NAME;
- String message = getMessage(msgID, configEntry.getDN().toString(),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
- Class validatorClass;
- try
- {
- // FIXME -- Should this be done with a custom class loader?
- validatorClass = Class.forName(classNameAttr.pendingValue());
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS_NAME;
- String message = getMessage(msgID, configEntry.getDN().toString(),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
- PasswordValidator validator;
- try
- {
- validator = (PasswordValidator) validatorClass.newInstance();
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS;
- String message = getMessage(msgID, validatorClass.getName(),
- String.valueOf(configEntryDN),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
-
- // If the validator is a configurable component, then make sure that
- // its configuration is valid.
- if (validator instanceof ConfigurableComponent)
- {
- ConfigurableComponent cc = (ConfigurableComponent) validator;
- LinkedList<String> errorMessages = new LinkedList<String>();
- if (! cc.hasAcceptableConfiguration(configEntry, errorMessages))
- {
- if (errorMessages.isEmpty())
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_UNACCEPTABLE_CONFIG;
- unacceptableReason.append(getMessage(msgID,
- String.valueOf(configEntryDN)));
- }
- else
- {
- Iterator<String> iterator = errorMessages.iterator();
- unacceptableReason.append(iterator.next());
- while (iterator.hasNext())
- {
- unacceptableReason.append(" ");
- unacceptableReason.append(iterator.next());
- }
- }
-
- return false;
- }
- }
-
-
- // See if this validator should be enabled.
- BooleanConfigAttribute enabledAttr;
- try
- {
- BooleanConfigAttribute enabledStub =
- new BooleanConfigAttribute(ATTR_PWVALIDATOR_ENABLED,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_ENABLED),
- false);
- enabledAttr = (BooleanConfigAttribute)
- configEntry.getConfigAttribute(enabledStub);
-
- if (enabledAttr == null)
- {
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_ENABLED_ATTR;
- String message = getMessage(msgID, configEntry.getDN().toString());
- unacceptableReason.append(message);
- return false;
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_ENABLED_VALUE;
- String message = getMessage(msgID, configEntry.getDN().toString(),
- String.valueOf(e));
- unacceptableReason.append(message);
- return false;
- }
-
-
- // If we've gotten here then the validator entry appears to be acceptable.
+ // FIXME -- We should try to perform some check to determine whether the
+ // password validator is in use.
return true;
}
/**
- * Attempts to apply a new configuration based on the provided added entry.
- *
- * @param configEntry The new configuration entry that contains the
- * configuration to apply.
- *
- * @return Information about the result of processing the configuration
- * change.
+ * {@inheritDoc}
*/
- public ConfigChangeResult applyConfigurationAdd(ConfigEntry configEntry)
+ public ConfigChangeResult applyConfigurationDelete(
+ PasswordValidatorCfg configuration)
{
- DN configEntryDN = configEntry.getDN();
+ ResultCode resultCode = ResultCode.SUCCESS;
+ boolean adminActionRequired = false;
+ ArrayList<String> messages = new ArrayList<String>();
+
+ DirectoryServer.deregisterPasswordValidator(configuration.dn());
+
+ PasswordValidator passwordValidator =
+ passwordValidators.remove(configuration.dn());
+ if (passwordValidator != null)
+ {
+ passwordValidator.finalizePasswordValidator();
+ }
+
+ return new ConfigChangeResult(resultCode, adminActionRequired, messages);
+ }
+
+
+
+ /**
+ * {@inheritDoc}
+ */
+ public boolean isConfigurationChangeAcceptable(
+ PasswordValidatorCfg configuration,
+ List<String> unacceptableReasons)
+ {
+ if (configuration.isEnabled())
+ {
+ // Get the name of the class and make sure we can instantiate it as a
+ // password validator.
+ String className = configuration.getValidatorClass();
+ try
+ {
+ loadValidator(className, null);
+ }
+ catch (InitializationException ie)
+ {
+ unacceptableReasons.add(ie.getMessage());
+ return false;
+ }
+ }
+
+ // If we've gotten here, then it's fine.
+ return true;
+ }
+
+
+
+ /**
+ * {@inheritDoc}
+ */
+ public ConfigChangeResult applyConfigurationChange(
+ PasswordValidatorCfg configuration)
+ {
ResultCode resultCode = ResultCode.SUCCESS;
boolean adminActionRequired = false;
ArrayList<String> messages = new ArrayList<String>();
- // Make sure that the entry has an appropriate objectclass for a password
- // validator.
- if (! configEntry.hasObjectClass(OC_PASSWORD_VALIDATOR))
+ // Get the existing validator if it's already enabled.
+ PasswordValidator existingValidator =
+ passwordValidators.get(configuration.dn());
+
+
+ // If the new configuration has the validator disabled, then disable it if
+ // it is enabled, or do nothing if it's already disabled.
+ if (! configuration.isEnabled())
{
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_OBJECTCLASS;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
- resultCode = ResultCode.UNWILLING_TO_PERFORM;
+ if (existingValidator != null)
+ {
+ DirectoryServer.deregisterPasswordValidator(configuration.dn());
+
+ PasswordValidator passwordValidator =
+ passwordValidators.remove(configuration.dn());
+ if (passwordValidator != null)
+ {
+ passwordValidator.finalizePasswordValidator();
+ }
+ }
+
return new ConfigChangeResult(resultCode, adminActionRequired, messages);
}
- // See if this validator should be enabled or disabled.
- BooleanConfigAttribute enabledAttr;
- try
+ // Get the class for the password validator. If the validator is already
+ // enabled, then we shouldn't do anything with it although if the class has
+ // changed then we'll at least need to indicate that administrative action
+ // is required. If the validator is disabled, then instantiate the class
+ // and initialize and register it as a password validator.
+ String className = configuration.getValidatorClass();
+ if (existingValidator != null)
{
- BooleanConfigAttribute enabledStub =
- new BooleanConfigAttribute(ATTR_PWVALIDATOR_ENABLED,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_ENABLED),
- false);
- enabledAttr = (BooleanConfigAttribute)
- configEntry.getConfigAttribute(enabledStub);
-
- if (enabledAttr == null)
+ if (! className.equals(existingValidator.getClass().getName()))
{
- // The attribute doesn't exist, so it will be disabled by default.
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_ENABLED_ATTR;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
- resultCode = ResultCode.SUCCESS;
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
- else if (! enabledAttr.activeValue())
- {
- // It is explicitly configured as disabled, so we don't need to do
- // anything.
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
+ adminActionRequired = true;
}
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_ENABLED_VALUE;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
return new ConfigChangeResult(resultCode, adminActionRequired, messages);
}
-
- // Make sure that the entry specifies the validator class name.
- String className;
+ PasswordValidator<? extends PasswordValidatorCfg>
+ passwordValidator = null;
try
{
- StringConfigAttribute classStub =
- new StringConfigAttribute(ATTR_PWVALIDATOR_CLASS,
- getMessage(MSGID_CONFIG_PWVALIDATOR_DESCRIPTION_CLASS_NAME),
- true, false, true);
- StringConfigAttribute classNameAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(classStub);
-
- if (classNameAttr == null)
+ passwordValidator = loadValidator(className, configuration);
+ }
+ catch (InitializationException ie)
+ {
+ if (resultCode == ResultCode.SUCCESS)
{
- int msgID = MSGID_CONFIG_PWVALIDATOR_NO_CLASS_NAME;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
- resultCode = ResultCode.OBJECTCLASS_VIOLATION;
- return new ConfigChangeResult(resultCode, adminActionRequired,
- messages);
+ resultCode = DirectoryServer.getServerErrorResultCode();
}
- className = classNameAttr.pendingValue();
+ messages.add(ie.getMessage());
+ }
+
+ if (resultCode == ResultCode.SUCCESS)
+ {
+ passwordValidators.put(configuration.dn(), passwordValidator);
+ DirectoryServer.registerPasswordValidator(configuration.dn(),
+ passwordValidator);
+ }
+
+ return new ConfigChangeResult(resultCode, adminActionRequired, messages);
+ }
+
+
+
+ /**
+ * Loads the specified class, instantiates it as a password validator, and
+ * optionally initializes that instance.
+ *
+ * @param className The fully-qualified name of the password validator
+ * class to load, instantiate, and initialize.
+ * @param configuration The configuration to use to initialize the
+ * password validator, or {@code null} if the
+ * password validator should not be initialized.
+ *
+ * @return The possibly initialized password validator.
+ *
+ * @throws InitializationException If a problem occurred while attempting to
+ * initialize the password validator.
+ */
+ private PasswordValidator<? extends PasswordValidatorCfg>
+ loadValidator(String className,
+ PasswordValidatorCfg configuration)
+ throws InitializationException
+ {
+ try
+ {
+ PasswordValidatorCfgDefn definition =
+ PasswordValidatorCfgDefn.getInstance();
+ ClassPropertyDefinition propertyDefinition =
+ definition.getValidatorClassPropertyDefinition();
+ Class<? extends PasswordValidator> validatorClass =
+ propertyDefinition.loadClass(className, PasswordValidator.class);
+ PasswordValidator<? extends PasswordValidatorCfg> validator =
+ (PasswordValidator<? extends PasswordValidatorCfg>)
+ validatorClass.newInstance();
+
+ if (configuration != null)
+ {
+ Method method =
+ validator.getClass().getMethod("initializePasswordValidator",
+ configuration.definition().getServerConfigurationClass());
+ method.invoke(validator, configuration);
+ }
+
+ return validator;
}
catch (Exception e)
{
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS_NAME;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
- }
-
-
- // Load and initialize the validator class, and register it with the
- // Directory Server.
- PasswordValidator validator;
- try
- {
- // FIXME -- Should this be done with a dynamic class loader?
- Class validatorClass = Class.forName(className);
- validator = (PasswordValidator) validatorClass.newInstance();
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
- int msgID = MSGID_CONFIG_PWVALIDATOR_INVALID_CLASS;
- messages.add(getMessage(msgID, className, String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
- }
-
- try
- {
- validator.initializePasswordValidator(configEntry);
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- debugCaught(DebugLogLevel.ERROR, e);
- }
-
int msgID = MSGID_CONFIG_PWVALIDATOR_INITIALIZATION_FAILED;
- messages.add(getMessage(msgID, className, String.valueOf(configEntryDN),
- String.valueOf(e)));
- resultCode = DirectoryServer.getServerErrorResultCode();
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
+ String message = getMessage(msgID, className,
+ String.valueOf(configuration.dn()),
+ stackTraceToSingleLineString(e));
+ throw new InitializationException(msgID, message, e);
}
-
-
- passwordValidators.put(configEntryDN, validator);
- DirectoryServer.registerPasswordValidator(configEntryDN, validator);
- return new ConfigChangeResult(resultCode, adminActionRequired, messages);
- }
-
-
-
- /**
- * Indicates whether it is acceptable to remove the provided configuration
- * entry.
- *
- * @param configEntry The configuration entry that will be removed
- * from the configuration.
- * @param unacceptableReason A buffer to which this method can append a
- * human-readable message explaining why the
- * proposed delete is not acceptable.
- *
- * @return <CODE>true</CODE> if the proposed entry may be removed from the
- * configuration, or <CODE>false</CODE> if not.
- */
- public boolean configDeleteIsAcceptable(ConfigEntry configEntry,
- StringBuilder unacceptableReason)
- {
- // A delete should always be acceptable, so just return true.
- return true;
- }
-
-
-
- /**
- * Attempts to apply a new configuration based on the provided deleted entry.
- *
- * @param configEntry The new configuration entry that has been deleted.
- *
- * @return Information about the result of processing the configuration
- * change.
- */
- public ConfigChangeResult applyConfigurationDelete(ConfigEntry configEntry)
- {
- DN configEntryDN = configEntry.getDN();
- ResultCode resultCode = ResultCode.SUCCESS;
- boolean adminActionRequired = false;
-
-
- // See if the entry is registered as a password validator. If so,
- // deregister it and stop the validator.
- PasswordValidator validator = passwordValidators.remove(configEntryDN);
- if (validator != null)
- {
- DirectoryServer.deregisterPasswordValidator(configEntryDN);
-
- validator.finalizePasswordValidator();
- }
-
-
- return new ConfigChangeResult(resultCode, adminActionRequired);
}
}
--
Gitblit v1.10.0