From b08bd4dd4b0d4d17d4907c605dba11020cf11922 Mon Sep 17 00:00:00 2001
From: matthew_swift <matthew_swift@localhost>
Date: Fri, 28 Sep 2007 15:47:50 +0000
Subject: [PATCH] Add support for specifying arbitrary constraints in managed object definitions and use it within the LDAP and JMX connection handlers to enforce their SSL/StartTLS settings. This feature will be re-used for other managed object definitions as the need arises.

---
 opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java |   57 ++-------------------------------------------------------
 1 files changed, 2 insertions(+), 55 deletions(-)

diff --git a/opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java b/opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java
index d52f5f6..20d188e 100644
--- a/opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java
+++ b/opends/src/server/org/opends/server/protocols/ldap/LDAPConnectionHandler.java
@@ -590,30 +590,6 @@
   public void initializeConnectionHandler(LDAPConnectionHandlerCfg config)
          throws ConfigException, InitializationException
   {
-    // SSL and StartTLS are mutually exclusive.
-    if (config.isAllowStartTLS() && config.isUseSSL()) {
-      Message message = ERR_LDAP_CONNHANDLER_CANNOT_HAVE_SSL_AND_STARTTLS.get(
-          String.valueOf(config.dn()));
-      logError(message);
-    }
-
-    if (config.isAllowStartTLS() || config.isUseSSL())
-    {
-      // Validate the key manager provider.
-      if (config.getKeyManagerProvider() == null) {
-        Message message = ERR_LDAP_CONNHANDLER_NO_KEYMANAGER_DN.get(
-            String.valueOf(config.dn()));
-        throw new ConfigException(message);
-      }
-
-      // Validate the trust manager provider.
-      if (config.getTrustManagerProvider() == null) {
-        Message message = ERR_LDAP_CONNHANDLER_NO_TRUSTMANAGER_DN.get(
-            String.valueOf(config.dn()));
-        throw new ConfigException(message);
-      }
-    }
-
     // Open the selector.
     try {
       selector = Selector.open();
@@ -793,37 +769,8 @@
   public boolean isConfigurationChangeAcceptable(
       LDAPConnectionHandlerCfg config,
       List<Message> unacceptableReasons) {
-    boolean isAcceptable = true;
-
-    // SSL and StartTLS are mutually exclusive.
-    if (config.isAllowStartTLS() && config.isUseSSL()) {
-
-      unacceptableReasons.add(
-              ERR_LDAP_CONNHANDLER_CANNOT_HAVE_SSL_AND_STARTTLS.get(
-                      String.valueOf(config.dn())));
-      isAcceptable = false;
-    }
-
-    if (config.isAllowStartTLS() || config.isUseSSL())
-    {
-      // Validate the key manager provider.
-      if (config.getKeyManagerProvider() == null) {
-        Message message = ERR_LDAP_CONNHANDLER_NO_KEYMANAGER_DN.get(
-                String.valueOf(config.dn()));
-        unacceptableReasons.add(message);
-        isAcceptable = false;
-      }
-
-      // Validate the trust manager provider DN.
-      if (config.getTrustManagerProvider() == null) {
-        Message message = ERR_LDAP_CONNHANDLER_NO_TRUSTMANAGER_DN.get(
-                String.valueOf(config.dn()));
-        unacceptableReasons.add(message);
-        isAcceptable = false;
-      }
-    }
-
-    return isAcceptable;
+    // All validation is performed by the admin framework.
+    return true;
   }
 
 

--
Gitblit v1.10.0