001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2006-2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.core; 028 import org.opends.messages.Message; 029 030 031 032 import java.util.ArrayList; 033 import java.util.HashSet; 034 import java.util.List; 035 import java.util.Properties; 036 import java.util.Set; 037 038 import org.opends.server.admin.server.ConfigurationChangeListener; 039 import org.opends.server.admin.std.meta.GlobalCfgDefn; 040 import org.opends.server.admin.std.meta.GlobalCfgDefn.WorkflowConfigurationMode; 041 import org.opends.server.admin.std.server.GlobalCfg; 042 import org.opends.server.admin.std.server.RootCfg; 043 import org.opends.server.admin.server.ServerManagementContext; 044 import org.opends.server.config.ConfigException; 045 import org.opends.server.types.*; 046 047 import static org.opends.messages.ConfigMessages.*; 048 049 import static org.opends.server.util.ServerConstants.*; 050 051 052 053 /** 054 * This class defines a utility that will be used to manage the set of core 055 * configuration attributes defined in the Directory Server. These 056 * configuration attributes appear in the "cn=config" configuration entry. 057 */ 058 public class CoreConfigManager 059 implements ConfigurationChangeListener<GlobalCfg> 060 { 061 /** 062 * Creates a new instance of this core config manager. 063 */ 064 public CoreConfigManager() 065 { 066 // No implementation is required. 067 } 068 069 070 071 /** 072 * Initializes the Directory Server's core configuration. This should only be 073 * called at server startup. 074 * 075 * @throws ConfigException If a configuration problem causes the identity 076 * mapper initialization process to fail. 077 * 078 * @throws InitializationException If a problem occurs while initializing 079 * the identity mappers that is not related 080 * to the server configuration. 081 */ 082 public void initializeCoreConfig() 083 throws ConfigException, InitializationException 084 { 085 // Get the root configuration object. 086 ServerManagementContext managementContext = 087 ServerManagementContext.getInstance(); 088 RootCfg rootConfiguration = 089 managementContext.getRootConfiguration(); 090 091 092 // Get the global configuration and register with it as a change listener. 093 GlobalCfg globalConfig = rootConfiguration.getGlobalConfiguration(); 094 globalConfig.addChangeListener(this); 095 096 097 // If there are any STMP servers specified, then make sure that if the value 098 // contains a colon that the portion after it is an integer between 1 and 099 // 65535. 100 Set<String> smtpServers = globalConfig.getSMTPServer(); 101 if (smtpServers != null) 102 { 103 for (String server : smtpServers) 104 { 105 int colonPos = server.indexOf(':'); 106 if ((colonPos == 0) || (colonPos == (server.length()-1))) 107 { 108 Message message = ERR_CONFIG_CORE_INVALID_SMTP_SERVER.get(server); 109 throw new ConfigException(message); 110 } 111 else if (colonPos > 0) 112 { 113 try 114 { 115 int port = Integer.parseInt(server.substring(colonPos+1)); 116 if ((port < 1) || (port > 65535)) 117 { 118 Message message = ERR_CONFIG_CORE_INVALID_SMTP_SERVER.get(server); 119 throw new ConfigException(message); 120 } 121 } 122 catch (Exception e) 123 { 124 Message message = ERR_CONFIG_CORE_INVALID_SMTP_SERVER.get(server); 125 throw new ConfigException(message, e); 126 } 127 } 128 } 129 } 130 131 132 // Apply the configuration to the server. 133 applyGlobalConfiguration(globalConfig); 134 } 135 136 137 138 /** 139 * Applies the settings in the provided configuration to the Directory Server. 140 * 141 * @param globalConfig The configuration settings to be applied. 142 */ 143 private static void applyGlobalConfiguration(GlobalCfg globalConfig) 144 { 145 DirectoryServer.setCheckSchema(globalConfig.isCheckSchema()); 146 147 DirectoryServer.setDefaultPasswordPolicyDN( 148 globalConfig.getDefaultPasswordPolicyDN()); 149 150 DirectoryServer.setAddMissingRDNAttributes( 151 globalConfig.isAddMissingRDNAttributes()); 152 153 DirectoryServer.setAllowAttributeNameExceptions( 154 globalConfig.isAllowAttributeNameExceptions()); 155 156 switch (globalConfig.getInvalidAttributeSyntaxBehavior()) 157 { 158 case ACCEPT: 159 DirectoryServer.setSyntaxEnforcementPolicy(AcceptRejectWarn.ACCEPT); 160 break; 161 case WARN: 162 DirectoryServer.setSyntaxEnforcementPolicy(AcceptRejectWarn.WARN); 163 break; 164 case REJECT: 165 default: 166 DirectoryServer.setSyntaxEnforcementPolicy(AcceptRejectWarn.REJECT); 167 break; 168 } 169 170 DirectoryServer.setServerErrorResultCode( 171 ResultCode.valueOf(globalConfig.getServerErrorResultCode())); 172 173 switch (globalConfig.getSingleStructuralObjectclassBehavior()) 174 { 175 case ACCEPT: 176 DirectoryServer.setSingleStructuralObjectClassPolicy( 177 AcceptRejectWarn.ACCEPT); 178 break; 179 case WARN: 180 DirectoryServer.setSingleStructuralObjectClassPolicy( 181 AcceptRejectWarn.WARN); 182 break; 183 case REJECT: 184 default: 185 DirectoryServer.setSingleStructuralObjectClassPolicy( 186 AcceptRejectWarn.REJECT); 187 break; 188 } 189 190 DirectoryServer.setNotifyAbandonedOperations( 191 globalConfig.isNotifyAbandonedOperations()); 192 193 DirectoryServer.setSizeLimit(globalConfig.getSizeLimit()); 194 195 DirectoryServer.setTimeLimit((int) globalConfig.getTimeLimit()); 196 197 DirectoryServer.setProxiedAuthorizationIdentityMapperDN( 198 globalConfig.getProxiedAuthorizationIdentityMapperDN()); 199 200 switch (globalConfig.getWritabilityMode()) 201 { 202 case ENABLED: 203 DirectoryServer.setWritabilityMode(WritabilityMode.ENABLED); 204 break; 205 case INTERNAL_ONLY: 206 DirectoryServer.setWritabilityMode(WritabilityMode.INTERNAL_ONLY); 207 break; 208 case DISABLED: 209 default: 210 DirectoryServer.setWritabilityMode(WritabilityMode.DISABLED); 211 break; 212 } 213 214 DirectoryServer.setRejectUnauthenticatedRequests( 215 globalConfig.isRejectUnauthenticatedRequests()); 216 217 DirectoryServer.setBindWithDNRequiresPassword( 218 globalConfig.isBindWithDNRequiresPassword()); 219 220 DirectoryServer.setLookthroughLimit(globalConfig.getLookthroughLimit()); 221 222 223 ArrayList<Properties> mailServerProperties = new ArrayList<Properties>(); 224 Set<String> smtpServers = globalConfig.getSMTPServer(); 225 if ((smtpServers != null) && (! smtpServers.isEmpty())) 226 { 227 for (String smtpServer : smtpServers) 228 { 229 int colonPos = smtpServer.indexOf(':'); 230 if (colonPos > 0) 231 { 232 String smtpHost = smtpServer.substring(0, colonPos); 233 String smtpPort = smtpServer.substring(colonPos+1); 234 235 Properties properties = new Properties(); 236 properties.setProperty(SMTP_PROPERTY_HOST, smtpHost); 237 properties.setProperty(SMTP_PROPERTY_PORT, smtpPort); 238 mailServerProperties.add(properties); 239 } 240 else 241 { 242 Properties properties = new Properties(); 243 properties.setProperty(SMTP_PROPERTY_HOST, smtpServer); 244 mailServerProperties.add(properties); 245 } 246 } 247 } 248 DirectoryServer.setMailServerPropertySets(mailServerProperties); 249 250 DirectoryServer.setAllowedTasks(globalConfig.getAllowedTask()); 251 252 253 HashSet<Privilege> disabledPrivileges = new HashSet<Privilege>(); 254 Set<GlobalCfgDefn.DisabledPrivilege> configuredDisabledPrivs = 255 globalConfig.getDisabledPrivilege(); 256 if (configuredDisabledPrivs != null) 257 { 258 for (GlobalCfgDefn.DisabledPrivilege p : configuredDisabledPrivs) 259 { 260 switch (p) 261 { 262 case BACKEND_BACKUP: 263 disabledPrivileges.add(Privilege.BACKEND_BACKUP); 264 break; 265 case BACKEND_RESTORE: 266 disabledPrivileges.add(Privilege.BACKEND_RESTORE); 267 break; 268 case BYPASS_ACL: 269 disabledPrivileges.add(Privilege.BYPASS_ACL); 270 break; 271 case CANCEL_REQUEST: 272 disabledPrivileges.add(Privilege.CANCEL_REQUEST); 273 break; 274 case CONFIG_READ: 275 disabledPrivileges.add(Privilege.CONFIG_READ); 276 break; 277 case CONFIG_WRITE: 278 disabledPrivileges.add(Privilege.CONFIG_WRITE); 279 break; 280 case DATA_SYNC: 281 disabledPrivileges.add(Privilege.DATA_SYNC); 282 break; 283 case DISCONNECT_CLIENT: 284 disabledPrivileges.add(Privilege.DISCONNECT_CLIENT); 285 break; 286 case JMX_NOTIFY: 287 disabledPrivileges.add(Privilege.JMX_NOTIFY); 288 break; 289 case JMX_READ: 290 disabledPrivileges.add(Privilege.JMX_READ); 291 break; 292 case JMX_WRITE: 293 disabledPrivileges.add(Privilege.JMX_WRITE); 294 break; 295 case LDIF_EXPORT: 296 disabledPrivileges.add(Privilege.LDIF_EXPORT); 297 break; 298 case LDIF_IMPORT: 299 disabledPrivileges.add(Privilege.LDIF_IMPORT); 300 break; 301 case MODIFY_ACL: 302 disabledPrivileges.add(Privilege.MODIFY_ACL); 303 break; 304 case PASSWORD_RESET: 305 disabledPrivileges.add(Privilege.PASSWORD_RESET); 306 break; 307 case PRIVILEGE_CHANGE: 308 disabledPrivileges.add(Privilege.PRIVILEGE_CHANGE); 309 break; 310 case PROXIED_AUTH: 311 disabledPrivileges.add(Privilege.PROXIED_AUTH); 312 break; 313 case SERVER_RESTART: 314 disabledPrivileges.add(Privilege.SERVER_RESTART); 315 break; 316 case SERVER_SHUTDOWN: 317 disabledPrivileges.add(Privilege.SERVER_SHUTDOWN); 318 break; 319 case UNINDEXED_SEARCH: 320 disabledPrivileges.add(Privilege.UNINDEXED_SEARCH); 321 break; 322 case UPDATE_SCHEMA: 323 disabledPrivileges.add(Privilege.UPDATE_SCHEMA); 324 break; 325 } 326 } 327 } 328 DirectoryServer.setDisabledPrivileges(disabledPrivileges); 329 330 DirectoryServer.setReturnBindErrorMessages( 331 globalConfig.isReturnBindErrorMessages()); 332 333 DirectoryServer.setIdleTimeLimit(globalConfig.getIdleTimeLimit()); 334 335 DirectoryServer.setSaveConfigOnSuccessfulStartup( 336 globalConfig.isSaveConfigOnSuccessfulStartup()); 337 338 // If the workflow configuration mode has changed then reconfigure 339 // the workflows-only if the server is running. If the server is not 340 // running (ie. the server is starting up) simply update the workflow 341 // configuration mode as the workflow configuration is processed 342 // elsewhere. 343 WorkflowConfigurationMode oldMode = 344 DirectoryServer.getWorkflowConfigurationMode(); 345 WorkflowConfigurationMode newMode = 346 globalConfig.getWorkflowConfigurationMode(); 347 if (DirectoryServer.isRunning()) 348 { 349 DirectoryServer.reconfigureWorkflows(oldMode, newMode); 350 } 351 else 352 { 353 DirectoryServer.setWorkflowConfigurationMode(newMode); 354 } 355 356 DirectoryServer.setUseNanoTime(globalConfig.getEtimeResolution() == 357 GlobalCfgDefn.EtimeResolution.NANOSECONDS); 358 } 359 360 361 /** 362 * {@inheritDoc} 363 */ 364 public boolean isConfigurationChangeAcceptable(GlobalCfg configuration, 365 List<Message> unacceptableReasons) 366 { 367 boolean configAcceptable = true; 368 369 Set<String> smtpServers = configuration.getSMTPServer(); 370 if (smtpServers != null) 371 { 372 for (String server : smtpServers) 373 { 374 int colonPos = server.indexOf(':'); 375 if ((colonPos == 0) || (colonPos == (server.length()-1))) 376 { 377 Message message = ERR_CONFIG_CORE_INVALID_SMTP_SERVER.get(server); 378 unacceptableReasons.add(message); 379 configAcceptable = false; 380 } 381 else if (colonPos > 0) 382 { 383 try 384 { 385 int port = Integer.parseInt(server.substring(colonPos+1)); 386 if ((port < 1) || (port > 65535)) 387 { 388 Message message = ERR_CONFIG_CORE_INVALID_SMTP_SERVER.get(server); 389 unacceptableReasons.add(message); 390 configAcceptable = false; 391 } 392 } 393 catch (Exception e) 394 { 395 Message message = ERR_CONFIG_CORE_INVALID_SMTP_SERVER.get(server); 396 unacceptableReasons.add(message); 397 configAcceptable = false; 398 } 399 } 400 } 401 } 402 403 return configAcceptable; 404 } 405 406 407 408 /** 409 * {@inheritDoc} 410 */ 411 public ConfigChangeResult applyConfigurationChange(GlobalCfg configuration) 412 { 413 ResultCode resultCode = ResultCode.SUCCESS; 414 boolean adminActionRequired = false; 415 ArrayList<Message> messages = new ArrayList<Message>(); 416 417 applyGlobalConfiguration(configuration); 418 419 return new ConfigChangeResult(resultCode, adminActionRequired, messages); 420 } 421 } 422