Package com.unboundid.directory.sdk.common.types

Interface ServerContext

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      EMailAttachment createEMailAttachment​(java.lang.String filename, java.lang.String contentType, boolean isInline, byte[] data)
      Creates an email attachment with the provided information.
      EMailMessage createEMailMessage​(java.lang.String senderAddress, java.lang.String replyToAddress, java.util.Collection<java.lang.String> toAddresses, java.util.Collection<java.lang.String> ccAddresses, java.util.Collection<java.lang.String> bccAddresses, java.lang.String subject, java.lang.String plainTextPart, java.lang.String htmlPart, java.util.Map<java.lang.String,​java.util.List<java.lang.String>> customHeaders, java.util.List<EMailAttachment> attachments)
      Creates a multi-part email message with the provided information.
      java.lang.Thread createThread​(ServerThread serverThread, java.lang.String name)
      Creates a new thread to run within the server.
      ValueConstructor createValueConstructor​(java.lang.String constructedValueTemplate)
      Returns a ValueConstructor built from the provided value template.
      void debugCaught​(java.lang.Throwable t)
      Writes a debug message indicating that the provided exception has been caught.
      boolean debugEnabled()
      Indicates whether debugging is enabled in the server.
      void debugError​(java.lang.String message)
      Writes a debug message with an error severity.
      void debugInfo​(java.lang.String message)
      Writes a debug message with an informational severity.
      void debugThrown​(java.lang.Throwable t)
      Writes a debug message indicating that the provided exception will be thrown.
      void debugVerbose​(java.lang.String message)
      Writes a debug message with a verbose severity.
      void debugWarning​(java.lang.String message)
      Writes a debug message with a warning severity.
      void deregisterAllMonitorProviders()
      Deregisters all the monitor providers that were registered with the server by this instance of ServerContext.
      void deregisterChangeListener​(RegisteredChangeListener listener)
      Deregisters the provided change listener with the server.
      void deregisterDiskSpaceConsumer​(RegisteredDiskSpaceConsumer consumer)
      Deregisters the provided disk space consumer with the server.
      void deregisterMonitorProvider​(RegisteredMonitorProvider provider)
      Deregisters the given monitor provider with the server.
      void deregisterShutdownListener​(RegisteredServerShutdownListener listener)
      Deregisters the provided server shutdown listener with the server.
      void deregisterSupportedControlOID​(java.lang.String oid)
      Deregisters the provided OID with the server so that it will no longer appear in the supportedControl attribute of the server's root DSE.
      java.lang.String getBasicProductName()
      Retrieves the base name of the server which is generally the full product name without the vendor information.
      LDAPInterface getClientConnection​(java.lang.String dn, boolean isClientSecure)
      Retrieves a client connection that is authenticated as the specified user.
      LDAPInterface getClientRootConnection​(boolean isClientSecure)
      Retrieves a client connection that is authenticated as a root user and is not subject to access control.
      java.lang.String getCompactProductName()
      Retrieves the compact name of the server.
      java.io.OutputStream getEncryptedOutputStream​(java.io.OutputStream outputStream, boolean compress)
      Wraps the provided output stream in a PassphraseEncryptedOutputStream so that data written to it will be encrypted, optionally after also wrapping it in a GZIPOutputStream to ensure that the data is compressed before it is encrypted.
      java.io.OutputStream getEncryptedOutputStream​(java.io.OutputStream outputStream, java.lang.String encryptionSettingsDefinitionID, boolean compress)
      Wraps the provided output stream in a PassphraseEncryptedOutputStream so that data written to it will be encrypted, optionally after also wrapping it in a GZIPOutputStream to ensure that the data is compressed before it is encrypted.
      EncryptionSettingsDefinition getEncryptionSettingsDefinition​(java.lang.String id)
      Retrieves the encryption settings definition with the specified ID.
      java.util.List<EncryptionSettingsDefinition> getEncryptionSettingsDefinitions()
      Retrieves a list of all of the encryption settings definitions contained in the server's encryption settings database.
      java.lang.String getFullProductName()
      Retrieves the full name of the server.
      java.lang.String getFullVendorName()
      Retrieves the full name of the server vendor.
      java.lang.String getFullVersion()
      Retrieves a string that is the concatenation of the product name, the major, minor, point, and patch version numbers of the server and any any other unique version information.
      Group getGroup​(java.lang.String groupDN)
      Retrieves the group defined in the specified entry.
      java.util.Map<DN,​Group> getGroupsForUser​(java.lang.String userDN, boolean directMembershipOnly)
      Retrieves the set of groups in which the specified user is a member, indexed by group DN.
      java.lang.String getInstanceName()
      Retrieves the instance name that has been assigned to the server.
      InternalConnection getInternalConnection​(java.lang.String dn)
      Retrieves an internal connection that is authenticated as the specified user.
      InternalConnection getInternalRootConnection()
      Retrieves an internal connection that is authenticated as a root user that is not subject to access control.
      LDAPConnection getLDAPExternalServerConnection​(java.lang.String ldapExternalServerCfgObjectName, LDAPConnectionOptions connectionOptions)
      Retrieves a connection that is established and (if appropriate) authenticated to the specified LDAP External server.
      LDAPConnectionPool getLDAPExternalServerConnectionPool​(java.lang.String ldapExternalServerCfgObjectName, LDAPConnectionOptions connectionOptions, int initialConnections, int maxConnections, boolean throwOnConnectFailure)
      Retrieves a connection pool with connections to the specified server.
      Location getLocation()
      Retrieves the location that has been assigned to the server, if any.
      int getMajorVersionNumber()
      Retrieves the major version number for the server.
      int getMinorVersionNumber()
      Retrieves the minor version number for the server.
      java.lang.String getObscuredValue​(java.lang.String obscuredValueConfigObjectName)
      Retrieves the plaintext representation of the specified obscured value from the server configuration.
      java.lang.String getPackageName()
      Retrieves the package name of the server that is used for defining the server package ZIP file and root directory.
      char[] getPassphraseFromPassphraseProvider​(java.lang.String providerName, boolean allowCached)
      Retrieves a passphrase obtained by the specified passphrase provider.
      int getPatchVersionNumber()
      Retrieves the patch version number for the server.
      int getPointVersionNumber()
      Retrieves the point version number for the server.
      java.io.InputStream getPossiblyCompressedAndEncryptedInputStream​(java.io.File file)
      Opens an input stream that may be used to read data from the provided file.
      java.io.InputStream getPossiblyCompressedAndEncryptedInputStream​(java.io.InputStream inputStream)
      Examines the provided input stream and determines whether its contents have been encrypted with a PassphraseEncryptedOutputStream, and if so, retrieves an input stream that may be used to read its decrypted content.
      EncryptionSettingsDefinition getPreferredEncryptionSettingsDefinition()
      Retrieves information about the server's preferred encryption settings definition, which is the default definition that will be used for new encryption operations if no other definition is requested.
      java.util.Set<java.lang.String> getPrivilegeNames​(java.lang.String userDN)
      Retrieves the names of the privileges held by the specified user.
      Schema getSchema()
      Retrieves a reference to the server schema.
      java.io.File getServerRoot()
      Retrieves the path to the server root directory.
      java.lang.String getShortVendorName()
      Retrieves the compact name of the server vendor.
      java.lang.String getSourceRevision()
      Retrieves a value which identifies the source revision (in the version control system used to hold the server source code) from which the server was built.
      long getStartTime()
      Retrieves the time that the server was started.
      java.lang.String getStartupID()
      Retrieves a compact ID that was generated at the time the server was started.
      java.util.UUID getStartupUUID()
      Retrieves a unique identifier that was generated at the time the server was started.
      ToolExecutor getToolExecutor()
      Retrieves a ToolExecutor that can be used to internally execute select command line utilities.
      java.lang.String getVersionNumber()
      Retrieves a string that is the concatenation of the major, minor, point, and patch version numbers of the server.
      java.lang.String getVersionQualifier()
      Retrieves the version qualifier string for the server.
      boolean hasPrivilege​(java.lang.String userDN, java.lang.String privilegeName)
      Indicates whether the specified user has the indicated privilege.
      boolean isDirectoryFunctionalityAvailable()
      Indicates whether the extension is running in a server that has Directory Server functionality available.
      boolean isDirectoryProxyFunctionalityAvailable()
      Indicates whether the extension is running in a server that has Directory Proxy Server functionality available.
      boolean isRunning()
      Indicates whether the server is currently running.
      boolean isShuttingDown()
      Indicates whether the server is in the process of shutting down.
      boolean isStarting()
      Indicates whether the server is in the process of starting up.
      boolean isSyncFunctionalityAvailable()
      Indicates whether the extension is running in a server that has Data Sync Server functionality available.
      boolean isTraceMessageLoggable​(LogSeverity logSeverity)
      Indicates whether trace log messages of the provided severity can be logged by an extension to any trace log publishers.
      void logMessage​(LogSeverity severity, java.lang.String message)
      Writes a message to the server error log.
      void logTraceMessage​(LogSeverity logSeverity, java.lang.String message)
      Writes a message to the server trace log publishers.
      void logTraceMessage​(LogSeverity logSeverity, java.lang.String message, java.util.Map<java.lang.String,​java.lang.String> keyValues)
      Writes a message to the server trace log publishers.
      RegisteredChangeListener registerChangeListener​(ChangeListener listener, java.util.Set<ChangeType> changeTypes, java.util.List<java.lang.String> baseDNs, Filter filter)
      Registers the provided change listener with the server so that it may be notified of any changes matching the provided criteria.
      RegisteredDiskSpaceConsumer registerDiskSpaceConsumer​(DiskSpaceConsumer consumer)
      Registers the provided disk space consumer with the server.
      RegisteredMonitorProvider registerMonitorProvider​(MonitorProvider provider, GenericConfig config)
      Registers the given monitor provider with the server.
      RegisteredServerShutdownListener registerShutdownListener​(ServerShutdownListener listener)
      Registers the provided listener to be notified when the server shutdown process has begun.
      void registerSupportedControlOID​(java.lang.String oid)
      Registers the provided OID with the server so that it will appear in the supportedControl attribute of the server's root DSE.
      void reloadHTTPConnectionHandlerCertificates()
      Reload the key and trust manager providers associated with any HTTP connection handlers.that provide support for HTTPS.
      void sendAlert​(AlertSeverity severity, java.lang.String message)
      Generates an administrative alert notification.
      void sendAlert​(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message)
      Generates an administrative alert notification.
      DegradedAlertType sendDegradedAlertNotification​(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message)
      Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as a degraded alert type.
      UnavailableAlertType sendUnavailableAlertNotification​(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message)
      Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as an unavailable alert type.

    • Method Detail

      • getShortVendorName

        java.lang.String getShortVendorName()
        Retrieves the compact name of the server vendor. The returned name will not have any spaces.
        Returns:
        The compact name of the server vendor.

      • getFullVendorName

        java.lang.String getFullVendorName()
        Retrieves the full name of the server vendor. The returned name may contain spaces.
        Returns:
        The full name of the server vendor.

      • getCompactProductName

        java.lang.String getCompactProductName()
        Retrieves the compact name of the server. The returned name will not have any spaces.
        Returns:
        The compact name of the server.

      • getPackageName

        java.lang.String getPackageName()
        Retrieves the package name of the server that is used for defining the server package ZIP file and root directory. The returned name will not have any spaces.
        Returns:
        The package name of the server.

      • getFullProductName

        java.lang.String getFullProductName()
        Retrieves the full name of the server. The returned name may contain spaces.
        Returns:
        The full name of the server.

      • getBasicProductName

        java.lang.String getBasicProductName()
        Retrieves the base name of the server which is generally the full product name without the vendor information. The returned name may contain spaces.
        Returns:
        The full name of the server.

      • getMajorVersionNumber

        int getMajorVersionNumber()
        Retrieves the major version number for the server. The major version number is the first number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the major version number is 1).
        Returns:
        The major version number for the server.

      • getMinorVersionNumber

        int getMinorVersionNumber()
        Retrieves the minor version number for the server. The minor version number is the second number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the minor version number is 2).
        Returns:
        The minor version number for the server.

      • getPointVersionNumber

        int getPointVersionNumber()
        Retrieves the point version number for the server. The point version number is the third number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the point version number is 3).
        Returns:
        The point version number for the server.

      • getPatchVersionNumber

        int getPatchVersionNumber()
        Retrieves the patch version number for the server. The patch version number is the fourth number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the patch version number is 4).
        Returns:
        The point version number for the server.

      • getVersionNumber

        java.lang.String getVersionNumber()
        Retrieves a string that is the concatenation of the major, minor, point, and patch version numbers of the server.
        Returns:
        the server's version number string.

      • getFullVersion

        java.lang.String getFullVersion()
        Retrieves a string that is the concatenation of the product name, the major, minor, point, and patch version numbers of the server and any any other unique version information.
        Returns:
        the server's full version number string.

      • getVersionQualifier

        java.lang.String getVersionQualifier()
        Retrieves the version qualifier string for the server. The version qualifier is an optional string which may provide additional information about the server version. If a version qualifier is present, then it will immediately follow the patch version number (e.g., for a version string of "1.2.3.4-beta5", the version qualifier is "-beta5").
        Returns:
        The version qualifier for the server, or an empty string if no version qualifier is defined.

      • getSourceRevision

        java.lang.String getSourceRevision()
        Retrieves a value which identifies the source revision (in the version control system used to hold the server source code) from which the server was built.
        Returns:
        The source revision identifier for the server.

      • isStarting

        boolean isStarting()
        Indicates whether the server is in the process of starting up.
        Returns:
        true if the server is in the process of starting up, or false if not.

      • isRunning

        boolean isRunning()
        Indicates whether the server is currently running.
        Returns:
        true if the server is running, or false if not.

      • isShuttingDown

        boolean isShuttingDown()
        Indicates whether the server is in the process of shutting down.
        Returns:
        true if the server is in the process of shutting down, or false if not.

      • getStartTime

        long getStartTime()
        Retrieves the time that the server was started. The value returned will be an offset in milliseconds since 12:00 a.m. on January 1, 1970.
        Returns:
        The time that the server was started.

      • getStartupID

        java.lang.String getStartupID()
        Retrieves a compact ID that was generated at the time the server was started. It is not guaranteed to be unique among all instances of the server, but is guaranteed to be unique across all invocations of a single server installation. This is suitable for inclusion in log messages and can help differentiate operations with the same connection ID and operation ID across server restarts.
        Returns:
        A compact ID that was generated at the time the server was started.

      • getStartupUUID

        java.util.UUID getStartupUUID()
        Retrieves a unique identifier that was generated at the time the server was started. It will be unique across all server instances and all invocations of the same instance.
        Returns:
        A unique identifier that was generated at the time the server was started.

      • getInstanceName

        java.lang.String getInstanceName()
        Retrieves the instance name that has been assigned to the server.
        Returns:
        The instance name that has been assigned to the server.

      • getLocation

        Location getLocation()
        Retrieves the location that has been assigned to the server, if any.
        Returns:
        The location that has been assigned to the server, or null if no location has been assigned.

      • getServerRoot

        java.io.File getServerRoot()
        Retrieves the path to the server root directory.
        Returns:
        The path to the server root directory.

      • getToolExecutor

        ToolExecutor getToolExecutor()
        Retrieves a ToolExecutor that can be used to internally execute select command line utilities.
        Returns:
        A ToolExecutor that can be used to internally execute select command line utilities.

      • isDirectoryFunctionalityAvailable

        boolean isDirectoryFunctionalityAvailable()
        Indicates whether the extension is running in a server that has Directory Server functionality available.
        Returns:
        true if Directory Server functionality is available, or false if not.

      • isDirectoryProxyFunctionalityAvailable

        boolean isDirectoryProxyFunctionalityAvailable()
        Indicates whether the extension is running in a server that has Directory Proxy Server functionality available.
        Returns:
        true if Directory Proxy Server functionality is available, or false if not.

      • isSyncFunctionalityAvailable

        boolean isSyncFunctionalityAvailable()
        Indicates whether the extension is running in a server that has Data Sync Server functionality available.
        Returns:
        true if Data Sync Server functionality is available, or false if not.

      • getInternalRootConnection

        InternalConnection getInternalRootConnection()
        Retrieves an internal connection that is authenticated as a root user that is not subject to access control.

        During operation processing, this connection is considered a root connection that is both internal and secure.

        Note that the returned connection will use the client connection policy defined as the default policy for internal operations. If you have access to a ClientContext and wish to use the client connection policy associated with that connection, use the ClientContext.getInternalRootConnection(boolean) method.
        Returns:
        An internal connection that is authenticated as a root user.

      • getInternalConnection

        InternalConnection getInternalConnection​(java.lang.String dn)
                                  throws LDAPException
        Retrieves an internal connection that is authenticated as the specified user. Operations on the connection may be subject to access control based on the privileges associated with the specified user.

        During operation processing, this connection is considered a user connection that is both internal and secure.

        Note that the returned connection will use the client connection policy defined as the default policy for internal operations. If you have access to a ClientContext and wish to use the client connection policy associated with that connection, use the ClientContext.getInternalConnection(String,boolean) method.
        Parameters:
        dn - The DN of the user as whom the connection should be authenticated. It may be null or empty if the connection should be unauthenticated.
        Returns:
        An internal connection that is authenticated as the specified user.
        Throws:
        LDAPException - If a problem occurs while attempting to authenticate as the specified user.

      • getClientRootConnection

        LDAPInterface getClientRootConnection​(boolean isClientSecure)
        Retrieves a client connection that is authenticated as a root user and is not subject to access control.

        This method should be used when the connection will be used on behalf of some external client, and allows you to indicate whether the external client has a secure connection. This information is used by some of the internal security controls, such as password policies, which may reject password change operations if they are not over a secure connection, for example.

        During operation processing, this connection is considered a root connection that is external and optionally secure, depending on the isClientSecure parameter.
        Parameters:
        isClientSecure - Whether the external client is connected over a secure channel.
        Returns:
        A client connection that is authenticated as a root user.

      • getClientConnection

        LDAPInterface getClientConnection​(java.lang.String dn,
                                  boolean isClientSecure)
                           throws LDAPException
        Retrieves a client connection that is authenticated as the specified user. Operations on the connection may be subject to access control based on the privileges associated with the specified user.

        This method should be used when the connection will be used on behalf of some external client, and allows you to indicate whether the external client has a secure connection. This information is used by some of the internal security controls, such as password policies, which may reject password change operations if they are not over a secure connection, for example.

        During operation processing, this connection is considered a user connection that is external and optionally secure, depending on the isClientSecure parameter.
        Parameters:
        dn - The DN of the user as whom the connection should be authenticated. It may be null or empty if the connection should be unauthenticated.
        isClientSecure - Whether the external client is connected over a secure channel.
        Returns:
        An internal connection that is authenticated as the specified user.
        Throws:
        LDAPException - If a problem occurs while attempting to authenticate as the specified user.

      • getSchema

        Schema getSchema()
        Retrieves a reference to the server schema.
        Returns:
        A reference to the server schema.

      • registerSupportedControlOID

        void registerSupportedControlOID​(java.lang.String oid)
        Registers the provided OID with the server so that it will appear in the supportedControl attribute of the server's root DSE. This method should only be used by extensions which implement some level of support for that control (e.g., a pre-parse plugin which performs all necessary processing from the control and removes it from the request so that it will not be seen and potentially rejected by the core server).
        Parameters:
        oid - The OID to be registered.

      • deregisterSupportedControlOID

        void deregisterSupportedControlOID​(java.lang.String oid)
        Deregisters the provided OID with the server so that it will no longer appear in the supportedControl attribute of the server's root DSE.
        Parameters:
        oid - The OID to be deregistered.

      • registerChangeListener

        RegisteredChangeListener registerChangeListener​(ChangeListener listener,
                                                java.util.Set<ChangeType> changeTypes,
                                                java.util.List<java.lang.String> baseDNs,
                                                Filter filter)
                                         throws LDAPException
        Registers the provided change listener with the server so that it may be notified of any changes matching the provided criteria.
        Parameters:
        listener - The change listener to be registered with the server. It must not be null.
        changeTypes - The types of changes for which the listener should be registered. It may be null or empty to indicate that the listener should be registered for all types of changes.
        baseDNs - The set of base DNs for which the listener should be registered. It may be null or empty to indicate that the listener should be registered for changes processed anywhere in the server.
        filter - A filter which may be used to restrict the set of changes for which the listener is notified. If a filter is provided, then only changes in which the target entry matches the given filter (either before or after the change was processed) will be notified. It may be null to indicate that the contents of the entry should not be considered.
        Returns:
        An object representing the change listener that has been registered with the server.
        Throws:
        LDAPException - If a problem is encountered while attempting to register the provided change listener (e.g., if any of the base DNs cannot be parsed as a valid DN).

      • deregisterChangeListener

        void deregisterChangeListener​(RegisteredChangeListener listener)
        Deregisters the provided change listener with the server. This will have no effect if the provided listener is not registered.
        Parameters:
        listener - The change listener to be deregistered. It must not be null.

      • registerDiskSpaceConsumer

        RegisteredDiskSpaceConsumer registerDiskSpaceConsumer​(DiskSpaceConsumer consumer)
        Registers the provided disk space consumer with the server.
        Parameters:
        consumer - The disk space consumer to be registered with the server. It must not be null.
        Returns:
        An object representing the disk space consumer that has been registered with the server.

      • deregisterDiskSpaceConsumer

        void deregisterDiskSpaceConsumer​(RegisteredDiskSpaceConsumer consumer)
        Deregisters the provided disk space consumer with the server. This will no no effect if the provided consumer is not registered.
        Parameters:
        consumer - The disk space consumer to be deregistered with the server. It must not be null.

      • registerShutdownListener

        RegisteredServerShutdownListener registerShutdownListener​(ServerShutdownListener listener)
        Registers the provided listener to be notified when the server shutdown process has begun.
        Parameters:
        listener - The server shutdown listener to be registered. It must not be null.
        Returns:
        An object representing the shutdown listener that has been registered with the server.

      • deregisterShutdownListener

        void deregisterShutdownListener​(RegisteredServerShutdownListener listener)
        Deregisters the provided server shutdown listener with the server. This will have no effect if the provided listener is not registered.
        Parameters:
        listener - The server shutdown listener to be deregistered. It must not be null.

      • registerMonitorProvider

        RegisteredMonitorProvider registerMonitorProvider​(MonitorProvider provider,
                                                  GenericConfig config)
        Registers the given monitor provider with the server. It is important that this monitor provider has a unique instance name across all monitor providers in the server. If there is already a monitor provider registered with the same instance name, an IllegalStateException will be thrown.

        The generated monitor entry will have a DN in the following format: cn={monitor-instance-name} [from {extension-type}:{extension-name}], cn=monitor and it will contain three auto-generated attributes: ds-extension-monitor-name, ds-extension-type, and ds-extension-name. Note: the {extension-type} and {extension-name} are from the extension which owns this ServerContext instance, not from the given MonitorProvider object.

        The specified monitor provider does not need any server-side configuration, and the configuration-related methods (initalizeMonitorProvider(), finalizeMonitorProvider(), defineConfigArguments(), isConfigurationAcceptable(), applyConfiguration()) do not need to be implemented because they will not be called.

        When an extension is disabled, all of its registered monitor providers will automatically deregister themselves from the server. You can also manually deregister them using deregisterMonitorProvider(RegisteredMonitorProvider) or deregisterAllMonitorProviders().

        Parameters:
        provider - The monitor provider instance to be registered. It must not be null.
        config - The configuration object from the extension that is registering the given monitor provider. This is required so that the monitor entry can be given a unique DN which includes the name of the extension that registered it.
        Returns:
        An object representing the monitor provider that has been registered with the server.

      • deregisterMonitorProvider

        void deregisterMonitorProvider​(RegisteredMonitorProvider provider)
        Deregisters the given monitor provider with the server. This will have no effect if the given monitor provider is not registered.
        Parameters:
        provider - The monitor provider instance to be registered. It must not be null.

      • deregisterAllMonitorProviders

        void deregisterAllMonitorProviders()
        Deregisters all the monitor providers that were registered with the server by this instance of ServerContext. This can be useful during cleanup or if you want to clear out all the existing monitor data from a given extension and register new monitor providers.

        This will be called automatically when your extension is unloaded or disabled.

      • createThread

        java.lang.Thread createThread​(ServerThread serverThread,
                              java.lang.String name)
        Creates a new thread to run within the server. The thread will not be started.
        Parameters:
        name - The name to use for the thread. It must not be null or empty.
        serverThread - The class providing the logic for the thread. It must not be null.
        Returns:
        The thread that has been created but not yet started.

      • logMessage

        void logMessage​(LogSeverity severity,
                java.lang.String message)
        Writes a message to the server error log.
        Parameters:
        severity - The severity to use for the log message. It must not be null.
        message - The message to be logged. It must not be null.

      • isTraceMessageLoggable

        boolean isTraceMessageLoggable​(LogSeverity logSeverity)
        Indicates whether trace log messages of the provided severity can be logged by an extension to any trace log publishers. This allows callers to avoid potentially expensive message construction for messages that are not going to be logged.
        Parameters:
        logSeverity - The log message severity. Must not be null.
        Returns:
        true if trace log messages from extensions are loggable to any trace log publishers

      • logTraceMessage

        void logTraceMessage​(LogSeverity logSeverity,
                     java.lang.String message)
        Writes a message to the server trace log publishers.
        Parameters:
        logSeverity - The log message severity. If the log message may contain potentially sensitive information, LogSeverity.DEBUG should be used. Must not be null.
        message - The message to be logged. It must not be null.

      • logTraceMessage

        void logTraceMessage​(LogSeverity logSeverity,
                     java.lang.String message,
                     java.util.Map<java.lang.String,​java.lang.String> keyValues)
        Writes a message to the server trace log publishers.
        Parameters:
        logSeverity - The log message severity. If the log message may contain potentially sensitive information, LogSeverity.DEBUG should be used. Must not be null.
        message - The message to be logged. It must not be null.
        keyValues - Keys and values that are to be logged with key=value. Keys should not contain spaces or other special characters. This map may be null.

      • sendAlert

        void sendAlert​(AlertSeverity severity,
               java.lang.String message)
        Generates an administrative alert notification.
        Parameters:
        severity - The severity to use for the alert notification. It must not be null.
        message - The message to be used for the alert notification. It must not be null.

      • sendAlert

        void sendAlert​(java.lang.String alertTypeName,
               AlertSeverity severity,
               java.lang.String alertTypeOID,
               java.lang.String message)
        throws LDAPException
        Generates an administrative alert notification.
        Parameters:
        alertTypeName - The name to use to identify the alert type. Each kind of alert must have a distinct name and all alerts with this alert type must always be used with the same severity and OID values. Alert type names must start with a lowercase ASCII letter and must contain only lowercase ASCII letters, numeric digits, and dashes.
        severity - The severity to use for the alert notification. It must not be null.
        alertTypeOID - The numeric OID for the alert type. It must not be null, and it must be a valid numeric OID. The same OID must always be used for the associated alert type, and each different alert type must have a unique OID.
        message - The message to be used for the alert notification. It must not be null.
        Throws:
        LDAPException - If the provided information cannot be used to generate a valid alert (e.g., if the alert type name does not meet the naming constraints or has already been used with a different severity and/or OID, or if the OID has already been used with a different alert type).

      • sendDegradedAlertNotification

        DegradedAlertType sendDegradedAlertNotification​(java.lang.String alertTypeName,
                                                AlertSeverity severity,
                                                java.lang.String alertTypeOID,
                                                java.lang.String message)
                                         throws LDAPException
        Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as a degraded alert type. Once the condition that triggered the server to be considered degraded has been resolved, the DegradedAlertType.setResolved() method should be used to remove the alert type from the list of degraded alert types.

        If a server has one or more unavailable alert types, it will be considered unavailable for use by products which make use of this information. If a server does not have any unavailable alert types but has one or more degraded alert types, then it will be considered degraded and less desirable for use by products which make use of this information.
        Parameters:
        alertTypeName - The name to use to identify the alert type. Each kind of alert must have a distinct name and all alerts with this alert type must always be used with the same severity and OID values. Alert type names must start with a lowercase ASCII letter and must contain only lowercase ASCII letters, numeric digits, and dashes.
        severity - The severity to use for the alert notification. It must not be null.
        alertTypeOID - The numeric OID for the alert type. It must not be null, and it must be a valid numeric OID. The same OID must always be used for the associated alert type, and each different alert type must have a unique OID.
        message - The message to be used for the alert notification. It must not be null.
        Returns:
        An object that may be used to obtain information about the alert type and indicate that the degraded condition has been resolved.
        Throws:
        LDAPException - If the provided information cannot be used to generate a valid alert (e.g., if the alert type name does not meet the naming constraints or has already been used with a different severity and/or OID, or if the OID has already been used with a different alert type).

      • sendUnavailableAlertNotification

        UnavailableAlertType sendUnavailableAlertNotification​(java.lang.String alertTypeName,
                                                      AlertSeverity severity,
                                                      java.lang.String alertTypeOID,
                                                      java.lang.String message)
                                               throws LDAPException
        Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as an unavailable alert type. Once the condition that triggered the server to be considered unavailable has been resolved, the UnavailableAlertType.setResolved() method should be used to remove the alert type from the list of unavailable alert types.

        If a server has one or more unavailable alert types, it will be considered unavailable for use by products which make use of this information. If a server does not have any unavailable alert types but has one or more degraded alert types, then it will be considered degraded and less desirable for use by products which make use of this information.
        Parameters:
        alertTypeName - The name to use to identify the alert type. Each kind of alert must have a distinct name and all alerts with this alert type must always be used with the same severity and OID values. Alert type names must start with a lowercase ASCII letter and must contain only lowercase ASCII letters, numeric digits, and dashes.
        severity - The severity to use for the alert notification. It must not be null.
        alertTypeOID - The numeric OID for the alert type. It must not be null, and it must be a valid numeric OID. The same OID must always be used for the associated alert type, and each different alert type must have a unique OID.
        message - The message to be used for the alert notification. It must not be null.
        Returns:
        An object that may be used to obtain information about the alert type and indicate that the unavailable condition has been resolved.
        Throws:
        LDAPException - If the provided information cannot be used to generate a valid alert (e.g., if the alert type name does not meet the naming constraints or has already been used with a different severity and/or OID, or if the OID has already been used with a different alert type).

      • debugEnabled

        boolean debugEnabled()
        Indicates whether debugging is enabled in the server.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Returns:
        true if debugging is enabled in the server, or false if not.

      • debugCaught

        void debugCaught​(java.lang.Throwable t)
        Writes a debug message indicating that the provided exception has been caught.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Parameters:
        t - The exception that has been caught.

      • debugThrown

        void debugThrown​(java.lang.Throwable t)
        Writes a debug message indicating that the provided exception will be thrown.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Parameters:
        t - The exception that will be thrown.

      • debugError

        void debugError​(java.lang.String message)
        Writes a debug message with an error severity.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Parameters:
        message - The message to be debugged.

      • debugWarning

        void debugWarning​(java.lang.String message)
        Writes a debug message with a warning severity.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Parameters:
        message - The message to be debugged.

      • debugInfo

        void debugInfo​(java.lang.String message)
        Writes a debug message with an informational severity.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Parameters:
        message - The message to be debugged.

      • debugVerbose

        void debugVerbose​(java.lang.String message)
        Writes a debug message with a verbose severity.

        Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.
        Parameters:
        message - The message to be debugged.

      • getLDAPExternalServerConnection

        LDAPConnection getLDAPExternalServerConnection​(java.lang.String ldapExternalServerCfgObjectName,
                                               LDAPConnectionOptions connectionOptions)
                                        throws LDAPException
        Retrieves a connection that is established and (if appropriate) authenticated to the specified LDAP External server. This will be a newly-created connection that is not used for any other purpose, and the caller is responsible for closing that connection when it is no longer needed.
        Parameters:
        ldapExternalServerCfgObjectName - The name of the configuration object for the LDAP external server to which the connection should be established. It must not be null.
        connectionOptions - The set of options to use for the connection that is established. It may be null if a default set of options should be used.
        Returns:
        The newly-created LDAP connection.
        Throws:
        LDAPException - If it is not possible to establish a connection to the target servers.

      • getLDAPExternalServerConnectionPool

        LDAPConnectionPool getLDAPExternalServerConnectionPool​(java.lang.String ldapExternalServerCfgObjectName,
                                                       LDAPConnectionOptions connectionOptions,
                                                       int initialConnections,
                                                       int maxConnections,
                                                       boolean throwOnConnectFailure)
                                                throws LDAPException
        Retrieves a connection pool with connections to the specified server. This will be a newly-created connection pool that is not used for any other purpose, and the caller is responsible for closing that connection pool when it is no longer needed.
        Parameters:
        ldapExternalServerCfgObjectName - The name of the configuration object for the LDAP external server to which the connections should be established. It must not be null.
        connectionOptions - The set of options to use for the connection that is established. It may be null if a default set of options should be used.
        initialConnections - The initial number of connections to attempt to establish. It must be greater than or equal to zero.
        maxConnections - The maximum number of connections that should be established and unused in the pool at any time. It must be greater than or equal to initialConnections, and it must not be zero.
        throwOnConnectFailure - Indicates whether to throw an LDAPException if an error is encountered while attempting to connect or authenticate any of the initial connections. If this is false and none of the initial connections can be established (or if the initial number of connections is zero), then the pool will be returned without any connections.
        Returns:
        The newly-created LDAP connection pool.
        Throws:
        LDAPException - If it is not possible to establish a pool of connections to the specified LDAP external server.

      • getObscuredValue

        java.lang.String getObscuredValue​(java.lang.String obscuredValueConfigObjectName)
                           throws LDAPException
        Retrieves the plaintext representation of the specified obscured value from the server configuration. Obscured values may be used to allow extensions to store potentially sensitive information (for example, credentials needed to access some external system) in the configuration in a manner that will prevent them from being stored in the clear or displayed in the clear in administrative interfaces. If a server extension needs to be configured with potentially sensitive information, it is recommended that each piece of sensitive information be stored as an obscured value, and that the extension be configured with the names of the relevant obscured values.
        Parameters:
        obscuredValueConfigObjectName - The name of the configuration object for the obscured value to retrieve. It must not be null.
        Returns:
        The plaintext representation of the specified obscured value from the server configuration.
        Throws:
        LDAPException - If the provided name does not reference an obscured value that is defined in the server configuration.

      • createValueConstructor

        ValueConstructor createValueConstructor​(java.lang.String constructedValueTemplate)
                                 throws LDAPException
        Returns a ValueConstructor built from the provided value template. A ValueConstructor can be used to construct string values from a template that can reference attributes on an entry.
        Parameters:
        constructedValueTemplate - The constructed value pattern. See ValueConstructor for details on the syntax for the template.
        Returns:
        A ValueConstructor based on the provided template.
        Throws:
        LDAPException - If the provided value template is invalid.

      • getGroup

        Group getGroup​(java.lang.String groupDN)
        throws LDAPException
        Retrieves the group defined in the specified entry.
        Parameters:
        groupDN - The DN of the entry containing the group to retrieve. It must not be null.
        Returns:
        The group defined in the specified entry.
        Throws:
        LDAPException - If the specified entry does not exist, if it exists but does not represent a group, or if a problem is encountered while retrieving the group.

      • getGroupsForUser

        java.util.Map<DN,​GroupgetGroupsForUser​(java.lang.String userDN,
                                               boolean directMembershipOnly)
                                        throws LDAPException
        Retrieves the set of groups in which the specified user is a member, indexed by group DN.
        Parameters:
        userDN - The DN of the user for whom to retrieve the associated groups. It must not be null.
        directMembershipOnly - Indicates whether to only consider the user a member of the group if that user is directly named as a member of the group. If this parameter is true, then the method will return true only if the user is directly listed as a member of the group, and will not included dynamic or nested membership. If this parameter is false, then the method will return true if the user is a direct member of the group, is a member of a dynamic group in which the user matches the membership criteria, or if the user is a member of a nested group.
        Returns:
        A map of the groups in which the specified user is a member, or an empty map if the specified user is not a member of any groups.
        Throws:
        LDAPException - If the specified user does not exist or if a problem is encountered while attempting to retrieve the groups in which the user is a member.

      • hasPrivilege

        boolean hasPrivilege​(java.lang.String userDN,
                     java.lang.String privilegeName)
              throws LDAPException
        Indicates whether the specified user has the indicated privilege. The set of defined privileges may be found in the privilege-list.html and privilege-list.csv files in the server docs directory.
        Parameters:
        userDN - The DN of the user for whom to make the determination. It must not be null.
        privilegeName - The name of the privilege for which to make the determination. It must not be null.
        Returns:
        true if the specified user has the indicated privilege, or false if not.
        Throws:
        LDAPException - If the specified user does not exist, if the indicated privilege is not defined in the server, or if a problem is encountered while trying to make the determination.

      • getPrivilegeNames

        java.util.Set<java.lang.String> getPrivilegeNames​(java.lang.String userDN)
                                           throws LDAPException
        Retrieves the names of the privileges held by the specified user. The set of defined privileges may be found in the privilege-list.html and privilege-list.csv files in the server docs directory.
        Parameters:
        userDN - The DN of the user for whom to retrieve the privileges. It must not be null.
        Returns:
        The names of the privileges held by the specified user, or an empty set if the user does not have any privileges.
        Throws:
        LDAPException - If the specified user does not exist, or if a problem is encountered while attempting to retrieve the user's privileges.

      • reloadHTTPConnectionHandlerCertificates

        void reloadHTTPConnectionHandlerCertificates()
                                      throws LDAPException
        Reload the key and trust manager providers associated with any HTTP connection handlers.that provide support for HTTPS. This can cause any changes to the certificates in those stores to be applied to the running instance without the need to disable and re-enable the connection handler or to restart the server. Note that this reload does have the potential to interfere with the ability for clients to resume a TLS session created before the reload was invoked.
        Throws:
        LDAPException - If an error occurs.

      • getPossiblyCompressedAndEncryptedInputStream

        java.io.InputStream getPossiblyCompressedAndEncryptedInputStream​(java.io.File file)
                                                          throws LDAPException,
                                                                 java.security.GeneralSecurityException,
                                                                 java.io.IOException
        Opens an input stream that may be used to read data from the provided file. The contents of the file may optionally have been encrypted with the LDAP SDK's PassphraseEncryptedOutputStream using a key from the server's encryption settings database, and may have optionally been compressed with the GZIP compression algorithm. If the file is both compressed and encrypted, then the data must have been compressed before it was encrypted.
        Parameters:
        file - The file to be read. It must not be null.
        Returns:
        The input stream that may be used to read the optionally compressed and/or encrypted file.
        Throws:
        LDAPException - If a problem is encountered while interacting with the server's encryption framework, or if the data is encrypted with a key not contained in the encryption settings database.
        java.security.GeneralSecurityException - If a problem is encountered while preparing to decrypt the data.
        java.io.IOException - If a problem is encountered while attempting to read or decompress the data.

      • getPossiblyCompressedAndEncryptedInputStream

        java.io.InputStream getPossiblyCompressedAndEncryptedInputStream​(java.io.InputStream inputStream)
                                                          throws LDAPException,
                                                                 java.security.GeneralSecurityException,
                                                                 java.io.IOException
        Examines the provided input stream and determines whether its contents have been encrypted with a PassphraseEncryptedOutputStream, and if so, retrieves an input stream that may be used to read its decrypted content. Also examines the input stream to determine whether its contents may have been GZIP-compressed, and if so, retrieves an input stream that may be used to read its decompressed content. If the data is encrypted, it must start with a PassphraseEncryptedStreamHeader, and it must have been encrypted with a key contained in the server's encryption settings database. If the data is both compressed and encrypted, then it must have been compressed before it was encrypted.

        Note that if a problem occurs that causes this method to throw an exception, then the provided stream will have been closed before control returns to the caller.
        Parameters:
        inputStream - The input stream from which the data is to be obtained. It must not be null.
        Returns:
        The input stream that may be used to read the optionally compressed and/or encrypted data from the provided input stream.
        Throws:
        LDAPException - If a problem is encountered while interacting with the server's encryption framework, or if the data is encrypted with a key not contained in the encryption settings database.
        java.security.GeneralSecurityException - If a problem is encountered while preparing to decrypt the data.
        java.io.IOException - If a problem is encountered while attempting to read or decompress the data.

      • getEncryptedOutputStream

        java.io.OutputStream getEncryptedOutputStream​(java.io.OutputStream outputStream,
                                              boolean compress)
                                       throws LDAPException,
                                              java.io.IOException,
                                              java.security.GeneralSecurityException
        Wraps the provided output stream in a PassphraseEncryptedOutputStream so that data written to it will be encrypted, optionally after also wrapping it in a GZIPOutputStream to ensure that the data is compressed before it is encrypted. The encryption key will be obtained from the server's preferred encryption settings definition.
        Parameters:
        outputStream - The output stream to be wrapped. It must not be null.
        compress - Indicates whether to GZIP-compress the data before encrypting it.
        Returns:
        The output stream that may be used to write encrypted (and possibly compressed) data.
        Throws:
        LDAPException - If a problem is encountered while interacting with the server's encryption framework or if the server encryption settings database does not have a preferred definition.
        java.security.GeneralSecurityException - If a problem is encountered while preparing to encrypt the data.
        java.io.IOException - If a problem occurs while preparing to compress the the data.

      • getEncryptedOutputStream

        java.io.OutputStream getEncryptedOutputStream​(java.io.OutputStream outputStream,
                                              java.lang.String encryptionSettingsDefinitionID,
                                              boolean compress)
                                       throws LDAPException,
                                              java.security.GeneralSecurityException,
                                              java.io.IOException
        Wraps the provided output stream in a PassphraseEncryptedOutputStream so that data written to it will be encrypted, optionally after also wrapping it in a GZIPOutputStream to ensure that the data is compressed before it is encrypted.
        Parameters:
        outputStream - The output stream to be wrapped. It must not be null.
        encryptionSettingsDefinitionID - The identifier of the encryption settings definition that should be used to encrypt the data. It must not be null.
        compress - Indicates whether to GZIP-compress the data before encrypting it.
        Returns:
        The output stream that may be used to write encrypted (and possibly compressed) data.
        Throws:
        LDAPException - If a problem is encountered while interacting with the server's encryption framework, or if the encryption settings database does not have a definition with the specified ID.
        java.security.GeneralSecurityException - If a problem is encountered while preparing to encrypt the data.
        java.io.IOException - If a problem occurs while preparing to compress the the data.

      • getPreferredEncryptionSettingsDefinition

        EncryptionSettingsDefinition getPreferredEncryptionSettingsDefinition()
        Retrieves information about the server's preferred encryption settings definition, which is the default definition that will be used for new encryption operations if no other definition is requested.
        Returns:
        Information about the server's preferred encryption settings definition, or null if the server does not have a preferred encryption settings definition.

      • getEncryptionSettingsDefinition

        EncryptionSettingsDefinition getEncryptionSettingsDefinition​(java.lang.String id)
        Retrieves the encryption settings definition with the specified ID.
        Parameters:
        id - The identifier for the encryption settings definition to retrieve. It must not be null.
        Returns:
        The encryption settings definition with the specified ID, or null if the encryption settings database does not have a definition with the specified ID.

      • getEncryptionSettingsDefinitions

        java.util.List<EncryptionSettingsDefinitiongetEncryptionSettingsDefinitions()
        Retrieves a list of all of the encryption settings definitions contained in the server's encryption settings database.
        Returns:
        A list of all the encryption settings definitions contained in the server's encryption settings database.

      • createEMailMessage

        EMailMessage createEMailMessage​(java.lang.String senderAddress,
                                java.lang.String replyToAddress,
                                java.util.Collection<java.lang.String> toAddresses,
                                java.util.Collection<java.lang.String> ccAddresses,
                                java.util.Collection<java.lang.String> bccAddresses,
                                java.lang.String subject,
                                java.lang.String plainTextPart,
                                java.lang.String htmlPart,
                                java.util.Map<java.lang.String,​java.util.List<java.lang.String>> customHeaders,
                                java.util.List<EMailAttachment> attachments)
                         throws javax.mail.MessagingException
        Creates a multi-part email message with the provided information.
        Parameters:
        senderAddress - The sender address for the email message. It must not be null or empty.
        replyToAddress - The reply-to address for this email message. It may be null if no reply-to address is needed. If it is non-null, then it must not be empty.
        toAddresses - The set of "to" addresses for the email message. At least one of the toAddresses, ccAddresses, and bccAddresses arguments must be non-null and non-empty.
        ccAddresses - The set of "cc" addresses for the email message. At least one of the toAddresses, ccAddresses, and bccAddresses arguments must be non-null and non-empty.
        bccAddresses - The set of "bcc" addresses for the email message. At least one of the toAddresses, ccAddresses, and bccAddresses arguments must be non-null and non-empty.
        subject - The subject for the email message. It must not be null or empty.
        plainTextPart - The content for the plain-text-formatted body of the message. It must not be null if htmlPart is null. If it is non-null, then it must not be empty.
        htmlPart - The content for the HTML-formatted body of the message. It must not be null if plainTextPart is null. If it is non-null, then it must not be empty.
        customHeaders - An optional map of custom headers to include in the email message. It may be null or empty if no custom headers should be included.
        attachments - An optional set of attachments to include in the email message. It may be null or empty if the message should not include any attachments.
        Returns:
        The email message that was created.
        Throws:
        javax.mail.MessagingException - If there is a problem with any of the provided addresses.

      • createEMailAttachment

        EMailAttachment createEMailAttachment​(java.lang.String filename,
                                      java.lang.String contentType,
                                      boolean isInline,
                                      byte[] data)
        Creates an email attachment with the provided information.
        Parameters:
        filename - The filename for this attachment. It must not be null or empty. It must be just the name of the file, without any path information.
        contentType - The MIME type for the email attachment. If this is null, then a default value of "application/octet-stream" will be used.
        isInline - Indicates whether the attachment is intended to be referenced inline within the body of the email message (e.g., an image displayed within the HTML-formatted message).
        data - The bytes that comprise the data for the attachment. It must not be null or empty.
        Returns:
        The email attachment that has been created.

      • getPassphraseFromPassphraseProvider

        char[] getPassphraseFromPassphraseProvider​(java.lang.String providerName,
                                           boolean allowCached)
                                    throws LDAPException
        Retrieves a passphrase obtained by the specified passphrase provider.
        Parameters:
        providerName - The name or configuration entry DN for the passphrase provider to invoke. It must not be null.
        allowCached - Indicates whether the provider may use a cached version of the passphrase (if the provider supports caching).
        Returns:
        The passphrase retrieved from the specified passphrase provider. It will not be null.
        Throws:
        LDAPException - If the requested passphrase provider is not defined or enabled in the server configuration, or if a problem occurs while invoking the passphrase provider.