Interface ServerContext
-
- All Known Subinterfaces:
BrokerContext
,DirectoryServerContext
,HTTPServerContext
,MetricsEngineContext
,ProxyServerContext
,SCIMServerContext
,SyncServerContext
,WebAppServerContext
@NotExtensible @ThreadSafety(level=INTERFACE_THREADSAFE) public interface ServerContext
This interface may be used to obtain information about the server in which an extension is running.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description EMailAttachment
createEMailAttachment(java.lang.String filename, java.lang.String contentType, boolean isInline, byte[] data)
Creates an email attachment with the provided information.EMailMessage
createEMailMessage(java.lang.String senderAddress, java.lang.String replyToAddress, java.util.Collection<java.lang.String> toAddresses, java.util.Collection<java.lang.String> ccAddresses, java.util.Collection<java.lang.String> bccAddresses, java.lang.String subject, java.lang.String plainTextPart, java.lang.String htmlPart, java.util.Map<java.lang.String,java.util.List<java.lang.String>> customHeaders, java.util.List<EMailAttachment> attachments)
Creates a multi-part email message with the provided information.java.lang.Thread
createThread(ServerThread serverThread, java.lang.String name)
Creates a new thread to run within the server.ValueConstructor
createValueConstructor(java.lang.String constructedValueTemplate)
Returns a ValueConstructor built from the provided value template.void
debugCaught(java.lang.Throwable t)
Writes a debug message indicating that the provided exception has been caught.boolean
debugEnabled()
Indicates whether debugging is enabled in the server.void
debugError(java.lang.String message)
Writes a debug message with an error severity.void
debugInfo(java.lang.String message)
Writes a debug message with an informational severity.void
debugThrown(java.lang.Throwable t)
Writes a debug message indicating that the provided exception will be thrown.void
debugVerbose(java.lang.String message)
Writes a debug message with a verbose severity.void
debugWarning(java.lang.String message)
Writes a debug message with a warning severity.void
deregisterAllMonitorProviders()
Deregisters all the monitor providers that were registered with the server by this instance ofServerContext
.void
deregisterChangeListener(RegisteredChangeListener listener)
Deregisters the provided change listener with the server.void
deregisterDiskSpaceConsumer(RegisteredDiskSpaceConsumer consumer)
Deregisters the provided disk space consumer with the server.void
deregisterMonitorProvider(RegisteredMonitorProvider provider)
Deregisters the given monitor provider with the server.void
deregisterShutdownListener(RegisteredServerShutdownListener listener)
Deregisters the provided server shutdown listener with the server.void
deregisterSupportedControlOID(java.lang.String oid)
Deregisters the provided OID with the server so that it will no longer appear in the supportedControl attribute of the server's root DSE.java.lang.String
getBasicProductName()
Retrieves the base name of the server which is generally the full product name without the vendor information.LDAPInterface
getClientConnection(java.lang.String dn, boolean isClientSecure)
Retrieves a client connection that is authenticated as the specified user.LDAPInterface
getClientRootConnection(boolean isClientSecure)
Retrieves a client connection that is authenticated as a root user and is not subject to access control.java.lang.String
getCompactProductName()
Retrieves the compact name of the server.java.io.OutputStream
getEncryptedOutputStream(java.io.OutputStream outputStream, boolean compress)
Wraps the provided output stream in aPassphraseEncryptedOutputStream
so that data written to it will be encrypted, optionally after also wrapping it in aGZIPOutputStream
to ensure that the data is compressed before it is encrypted.java.io.OutputStream
getEncryptedOutputStream(java.io.OutputStream outputStream, java.lang.String encryptionSettingsDefinitionID, boolean compress)
Wraps the provided output stream in aPassphraseEncryptedOutputStream
so that data written to it will be encrypted, optionally after also wrapping it in aGZIPOutputStream
to ensure that the data is compressed before it is encrypted.EncryptionSettingsDefinition
getEncryptionSettingsDefinition(java.lang.String id)
Retrieves the encryption settings definition with the specified ID.java.util.List<EncryptionSettingsDefinition>
getEncryptionSettingsDefinitions()
Retrieves a list of all of the encryption settings definitions contained in the server's encryption settings database.java.lang.String
getFullProductName()
Retrieves the full name of the server.java.lang.String
getFullVendorName()
Retrieves the full name of the server vendor.java.lang.String
getFullVersion()
Retrieves a string that is the concatenation of the product name, the major, minor, point, and patch version numbers of the server and any any other unique version information.Group
getGroup(java.lang.String groupDN)
Retrieves the group defined in the specified entry.java.util.Map<DN,Group>
getGroupsForUser(java.lang.String userDN, boolean directMembershipOnly)
Retrieves the set of groups in which the specified user is a member, indexed by group DN.java.lang.String
getInstanceName()
Retrieves the instance name that has been assigned to the server.InternalConnection
getInternalConnection(java.lang.String dn)
Retrieves an internal connection that is authenticated as the specified user.InternalConnection
getInternalRootConnection()
Retrieves an internal connection that is authenticated as a root user that is not subject to access control.LDAPConnection
getLDAPExternalServerConnection(java.lang.String ldapExternalServerCfgObjectName, LDAPConnectionOptions connectionOptions)
Retrieves a connection that is established and (if appropriate) authenticated to the specified LDAP External server.LDAPConnectionPool
getLDAPExternalServerConnectionPool(java.lang.String ldapExternalServerCfgObjectName, LDAPConnectionOptions connectionOptions, int initialConnections, int maxConnections, boolean throwOnConnectFailure)
Retrieves a connection pool with connections to the specified server.Location
getLocation()
Retrieves the location that has been assigned to the server, if any.int
getMajorVersionNumber()
Retrieves the major version number for the server.int
getMinorVersionNumber()
Retrieves the minor version number for the server.java.lang.String
getObscuredValue(java.lang.String obscuredValueConfigObjectName)
Retrieves the plaintext representation of the specified obscured value from the server configuration.java.lang.String
getPackageName()
Retrieves the package name of the server that is used for defining the server package ZIP file and root directory.char[]
getPassphraseFromPassphraseProvider(java.lang.String providerName, boolean allowCached)
Retrieves a passphrase obtained by the specified passphrase provider.int
getPatchVersionNumber()
Retrieves the patch version number for the server.int
getPointVersionNumber()
Retrieves the point version number for the server.java.io.InputStream
getPossiblyCompressedAndEncryptedInputStream(java.io.File file)
Opens an input stream that may be used to read data from the provided file.java.io.InputStream
getPossiblyCompressedAndEncryptedInputStream(java.io.InputStream inputStream)
Examines the provided input stream and determines whether its contents have been encrypted with aPassphraseEncryptedOutputStream
, and if so, retrieves an input stream that may be used to read its decrypted content.EncryptionSettingsDefinition
getPreferredEncryptionSettingsDefinition()
Retrieves information about the server's preferred encryption settings definition, which is the default definition that will be used for new encryption operations if no other definition is requested.java.util.Set<java.lang.String>
getPrivilegeNames(java.lang.String userDN)
Retrieves the names of the privileges held by the specified user.Schema
getSchema()
Retrieves a reference to the server schema.java.io.File
getServerRoot()
Retrieves the path to the server root directory.java.lang.String
getShortVendorName()
Retrieves the compact name of the server vendor.java.lang.String
getSourceRevision()
Retrieves a value which identifies the source revision (in the version control system used to hold the server source code) from which the server was built.long
getStartTime()
Retrieves the time that the server was started.java.lang.String
getStartupID()
Retrieves a compact ID that was generated at the time the server was started.java.util.UUID
getStartupUUID()
Retrieves a unique identifier that was generated at the time the server was started.ToolExecutor
getToolExecutor()
Retrieves a ToolExecutor that can be used to internally execute select command line utilities.java.lang.String
getVersionNumber()
Retrieves a string that is the concatenation of the major, minor, point, and patch version numbers of the server.java.lang.String
getVersionQualifier()
Retrieves the version qualifier string for the server.boolean
hasPrivilege(java.lang.String userDN, java.lang.String privilegeName)
Indicates whether the specified user has the indicated privilege.boolean
isDirectoryFunctionalityAvailable()
Indicates whether the extension is running in a server that has Directory Server functionality available.boolean
isDirectoryProxyFunctionalityAvailable()
Indicates whether the extension is running in a server that has Directory Proxy Server functionality available.boolean
isRunning()
Indicates whether the server is currently running.boolean
isShuttingDown()
Indicates whether the server is in the process of shutting down.boolean
isStarting()
Indicates whether the server is in the process of starting up.boolean
isSyncFunctionalityAvailable()
Indicates whether the extension is running in a server that has Data Sync Server functionality available.boolean
isTraceMessageLoggable(LogSeverity logSeverity)
Indicates whether trace log messages of the provided severity can be logged by an extension to any trace log publishers.void
logMessage(LogSeverity severity, java.lang.String message)
Writes a message to the server error log.void
logTraceMessage(LogSeverity logSeverity, java.lang.String message)
Writes a message to the server trace log publishers.void
logTraceMessage(LogSeverity logSeverity, java.lang.String message, java.util.Map<java.lang.String,java.lang.String> keyValues)
Writes a message to the server trace log publishers.RegisteredChangeListener
registerChangeListener(ChangeListener listener, java.util.Set<ChangeType> changeTypes, java.util.List<java.lang.String> baseDNs, Filter filter)
Registers the provided change listener with the server so that it may be notified of any changes matching the provided criteria.RegisteredDiskSpaceConsumer
registerDiskSpaceConsumer(DiskSpaceConsumer consumer)
Registers the provided disk space consumer with the server.RegisteredMonitorProvider
registerMonitorProvider(MonitorProvider provider, GenericConfig config)
Registers the given monitor provider with the server.RegisteredServerShutdownListener
registerShutdownListener(ServerShutdownListener listener)
Registers the provided listener to be notified when the server shutdown process has begun.void
registerSupportedControlOID(java.lang.String oid)
Registers the provided OID with the server so that it will appear in the supportedControl attribute of the server's root DSE.void
reloadHTTPConnectionHandlerCertificates()
Reload the key and trust manager providers associated with any HTTP connection handlers.that provide support for HTTPS.void
sendAlert(AlertSeverity severity, java.lang.String message)
Generates an administrative alert notification.void
sendAlert(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message)
Generates an administrative alert notification.DegradedAlertType
sendDegradedAlertNotification(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message)
Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as a degraded alert type.UnavailableAlertType
sendUnavailableAlertNotification(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message)
Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as an unavailable alert type.
-
-
-
Method Detail
-
getShortVendorName
java.lang.String getShortVendorName()
Retrieves the compact name of the server vendor. The returned name will not have any spaces.- Returns:
- The compact name of the server vendor.
-
getFullVendorName
java.lang.String getFullVendorName()
Retrieves the full name of the server vendor. The returned name may contain spaces.- Returns:
- The full name of the server vendor.
-
getCompactProductName
java.lang.String getCompactProductName()
Retrieves the compact name of the server. The returned name will not have any spaces.- Returns:
- The compact name of the server.
-
getPackageName
java.lang.String getPackageName()
Retrieves the package name of the server that is used for defining the server package ZIP file and root directory. The returned name will not have any spaces.- Returns:
- The package name of the server.
-
getFullProductName
java.lang.String getFullProductName()
Retrieves the full name of the server. The returned name may contain spaces.- Returns:
- The full name of the server.
-
getBasicProductName
java.lang.String getBasicProductName()
Retrieves the base name of the server which is generally the full product name without the vendor information. The returned name may contain spaces.- Returns:
- The full name of the server.
-
getMajorVersionNumber
int getMajorVersionNumber()
Retrieves the major version number for the server. The major version number is the first number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the major version number is 1).- Returns:
- The major version number for the server.
-
getMinorVersionNumber
int getMinorVersionNumber()
Retrieves the minor version number for the server. The minor version number is the second number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the minor version number is 2).- Returns:
- The minor version number for the server.
-
getPointVersionNumber
int getPointVersionNumber()
Retrieves the point version number for the server. The point version number is the third number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the point version number is 3).- Returns:
- The point version number for the server.
-
getPatchVersionNumber
int getPatchVersionNumber()
Retrieves the patch version number for the server. The patch version number is the fourth number which appears in the full version string (e.g., for a version string of "1.2.3.4-beta5", the patch version number is 4).- Returns:
- The point version number for the server.
-
getVersionNumber
java.lang.String getVersionNumber()
Retrieves a string that is the concatenation of the major, minor, point, and patch version numbers of the server.- Returns:
- the server's version number string.
-
getFullVersion
java.lang.String getFullVersion()
Retrieves a string that is the concatenation of the product name, the major, minor, point, and patch version numbers of the server and any any other unique version information.- Returns:
- the server's full version number string.
-
getVersionQualifier
java.lang.String getVersionQualifier()
Retrieves the version qualifier string for the server. The version qualifier is an optional string which may provide additional information about the server version. If a version qualifier is present, then it will immediately follow the patch version number (e.g., for a version string of "1.2.3.4-beta5", the version qualifier is "-beta5").- Returns:
- The version qualifier for the server, or an empty string if no version qualifier is defined.
-
getSourceRevision
java.lang.String getSourceRevision()
Retrieves a value which identifies the source revision (in the version control system used to hold the server source code) from which the server was built.- Returns:
- The source revision identifier for the server.
-
isStarting
boolean isStarting()
Indicates whether the server is in the process of starting up.- Returns:
true
if the server is in the process of starting up, orfalse
if not.
-
isRunning
boolean isRunning()
Indicates whether the server is currently running.- Returns:
true
if the server is running, orfalse
if not.
-
isShuttingDown
boolean isShuttingDown()
Indicates whether the server is in the process of shutting down.- Returns:
true
if the server is in the process of shutting down, orfalse
if not.
-
getStartTime
long getStartTime()
Retrieves the time that the server was started. The value returned will be an offset in milliseconds since 12:00 a.m. on January 1, 1970.- Returns:
- The time that the server was started.
-
getStartupID
java.lang.String getStartupID()
Retrieves a compact ID that was generated at the time the server was started. It is not guaranteed to be unique among all instances of the server, but is guaranteed to be unique across all invocations of a single server installation. This is suitable for inclusion in log messages and can help differentiate operations with the same connection ID and operation ID across server restarts.- Returns:
- A compact ID that was generated at the time the server was started.
-
getStartupUUID
java.util.UUID getStartupUUID()
Retrieves a unique identifier that was generated at the time the server was started. It will be unique across all server instances and all invocations of the same instance.- Returns:
- A unique identifier that was generated at the time the server was started.
-
getInstanceName
java.lang.String getInstanceName()
Retrieves the instance name that has been assigned to the server.- Returns:
- The instance name that has been assigned to the server.
-
getLocation
Location getLocation()
Retrieves the location that has been assigned to the server, if any.- Returns:
- The location that has been assigned to the server, or
null
if no location has been assigned.
-
getServerRoot
java.io.File getServerRoot()
Retrieves the path to the server root directory.- Returns:
- The path to the server root directory.
-
getToolExecutor
ToolExecutor getToolExecutor()
Retrieves a ToolExecutor that can be used to internally execute select command line utilities.- Returns:
- A ToolExecutor that can be used to internally execute select command line utilities.
-
isDirectoryFunctionalityAvailable
boolean isDirectoryFunctionalityAvailable()
Indicates whether the extension is running in a server that has Directory Server functionality available.- Returns:
true
if Directory Server functionality is available, orfalse
if not.
-
isDirectoryProxyFunctionalityAvailable
boolean isDirectoryProxyFunctionalityAvailable()
Indicates whether the extension is running in a server that has Directory Proxy Server functionality available.- Returns:
true
if Directory Proxy Server functionality is available, orfalse
if not.
-
isSyncFunctionalityAvailable
boolean isSyncFunctionalityAvailable()
Indicates whether the extension is running in a server that has Data Sync Server functionality available.- Returns:
true
if Data Sync Server functionality is available, orfalse
if not.
-
getInternalRootConnection
InternalConnection getInternalRootConnection()
Retrieves an internal connection that is authenticated as a root user that is not subject to access control.
During operation processing, this connection is considered a root connection that is both internal and secure.
Note that the returned connection will use the client connection policy defined as the default policy for internal operations. If you have access to aClientContext
and wish to use the client connection policy associated with that connection, use theClientContext.getInternalRootConnection(boolean)
method.- Returns:
- An internal connection that is authenticated as a root user.
-
getInternalConnection
InternalConnection getInternalConnection(java.lang.String dn) throws LDAPException
Retrieves an internal connection that is authenticated as the specified user. Operations on the connection may be subject to access control based on the privileges associated with the specified user.
During operation processing, this connection is considered a user connection that is both internal and secure.
Note that the returned connection will use the client connection policy defined as the default policy for internal operations. If you have access to aClientContext
and wish to use the client connection policy associated with that connection, use theClientContext.getInternalConnection(String,boolean)
method.- Parameters:
dn
- The DN of the user as whom the connection should be authenticated. It may benull
or empty if the connection should be unauthenticated.- Returns:
- An internal connection that is authenticated as the specified user.
- Throws:
LDAPException
- If a problem occurs while attempting to authenticate as the specified user.
-
getClientRootConnection
LDAPInterface getClientRootConnection(boolean isClientSecure)
Retrieves a client connection that is authenticated as a root user and is not subject to access control.
This method should be used when the connection will be used on behalf of some external client, and allows you to indicate whether the external client has a secure connection. This information is used by some of the internal security controls, such as password policies, which may reject password change operations if they are not over a secure connection, for example.
During operation processing, this connection is considered a root connection that is external and optionally secure, depending on theisClientSecure
parameter.- Parameters:
isClientSecure
- Whether the external client is connected over a secure channel.- Returns:
- A client connection that is authenticated as a root user.
-
getClientConnection
LDAPInterface getClientConnection(java.lang.String dn, boolean isClientSecure) throws LDAPException
Retrieves a client connection that is authenticated as the specified user. Operations on the connection may be subject to access control based on the privileges associated with the specified user.
This method should be used when the connection will be used on behalf of some external client, and allows you to indicate whether the external client has a secure connection. This information is used by some of the internal security controls, such as password policies, which may reject password change operations if they are not over a secure connection, for example.
During operation processing, this connection is considered a user connection that is external and optionally secure, depending on theisClientSecure
parameter.- Parameters:
dn
- The DN of the user as whom the connection should be authenticated. It may benull
or empty if the connection should be unauthenticated.isClientSecure
- Whether the external client is connected over a secure channel.- Returns:
- An internal connection that is authenticated as the specified user.
- Throws:
LDAPException
- If a problem occurs while attempting to authenticate as the specified user.
-
getSchema
Schema getSchema()
Retrieves a reference to the server schema.- Returns:
- A reference to the server schema.
-
registerSupportedControlOID
void registerSupportedControlOID(java.lang.String oid)
Registers the provided OID with the server so that it will appear in the supportedControl attribute of the server's root DSE. This method should only be used by extensions which implement some level of support for that control (e.g., a pre-parse plugin which performs all necessary processing from the control and removes it from the request so that it will not be seen and potentially rejected by the core server).- Parameters:
oid
- The OID to be registered.
-
deregisterSupportedControlOID
void deregisterSupportedControlOID(java.lang.String oid)
Deregisters the provided OID with the server so that it will no longer appear in the supportedControl attribute of the server's root DSE.- Parameters:
oid
- The OID to be deregistered.
-
registerChangeListener
RegisteredChangeListener registerChangeListener(ChangeListener listener, java.util.Set<ChangeType> changeTypes, java.util.List<java.lang.String> baseDNs, Filter filter) throws LDAPException
Registers the provided change listener with the server so that it may be notified of any changes matching the provided criteria.- Parameters:
listener
- The change listener to be registered with the server. It must not benull
.changeTypes
- The types of changes for which the listener should be registered. It may benull
or empty to indicate that the listener should be registered for all types of changes.baseDNs
- The set of base DNs for which the listener should be registered. It may benull
or empty to indicate that the listener should be registered for changes processed anywhere in the server.filter
- A filter which may be used to restrict the set of changes for which the listener is notified. If a filter is provided, then only changes in which the target entry matches the given filter (either before or after the change was processed) will be notified. It may benull
to indicate that the contents of the entry should not be considered.- Returns:
- An object representing the change listener that has been registered with the server.
- Throws:
LDAPException
- If a problem is encountered while attempting to register the provided change listener (e.g., if any of the base DNs cannot be parsed as a valid DN).
-
deregisterChangeListener
void deregisterChangeListener(RegisteredChangeListener listener)
Deregisters the provided change listener with the server. This will have no effect if the provided listener is not registered.- Parameters:
listener
- The change listener to be deregistered. It must not benull
.
-
registerDiskSpaceConsumer
RegisteredDiskSpaceConsumer registerDiskSpaceConsumer(DiskSpaceConsumer consumer)
Registers the provided disk space consumer with the server.- Parameters:
consumer
- The disk space consumer to be registered with the server. It must not benull
.- Returns:
- An object representing the disk space consumer that has been registered with the server.
-
deregisterDiskSpaceConsumer
void deregisterDiskSpaceConsumer(RegisteredDiskSpaceConsumer consumer)
Deregisters the provided disk space consumer with the server. This will no no effect if the provided consumer is not registered.- Parameters:
consumer
- The disk space consumer to be deregistered with the server. It must not benull
.
-
registerShutdownListener
RegisteredServerShutdownListener registerShutdownListener(ServerShutdownListener listener)
Registers the provided listener to be notified when the server shutdown process has begun.- Parameters:
listener
- The server shutdown listener to be registered. It must not benull
.- Returns:
- An object representing the shutdown listener that has been registered with the server.
-
deregisterShutdownListener
void deregisterShutdownListener(RegisteredServerShutdownListener listener)
Deregisters the provided server shutdown listener with the server. This will have no effect if the provided listener is not registered.- Parameters:
listener
- The server shutdown listener to be deregistered. It must not benull
.
-
registerMonitorProvider
RegisteredMonitorProvider registerMonitorProvider(MonitorProvider provider, GenericConfig config)
Registers the given monitor provider with the server. It is important that this monitor provider has a unique instance name across all monitor providers in the server. If there is already a monitor provider registered with the same instance name, anIllegalStateException
will be thrown.The generated monitor entry will have a DN in the following format:
cn={monitor-instance-name} [from {extension-type}:{extension-name}], cn=monitor
and it will contain three auto-generated attributes:ds-extension-monitor-name
,ds-extension-type
, andds-extension-name
. Note: the {extension-type} and {extension-name} are from the extension which owns this ServerContext instance, not from the given MonitorProvider object.The specified monitor provider does not need any server-side configuration, and the configuration-related methods (
initalizeMonitorProvider()
,finalizeMonitorProvider()
,defineConfigArguments()
,isConfigurationAcceptable()
,applyConfiguration()
) do not need to be implemented because they will not be called.When an extension is disabled, all of its registered monitor providers will automatically deregister themselves from the server. You can also manually deregister them using
deregisterMonitorProvider(RegisteredMonitorProvider)
orderegisterAllMonitorProviders()
.- Parameters:
provider
- The monitor provider instance to be registered. It must not benull
.config
- The configuration object from the extension that is registering the given monitor provider. This is required so that the monitor entry can be given a unique DN which includes the name of the extension that registered it.- Returns:
- An object representing the monitor provider that has been registered with the server.
-
deregisterMonitorProvider
void deregisterMonitorProvider(RegisteredMonitorProvider provider)
Deregisters the given monitor provider with the server. This will have no effect if the given monitor provider is not registered.- Parameters:
provider
- The monitor provider instance to be registered. It must not benull
.
-
deregisterAllMonitorProviders
void deregisterAllMonitorProviders()
Deregisters all the monitor providers that were registered with the server by this instance ofServerContext
. This can be useful during cleanup or if you want to clear out all the existing monitor data from a given extension and register new monitor providers.This will be called automatically when your extension is unloaded or disabled.
-
createThread
java.lang.Thread createThread(ServerThread serverThread, java.lang.String name)
Creates a new thread to run within the server. The thread will not be started.- Parameters:
name
- The name to use for the thread. It must not benull
or empty.serverThread
- The class providing the logic for the thread. It must not benull
.- Returns:
- The thread that has been created but not yet started.
-
logMessage
void logMessage(LogSeverity severity, java.lang.String message)
Writes a message to the server error log.- Parameters:
severity
- The severity to use for the log message. It must not benull
.message
- The message to be logged. It must not benull
.
-
isTraceMessageLoggable
boolean isTraceMessageLoggable(LogSeverity logSeverity)
Indicates whether trace log messages of the provided severity can be logged by an extension to any trace log publishers. This allows callers to avoid potentially expensive message construction for messages that are not going to be logged.- Parameters:
logSeverity
- The log message severity. Must not benull
.- Returns:
true
if trace log messages from extensions are loggable to any trace log publishers
-
logTraceMessage
void logTraceMessage(LogSeverity logSeverity, java.lang.String message)
Writes a message to the server trace log publishers.- Parameters:
logSeverity
- The log message severity. If the log message may contain potentially sensitive information,LogSeverity.DEBUG
should be used. Must not benull
.message
- The message to be logged. It must not benull
.
-
logTraceMessage
void logTraceMessage(LogSeverity logSeverity, java.lang.String message, java.util.Map<java.lang.String,java.lang.String> keyValues)
Writes a message to the server trace log publishers.- Parameters:
logSeverity
- The log message severity. If the log message may contain potentially sensitive information,LogSeverity.DEBUG
should be used. Must not benull
.message
- The message to be logged. It must not benull
.keyValues
- Keys and values that are to be logged with key=value. Keys should not contain spaces or other special characters. This map may benull
.
-
sendAlert
void sendAlert(AlertSeverity severity, java.lang.String message)
Generates an administrative alert notification.- Parameters:
severity
- The severity to use for the alert notification. It must not benull
.message
- The message to be used for the alert notification. It must not benull
.
-
sendAlert
void sendAlert(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message) throws LDAPException
Generates an administrative alert notification.- Parameters:
alertTypeName
- The name to use to identify the alert type. Each kind of alert must have a distinct name and all alerts with this alert type must always be used with the same severity and OID values. Alert type names must start with a lowercase ASCII letter and must contain only lowercase ASCII letters, numeric digits, and dashes.severity
- The severity to use for the alert notification. It must not benull
.alertTypeOID
- The numeric OID for the alert type. It must not benull
, and it must be a valid numeric OID. The same OID must always be used for the associated alert type, and each different alert type must have a unique OID.message
- The message to be used for the alert notification. It must not benull
.- Throws:
LDAPException
- If the provided information cannot be used to generate a valid alert (e.g., if the alert type name does not meet the naming constraints or has already been used with a different severity and/or OID, or if the OID has already been used with a different alert type).
-
sendDegradedAlertNotification
DegradedAlertType sendDegradedAlertNotification(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message) throws LDAPException
Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as a degraded alert type. Once the condition that triggered the server to be considered degraded has been resolved, theDegradedAlertType.setResolved()
method should be used to remove the alert type from the list of degraded alert types.
If a server has one or more unavailable alert types, it will be considered unavailable for use by products which make use of this information. If a server does not have any unavailable alert types but has one or more degraded alert types, then it will be considered degraded and less desirable for use by products which make use of this information.- Parameters:
alertTypeName
- The name to use to identify the alert type. Each kind of alert must have a distinct name and all alerts with this alert type must always be used with the same severity and OID values. Alert type names must start with a lowercase ASCII letter and must contain only lowercase ASCII letters, numeric digits, and dashes.severity
- The severity to use for the alert notification. It must not benull
.alertTypeOID
- The numeric OID for the alert type. It must not benull
, and it must be a valid numeric OID. The same OID must always be used for the associated alert type, and each different alert type must have a unique OID.message
- The message to be used for the alert notification. It must not benull
.- Returns:
- An object that may be used to obtain information about the alert type and indicate that the degraded condition has been resolved.
- Throws:
LDAPException
- If the provided information cannot be used to generate a valid alert (e.g., if the alert type name does not meet the naming constraints or has already been used with a different severity and/or OID, or if the OID has already been used with a different alert type).
-
sendUnavailableAlertNotification
UnavailableAlertType sendUnavailableAlertNotification(java.lang.String alertTypeName, AlertSeverity severity, java.lang.String alertTypeOID, java.lang.String message) throws LDAPException
Generates an administrative alert and updates the server's general monitor entry to list the specified alert type as an unavailable alert type. Once the condition that triggered the server to be considered unavailable has been resolved, theUnavailableAlertType.setResolved()
method should be used to remove the alert type from the list of unavailable alert types.
If a server has one or more unavailable alert types, it will be considered unavailable for use by products which make use of this information. If a server does not have any unavailable alert types but has one or more degraded alert types, then it will be considered degraded and less desirable for use by products which make use of this information.- Parameters:
alertTypeName
- The name to use to identify the alert type. Each kind of alert must have a distinct name and all alerts with this alert type must always be used with the same severity and OID values. Alert type names must start with a lowercase ASCII letter and must contain only lowercase ASCII letters, numeric digits, and dashes.severity
- The severity to use for the alert notification. It must not benull
.alertTypeOID
- The numeric OID for the alert type. It must not benull
, and it must be a valid numeric OID. The same OID must always be used for the associated alert type, and each different alert type must have a unique OID.message
- The message to be used for the alert notification. It must not benull
.- Returns:
- An object that may be used to obtain information about the alert type and indicate that the unavailable condition has been resolved.
- Throws:
LDAPException
- If the provided information cannot be used to generate a valid alert (e.g., if the alert type name does not meet the naming constraints or has already been used with a different severity and/or OID, or if the OID has already been used with a different alert type).
-
debugEnabled
boolean debugEnabled()
Indicates whether debugging is enabled in the server.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Returns:
true
if debugging is enabled in the server, orfalse
if not.
-
debugCaught
void debugCaught(java.lang.Throwable t)
Writes a debug message indicating that the provided exception has been caught.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Parameters:
t
- The exception that has been caught.
-
debugThrown
void debugThrown(java.lang.Throwable t)
Writes a debug message indicating that the provided exception will be thrown.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Parameters:
t
- The exception that will be thrown.
-
debugError
void debugError(java.lang.String message)
Writes a debug message with an error severity.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Parameters:
message
- The message to be debugged.
-
debugWarning
void debugWarning(java.lang.String message)
Writes a debug message with a warning severity.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Parameters:
message
- The message to be debugged.
-
debugInfo
void debugInfo(java.lang.String message)
Writes a debug message with an informational severity.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Parameters:
message
- The message to be debugged.
-
debugVerbose
void debugVerbose(java.lang.String message)
Writes a debug message with a verbose severity.
Note that debug messages written by Server SDK extensions will be handled in the same way as debug messages generated in other areas of the server. However, the "Server SDK Extension Debug Logger" may be used to easily obtain only debug messages generated by Server SDK extensions, suppressing all messages generated in other areas of the server.- Parameters:
message
- The message to be debugged.
-
getLDAPExternalServerConnection
LDAPConnection getLDAPExternalServerConnection(java.lang.String ldapExternalServerCfgObjectName, LDAPConnectionOptions connectionOptions) throws LDAPException
Retrieves a connection that is established and (if appropriate) authenticated to the specified LDAP External server. This will be a newly-created connection that is not used for any other purpose, and the caller is responsible for closing that connection when it is no longer needed.- Parameters:
ldapExternalServerCfgObjectName
- The name of the configuration object for the LDAP external server to which the connection should be established. It must not benull
.connectionOptions
- The set of options to use for the connection that is established. It may benull
if a default set of options should be used.- Returns:
- The newly-created LDAP connection.
- Throws:
LDAPException
- If it is not possible to establish a connection to the target servers.
-
getLDAPExternalServerConnectionPool
LDAPConnectionPool getLDAPExternalServerConnectionPool(java.lang.String ldapExternalServerCfgObjectName, LDAPConnectionOptions connectionOptions, int initialConnections, int maxConnections, boolean throwOnConnectFailure) throws LDAPException
Retrieves a connection pool with connections to the specified server. This will be a newly-created connection pool that is not used for any other purpose, and the caller is responsible for closing that connection pool when it is no longer needed.- Parameters:
ldapExternalServerCfgObjectName
- The name of the configuration object for the LDAP external server to which the connections should be established. It must not benull
.connectionOptions
- The set of options to use for the connection that is established. It may benull
if a default set of options should be used.initialConnections
- The initial number of connections to attempt to establish. It must be greater than or equal to zero.maxConnections
- The maximum number of connections that should be established and unused in the pool at any time. It must be greater than or equal toinitialConnections
, and it must not be zero.throwOnConnectFailure
- Indicates whether to throw anLDAPException
if an error is encountered while attempting to connect or authenticate any of the initial connections. If this isfalse
and none of the initial connections can be established (or if the initial number of connections is zero), then the pool will be returned without any connections.- Returns:
- The newly-created LDAP connection pool.
- Throws:
LDAPException
- If it is not possible to establish a pool of connections to the specified LDAP external server.
-
getObscuredValue
java.lang.String getObscuredValue(java.lang.String obscuredValueConfigObjectName) throws LDAPException
Retrieves the plaintext representation of the specified obscured value from the server configuration. Obscured values may be used to allow extensions to store potentially sensitive information (for example, credentials needed to access some external system) in the configuration in a manner that will prevent them from being stored in the clear or displayed in the clear in administrative interfaces. If a server extension needs to be configured with potentially sensitive information, it is recommended that each piece of sensitive information be stored as an obscured value, and that the extension be configured with the names of the relevant obscured values.- Parameters:
obscuredValueConfigObjectName
- The name of the configuration object for the obscured value to retrieve. It must not benull
.- Returns:
- The plaintext representation of the specified obscured value from the server configuration.
- Throws:
LDAPException
- If the provided name does not reference an obscured value that is defined in the server configuration.
-
createValueConstructor
ValueConstructor createValueConstructor(java.lang.String constructedValueTemplate) throws LDAPException
Returns a ValueConstructor built from the provided value template. A ValueConstructor can be used to construct string values from a template that can reference attributes on an entry.- Parameters:
constructedValueTemplate
- The constructed value pattern. SeeValueConstructor
for details on the syntax for the template.- Returns:
- A ValueConstructor based on the provided template.
- Throws:
LDAPException
- If the provided value template is invalid.
-
getGroup
Group getGroup(java.lang.String groupDN) throws LDAPException
Retrieves the group defined in the specified entry.- Parameters:
groupDN
- The DN of the entry containing the group to retrieve. It must not benull
.- Returns:
- The group defined in the specified entry.
- Throws:
LDAPException
- If the specified entry does not exist, if it exists but does not represent a group, or if a problem is encountered while retrieving the group.
-
getGroupsForUser
java.util.Map<DN,Group> getGroupsForUser(java.lang.String userDN, boolean directMembershipOnly) throws LDAPException
Retrieves the set of groups in which the specified user is a member, indexed by group DN.- Parameters:
userDN
- The DN of the user for whom to retrieve the associated groups. It must not benull
.directMembershipOnly
- Indicates whether to only consider the user a member of the group if that user is directly named as a member of the group. If this parameter istrue
, then the method will returntrue
only if the user is directly listed as a member of the group, and will not included dynamic or nested membership. If this parameter isfalse
, then the method will returntrue
if the user is a direct member of the group, is a member of a dynamic group in which the user matches the membership criteria, or if the user is a member of a nested group.- Returns:
- A map of the groups in which the specified user is a member, or an empty map if the specified user is not a member of any groups.
- Throws:
LDAPException
- If the specified user does not exist or if a problem is encountered while attempting to retrieve the groups in which the user is a member.
-
hasPrivilege
boolean hasPrivilege(java.lang.String userDN, java.lang.String privilegeName) throws LDAPException
Indicates whether the specified user has the indicated privilege. The set of defined privileges may be found in the privilege-list.html and privilege-list.csv files in the server docs directory.- Parameters:
userDN
- The DN of the user for whom to make the determination. It must not benull
.privilegeName
- The name of the privilege for which to make the determination. It must not benull
.- Returns:
true
if the specified user has the indicated privilege, orfalse
if not.- Throws:
LDAPException
- If the specified user does not exist, if the indicated privilege is not defined in the server, or if a problem is encountered while trying to make the determination.
-
getPrivilegeNames
java.util.Set<java.lang.String> getPrivilegeNames(java.lang.String userDN) throws LDAPException
Retrieves the names of the privileges held by the specified user. The set of defined privileges may be found in the privilege-list.html and privilege-list.csv files in the server docs directory.- Parameters:
userDN
- The DN of the user for whom to retrieve the privileges. It must not benull
.- Returns:
- The names of the privileges held by the specified user, or an empty set if the user does not have any privileges.
- Throws:
LDAPException
- If the specified user does not exist, or if a problem is encountered while attempting to retrieve the user's privileges.
-
reloadHTTPConnectionHandlerCertificates
void reloadHTTPConnectionHandlerCertificates() throws LDAPException
Reload the key and trust manager providers associated with any HTTP connection handlers.that provide support for HTTPS. This can cause any changes to the certificates in those stores to be applied to the running instance without the need to disable and re-enable the connection handler or to restart the server. Note that this reload does have the potential to interfere with the ability for clients to resume a TLS session created before the reload was invoked.- Throws:
LDAPException
- If an error occurs.
-
getPossiblyCompressedAndEncryptedInputStream
java.io.InputStream getPossiblyCompressedAndEncryptedInputStream(java.io.File file) throws LDAPException, java.security.GeneralSecurityException, java.io.IOException
Opens an input stream that may be used to read data from the provided file. The contents of the file may optionally have been encrypted with the LDAP SDK'sPassphraseEncryptedOutputStream
using a key from the server's encryption settings database, and may have optionally been compressed with the GZIP compression algorithm. If the file is both compressed and encrypted, then the data must have been compressed before it was encrypted.- Parameters:
file
- The file to be read. It must not benull
.- Returns:
- The input stream that may be used to read the optionally compressed and/or encrypted file.
- Throws:
LDAPException
- If a problem is encountered while interacting with the server's encryption framework, or if the data is encrypted with a key not contained in the encryption settings database.java.security.GeneralSecurityException
- If a problem is encountered while preparing to decrypt the data.java.io.IOException
- If a problem is encountered while attempting to read or decompress the data.
-
getPossiblyCompressedAndEncryptedInputStream
java.io.InputStream getPossiblyCompressedAndEncryptedInputStream(java.io.InputStream inputStream) throws LDAPException, java.security.GeneralSecurityException, java.io.IOException
Examines the provided input stream and determines whether its contents have been encrypted with aPassphraseEncryptedOutputStream
, and if so, retrieves an input stream that may be used to read its decrypted content. Also examines the input stream to determine whether its contents may have been GZIP-compressed, and if so, retrieves an input stream that may be used to read its decompressed content. If the data is encrypted, it must start with aPassphraseEncryptedStreamHeader
, and it must have been encrypted with a key contained in the server's encryption settings database. If the data is both compressed and encrypted, then it must have been compressed before it was encrypted.
Note that if a problem occurs that causes this method to throw an exception, then the provided stream will have been closed before control returns to the caller.- Parameters:
inputStream
- The input stream from which the data is to be obtained. It must not benull
.- Returns:
- The input stream that may be used to read the optionally compressed and/or encrypted data from the provided input stream.
- Throws:
LDAPException
- If a problem is encountered while interacting with the server's encryption framework, or if the data is encrypted with a key not contained in the encryption settings database.java.security.GeneralSecurityException
- If a problem is encountered while preparing to decrypt the data.java.io.IOException
- If a problem is encountered while attempting to read or decompress the data.
-
getEncryptedOutputStream
java.io.OutputStream getEncryptedOutputStream(java.io.OutputStream outputStream, boolean compress) throws LDAPException, java.io.IOException, java.security.GeneralSecurityException
Wraps the provided output stream in aPassphraseEncryptedOutputStream
so that data written to it will be encrypted, optionally after also wrapping it in aGZIPOutputStream
to ensure that the data is compressed before it is encrypted. The encryption key will be obtained from the server's preferred encryption settings definition.- Parameters:
outputStream
- The output stream to be wrapped. It must not benull
.compress
- Indicates whether to GZIP-compress the data before encrypting it.- Returns:
- The output stream that may be used to write encrypted (and possibly compressed) data.
- Throws:
LDAPException
- If a problem is encountered while interacting with the server's encryption framework or if the server encryption settings database does not have a preferred definition.java.security.GeneralSecurityException
- If a problem is encountered while preparing to encrypt the data.java.io.IOException
- If a problem occurs while preparing to compress the the data.
-
getEncryptedOutputStream
java.io.OutputStream getEncryptedOutputStream(java.io.OutputStream outputStream, java.lang.String encryptionSettingsDefinitionID, boolean compress) throws LDAPException, java.security.GeneralSecurityException, java.io.IOException
Wraps the provided output stream in aPassphraseEncryptedOutputStream
so that data written to it will be encrypted, optionally after also wrapping it in aGZIPOutputStream
to ensure that the data is compressed before it is encrypted.- Parameters:
outputStream
- The output stream to be wrapped. It must not benull
.encryptionSettingsDefinitionID
- The identifier of the encryption settings definition that should be used to encrypt the data. It must not benull
.compress
- Indicates whether to GZIP-compress the data before encrypting it.- Returns:
- The output stream that may be used to write encrypted (and possibly compressed) data.
- Throws:
LDAPException
- If a problem is encountered while interacting with the server's encryption framework, or if the encryption settings database does not have a definition with the specified ID.java.security.GeneralSecurityException
- If a problem is encountered while preparing to encrypt the data.java.io.IOException
- If a problem occurs while preparing to compress the the data.
-
getPreferredEncryptionSettingsDefinition
EncryptionSettingsDefinition getPreferredEncryptionSettingsDefinition()
Retrieves information about the server's preferred encryption settings definition, which is the default definition that will be used for new encryption operations if no other definition is requested.- Returns:
- Information about the server's preferred encryption settings
definition, or
null
if the server does not have a preferred encryption settings definition.
-
getEncryptionSettingsDefinition
EncryptionSettingsDefinition getEncryptionSettingsDefinition(java.lang.String id)
Retrieves the encryption settings definition with the specified ID.- Parameters:
id
- The identifier for the encryption settings definition to retrieve. It must not benull
.- Returns:
- The encryption settings definition with the specified ID, or
null
if the encryption settings database does not have a definition with the specified ID.
-
getEncryptionSettingsDefinitions
java.util.List<EncryptionSettingsDefinition> getEncryptionSettingsDefinitions()
Retrieves a list of all of the encryption settings definitions contained in the server's encryption settings database.- Returns:
- A list of all the encryption settings definitions contained in the server's encryption settings database.
-
createEMailMessage
EMailMessage createEMailMessage(java.lang.String senderAddress, java.lang.String replyToAddress, java.util.Collection<java.lang.String> toAddresses, java.util.Collection<java.lang.String> ccAddresses, java.util.Collection<java.lang.String> bccAddresses, java.lang.String subject, java.lang.String plainTextPart, java.lang.String htmlPart, java.util.Map<java.lang.String,java.util.List<java.lang.String>> customHeaders, java.util.List<EMailAttachment> attachments) throws javax.mail.MessagingException
Creates a multi-part email message with the provided information.- Parameters:
senderAddress
- The sender address for the email message. It must not benull
or empty.replyToAddress
- The reply-to address for this email message. It may benull
if no reply-to address is needed. If it is non-null
, then it must not be empty.toAddresses
- The set of "to" addresses for the email message. At least one of thetoAddresses
,ccAddresses
, andbccAddresses
arguments must be non-null
and non-empty.ccAddresses
- The set of "cc" addresses for the email message. At least one of thetoAddresses
,ccAddresses
, andbccAddresses
arguments must be non-null
and non-empty.bccAddresses
- The set of "bcc" addresses for the email message. At least one of thetoAddresses
,ccAddresses
, andbccAddresses
arguments must be non-null
and non-empty.subject
- The subject for the email message. It must not benull
or empty.plainTextPart
- The content for the plain-text-formatted body of the message. It must not benull
ifhtmlPart
isnull
. If it is non-null
, then it must not be empty.htmlPart
- The content for the HTML-formatted body of the message. It must not benull
ifplainTextPart
isnull
. If it is non-null
, then it must not be empty.customHeaders
- An optional map of custom headers to include in the email message. It may benull
or empty if no custom headers should be included.attachments
- An optional set of attachments to include in the email message. It may benull
or empty if the message should not include any attachments.- Returns:
- The email message that was created.
- Throws:
javax.mail.MessagingException
- If there is a problem with any of the provided addresses.
-
createEMailAttachment
EMailAttachment createEMailAttachment(java.lang.String filename, java.lang.String contentType, boolean isInline, byte[] data)
Creates an email attachment with the provided information.- Parameters:
filename
- The filename for this attachment. It must not benull
or empty. It must be just the name of the file, without any path information.contentType
- The MIME type for the email attachment. If this isnull
, then a default value of "application/octet-stream" will be used.isInline
- Indicates whether the attachment is intended to be referenced inline within the body of the email message (e.g., an image displayed within the HTML-formatted message).data
- The bytes that comprise the data for the attachment. It must not benull
or empty.- Returns:
- The email attachment that has been created.
-
getPassphraseFromPassphraseProvider
char[] getPassphraseFromPassphraseProvider(java.lang.String providerName, boolean allowCached) throws LDAPException
Retrieves a passphrase obtained by the specified passphrase provider.- Parameters:
providerName
- The name or configuration entry DN for the passphrase provider to invoke. It must not benull
.allowCached
- Indicates whether the provider may use a cached version of the passphrase (if the provider supports caching).- Returns:
- The passphrase retrieved from the specified passphrase provider.
It will not be
null
. - Throws:
LDAPException
- If the requested passphrase provider is not defined or enabled in the server configuration, or if a problem occurs while invoking the passphrase provider.
-
-