org.forgerock / org.forgerock.opendj

28 Feb, 2007

5 commits

  • 134750d7   Replace call to PasswordPolicyState.requireSecureAuthentication with call to ... Browse Dir » 
    PasswordPolicy.requireSecureAuthentication (via PasswordPolicyState.getPolicy). I had missed this call in an earlier commit.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1276 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • c7992bba   This set of changes allow to have the schema synchronization working by ... Browse Dir » 
    configuring synchronization for suffix cn=schema (issue 613) .

You may want to read the schema Synchronization documents before reviewing this
https://opends.dev.java.net/public/docs/dev-docs/SchemaSyncFeatureRequirements.html   and
https://opends.dev.java.net/public/docs/dev-docs/SchemaSyncDesign.html

It includes :

- Change the PersistentServerState to use attribute ds-sync-state in the base entry
 instead of a specific entry.
 Add new unit test for the PersistentServerState class.
 Change attribute ds-sync-state to be an operational attribute.

- Change the schema backend to allow storage of the ds-synch-state attribute in the
 schema ldif File.
 This change is arguable because  I have chosen to make this as simple as possible
 and therefore only allowed the storage of this attribute in the schema File.
 While this has the advantage of being very simple it has
 the drawback of adding some code in the schema backend that is only related to synchronization.
 The other choice would be to add a generic service in the schema backend for storing
 any type of attribute.
 Please tell me if you think that this would be better.

- Disable the conflict resolution for cn=schema so that we don't polute the ldif entries
 with the historical information

- Add unit test for schema synchronization

The work for schema synchronization is not complete with this.
A second round of modification is necessary for synchronizing the schema changes
done by manually editing the files or by dynamically loading a file.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1275 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     
  • d0638f14   Fix for issue 517 : Configurable purge delay ... Browse Dir » 
    This change makes possible to configure the Changelog purge delay that
was previously hard-coded using the ds-cfg-changelog-purge-delay attribute.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1274 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     
  • fb2606cf   Update copyright files with the correct year. ... Browse Dir » 
    
git-svn-id: https://svn.forgerock.org/opendj/trunk@1273 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 2fdea111   Fix for issue 1285. ... Browse Dir » 
    The problem was caused because in the class InstallDS the check for the port was not performed when the user already provided the port through the command line (see first diffs in InstallDS).

The rest of the diffs consist of factorization of code to be shared between the quicksetup classes and the class org.opends.server.tools.InstallDS.  Some methods from the Utils class of quicksetup have been moved to the SetupUtils class; these methods allow to know if a given port is priviledged or not, if we can use it to configure the server and to know in which Operating System the JVM is running.   The operating system methods use the enumeration OperatingSystem (which has been slightly modified to not have dependencies on other classes and to be included in quicksetup.jar).

Extra: use the class LockFileManager to know if the server is running or not.  The use of this class does not impact the Web Start Installer as we only want to know if the server is running or not once we have tried to start it (and so OpenDS.jar has already been loaded by the class loader).


git-svn-id: https://svn.forgerock.org/opendj/trunk@1272 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

27 Feb, 2007

1 commit

  • 91bff36a   The proposed fix is to do a similar thing that what has been done by ... Browse Dir » 
    Neil for issue #1266:  use a hidden option to check whether the server
is already running or not.  If the server is not running the message
'Server already stopped' is displayed, if the server is running the message 'Stopping Server... is displayed'.

So the output of the command with this changes is:

If the server is running
========================

bash-3.00$ bin/stop-ds --restart
Stopping Server...

[23/Feb/2007:17:00:28 +0100] category=CORE severity=NOTICE id=458886
msg="OpenDS Directory Server 0.1.0 starting up."
[23/Feb/2007:17:00:34 +0100] category=BACKEND severity=NOTICE id=8847402
msg="A database backend containing 1 entries has started."
[23/Feb/2007:17:00:34 +0100] category=CONFIG severity=SEVERE_WARNING
id=3277325 msg="Access control has been disabled."
[23/Feb/2007:17:00:35 +0100] category=CORE severity=NOTICE id=458887
msg="The Directory Server has started successfully."
[23/Feb/2007:17:00:35 +0100] category=CORE severity=NOTICE id=458891
msg="The Directory Server has sent an alert notification generated by
class org.opends.server.core.DirectoryServer (alert type
org.opends.server.DirectoryServerStarted, alert ID 458887):  The
Directory Server has started successfully.."
bash-3.00$
bash-3.00$ bin/stop-ds



If the server is stopped
========================

bash-3.00$ bin/stop-ds
Server already stopped.
bash-3.00$ bin/stop-ds --restart
Server already stopped.
[23/Feb/2007:16:59:50 +0100] category=CORE severity=NOTICE id=458886
msg="OpenDS Directory Server 0.1.0 starting up."
[23/Feb/2007:16:59:55 +0100] category=BACKEND severity=NOTICE id=8847402
msg="A database backend containing 1 entries has started."
[23/Feb/2007:16:59:56 +0100] category=CONFIG severity=SEVERE_WARNING
id=3277325 msg="Access control has been disabled."
[23/Feb/2007:16:59:57 +0100] category=CORE severity=NOTICE id=458887
msg="The Directory Server has started successfully."
[23/Feb/2007:16:59:57 +0100] category=CORE severity=NOTICE id=458891
msg="The Directory Server has sent an alert notification generated by
class org.opends.server.core.DirectoryServer (alert type
org.opends.server.DirectoryServerStarted, alert ID 458887):  The
Directory Server has started successfully.." 


git-svn-id: https://svn.forgerock.org/opendj/trunk@1263 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

26 Feb, 2007

2 commits

23 Feb, 2007

9 commits

  • 9a70c175   Recommit for issue 740. A debug logging helper method (EntryContainer#debugAcces… ... Browse Dir » 
    …s) did not check for null OperationStatus objects being passed in and caused an NullPointerException whenever EntryCount was called. Added a null check.

Changed ID2Entry#getRecordCount to use the Database#count method in JE 3.1.0. The JE backend no longer keeps a count of entries in entry ID 0. Modified TestVerifyJob unit test to no longer simulate a incorrect entry count.

It was a clear case that using Database#count is much faster then keeping a count at entryID 0. At the least, it can eliminate a database read and write on every entry add and delete operation. In addition, calling Database#count is faster then getting an entry out of the database as the following shows.

Time took to get entry count 100 times (w/o transactions):

Duration using Database#count: 16731000 ns
Duration using old entry counter: 22094000 ns

Duration using Database#count: 17124000 ns
Duration using old entry counter: 39434000 ns

Duration using Database#count: 15522000 ns
Duration using old entry counter: 20069000 ns

Duration using Database#count: 15873000 ns
Duration using old entry counter: 19732000 ns

Duration using Database#count: 15871000 ns
Duration using old entry counter: 20594000 ns

Duration using Database#count: 21099000 ns
Duration using old entry counter: 21877000 ns

Fix for issue 740

git-svn-id: https://svn.forgerock.org/opendj/trunk@1247 41b1ffd8-f28e-4786-ab96-9950f0a78031
    boli
     
  • 35fe56e5   Revert the changes in revision #1237 (for issue #740) because they have ... Browse Dir » 
    introduced a large number of test failures.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1245 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • 292f121d   This change prepares the unit tests for when the ACI handler will get enabled by… ... Browse Dir » 
    … default.  Most of the failing tests are fixed by adding bypass-acl privilege to the entries of the users the failing tests bind as.

This change also includes an important fix to the server for operations carrying the proxied auth control.  The ACI check in the core operation is moved after the controls processing to ensure that the correct authorization user is picked up, and the ACI handler now gets the authorization user from the operation rather than the connection.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1244 41b1ffd8-f28e-4786-ab96-9950f0a78031
    coulbeck
     
  • 46c3a6ac   Update the entry schema checking code to ensure that all attributes have at ... Browse Dir » 
    least one value.  This will prevent add requests from being able to add entries
containing attributes with no values.

OpenDS Issue Number:  1275


git-svn-id: https://svn.forgerock.org/opendj/trunk@1241 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • aa0bbc0d   Add a new SSL trust manager that can be used to interactively prompt the user ... Browse Dir » 
    about whether a given SSL certificate should be trusted.  This will be used for
all of our client tools in the case when no trust store is available and the
user has not requested the "--trustAll" option.

OpenDS Issue Number:  1274


git-svn-id: https://svn.forgerock.org/opendj/trunk@1240 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • 81e7f7e8   Move access control initialization ahead of backend initialization ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/opendj/trunk@1239 41b1ffd8-f28e-4786-ab96-9950f0a78031
    dugan
     
  • 613017ce   Add a new org.opends.server.interop package where we can place source code that ... Browse Dir » 
    we don't need in the core server but can help other applications interoperate
with OpenDS.

Also, add a class org.opends.server.interop.LazyDN which is a
lazily-initialized version of the org.opends.server.types.DN class.  This makes
it possible to have very fast DN processing when you need to create a DN from
a String and the only thing that will be called on that DN is the toString()
method.  This commit includes test cases to ensure that the public methods of
the DN and LazyDN classes stay in sync.

OpenDS Issue Number:  1276


git-svn-id: https://svn.forgerock.org/opendj/trunk@1238 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • 10347c82   Changed ID2Entry#getRecordCount to use the Database#count method in JE 3.1.0. Th… ... Browse Dir » 
    …e JE backend no longer keeps a count of entries in entry ID 0. Modified TestVerifyJob unit test to no longer simulate a incorrect entry count.

Fix for issue 740

git-svn-id: https://svn.forgerock.org/opendj/trunk@1237 41b1ffd8-f28e-4786-ab96-9950f0a78031
    boli
     
  • 37144303   Update the DN class to remove the "public" modifier from a few methods that ... Browse Dir » 
    are intended only for internal use.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1230 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     

22 Feb, 2007

3 commits

  • c4009404   Update the access control config manager to send an administrative alert ... Browse Dir » 
    notification whenever the access control handler is enabled or disabled.

OpenDS Issue Number:  1269


git-svn-id: https://svn.forgerock.org/opendj/trunk@1229 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • d4d0fcf8   Update the start-ds script and associated Directory Server code to ensure that ... Browse Dir » 
    the PID file is only written if the server is not already running.  If it's not
being used to try to start the server, then just invoke the command without a
PID file.  If it is trying to start the server but the server is already
running, then exit with an error.

OpenDS Issue Number:  1251


git-svn-id: https://svn.forgerock.org/opendj/trunk@1220 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • b2f50ba6   Fix for Issues #1025 and #1248 ('stop-ds.bat should be able to stop server even … ... Browse Dir » 
    …if LDAP port' and 'cannot stop server through status panel').

The goal of these changes is to be able to have exactly the same user interface in Windows and Unix to stop the server.  In windows we force the user to provide LDAP credentials even if the command is going to be run locally.  The goal is to allow to stop the server using only system credentials (as we do in UNIX) when the user does not provide arguments when calling stop-ds.bat.

In order to do this I have written some native code.  This native code is called when we start the server to:
1. Launch the java process and get the associated PID.
2. Create a server.pid file as we do for UNIX systems to store the PID of the process.

The native code that stops the server reads the PID file contents and tries to stop the process associated with the PID.

In order to allow the users to be able to build the product with independence of the platform, the binaries will be included with the source code.  The code used to generate these binaries will also be provided.

I have generated 1 executable called winlauncher.exe.  The binaries will be committed in the source tree under lib (with activation.jar and mail.jar).  They will also be installed under <server root>\lib.

The native code is in the files winlauncher.c and winlauncher.h.  These files are placed under the new directory build-tools/src/windows.

I have tried to keep the native code simple and leave as much logic as I could into the batch files (for instance everything related to the discovery of the java binaries) so that the administrators can play with them.

A README file has been also been included to explain how to generate the binaries.

Extras:
When we call start-ds from the command line, the server will not stop when the command prompt window is closed (unless start-ds was called to run in not-detached mode).  The next step is to register DS as a service to avoid the server to be stopped when the user logs out.

When we call setup (with no arguments) or the statuspanel the generated process (and windows) will no longer get killed when the command prompt window is killed.

When the user double-clicks on the setup.bat or the statuspanel.bat files, the command prompt window only appears briefly.  Today when we do this a command prompt window stays open until we close setup or the status panel window.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1216 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

21 Feb, 2007

5 commits

20 Feb, 2007

1 commit

19 Feb, 2007

1 commit

  • eff37a32   fix for issue 1212 namingConflict test trigger an assert from the static group ... Browse Dir » 
    When it is enabled, the synchronization code can sometimes decide to abandon
an add operation. In such case the handleConflictResolution() method
of the SynchronizationProvider will return a code indicating to stop the
OperationProcessing.
However when doing this, the ChangeListener are still invoked
at the end of the AddOperation processing.
Since the operation has not been processed, the ChangeListeners are given
a null entry parameter but the StaticGroup code that runs as a ChangeListener
makes the assumptions that the entry is always non null at this point.
This currently causes the following assert when running the test
synchronization.UpdateOperationTest.namingConflicts()

The change notification listeners will only be invoked if the result
code for the operation is "SUCCESS", and at that point in the processing
it should only be SUCCESS if the update was actually applied.  If the
synchronization code decided to abort the operation the
the provider.handleConflictResolution() therefore now set
a Cancel Result code.







git-svn-id: https://svn.forgerock.org/opendj/trunk@1201 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     

18 Feb, 2007

3 commits

17 Feb, 2007

1 commit

  • b0460e07   [issue 1215] Prevent operations referencing an inconsistent Password Policy ... Browse Dir » 
    https://opends.dev.java.net/issues/show_bug.cgi?id=1215

The PasswordPolicy configurable component needs to be split in  order to avoid
the possibility of an operation referencing an  inconsistent PasswordPolicy
object (i.e., one in the middle of an  update).

Reviewed by neil_a_wilson, who noticed a coding error that would have resulted in intermittent NPEs.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1192 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     

16 Feb, 2007

3 commits

15 Feb, 2007

2 commits

13 Feb, 2007

1 commit

12 Feb, 2007

3 commits

  • 54aa9b09   OpenDS Issue 1229 ... Browse Dir » 
    This enhancement adds a convenience method to ConditionResult to return the inverse of a value of the CondtionResult type: e.g., inverseOf(TRUE) is FALSE.

New unit test is included.

Reviewed by neil_a_wilson.



git-svn-id: https://svn.forgerock.org/opendj/trunk@1138 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 8adb6465   Update the ldif-diff tool so that it provides an option that allows ... Browse Dir » 
    differences between entries to be split into multiple modifications each of
which has only a single value (as opposed to one modification containing all
changes to the entry).  This can be useful when attempting to apply
configuration changes during an upgrade.

OpenDS Issue Number:  1228


git-svn-id: https://svn.forgerock.org/opendj/trunk@1137 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • ea09487f   Fix a bug in the ldif-diff tool that creates the potential that an entry ... Browse Dir » 
    contained in both the source and target LDIF files will be included in the
output as an "add" record (potentially even if it also appears earlier in the
output as a "modify" record).

OpenDS Issue Number:  1227


git-svn-id: https://svn.forgerock.org/opendj/trunk@1136 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson