org.forgerock / org.forgerock.opendj

19 Mar, 2012

1 commit

23 Feb, 2012

1 commit

12 Dec, 2011

1 commit

03 Nov, 2011

1 commit

02 Nov, 2011

1 commit

25 Oct, 2011

1 commit

19 Oct, 2011

1 commit

11 Oct, 2011

1 commit

18 Aug, 2011

1 commit

  • bd256e2e   Initial checkpoint of work for OPENDJ-262: Implement pass through authentication (PTA) ... Browse Dir » 
    Refactor PasswordPolicy implementation so that we now have a common parent type, "AuthenticatioPolicy", which will act as a common entry point for all authentication policies. In particular, password policies can be thought of as a specific type of authentication policy: one where authentication and the user's credentials are managed locally. PTA can be thought of as a non-local authentication policy: the password is managed by a third party.

With this change we still only have one type of authentication policy and no attempt has been made to refactor code which uses it. More specifically, code such as the local backend WFE just type-casts the authentication policy to a password policy.

Another implication of this change is that sub-entry based password policies now automatically inherit run-time changes made to the default password policy, whereas before a server restart was required.


git-svn-id: https://svn.forgerock.org/opendj/trunk@7192 41b1ffd8-f28e-4786-ab96-9950f0a78031
    matthew
     

09 Jun, 2011

2 commits

06 Jun, 2011

1 commit

17 May, 2011

1 commit

02 Feb, 2011

1 commit

26 Nov, 2010

1 commit

26 Oct, 2010

1 commit

  • c295d24a   Resolves Enhancement request OpenDJ-5: Support Linux md5 crypt storage for password ... Browse Dir » 
    This changes are adding support for the BSD MD5 crypt hash as part of the CRYPT password storage scheme.
A new parameter has been added to the configuration of the storage scheme to select whether new passwords should be hashed with the unix algo (default) or the md5 one.
When it comes to authentication, the scheme is able to detect the algo (based on the $1$ prefix) and match appropriately.
Unit tests have been added, including test again passwords already hashed on Linux systems.

git-svn-id: https://svn.forgerock.org/opendj/trunk@6641 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludo
     

30 Sep, 2010

1 commit

17 Sep, 2010

3 commits

18 Aug, 2010

2 commits

  • 623fd074   First pass on solving issue #514, reducing Replication meta data, especially age… ... Browse Dir » 
    …d information. The default is to keep the replication meta data (historical information) for at least 1 day.
Purging occurs on the fly when entries are modified, or via a task. Launching the task will be available through dsreplication in separate commit. 

git-svn-id: https://svn.forgerock.org/opendj/trunk@6567 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     
  • dbedb655   Cleanup. Remove references to Java 5 since we no longer support it. ... Browse Dir » 
    Cleanup messages, removing unnecessary casts (due to bugs in early versions of Java 5), removing dead code.
The minimal version has been set to Java 1.6.0_10.
Also cleanup the Java Stubs for MacOS, removed the StatusPanel (replaced by ControlPanel since 1.2), and update Info.plist to require 1.6 or higher, show 2.3 as version.



git-svn-id: https://svn.forgerock.org/opendj/trunk@6564 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     

30 Jul, 2010

3 commits

  • 3441062b   Add a global ACI to prevent possible write access to subentries. ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/opendj/trunk@6557 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     
  • e883d7f5   Implements a disk space thresholds feature, preventing the server from crashing … ... Browse Dir » 
    …or exiting of disks full.

Each instance of the monitor have two thresholds: "low" and "full". Other components can register their own handlers if they wish to receive notifications when the thresholds are reached. It extends the MonitorProvider interface and utilizes the update interval mechanism to poll the free disk space. The current free space and state of all monitor instances are exposed through the cn=monitor interface under the cn=Disk Space Monitor branch. The only component using the monitor now is the JE backend. When the "low" threshold is reached, write operations will only be permitted to users with the BYPASS_LOCKDOWN privilege. When the "full" threshold is reached, the backend is placed in read-only mode. The default "low" and "full" thresholds are 100 MB and 10MB respectively. Along with the new feature, this patch also added two privileges: SERVER_LOCKDOWN and BYPASS_LOCKDOWN. Any user with the SERVER_LOCKDOWN privilege can put and take the server out of lockdown mode. Any user with the BYPASS_LOCKDOWN mode can bypass lockdown mode. This was restricted to only "root" users before. In addition, the MonitorProvider abstract class no longer extends DirectoryThread. It now uses a static single threaded ScheduledExecutorService to update provider states. Any provider that wishes to have its state updated periodically needs to register its updater runnable with the scheduleUpdate method.

git-svn-id: https://svn.forgerock.org/opendj/trunk@6549 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     
  • 7f00a061   Extend RFC3672 subtreeSpecification to allow OpenDS specific RelativeSubtreeSpec… ... Browse Dir » 
    … and AbsoluteSubtreeSpec.


git-svn-id: https://svn.forgerock.org/opendj/trunk@6545 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     

05 Jul, 2010

1 commit

  • d236c278   Apply SleepyCat recommendations regarding JE default tunings. ... Browse Dir » 
    The max log size is decreased to 10MB and checkpointer to 20MB.
Also increases the number of cleaners to match the default number of workers.
These new settings are helping with reducing the etimes on write operations

git-svn-id: https://svn.forgerock.org/opendj/trunk@6537 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     

25 Jun, 2010

1 commit

07 Jun, 2010

1 commit

29 Apr, 2010

2 commits

  • 73570c1e   Last batch of changes for this week. ... Browse Dir » 
    This adds support for the IETF based Password Policy for LDAP as SubEntry.
Also resolves the following issues :
- 4544 :  initializeBackend() should not set JE env config params directly.
- 4478 : ECL in draft compat mode / search lastchangenumber can be very long
- 4538 : Virtual attributes not retrieved when entry cache configured
- 4547 : Search Filter Matching differ for cn=Directory Manager and plain user.
- 4514 : Logs shows unexpected message with replication monitoring data missing (Partial fix)
- 4534 : Replication using security does not work after server restart
- 4516 : SEVERE_ERROR: servers (...) have the same ServerId
In addition, they also improve reliability and performance in various areas including CollectiveAttributes, Virtual Attributes and Subentries management, Schema loading, Replication...

git-svn-id: https://svn.forgerock.org/opendj/trunk@6400 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     
  • e91b8ff0   Batch of changes that : ... Browse Dir » 
    - Update BDB JE to version 4.0.95
- Remove BDB logging configuration and definitely fix issue 4367 
- Resolve issue 4523 - ACI and sub-entry caches not updated on replicas
- Update the build factory to warn about generated messages on precommit
- Resolve some issues in the Control Panel
- Fix an issue with java.properties being ignored by some CLI

git-svn-id: https://svn.forgerock.org/opendj/trunk@6399 41b1ffd8-f28e-4786-ab96-9950f0a78031
    ludovicp
     

19 Jan, 2010

1 commit

12 Jan, 2010

1 commit

25 Dec, 2009

1 commit

24 Nov, 2009

1 commit

10 Nov, 2009

1 commit

19 Oct, 2009

1 commit

09 Oct, 2009

1 commit

16 Sep, 2009

1 commit

17 Aug, 2009

1 commit

14 Aug, 2009

1 commit