org.forgerock / org.forgerock.opendj

09 Mar, 2007

4 commits

08 Mar, 2007

8 commits

  • 66022d88   Fix for issue #1317: Wrong Error Code For Improperly Formatted ACIs. ... Browse Dir » 
    Define a new attribute syntax for the aci attribute.  Invalid values are now rejected by the core server before getting to the access control evaluation.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1350 41b1ffd8-f28e-4786-ab96-9950f0a78031
    coulbeck
     
  • b59d3a8a   issue 756:Import LDIF should allow groups of attributes ... Browse Dir » 
    to be included or excluded

git-svn-id: https://svn.forgerock.org/opendj/trunk@1349 41b1ffd8-f28e-4786-ab96-9950f0a78031
    sin
     
  • 8957bb10   Fix a bug in the schema backend that could cause problems when deleting one ... Browse Dir » 
    instance of an element and adding a different instance of the same element in
the same modification that also depends on a third schema element which was
added between the two.  For example, if you tried to have a single modify
operation that deleted an existing object class, added a new attribute type,
and added a new object class that depended on the new attribute type, the
operation would fail because when processing the removal of the object class
the server would attempt to determine whether it was going to be re-added later
in the operation and therefore attempted to decode any object class additions
later in the operation.  An error occurred when trying to decode the new object
class because it depended on an attribute type that was not yet defined and the
decode operation wasn't told to ignore unknown schema elements.

OpenDS Issue Number:  1318


git-svn-id: https://svn.forgerock.org/opendj/trunk@1346 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • afba6e2d   These changes move the PasswordPolicy field default-value initialization from a … ... Browse Dir » 
    …private constructor to the field declaration, and where appropriate, qualifies the field with "final".

The motivations are:

1. Easier to find default field values (e.g., use an IDE's "go to declaration" mechanism).

2. Mark any field with "final" that does not have a reasonable default value (i.e., those that depend on some constructor argument) to help ensure the object is properly initialized.



git-svn-id: https://svn.forgerock.org/opendj/trunk@1344 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • db0d3f5e   Update the UTC Time attribute syntax so that it correctly uses two-digit years ... Browse Dir » 
    instead of four-digit years.  Also, update other parts of the server that made
reference to UTC times when they really meant "YYYYMMDDhhmmssZ" to the term
"GMT" instead of "UTC" so there is no confusion about whether the year would be
expressed in four digits or two.

OpenDS Issue Number:  637


git-svn-id: https://svn.forgerock.org/opendj/trunk@1343 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • 0b6f2bee   Add a new CertificateManager class that can be used to simplify interacting ... Browse Dir » 
    with different types of key stores, including generating self-signed
certificates and certificate signing requests.

OpenDS Issue Number:  410


git-svn-id: https://svn.forgerock.org/opendj/trunk@1342 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • 638ddf81   Fix some synchronization tests so that they don't fail anymore when trying ... Browse Dir » 
    to add an entry that already exist.

Also suppress a spurious println forgotten in a previous commit.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1335 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     
  • 319cb6f9   Issue 613 : ... Browse Dir » 
    Add the capability to deal with schema changes made be editing the schema files :
The core server provides a notification to the synchronization. The
synchronization generates a pseudo changes and propagate it to the
other LDAP servers through the synchronization servers.

The core server is not yet able to provide the notification but this is the code
for the synchronization part of the job with its associated unit test.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1334 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     

07 Mar, 2007

5 commits

  • d134df64   Enable AspectJ weaving for the new debug logging framework: ... Browse Dir » 
    - This commit does not allow for configuring the debug logger over protocol. It can only be configured on server startup using properties.
- The settings specified during startup will remain in effect for the duration of the server.
- All messages are printed to standard out.
- Weaving could be turned off with the -DDEBUG_BUILD=false property when building the server.
- By default, the debug logger is off on server startup. It could be enabled by using the -Dorg.opends.server.debug.enabled=true.
- Debug targets may be defined with the -Dorg.opends.server.debug.target property. The syntax of this property can be found on the opends.dev.java.net documentation section.
- Debug logging is turned on by default on unit tests and printed on test failure. 
- Default debug target for unit tests could be changed by using the -Dorg.opends.test.debug.target property.

Fix for issue 836

git-svn-id: https://svn.forgerock.org/opendj/trunk@1333 41b1ffd8-f28e-4786-ab96-9950f0a78031
    boli
     
  • 9a3204a3   Remove test variable. ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/opendj/trunk@1327 41b1ffd8-f28e-4786-ab96-9950f0a78031
    dugan
     
  • 120f68ef   Remove type-o test variable left behind, also fix ... Browse Dir » 
    whitespace EOL.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1326 41b1ffd8-f28e-4786-ab96-9950f0a78031
    dugan
     
  • 7d41093f   These changes are mostly related to restructuring the regular ... Browse Dir » 
    expression patterns to make them more readable by defining constants. 

The other changes included are:

- support  the "targattrfilters" target keyword
- make the "search" right behave correctly
- fix a bug in the way we evaluate multiple permission bind rule pairs 
- the targetattr wild-card "*" will now not return operational
  attributes; operational attributes now need to be explicitly defined
  in the targetattr rule to grant access

git-svn-id: https://svn.forgerock.org/opendj/trunk@1325 41b1ffd8-f28e-4786-ab96-9950f0a78031
    dugan
     
  • 8c6dfb62   Fix for issue 1150 : Take attribute usage into account when synchronizing entries ... Browse Dir » 
    The synchronization code now takes the attribute usage into account so that
values associated with an attribute type with a usage of "dSAOperation" are not
synchronized between instances

git-svn-id: https://svn.forgerock.org/opendj/trunk@1323 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     

06 Mar, 2007

1 commit

  • a8d243be   Implement access control checking for the modify increment operation. The same … ... Browse Dir » 
    …checks are made for increment as would be made for a replace.  However, the access control handler needs to have the modified entry available so the access control handler is called later in the modify operation after the modified entry has been set.  This change has been discussed with Mike and Neil.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1322 41b1ffd8-f28e-4786-ab96-9950f0a78031
    coulbeck
     

02 Mar, 2007

4 commits

  • 8122b9ae   Make the import-ldif, export-ldif, backup, and restore tools easier to invoke ... Browse Dir » 
    programmatically from within the same JVM as the server.  This will make it
much easier to call them from unit tests.

OpenDS Issue Number:  1311


git-svn-id: https://svn.forgerock.org/opendj/trunk@1309 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • b7d6248d   Fix for issue #1309: Deleting ACI is Ineffective. ... Browse Dir » 
    This was caused by a null pointer exception that we previously got away with but became noticable since the ACI cache update is now atomic.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1306 41b1ffd8-f28e-4786-ab96-9950f0a78031
    coulbeck
     
  • 6d9f4dee   Allow the user to specify the JMX port using *j* option during the cli installat… ... Browse Dir » 
    …ion and using configure script.
In the QuickSetup I added some code to *temporarily* select a port that is not being used for JMX.  Today we do not inform the user of the existence of this port so this approach does not make things much worse and reduces the changes of port conflicts in general.  Even in the case where we are not installing multiple instances of OpenDS the port 1689 might be in use by another process.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1303 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 624d52f5   issue 504,505,507 : res-synchronization after restore or import ... Browse Dir » 
    The synchronization protocol already have some re-synchronization capabilities
that allows the synchronization server to detect where to start from the changelog
when a new LDAP server opens a session.

These changes implements the ability to do this when a restore or
an import is done when the LDAP server is online and already connected to a
synchronization server.

To achieve this the synchronization code, on notification from the core server
that a restore or an import is starting, close the session to the synchronization
server and restart it when the restore or import is finished.

The synchronization protocol then does its job of negociating where to start
from the changelog and resynchronizing the LDAP Server.

The core server does not yet provide the notification to the changelog server
but here if the synchronization part of the code along with some test for it.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1296 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     

01 Mar, 2007

8 commits

28 Feb, 2007

7 commits

  • 36fa55cb   Add a new key manager which provides the ability to specify which certificate ... Browse Dir » 
    should be presented based on its alias (aka its nickname).  This is used both
by server-side code which needs to present a certificate to clients, as well as
by client-side code which needs to present a certificate to the server.

OpenDS Issue Number:  1292


git-svn-id: https://svn.forgerock.org/opendj/trunk@1279 41b1ffd8-f28e-4786-ab96-9950f0a78031
    neil_a_wilson
     
  • e236e5c8   Replace call to PasswordPolicyState.requireSecureAuthentication with call to ... Browse Dir » 
    PasswordPolicy.requireSecureAuthentication (via PasswordPolicyState.getPolicy).
I had missed this call in an earlier commit.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1277 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 134750d7   Replace call to PasswordPolicyState.requireSecureAuthentication with call to ... Browse Dir » 
    PasswordPolicy.requireSecureAuthentication (via PasswordPolicyState.getPolicy). I had missed this call in an earlier commit.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1276 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • c7992bba   This set of changes allow to have the schema synchronization working by ... Browse Dir » 
    configuring synchronization for suffix cn=schema (issue 613) .

You may want to read the schema Synchronization documents before reviewing this
https://opends.dev.java.net/public/docs/dev-docs/SchemaSyncFeatureRequirements.html   and
https://opends.dev.java.net/public/docs/dev-docs/SchemaSyncDesign.html

It includes :

- Change the PersistentServerState to use attribute ds-sync-state in the base entry
 instead of a specific entry.
 Add new unit test for the PersistentServerState class.
 Change attribute ds-sync-state to be an operational attribute.

- Change the schema backend to allow storage of the ds-synch-state attribute in the
 schema ldif File.
 This change is arguable because  I have chosen to make this as simple as possible
 and therefore only allowed the storage of this attribute in the schema File.
 While this has the advantage of being very simple it has
 the drawback of adding some code in the schema backend that is only related to synchronization.
 The other choice would be to add a generic service in the schema backend for storing
 any type of attribute.
 Please tell me if you think that this would be better.

- Disable the conflict resolution for cn=schema so that we don't polute the ldif entries
 with the historical information

- Add unit test for schema synchronization

The work for schema synchronization is not complete with this.
A second round of modification is necessary for synchronizing the schema changes
done by manually editing the files or by dynamically loading a file.


git-svn-id: https://svn.forgerock.org/opendj/trunk@1275 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     
  • d0638f14   Fix for issue 517 : Configurable purge delay ... Browse Dir » 
    This change makes possible to configure the Changelog purge delay that
was previously hard-coded using the ds-cfg-changelog-purge-delay attribute.

git-svn-id: https://svn.forgerock.org/opendj/trunk@1274 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     
  • fb2606cf   Update copyright files with the correct year. ... Browse Dir » 
    
git-svn-id: https://svn.forgerock.org/opendj/trunk@1273 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 2fdea111   Fix for issue 1285. ... Browse Dir » 
    The problem was caused because in the class InstallDS the check for the port was not performed when the user already provided the port through the command line (see first diffs in InstallDS).

The rest of the diffs consist of factorization of code to be shared between the quicksetup classes and the class org.opends.server.tools.InstallDS.  Some methods from the Utils class of quicksetup have been moved to the SetupUtils class; these methods allow to know if a given port is priviledged or not, if we can use it to configure the server and to know in which Operating System the JVM is running.   The operating system methods use the enumeration OperatingSystem (which has been slightly modified to not have dependencies on other classes and to be included in quicksetup.jar).

Extra: use the class LockFileManager to know if the server is running or not.  The use of this class does not impact the Web Start Installer as we only want to know if the server is running or not once we have tried to start it (and so OpenDS.jar has already been loaded by the class loader).


git-svn-id: https://svn.forgerock.org/opendj/trunk@1272 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

27 Feb, 2007

1 commit

  • 91bff36a   The proposed fix is to do a similar thing that what has been done by ... Browse Dir » 
    Neil for issue #1266:  use a hidden option to check whether the server
is already running or not.  If the server is not running the message
'Server already stopped' is displayed, if the server is running the message 'Stopping Server... is displayed'.

So the output of the command with this changes is:

If the server is running
========================

bash-3.00$ bin/stop-ds --restart
Stopping Server...

[23/Feb/2007:17:00:28 +0100] category=CORE severity=NOTICE id=458886
msg="OpenDS Directory Server 0.1.0 starting up."
[23/Feb/2007:17:00:34 +0100] category=BACKEND severity=NOTICE id=8847402
msg="A database backend containing 1 entries has started."
[23/Feb/2007:17:00:34 +0100] category=CONFIG severity=SEVERE_WARNING
id=3277325 msg="Access control has been disabled."
[23/Feb/2007:17:00:35 +0100] category=CORE severity=NOTICE id=458887
msg="The Directory Server has started successfully."
[23/Feb/2007:17:00:35 +0100] category=CORE severity=NOTICE id=458891
msg="The Directory Server has sent an alert notification generated by
class org.opends.server.core.DirectoryServer (alert type
org.opends.server.DirectoryServerStarted, alert ID 458887):  The
Directory Server has started successfully.."
bash-3.00$
bash-3.00$ bin/stop-ds



If the server is stopped
========================

bash-3.00$ bin/stop-ds
Server already stopped.
bash-3.00$ bin/stop-ds --restart
Server already stopped.
[23/Feb/2007:16:59:50 +0100] category=CORE severity=NOTICE id=458886
msg="OpenDS Directory Server 0.1.0 starting up."
[23/Feb/2007:16:59:55 +0100] category=BACKEND severity=NOTICE id=8847402
msg="A database backend containing 1 entries has started."
[23/Feb/2007:16:59:56 +0100] category=CONFIG severity=SEVERE_WARNING
id=3277325 msg="Access control has been disabled."
[23/Feb/2007:16:59:57 +0100] category=CORE severity=NOTICE id=458887
msg="The Directory Server has started successfully."
[23/Feb/2007:16:59:57 +0100] category=CORE severity=NOTICE id=458891
msg="The Directory Server has sent an alert notification generated by
class org.opends.server.core.DirectoryServer (alert type
org.opends.server.DirectoryServerStarted, alert ID 458887):  The
Directory Server has started successfully.." 


git-svn-id: https://svn.forgerock.org/opendj/trunk@1263 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

26 Feb, 2007

2 commits