org.forgerock / org.forgerock.opendj

13 Nov, 2007

1 commit

  • e4908f3f   Fix for issue 2582. ... Browse Dir » 
    Make the setup command line to support properties files.

Make the uninstall command line to support properties files.

Support properties files in dsreplication for all the subcommand arguments.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3447 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

12 Nov, 2007

1 commit

  • 6db22638   Update the dsreplication command-line to be consistent with dsconfig in the use … ... Browse Dir » 
    …of menus and in the order that questions to connect to the servers.
Update the upgrade to use the same menus as the other command-lines.
Do some minor changes in the uninstall command-line in order to be more consistent with dsconfig in the order where the connection parameters are provided.
Fix a bug in ApplicationTrustManager related to the accepted certificates when there is a mismatch between the certificate and the host name.
Do some refactorization of the code and remove the CliApplicationHelper class so that we use ConsoleApplication everywhere.



git-svn-id: https://svn.forgerock.org/opendj/trunk@3435 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

09 Nov, 2007

2 commits

  • d5442b54   This set of updates fix several issues related to the JEB backend: ... Browse Dir » 
    1. The db directory is now automatically created if it doesn't alreadly exist. When changing the db directory, a message is now displayed to let the user know the files will have to be manually moved and the backend restarted. (Issue 1979)

2. The backend no longer uses the Database.count method in JE as it is too expensive for large databases. The count can also be inaccurate when concurrent operations are executing on the server. This was causing the getEntryCount method up to 20 seconds to return. The count is now obtained from the id2subtree index. If the count is not maintained or the index is corrupt, it will fall back to using Database.count. (Issue 2581 and Issue 2420) 



git-svn-id: https://svn.forgerock.org/opendj/trunk@3434 41b1ffd8-f28e-4786-ab96-9950f0a78031
    boli
     
  • fcdb2e12   Be explicit about the fact that we require a fully qualified name of the host na… ... Browse Dir » 
    …me in the dsreplication usage.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3428 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

08 Nov, 2007

3 commits

  • c33ffd2d   Fix for issue 2575. ... Browse Dir » 
    The problem is that there is a timeout when reading the monitoring informations 
on the server and the code did not handle this properly.

I have made the method Utils.getMessage to handle properly the case when a Topol
ogyCacheException has not a Throwable cause.  In addition to that the method ret
urns a specific message when a timeout occurs.  Finally the timeout thresold has
 been risen from 10 to 30 seconds to be able to read the topology.



git-svn-id: https://svn.forgerock.org/opendj/trunk@3426 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 10c22e4f   Fix for issue 2573. ... Browse Dir » 
    Fix the copy/paste errors in the description of the destination server arguments for the dsreplication initialize sub-command.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3424 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 2eb3212a   Update the code of the interactive installer to be consistent with dsconfig, set… ... Browse Dir » 
    …up and status command-lines in the formatting and in the format used to present certificates to the user.

Fix some bugs in the way the ADS was updated when an instance is uninstalled.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3423 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     

05 Nov, 2007

4 commits

  • 5010aa80   Complete fix for issue 2263. ... Browse Dir » 
    The setup will automatically initialize the schema of the local server with the schema of the remote server.

A new argument has been added to dsreplication enable (useSecondServerAsSchemaSource) to allow the user to specify which server must be used to initialize the schema of the other.  The usage of this argument is:
Use the second server to initialize the schema of the first server.  If this option nor option {noSchemaReplication} are specified the schema of the first server will be used to initialize the schema of the second server



git-svn-id: https://svn.forgerock.org/opendj/trunk@3411 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 06b2949a   Add missing message. ... Browse Dir » 
    
git-svn-id: https://svn.forgerock.org/opendj/trunk@3409 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • ec66888d   Make the interactive mode of setup to be consistent with status and dsconfig. T… ... Browse Dir » 
    …he new options now ask for the different questions using the MenuBuilder methods and the methods defined in the ConsoleApplication class.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3407 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 56e0f65d   Fix for 2263 : Provide a way to initialize schema between 2 servers. ... Browse Dir » 
    This code implements the importLDIF methods of the schema backend so
that the replication total update is now usable on cn=schema


git-svn-id: https://svn.forgerock.org/opendj/trunk@3405 41b1ffd8-f28e-4786-ab96-9950f0a78031
    gbellato
     

02 Nov, 2007

1 commit

30 Oct, 2007

1 commit

  • ee0ceaa1   s set of files provides the workflow configuration manual mode. ... Browse Dir » 
    Until now, the workflows were automatically configured-a wokflow
was created for each base DN in the backends. When new suffixes
were added or when a backend was added, the associated workflows
were also created (and simillarly workflows were deleted as suffixes
or backends were removed).

With the manual mode, each and every workflow in the server must
be defined explicitely in the configuration. By default, the server is
running in automatic configuration mode. To have a server running
with manual configuration mode one must set the attribute in
cn=config:

    dn: cn=config
    ...
    ds-cfg-workflow-configuration-mode: auto|manual


No attribute means "auto" mode.

The workflow configuration consist of 3 parts:
- the configuration of workfow elements
- the configuration of workfows
- the configuration of network groups


The Workflow Elements - A workflow element is a basic task in a
workflow. The workflow elements are organized in trees and the
simplest tree is made of one element. For example, the workflow
element that wraps a local backend is configured as follow:

    dn: ds-cfg-workflow-element-id=userRoot,cn=workflow elements,cn=config
    objectClass: top
    objectClass: ds-cfg-workflow-element
    objectClass: ds-cfg-local-backend-workflow-element
    ds-cfg-workflow-element-id: userRoot
    ds-cfg-enabled: true
    ds-cfg-java-class: org.opends.server.workflowelement.localbackend.LocalBackendWorkflowElement
    ds-cfg-backend: ds-cfg-backend-id=userRoot,cn=Backends,cn=config

From an admin standpoint, the local backend workflow element
is an aggregation of a single backend (attribute ds-cfg-backend).
So we cannot disable/delete a backend as long as it is used by a
local backend workflow element.


The Workflows - A workflow is a chain of processing and it's
targeting all the entries under a given baseDN. The processing
is actually identified by the root node of the task tree described
above. The configuration of a workflow looks like:

    dn: ds-cfg-workflow-id=userRoot,cn=workflows,cn=config
    objectClass: top
    objectClass: ds-cfg-workflow
    ds-cfg-workflow-id: userRoot
    ds-cfg-enabled: true
    ds-cfg-workflow-element: ds-cfg-workflow-element-id=userRoot,cn=workflow elements,cn=config
    ds-cfg-base-dn:  dc=example,dc=com

From an admin standpoint, the local workflow is an aggregation
of a single elements (attribute ds-cfg-workflow-element).
So we cannot disable/delete a workflow element as long as it is used
by a local workflow.


The Network Groups - A network group defines categories for
client connection. The network group contains a set of workflows
and each client operation is routed to one (or more) workflow(s).
By default, the server create a default network group which contains
all the workflows defined in the server. The default network group
looks like:

    dn: ds-cfg-id=defaultNetworkGroup2,cn=network groups,cn=config
    objectClass: top
    objectClass: ds-cfg-network-group
    ds-cfg-id: defaultNetworkGroup2
    ds-cfg-enabled: true
    ds-cfg-workflow: ds-cfg-workflow-id=adminRoot,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=ads-truststore,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=backup,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=config,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=monitor,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=schema,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=tasks,cn=Workflows,cn=config
    ds-cfg-workflow: ds-cfg-workflow-id=userRoot,cn=Workflows,cn=config

From an admin standpoint, the network group is an aggregation
of several workflows (attribute ds-cfg-workflow). So we cannot
disable/delete a workflow as long as it is used by a network group.


A unit test named WorkflowConfigurationTest tests the configuration
of network groups, workflows and workflow elements.



git-svn-id: https://svn.forgerock.org/opendj/trunk@3388 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jdemendi
     

29 Oct, 2007

1 commit

26 Oct, 2007

1 commit

24 Oct, 2007

1 commit

  • 45f0f861   Fix 2425 - dsreplication initialize-all fails ... Browse Dir » 
    - fix ConcurrentModificationException in the Initialize task by using methods that lock the entry
- fix unroutable message, by forwarding message only to the replication servers that have
  replica connected
Miscellaneous improvements in error or debug traces



git-svn-id: https://svn.forgerock.org/opendj/trunk@3364 41b1ffd8-f28e-4786-ab96-9950f0a78031
    pgamba
     

23 Oct, 2007

2 commits

  • 338c53a5   Fix for issue 2505 (Provide monitoring information about the number of entries on a given base DN) ... Browse Dir » 
    The following changes are aimed to include a new attribute in the backend monitor entry to provide the number or entries per base DN. This information is used by the status, status-panel, dsreplication and graphical setup to be able to display the number of entries under a given base DN even when there are several base DNs defined in the same database.

The way the new attribute appears in the monitoring entry is:

ldapsearch -w s -p 1389 -b cn=monitor ds-backend-id=userRoot ds-base-dn-entry-countdn: cn=userRoot Backend,cn=monitor
ds-base-dn-entry-count: 0 dc=ta
ds-base-dn-entry-count: 1 dc=ti
ds-base-dn-entry-count: 1 dc=to

I prefer this approach because in my opinion having the number of entries is more important that the suffix.  Anyway I think the discussion around the structure of the value is not crucial as long as the value is easy to parse (which is the case).

The new attribute is defined in the schema and the new OID assigned to it is 1.3.6.1.4.1.26027.1.1.434.

In order to have a minimum impact on performances, the method backend.numSubordinates is only called when there are several base DNs defined in the database.





git-svn-id: https://svn.forgerock.org/opendj/trunk@3361 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • d100c443   Suppress '.' at the end of ERR_INSTALLDS_TOO_MANY_KEYSTORE_PASSWORD_TRIES message ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/opendj/trunk@3356 41b1ffd8-f28e-4786-ab96-9950f0a78031
    lutoff
     

22 Oct, 2007

3 commits

  • c972b13e   Fix for issues 2495: setup : nullpointer exception for null value on key store pin ... Browse Dir » 
    and 2496: setup : should not asking for key Store PIN in loop

Update the code to avoid the NullPointerException and limit the number of times we ask for the Key Store PIN to 7.  Once this limit is reached the setup is canceled.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3351 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • 04371761   Fix issue 2362: dsconfig numbered lists look like menus ... Browse Dir » 
    This changes the list formatting for property value lists so that each value is prefixed with a "*)" instead of a number and a bracket. This is done to avoid possible confusion with subsequent menu option numbers.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3348 41b1ffd8-f28e-4786-ab96-9950f0a78031
    matthew_swift
     
  • 15c8616f   Fix issue 1931: dsconfig : what are MODE syntax values ? ... Browse Dir » 
    This change modifies dsconfig so that it provides more helpful feedback to users when they need to provide string valued properties which must match a particular pattern. dsconfig now displays the pattern synopsis when requesting a property value or when reporting that a value is invalid.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3347 41b1ffd8-f28e-4786-ab96-9950f0a78031
    matthew_swift
     

19 Oct, 2007

1 commit

18 Oct, 2007

1 commit

17 Oct, 2007

1 commit

  • 845f11b5   no issue ... Browse Dir » 
    CryptoManager
RC4 -> RC4/NONE/NoPadding


git-svn-id: https://svn.forgerock.org/opendj/trunk@3324 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     

16 Oct, 2007

3 commits

  • e2da5274   Issue 2368: tasks should be interruptable. The four schedulable task (import-ld… ... Browse Dir » 
    …if, export-ldif, backup, and restore) can now be interrupted for purposes of cancellation.  The manage-tasks utility now allows the user to cancel any one of these tasks if they are currently running.  If interrupted while executing, the tasks try to break out of their work loop as soon as possible and return a 'stopped by administrator' status.  Both the backup and export-ldif tasks perform some cleanup (removing the abandoned backup or exported LDIF file) if they are cancelled.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3316 41b1ffd8-f28e-4786-ab96-9950f0a78031
    kenneth_suter
     
  • 0694d28d   Fix a copy/paste typo. ... Browse Dir » 
    
git-svn-id: https://svn.forgerock.org/opendj/trunk@3311 41b1ffd8-f28e-4786-ab96-9950f0a78031
    jvergara
     
  • e65fedb9   When a replica connects to a replication server that is "late" compared to the r… ... Browse Dir » 
    …eplica data , the replica must update the replication server with the missing changes.
1 line fix , the entryUUID attribute must be part of the searched attributes in order to rebuild the operations - and created unit tests for this.




git-svn-id: https://svn.forgerock.org/opendj/trunk@3309 41b1ffd8-f28e-4786-ab96-9950f0a78031
    pgamba
     

15 Oct, 2007

1 commit

  • 6bba55b3   no issue ... Browse Dir » 
    CryptoManager
Add a single-byte version number prefix to the ciphertext prologue to allow for configurable options (e.g., signed hash in the backup stream). The current version produced and accepted is 0x01.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3308 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     

13 Oct, 2007

1 commit

  • 890cacb4   no issue ... Browse Dir » 
    CryptoManager
- Add config test for encryption and key-wrapping cipher transformation syntax algorithm/mode/padding
- elide duplicate configuration validation and assignment code


git-svn-id: https://svn.forgerock.org/opendj/trunk@3302 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     

12 Oct, 2007

2 commits

10 Oct, 2007

4 commits

  • 1b810267   issue 2440 ... Browse Dir » 
    bin/restore of encrypted or signed backup requires online server instance


git-svn-id: https://svn.forgerock.org/opendj/trunk@3292 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 36e628b7   issue 2440 ... Browse Dir » 
    bin/backup --encrypt and --signHash require online backup


git-svn-id: https://svn.forgerock.org/opendj/trunk@3289 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 1e1143e9   issue 466 (partial) ... Browse Dir » 
    remove redundant server property BACKUP_PROPERTY_CIPHER_ALGORITHM
The cipher algorithm used is encoded in the backup data prologue.


git-svn-id: https://svn.forgerock.org/opendj/trunk@3287 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 51bd0e71   issue 466 (partial) ... Browse Dir » 
    CryptoManger
comment, todo cleanup


git-svn-id: https://svn.forgerock.org/opendj/trunk@3284 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     

09 Oct, 2007

5 commits

  • bf29c75e   Elide 2 spurious quotation marks. ... Browse Dir » 
    
git-svn-id: https://svn.forgerock.org/opendj/trunk@3283 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 00d8b57d   More changes for Issue 466. ... Browse Dir » 
    When importing a secret key entry from ADS into the crypto manager, if a symmetric key that can be decoded by this instance is not present then request it from another server using the Get Symmetric Key extended operation.
Tested by configuring two servers to use 3DES password storage scheme in the default password policy, enabling replication between them and verifying that a user can bind with password to both instances.

git-svn-id: https://svn.forgerock.org/opendj/trunk@3281 41b1ffd8-f28e-4786-ab96-9950f0a78031
    coulbeck
     
  • a8dda848   issue 466 (partial) ... Browse Dir » 
    CryptoManager
final i18n cleanup


git-svn-id: https://svn.forgerock.org/opendj/trunk@3280 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 5e773e94   issue 466 (partial) ... Browse Dir » 
    CryptoManager
more i18n cleanup


git-svn-id: https://svn.forgerock.org/opendj/trunk@3275 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page
     
  • 31eee061   issue 466 (partial) ... Browse Dir » 
    CryptoManager
more i18n cleanup


git-svn-id: https://svn.forgerock.org/opendj/trunk@3274 41b1ffd8-f28e-4786-ab96-9950f0a78031
    david_page