com.ca.jcs.jndi
Class JNDIMetaConnector

java.lang.Object
  org.apache.directory.server.core.partition.AbstractPartition
      com.ca.jcs.BaseConnector
          com.ca.jcs.meta.MetaConnector
              com.ca.jcs.jndi.JNDIMetaConnector

All Implemented Interfaces:

Activatable, CachingConnector, Connector, PartitionOps, OpProcessorStyleFactory, QuoteStringHandler, Partition

public class JNDIMetaConnector
extends MetaConnector

Base class for connectors using the JNDI (Java Naming and Directory Interface) API to communicate with their target managed systems.

Nested Class Summary

static class	JNDIMetaConnector.PagedSearchSupport
static class	JNDIMetaConnector.Vendor Vendor's know apriori - there is no reason this list has to be complete but some vendors have been found to be problematic in which case identifying them becomes important so that work-arounds can be put into effect.

Nested classes/interfaces inherited from class com.ca.jcs.meta.MetaConnector

MetaConnector.FilterAware, MetaConnector.SearchFinishedException

Field Summary

static String[][]	BASE_OID_TO_VENDOR
static String	CA_BASE_OID CA (Computer Associates) base LDAP OID.
static String	CONN_BIND_DN_ATTR Standard connectorMapTo= values expected in Connector class' metadata, see MetaConnector.CONN_HOST_ATTR etc.
static String	CONN_KRB_KDC_HOST
static String	CONN_KRB_KERBEROS_REALM
static String	CONN_KRB_USE_KERBEROS
static String	IBM_BASE_OID
static String	INITIAL_CONTEXT_CLASS_PROP
static String	JNDIKEY_LDAPSOCKETFACTORY_PROP
static String	LDAP_VERSION_PROP
static String	MICROSOFT_ADS_DIRSYNC_CONTROL_OID
static String	MICROSOFT_ADS_SHOW_DELETED_CONTROL_OID
static String	MICROSOFT_BASE_AD_2000_OID
static String	MICROSOFT_BASE_AD_2003_OID
static String	MICROSOFT_BASE_AD_2008_OID
static String	MICROSOFT_BASE_ADAM_OID
static String	MICROSOFT_BASE_OID See http://msdn.microsoft.com/en-us/library/cc223359(v=PROT.13).aspx
static String	NETSCAPE_LDAP_V3_CONTROLS
static String	NOVELL_BASE_OID Novell base LDAP OID.
static String	ORACLE_DIRECTORY_OBJECTS_BASE_OID Oracle Corporation Directory Objects base LDAP OID.
static String	SUN_BASE_OID Sun base LDAP OID.
static String	SUN_IPLANET_REPLICATION Definitive proof of iPlanet, if needed later...

Fields inherited from class com.ca.jcs.meta.MetaConnector

ALIAS_ACCOUNT_OBJECT, ALIAS_GROUP_OBJECT, CONN_BASE_DN_ATTR, CONN_DESCRIPTION_ATTR, CONN_HOST_ATTR, CONN_LOG_SEVERITY_ATTR, CONN_NAME_ATTR, CONN_PASSWORD_ATTR, CONN_PORT_ATTR, CONN_REMOTE_VERSION_ATTR, CONN_SECURE_ATTR, CONN_URL_ATTR, CONN_USERNAME_ATTR, dailyLog, DYNAMIC_ATTR_INFO_ATTR, logConnAttrs, READ_ONLY_VALIDATOR, virtualContainers

Fields inherited from class com.ca.jcs.BaseConnector

acceptedUnknownAttrIds, attributeStyleOpProcessor, CONN_ACTIVATION_TIMEOUT, CONN_DN, CONN_NAME, CONN_NAME_ID, CONN_PASS_THROUGH_SUFFIX, CONN_PASS_THROUGH_SUFFIX_LEN, CONN_ROLLBACK_CONNECTION_ATTRS, CONN_SKIP_PERSISTER_DELETE_ATTR, CONN_SPEC, CONN_SPEC_INTERNAL, CONNECTOR_ATTR_INDEX, connectorBaseDn, EMPTY_DN, LDAP_ATTR_INDEX, LDAP_CONN_DN, ldapExceptionPrefix, log, SEARCH_RESULTS_STREAMING

Fields inherited from interface com.ca.jcs.Connector

STATE_DELETING

Fields inherited from interface org.apache.directory.server.core.partition.Partition

ALIAS_ATTRIBUTE, ALIAS_OBJECT

Constructor Summary

JNDIMetaConnector(ConnectorType type, String name, Logger log, ConnectorConfig config)

Method Summary

void	activate() Calls super.activate() which creates and registers the connection manager, as well as notifying this connector instance of its metadata.
Attributes	convertAttributesFromConnector(Name connDn, String ldapDnStr, MetaObjectClassMapping classMap, Set<String> requestedConnAttrIds, Attributes connAttrs, boolean strict) Need to implement this method because we have to return a single structural objectclass for each object in lookup / search results or the IMPS will always see such objects as out of sync with their templates.
static int	countSupportedLdapControlsWithBaseOID(String vendorName, String baseOID, Map<String,String> controls, Logger log) Returns count of supported controls for the endpoint which starts with baseOID.
AttributeStyleOpProcessor	createAttributeStyleOpProcessor()
ConnectionManager	createConnectionManager() Create a connection manager, which is a concept expected to be supported by the vast majority of connectors.
protected static JNDIMetaConnector.Vendor	detectVendor(DirContext connection, Logger log) Attempt to detect vendor using any exact vendor matching techniques
static JNDIMetaConnector.Vendor	determineVendor(DirContext connection, Map<String,String> controls, Logger log)
JNDIMetaConnectorConfig	getConnectorConfig() Return the configuration for this connector, usually initialized from /conf/connector.xml using Spring XML.
JNDIExceptionToLdapMapper	getExceptionMapper()
Collection<? extends MetaConnector.FilterAware>	getFilterAwareness() Identify supported search filter types
protected Properties	getJndiEnv(Attributes attrs) Called as part of activate().
JNDIMetaConnector.PagedSearchSupport	getPagedSearchSupport()
JNDIAttributeStyleOpProcessor	getRealAttrProcessor() Needed so we can hang on to the real processor (ignoring any Java proxies that might be interposed around it) as proxies can't be coerced to a concrete implementation class like JNDIAttributeStyleOpProcessor.
HashMap<String,String>	getSupportLdapControls()
JNDIMetaConnector.Vendor	getVendor() Determine vendor (possibly unknown) based on supported LDAP control OIDs reported by the endpoint.
Properties	getVendorFlags() Returns special vendor flags provided by MetaDataDefs.MD_VENDOR_FLAGS on namespace.
boolean	isAutoDirectAssocRequired() Defaults to BaseConnector.isIndirectAssociations()==Boolean.FALSE.
boolean	isBehaviourCachingRequired() Caching does make sense for JNDI based connectors in general, but is only actually activated for a particular connector instance based on whether its metadata settings dictate that it makes sense.
boolean	isBehaviourStrictConnectorDns() Connector-speak DNs conform to RFC 2253 so that LdapName can be used to pass them in or parse names passed back in search results.
boolean	isHiddenLdapBaseDn()
Boolean	isIndirectAssociations()
MetaObjectClassMapping	resolveObjectClass(String ldapAttributeId, Name connDN, Collection<MetaObjectClassMapping> classMaps) A DN resolver implementation for JNDI based on lookup of the entry being resolved
protected void	setRealAttrProcessor(JNDIAttributeStyleOpProcessor realAttrProcessor)

Methods inherited from class com.ca.jcs.meta.MetaConnector

add, convertAttributes, convertDNFromConnector, convertDNToConnector, convertDNToConnector, convertModificationItems, convertToException, convertToException, deactivate, delete, getAssocReverseConnectorAttrId, getAttributeStyleOpProcessorChain, getCacheableStatus, getClassMappingFromConnectorAttrs, getClassMappingFromConnectorObjectClass, getClassMappings, getConnectorAttributesProcessor, getConnectorClassMap, getConnectorObjectClass, getConnectorObjectClasses, getDefaultConnectorSearchAttrIds, getDefaultSearchLdapAttrIds, getDNAttrIds, getEhCacheManager, getErrClassId, getFilterInfo, getFilterInfo, getFilterInfo, getFilterInfo, getFilterInfo, getFilterInfo, getFilterInfo, getFilterObjClass, getIncludedDnLdapAttrId, getMetaConnectorConfig, getMetaConnectorType, getModifyMonitorCache, getObjectClassFromAmbiguousConnAttr, getObjectClassFromConnAttr, getObjectInfo, getObjectInfo, getObjectInfo, getObjectInfo, getObjectInfo, getOpProcessor, getOpProcessorForSearch, getPostQueryAttributesProcessor, getRequestedConnAttrIds, getRootObjectInfo, getSearchBaseObjectInfo, getSearchBaseObjectInfo, getVirtualContainers, hasMetaOpBindingsProxy, isAcceptedUnknownAttrId, isAmibguousLdapDn, isFilterSingleClassMatching, isLockedModify, isLockedModify, isRootDN, isRootDN, isSearchAsLookup, isSearchOutsideClassContainer, isValidContainmentSearchResult, lookup, mapAttributeIdsToConnector, mapAttributeIdsToConnector, mapAttributeIdToConnector, mapAttributeIdToLdap, mapAttributesIdsToConnector, mapAttributesIdsToLdap, mapModificationItems, mapObjectClassAttributeIdsToConnector, matchDNToClassMap, modify, modifyRn, move, move, normalizeConnDn, normalizeConnDnAttr, normalizeConnectorDn, normalizeConnectorDnAttrs, notifyMetaData, performLockedOperation, search, search, searchImpl, searchObjectScopeAsLookup, searchOneClass, searchVirtualContainers, setAttributeStyleOpProcessor, setClassMappings, setConnectorAttributesProcessor, setMethodStyleOpProcessor, setScriptStyleOpProcessor, validateAttributes, validateAttributes, validateDNForSearchContainer

Methods inherited from class com.ca.jcs.BaseConnector

addConnectorBaseDN, appQuoted, appQuoted, bind, convertConnectorDNFromNativeName, convertConnectorDNToNativeName, createConnectorDn, createConnectorDn, createMethodStyleOpProcessor, createObjectInfo, createScriptStyleOpProcessor, createTransactionManager, doInit, formatConnectorPassThroughAttrId, formatConnectorPassThroughValue, getAcceptedUnknownAttrIds, getAttributes, getAttributeStyleOpProcessor, getAttributeTypeRegistry, getAutoDirectAssocExlusions, getCacheManager, getConnectionManager, getConnectorBaseDn, getConnectorDnRdn, getConnectorPassThroughValue, getLdapExceptionPrefix, getLdapNamingAttr, getLdapObjectClass, getLogger, getMethodStyleOpProcessor, getName, getPartition, getPassThroughAttrIdToConnector, getScriptStyleOpProcessor, getStateFlags, getStoredSuffix, getTransactionManager, getType, getUpSuffix, isActivated, isBehaviourSearchObjAsLookup, isBehaviourSearchSingleClass, isCachingActive, isCachingPossible, isCachingRequired, isCheckObjectExistenceForDeletion, isConnectorPassThrough, isObjectClassRequired, isSuffix, list, mapAttributeIdsToConnector, modifyAttributes, noQuote, passThroughAttrIdToConnector, postProcessLdapSearchResult, removeConnectorBaseDN, setAcceptedUnknownAttrIds, setActivated, setAttributes, setCacheManager, setCachingRequired, setConnectionManager, setConnectorBaseDn, setConnectorConfig, setLdapNamingAttr, setLdapObjectClass, setLogger, setName, setQuoteString, setStateFlags, setStoredSuffix, setTransactionManager, setType, splitConnectorPassThroughAttrId, toString, unbind, upName

Methods inherited from class org.apache.directory.server.core.partition.AbstractPartition

destroy, doDestroy, getConfiguration, getFactoryConfiguration, getSuffix, hasEntry, init, isInitialized, lookup, modify, sync

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.ca.jcs.PartitionOps

lookup, modify, sync

Methods inherited from interface org.apache.directory.server.core.partition.Partition

destroy, getSuffix, hasEntry, init, isInitialized, lookup, modify, sync

Field Detail

INITIAL_CONTEXT_CLASS_PROP

public static final String INITIAL_CONTEXT_CLASS_PROP

See Also:

Constant Field Values

JNDIKEY_LDAPSOCKETFACTORY_PROP

public static final String JNDIKEY_LDAPSOCKETFACTORY_PROP

See Also:

Constant Field Values

LDAP_VERSION_PROP

public static final String LDAP_VERSION_PROP

See Also:

Constant Field Values

CONN_BIND_DN_ATTR

public static final String CONN_BIND_DN_ATTR

Standard connectorMapTo= values expected in Connector class' metadata, see MetaConnector.CONN_HOST_ATTR etc. todo Should baseDN be mandatory ? .

See Also:

Constant Field Values

CA_BASE_OID

public static String CA_BASE_OID

CA (Computer Associates) base LDAP OID.

IBM_BASE_OID

public static String IBM_BASE_OID

MICROSOFT_BASE_OID

public static String MICROSOFT_BASE_OID

See http://msdn.microsoft.com/en-us/library/cc223359(v=PROT.13).aspx

MICROSOFT_BASE_ADAM_OID

public static String MICROSOFT_BASE_ADAM_OID

MICROSOFT_BASE_AD_2000_OID

public static String MICROSOFT_BASE_AD_2000_OID

MICROSOFT_BASE_AD_2003_OID

public static String MICROSOFT_BASE_AD_2003_OID

MICROSOFT_BASE_AD_2008_OID

public static String MICROSOFT_BASE_AD_2008_OID

MICROSOFT_ADS_DIRSYNC_CONTROL_OID

public static String MICROSOFT_ADS_DIRSYNC_CONTROL_OID

MICROSOFT_ADS_SHOW_DELETED_CONTROL_OID

public static String MICROSOFT_ADS_SHOW_DELETED_CONTROL_OID

NOVELL_BASE_OID

public static String NOVELL_BASE_OID

Novell base LDAP OID.

ORACLE_DIRECTORY_OBJECTS_BASE_OID

public static String ORACLE_DIRECTORY_OBJECTS_BASE_OID

Oracle Corporation Directory Objects base LDAP OID.

SUN_BASE_OID

public static String SUN_BASE_OID

Sun base LDAP OID.

NETSCAPE_LDAP_V3_CONTROLS

public static String NETSCAPE_LDAP_V3_CONTROLS

SUN_IPLANET_REPLICATION

public static String SUN_IPLANET_REPLICATION

Definitive proof of iPlanet, if needed later...

BASE_OID_TO_VENDOR

public static final String[][] BASE_OID_TO_VENDOR

CONN_KRB_USE_KERBEROS

public static final String CONN_KRB_USE_KERBEROS

See Also:

Constant Field Values

CONN_KRB_KERBEROS_REALM

public static final String CONN_KRB_KERBEROS_REALM

See Also:

Constant Field Values

CONN_KRB_KDC_HOST

public static final String CONN_KRB_KDC_HOST

See Also:

Constant Field Values

Constructor Detail

JNDIMetaConnector

public JNDIMetaConnector(ConnectorType type,
                         String name,
                         Logger log,
                         ConnectorConfig config)

Method Detail

isBehaviourStrictConnectorDns

public boolean isBehaviourStrictConnectorDns()

Connector-speak DNs conform to RFC 2253 so that LdapName can be used to pass them in or parse names passed back in search results.

Overrides:

isBehaviourStrictConnectorDns in class BaseConnector

Returns:

True unless overridden by derived class.

isBehaviourCachingRequired

public boolean isBehaviourCachingRequired()

Caching does make sense for JNDI based connectors in general, but is only actually activated for a particular connector instance based on whether its metadata settings dictate that it makes sense.

Overrides:

isBehaviourCachingRequired in class BaseConnector

Returns:

true

isIndirectAssociations

public Boolean isIndirectAssociations()

Overrides:

isIndirectAssociations in class BaseConnector

Returns:

Null if no special checks are required on associative attributes, otherwise derived connectors should return:

1. Boolean.TRUE if only indirect associations are allowed
2. Boolean.FALSE if only direct associations are allowed
3. NULL if a mixture of both is allowed, as dictated by the metadata
   See Also:
   Association

isAutoDirectAssocRequired

public boolean isAutoDirectAssocRequired()

Description copied from class: BaseConnector

Defaults to BaseConnector.isIndirectAssociations()==Boolean.FALSE. Derived connectors for which this condition is true, but which want to handle reverse virtual associations directly rather then relying on generic logic in AssocAttributeOpProcessorProxy should override to return false.

Overrides:

isAutoDirectAssocRequired in class BaseConnector

Returns:

True if reverse virtual attributes for direct associations should be handled generically by AssocAttributeOpProcessorProxy.

See Also:

BaseConnector.getAutoDirectAssocExlusions()

getJndiEnv

protected Properties getJndiEnv(Attributes attrs)
                         throws NamingException

Called as part of activate(). Note that "required" validator ensures all mandatory values are present before this method is called.

Throws:

NamingException

getConnectorConfig

public JNDIMetaConnectorConfig getConnectorConfig()

Description copied from class: BaseConnector

Return the configuration for this connector, usually initialized from /conf/connector.xml using Spring XML.

Specified by:

getConnectorConfig in interface Connector

Overrides:

getConnectorConfig in class BaseConnector

getPagedSearchSupport

@NotNull
public JNDIMetaConnector.PagedSearchSupport getPagedSearchSupport()

activate

public void activate()
              throws NamingException

Description copied from class: MetaConnector

Calls super.activate() which creates and registers the connection manager, as well as notifying this connector instance of its metadata.

Specified by:

activate in interface Activatable

Specified by:

activate in interface Connector

Overrides:

activate in class MetaConnector

Throws:

NamingException

getExceptionMapper

public JNDIExceptionToLdapMapper getExceptionMapper()

getSupportLdapControls

public HashMap<String,String> getSupportLdapControls()
                                              throws NamingException

Throws:

NamingException

countSupportedLdapControlsWithBaseOID

public static int countSupportedLdapControlsWithBaseOID(String vendorName,
                                                        String baseOID,
                                                        Map<String,String> controls,
                                                        Logger log)
                                                 throws NamingException

Returns count of supported controls for the endpoint which starts with baseOID. Can be useful when trying to determine the vendor for the endpoint is special case handling is required. Note that counts are used because OIDs for some common controls have vendor-specific bases, for instance PagedResultsControl.OID has the Microsoft base but is implemented by other vendors (including NDS).

Throws:

NamingException

getVendor

public JNDIMetaConnector.Vendor getVendor()

Determine vendor (possibly unknown) based on supported LDAP control OIDs reported by the endpoint. Can be overridden by MetaDataDefs.MD_VENDOR on namespace.

getVendorFlags

public Properties getVendorFlags()

Returns special vendor flags provided by MetaDataDefs.MD_VENDOR_FLAGS on namespace.

determineVendor

public static JNDIMetaConnector.Vendor determineVendor(DirContext connection,
                                                       Map<String,String> controls,
                                                       Logger log)
                                                throws NamingException

Throws:

NamingException

detectVendor

protected static JNDIMetaConnector.Vendor detectVendor(DirContext connection,
                                                       Logger log)
                                                throws NamingException

Attempt to detect vendor using any exact vendor matching techniques

Throws:

NamingException

createConnectionManager

public ConnectionManager createConnectionManager()
                                          throws NamingException

Description copied from class: BaseConnector

Create a connection manager, which is a concept expected to be supported by the vast majority of connectors. Some exceptional cases like JDBC in which many APIs take a DataSource (like a connection manager / pool itself) rather then a connection may throw a LdapOperationNotSupportedException exception when called.

Note that this method is defined to make the contract explicit for connector developers and for internal use with in the connector and its op processors, rather then to be called by components external to the connector. Default 'base' implementation below uses 'connectionManagerClass' spring property from connector.xml to locate the nominated connection manager (pooling) class and load/instantiate it for subsequent use. Specific connector implementations can override this and perform their own connection manager creation.

Specified by:

createConnectionManager in interface Connector

Overrides:

createConnectionManager in class BaseConnector

Returns:

Connection manager instance.

Throws:

NamingException

isHiddenLdapBaseDn

public boolean isHiddenLdapBaseDn()

Overrides:

isHiddenLdapBaseDn in class BaseConnector

Returns:

Unless overridden returns true meaning connector uses an asymmetric scheme to handle any value configured via the attribute mapped to MetaConnector.CONN_BASE_DN_ATTR, where the connector base DN is added to all DNs passed to the managed system (so that they are valid if stored persistently and later accessed with a different base DN) but the LDAP equivalent of the base DN is hidden from clients.

setRealAttrProcessor

protected void setRealAttrProcessor(JNDIAttributeStyleOpProcessor realAttrProcessor)

getRealAttrProcessor

public JNDIAttributeStyleOpProcessor getRealAttrProcessor()

Needed so we can hang on to the real processor (ignoring any Java proxies that might be interposed around it) as proxies can't be coerced to a concrete implementation class like JNDIAttributeStyleOpProcessor.

createAttributeStyleOpProcessor

public AttributeStyleOpProcessor createAttributeStyleOpProcessor()

resolveObjectClass

public MetaObjectClassMapping resolveObjectClass(String ldapAttributeId,
                                                 Name connDN,
                                                 Collection<MetaObjectClassMapping> classMaps)
                                          throws NamingException

A DN resolver implementation for JNDI based on lookup of the entry being resolved

Overrides:

resolveObjectClass in class MetaConnector

Parameters:

ldapAttributeId - Name of the attribute requiring resolution to be performed, which is not sufficient to be any kind of key as it's parent classMap is not know but is useful for log messages and establishing context nonetheless (note that this method's task is logically independent of which attribute requires the provided classMaps to be disambiguated).

connDN - Connector-speak DN for which objectclass needs to be resolved.

classMaps - Possible class maps from which objectclass needs to be resolved (as specified in metadata).

Returns:

a resolved classMap for a given conn-speak DN

Throws:

NamingException

convertAttributesFromConnector

public Attributes convertAttributesFromConnector(Name connDn,
                                                 String ldapDnStr,
                                                 MetaObjectClassMapping classMap,
                                                 Set<String> requestedConnAttrIds,
                                                 Attributes connAttrs,
                                                 boolean strict)
                                          throws NamingException

Need to implement this method because we have to return a single structural objectclass for each object in lookup / search results or the IMPS will always see such objects as out of sync with their templates. It is however desirable to return all auxiliary objectclasses.

Specified by:

convertAttributesFromConnector in interface Connector

Overrides:

convertAttributesFromConnector in class MetaConnector

Parameters:

connDn - Connector-speak DN for this object.

ldapDnStr - LDAP equivalent to connDn.

classMap - Details about object's objectClass mappings.

requestedConnAttrIds - Connector-speak attribute ids originally requested by the client.

connAttrs - Connector-speak attributes to be converted.

strict - should it return error when empty attribute values are found?

Returns:

Attributes fully mapped validated/converted and mapped to LDAP.

Throws:

NamingException

getFilterAwareness

public Collection<? extends MetaConnector.FilterAware> getFilterAwareness()

Identify supported search filter types

Overrides:

getFilterAwareness in class MetaConnector

Returns:

Collection of FilterAware levels corresponding to the state of connector's filter support