Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.ca.jcs.meta
Class MetaConnector

java.lang.Object
  extended by org.apache.directory.server.core.partition.AbstractPartition
      extended by com.ca.jcs.BaseConnector
          extended by com.ca.jcs.meta.MetaConnector
All Implemented Interfaces:
Activatable, CachingConnector, Connector, PartitionOps, OpProcessorStyleFactory, QuoteStringHandler, Partition
Direct Known Subclasses:
JDBCMetaConnector, JNDIMetaConnector, SDKMetaConnector, SDKWSMetaConnector, StubMetaConnector
public abstract class MetaConnector
extends BaseConnector

A connector which is configured via metadata, encompassing both flat (eg SDK, JDBC connector) and hierarchical (eg JNDI, LDA connector) varieties. Flat connectors typically:

  1. define "virtual containers" to contain each of the objectclasses they represent, in their conf/connector.xml descriptors or metadata (refer to the SDK sample connector for an example) and
  2. override BaseConnector.isBehaviourSearchSingleClass() to return true so that searches over multiple objectclasses are broken up into sub-searches over one objectclass at a time.
Hierarchical connectors typically:
  1. Don't define "virtual containers" as they have real containers actually stored on the native system, although it is possible for them to if required for some special objectclasses (the SQL connector does this, for instance)
  2. Don't override BaseConnector.isBehaviourSearchSingleClass() if the native systems to which they talk have search filter semantics that map well to LDAP.

Every effort should be made to ensure that NamingExceptions thrown by this class and any derived classes (concrete connectors, in particular) must implement LdapException so that valid LDAP result codes are known and can be passed back to the client. These codes are then sanity checked by PartitionLoaderService against the per-operation sets of allowable codes defined in ResultCodeEnum.

Nested Class Summary
static class MetaConnector.FilterAware
          Identifies filter awareness levels of a given connector
protected static class MetaConnector.SearchFinishedException
           
 
Field Summary
static String ALIAS_ACCOUNT_OBJECT
          Standard ConnectorMapToAlias= values expected in Connector class metadata.
static String ALIAS_GROUP_OBJECT
           
static String CONN_BASE_DN_ATTR
           
static String CONN_DESCRIPTION_ATTR
           
static String CONN_HOST_ATTR
          Standard connectorMapTo value for endpoint host.
static String CONN_LOG_SEVERITY_ATTR
          Can be mapped to an attribute containing Log4j Level string.
static String CONN_NAME_ATTR
          Standard connectorMapTo= values expected in Connector class' metadata.
static String CONN_PASSWORD_ATTR
          Standard connectorMapTo value for endpoint password.
static String CONN_PORT_ATTR
          Standard connectorMapTo value for endpoint port.
static String CONN_REMOTE_VERSION_ATTR
          Version of interface running on managed sytem.
static String CONN_SECURE_ATTR
          Secure communications to managed system, eg TLS for JNDI.
static String CONN_URL_ATTR
          Where possible connection based on a flexible URL is preferred on the server-side to a large collection of specific fields, as it provides a much easier means of handling extensions to the set of attributes and deals naturally with different attributes required by different vendors.
static String CONN_USERNAME_ATTR
          Standard connectorMapTo value for endpoint username.
static Logger dailyLog
          Logs all fully converted values on the way to/from the connector.
static String DYNAMIC_ATTR_INFO_ATTR
          connectorMapTo value for multi-valued attribute in which easily parsed summary of custom attribute values will be returned (each value is a pair of the form "ldap attr id;display name").
static Logger logConnAttrs
           
protected static ReadOnlyPropertyValidator READ_ONLY_VALIDATOR
           
protected  VirtualContainers virtualContainers
           
 
Fields inherited from class com.ca.jcs.BaseConnector
acceptedUnknownAttrIds, attributeStyleOpProcessor, CONN_ACTIVATION_TIMEOUT, CONN_DN, CONN_NAME, CONN_NAME_ID, CONN_PASS_THROUGH_SUFFIX, CONN_PASS_THROUGH_SUFFIX_LEN, CONN_ROLLBACK_CONNECTION_ATTRS, CONN_SKIP_PERSISTER_DELETE_ATTR, CONN_SPEC, CONN_SPEC_INTERNAL, CONNECTOR_ATTR_INDEX, connectorBaseDn, EMPTY_DN, LDAP_ATTR_INDEX, LDAP_CONN_DN, ldapExceptionPrefix, log, SEARCH_RESULTS_STREAMING
 
Fields inherited from interface com.ca.jcs.Connector
STATE_DELETING
 
Fields inherited from interface org.apache.directory.server.core.partition.Partition
ALIAS_ATTRIBUTE, ALIAS_OBJECT
 
Constructor Summary
MetaConnector(ConnectorType type, String name, Logger log, ConnectorConfig config)
          Create a connector, including settings from a configuration object.
 
Method Summary
 void activate()
          Calls super.activate() which creates and registers the connection manager, as well as notifying this connector instance of its metadata.
 void add(LdapDN name, Attributes attrs)
          Handle an LDAP ADD request for a connector itself, or a child object of a connector.
protected static void convertAttributes(MetaObjectClassMapping classMap, Attributes attrs, boolean toConnector)
          Handle conversion of attributes in either direction, as dictated by the toConnector.
 Attributes convertAttributesFromConnector(Name connDn, String ldapDnStr, MetaObjectClassMapping classMap, Set<String> requestedConnAttrIds, Attributes connAttrs, boolean strict)
          Handles taking connector-speak attributes and fully converting them into LDAP equivalent.
 LdapDN convertDNFromConnector(Name connDn, MetaObjectClassMapping leafClassMap, SearchResult sr, Boolean isRelative)
          Convert a DN (distinguished name) from connector-speak to it's LDAP equivalent, where this is required for: Each search result returned by list() or search() Any attribute values stored on the connector end that contain DN values.
 Name convertDNToConnector(LdapDN ldapDn)
          Call convertDNToConnector(org.apache.directory.shared.ldap.name.LdapDN, boolean) with last arg (tryCache) =true.
 Name convertDNToConnector(LdapDN ldapDn, boolean queryCache)
          Convert LDAP DN to connector-speak equivalent, which means stripping the partition suffix from it when present.
 ModificationItem[] convertModificationItems(ObjectInfo objInfo, ModificationItem[] items)
          Run all relevant converters on items passed to modify operation.
 NamingException convertToException(ObjectInfo objInfo, ErrorMessages errs)
          Initialize headers from objInfo and generate an exception to be thrown back to the client.
 NamingException convertToException(String name, MetaObjectClassMapping classMap, ErrorMessages errs)
          Initialize headers from name and classMap, and generate an exception to be thrown back to the client.
 void deactivate()
          Deactivates this connector's connection manager if one exists.
 void delete(LdapDN name)
           
 String getAssocReverseConnectorAttrId(ObjectInfo referencingObjInfo, Association assoc)
          Have to override this method (which updates group membership based on the assignment to the person.memberOf attribute), because eTLDAGroup has an ambiguous objectclass mapping to either of groupOfUniqueNames or groupOfNames which use the different membership attributes uniqueMember and member respectively.
 AttributeStyleOpProcessorChain getAttributeStyleOpProcessorChain()
           
 CacheableStatus getCacheableStatus(ObjectInfo objInfo)
          Is the provided object potentially cacheable?
 MetaObjectClassMapping getClassMappingFromConnectorAttrs(String name, Attributes attrs)
           
protected  MetaObjectClassMapping getClassMappingFromConnectorObjectClass(Attribute objectClassAttr)
           
 MetaObjectClassMappings getClassMappings()
           
 ConnectorAttributesProcessor getConnectorAttributesProcessor()
           
 MetaObjectClassMapping getConnectorClassMap()
          Deprecated. Use MetaObjectClassMappings.getConnectorClassMap() instead.
 String getConnectorObjectClass(ObjectInfo objInfo)
          Return a single connector speak objectClass value
 String[] getConnectorObjectClasses(ObjectInfo objInfo)
          Return a list of all objectClass values present on the native object
protected  String[] getDefaultConnectorSearchAttrIds(MetaObjectClassMapping classMap)
           
protected  String[] getDefaultSearchLdapAttrIds(MetaObjectClassMapping classMap)
           
 String[] getDNAttrIds(Collection<MetaObjectClassMapping> classMaps, String[] connAttrIds)
          Given a set of conn-speak attr Ids, return all DN typed attr Ids given the classMaps
 net.sf.ehcache.CacheManager getEhCacheManager()
          This manager is for general use and implemented using EHCache (com.ca.jcs.cache.CacheManager deals with caching endpoint data and is configurable).
protected static String getErrClassId(MetaObjectClassMapping classMap)
           
 Collection<? extends MetaConnector.FilterAware> getFilterAwareness()
          Override in a connector to flag whether connector fully implements search filter support.
 FilterInfo getFilterInfo(ExprNode filter)
          Determine objectClass information from filter, and also map attribute names in the filter to their connector-speak equivalents.
 FilterInfo getFilterInfo(ExprNode filter, boolean needObjClassesInFilter)
           
 FilterInfo getFilterInfo(ObjectInfo baseObjInfo, SearchControls searchControls, ExprNode filter)
           
 FilterInfo getFilterInfo(ObjectInfo baseObjInfo, SearchControls searchControls, ExprNode filter, boolean needObjClassesInFilter, boolean searchSingleClass, MetaObjectClassMapping searchSingleClassMap)
           
 FilterInfo getFilterInfo(ObjectInfo baseObjInfo, SearchControls searchControls, ExprNode filter, ExprNode origClonedFilter, boolean needObjClassesInFilter, boolean searchSingleClass, MetaObjectClassMapping searchSingleClassMap)
           
 FilterInfo getFilterInfo(ObjectInfo baseObjInfo, SearchControls searchControls, String ldapFilterStr)
           
 FilterInfo getFilterInfo(String ldapFilterStr)
          Return information for provided (ldap-speak) LDAP filter string; useful for connectors which need to use filter strings of their own devising, possibly so to make use of the framework's ability to expand ambiguous connector mappings starting from an ldap-speak filter.
protected  FilterInfo getFilterObjClass(ExprNode filter)
          Determine objectClass information from filter without changing it.
 String getIncludedDnLdapAttrId(MetaObjectClassMapping classMap, String[] ldapAttrIds)
          Return it if any provided attribute id maps to BaseConnector.CONN_DN on the connector side, including the special BaseConnector.LDAP_CONN_DN attribute which will always serve this role regardless of metadata settings.
 MetaConnectorConfig getMetaConnectorConfig()
           
 MetaConnectorType getMetaConnectorType()
           
 net.sf.ehcache.Cache getModifyMonitorCache()
          This cache provides monitor to stop collision of MODIFY requests: for instance guards multiple DELTA MODIFY requests for SAP Roles which has forceModificationMode=REPLACE so that each (lookup of current values + modify of values using delta) sequence happens atomically.
 String[] getObjectClassFromAmbiguousConnAttr(MetaObjectClassMapping classMap, String connAttrId)
          Return connector objectClass value given a classMap and an ambiguous connector speak attribute
 String[] getObjectClassFromConnAttr(MetaObjectClassMapping classMap, String connAttrId)
          Return objectClass value to which a connector speak attribute is mapped to either via ambiguous mappings or not.
 ObjectInfo getObjectInfo(LdapDN ldapDn)
          Return null when passed the top-level connector DN, and otherwise break it up into separate components and automatically perform lookups based on these components.
 ObjectInfo getObjectInfo(LdapDN ldapDn, boolean mapDN)
          Return null when passed the top-level connector DN, and otherwise break it up into separate components and determine object class for object
 ObjectInfo getObjectInfo(LdapDN ldapDn, Name connDn)
          Create object information using as already-known connDn.
 ObjectInfo getObjectInfo(Name connDn)
          Construct ObjectInfo for a connector DN
 ObjectInfo getObjectInfo(Name connDn, MetaObjectClassMapping classMap)
           
 OpProcessor getOpProcessor(ObjectInfo objInfo)
          Delegate processing according to level in DIT, connector level will be handled by ConnectorAttributesProcessor. and deeper levels will be handled by AttributeStyleOpProcessor.
protected  OpProcessor getOpProcessorForSearch(MetaObjectClassMapping classMap)
          Get the correct op processor to use for a search.
 PostQueryAttributesProcessor getPostQueryAttributesProcessor()
          Return null if this optional interface isn't implemented by connector's AttributeStyleProcessor or if it is flagged as inactive, otherwise return the active implementation of the interface.
protected  Set<String> getRequestedConnAttrIds(String[] mapAttrIds, String dnLdapAttrId)
           
 ObjectInfo getRootObjectInfo()
          Return object information for the root node in the DIT, ie the connector itself.
 ObjectInfo getSearchBaseObjectInfo(MetaObjectClassMapping classMap)
          Work out suitable search base for a class and return equivalent ObjectInfo representing this search base
 ObjectInfo getSearchBaseObjectInfo(ObjectInfo baseObjInfo, MetaObjectClassMapping classMap)
          Work out suitable search base for a class and return equivalent ObjectInfo 'baseObjInfo' is used to determine if any defined search container base should take effect over current search base
 VirtualContainers getVirtualContainers()
           
 boolean hasMetaOpBindingsProxy()
           
 boolean isAcceptedUnknownAttrId(String ldapAttrId)
           
 boolean isAmibguousLdapDn(LdapDN ldapDn)
          Returns true if any RDN in ldapDN has ambiguous mappings.
protected  boolean isFilterSingleClassMatching(FilterInfo filterInfo)
          Check if a filter is targetting a single class
 boolean isLockedModify(ObjectInfo objInfo, Association assoc)
          By default virtual associations are modified in a locked context
 boolean isLockedModify(ObjectInfo objInfo, String[] attrIds)
          Allows connector to identify on a per attribute basis whether modifications of the attribute always require locking to prevent data integrity violations during concurrent modifies where native attribute only supports REPLACE style modify semantics.
 boolean isRootDN(LdapDN name)
           
 boolean isRootDN(Name name)
           
protected  boolean isSearchAsLookup(ObjectInfo baseObjInfo)
          Detect if a search qualifies to be replaced by a lookup
 boolean isSearchOutsideClassContainer(ObjectInfo baseObjInfo, MetaObjectClassMapping classMap)
          Check if current search base is outside any search container DNs defined for the target class
 boolean isValidContainmentSearchResult(SearchResult sr, Name mapName, Name baseDN, SearchControls searchControls)
          Verifies a SearchResult validity
 Attributes lookup(LdapDN name, String[] attrIds)
           
 String[] mapAttributeIdsToConnector(Collection<MetaObjectClassMapping> classMaps, String[] ldapAttrIds, boolean objectScope)
          Map ldapAttrIds belonging to the LDAP object class matching objectInfo to their connector-speak equivalents, where the naming attribute is always forced to be present in the first position.
protected  String[] mapAttributeIdsToConnector(Collection<MetaObjectClassMapping> classMaps, String[] ldapAttrIds, boolean objectScope, boolean translateSpecialAttrs)
           
protected  Attribute mapAttributeIdToConnector(String objName, MetaObjectClassMapping classMap, Attribute attr)
           
protected  Attribute mapAttributeIdToLdap(MetaObjectClassMapping classMap, Attribute connAttr)
           
protected  Attributes mapAttributesIdsToConnector(ObjectInfo objInfo, Attributes attrs)
          Map attributes from LDAP to connector speak before passing them to the concrete connector for processing, which involves the following steps: Map attribute names from LDAP to connector-speak (note we use the less-strict BasicAttributes instead of ApacheDS LockableAttributesImpl in order to handle cases like JDBC where column names which may include multi-byte characters are used as attribute ids).
protected  Attributes mapAttributesIdsToLdap(Name dn, MetaObjectClassMapping classMap, Set<String> requestedConnAttrIds, Attributes attrs)
          Does the reverse of mapAttributesIdsToConnector(com.ca.jcs.ObjectInfo, javax.naming.directory.Attributes), so attributes passed back by the concrete connector are mapped back into a form suitable for passing back to the LDAP client, which involves the following steps: Map attribute names from connector-speak to LDAP.
protected  ModificationItem[] mapModificationItems(ObjectInfo objInfo, ModificationItem[] items)
          Clone items and remap to connector-speak attr names, resolving an ambiguous to-connector mappings as required.
protected  String mapObjectClassAttributeIdsToConnector(ObjectInfo objInfo, Attribute connObjClassAttr)
           
protected  MetaObjectClassMapping matchDNToClassMap(Name dn, String connNamingAttrId)
          A helper method that attempts to match a conn-speak DN to a classMap via a lookup
 void modify(LdapDN name, ModificationItem[] rawItems)
           
 void modifyRn(LdapDN name, String newRdnStr, boolean deleteOldRn)
           
 void move(LdapDN oldName, LdapDN newParentName)
          Simply calls move(LdapDN, LdapDN, String, boolean) with null and true as the last two parameters.
 void move(LdapDN oldName, LdapDN newParentName, String newRdnStr, boolean deleteOldRn)
          Move an existing object called oldName under new container newParentName, also changing its RDN (renaming it) if newRdnStr !
 String normalizeConnDn(String dnStr, MetaDataDefs.NormalizeConnValue normalizeMode, MetaDataDefs.NormalizeConnValueStyle normalizeStyle)
          Perform normalization of a conn-speak DN value defined by mode and style
 Attribute normalizeConnDnAttr(Attribute attr, MetaDataDefs.NormalizeConnValue normalizeMode, MetaDataDefs.NormalizeConnValueStyle normalizeStyle)
          Perform normalization of a conn-speak DN attribute defined by mode and style
 String normalizeConnectorDn(MetaObjectClassMapping classMap, String dnStr, String ldapAttrId)
          Perform conn-speak DN/attribute value normalization given the value and the ldap-speak id Required for JNDI-ADAM which returns attributes from search/lookup with DN values uppercased: CN=foo,OU=bar,DC=baz.
 void normalizeConnectorDnAttrs(MetaObjectClassMapping classMap, Attributes attrs)
          Perform conn-speak DN/attribute value normalization given the Attributes Required for JNDI-ADAM which returns attributes from search/lookup with DN values uppercased: CN=foo,OU=bar,DC=baz.
 void notifyMetaData(MetaObjectClassMappings mappings, boolean opBindChange)
          Used to inform connector of new metadata, which may trigger the creation / destruction of various styles of op processors depending on the exact content of the new metadata (and whether concrete connector implements each style).
<T,C> C
performLockedOperation(ObjectInfo objInfo, T[] items, Callable<C> callback)
          Performs operation in a locked context on target entry using callback
 MetaObjectClassMapping resolveObjectClass(String ldapAttributeId, Name connDN, Collection<MetaObjectClassMapping> classMaps)
          Can be used by connectors that support association attributes containing references to more then one objectclass (refer MetaDataDefs.MD_DN_LDAP_OBJECT_CLASSES which can't be distinguished by their connector-speak naming attributes alone.
 NamingEnumeration<SearchResult> search(LdapDN baseName, Map environment, ExprNode filter, SearchControls searchControls)
           
protected  NamingEnumeration<SearchResult> search(ObjectInfo baseObjInfo, Map<String,String> environment, FilterInfo filterInfo, SearchControls searchControls)
          Submit single search over multiple classMaps to concrete connector.
protected  NamingEnumeration<SearchResult> searchImpl(ObjectInfo baseObjInfo, Map<String,String> environment, FilterInfo filterInfo, SearchControls searchControls)
          Note that this method can not return null, but must instead return an empty NamingEnumeration if there are no results.
 NamingEnumeration<SearchResult> searchObjectScopeAsLookup(Name ldapBaseDn, Name connBaseDn, Attributes attrs, String includeDnLdapAttrId)
          Turn lookup results (attributes) into query results.
protected  NamingEnumeration<SearchResult> searchOneClass(ObjectInfo baseObjInfo, Map<String,String> environment, FilterInfo filterInfo, SearchControls searchControls, MetaObjectClassMapping classMap)
          Search over a single class of object specified either by the filter (objectClass assertion) or because it is implied by the baseName.
protected  NamingEnumeration<SearchResult> searchVirtualContainers(ObjectInfo objInfo, Map<String,String> environment, FilterInfo filterInfo, SearchControls searchControls)
           
 void setAttributeStyleOpProcessor(AttributeStyleOpProcessor asp)
          Remember the provided processor, possibly proxying it depending on resiliency configuration settings.
 void setClassMappings(MetaObjectClassMappings classMappings)
           
 void setConnectorAttributesProcessor(ConnectorAttributesProcessor connectorAttributesProcessor)
          Handles operation on connector level of the DIT.
 void setMethodStyleOpProcessor(MethodStyleOpProcessor obp)
          Should be called by connectors that implement method operation bindings (eg JDBC stored procedures), where the actual reference stored may be proxied depending on resiliency / deployment configuration settings from connector.xml.
 void setScriptStyleOpProcessor(ScriptStyleOpProcessor sop)
          Should be called by connectors that implement connector-executed script operation bindings, where the actual reference stored may be proxied depending on resiliency / deployment configuration settings from connector.xml.
protected  void validateAttributes(String name, MetaObjectClassMapping classMap, Attributes attrs, boolean isQuery)
          Run all relevant validators against the provided LDAP domain attributes (never connector-speak) in either direction as dictated by isQuery which, if true, causes class-level validators to be skipped.
protected  void validateAttributes(String name, MetaObjectClassMapping classMap, Attributes attrs, boolean isQuery, ErrorMessages errs)
          Run all relevant validators against the provided LDAP domain attributes (never connector-speak) in either direction as dictated by isQuery which, if true, causes class-level validators to be skipped.
 boolean validateDNForSearchContainer(MetaObjectClassMapping classMap, String connDnStr, boolean throwOnError)
           
 
Methods inherited from class com.ca.jcs.BaseConnector
addConnectorBaseDN, appQuoted, appQuoted, bind, convertConnectorDNFromNativeName, convertConnectorDNToNativeName, createConnectionManager, createConnectorDn, createConnectorDn, createMethodStyleOpProcessor, createObjectInfo, createScriptStyleOpProcessor, createTransactionManager, doInit, formatConnectorPassThroughAttrId, formatConnectorPassThroughValue, getAcceptedUnknownAttrIds, getAttributes, getAttributeStyleOpProcessor, getAttributeTypeRegistry, getAutoDirectAssocExlusions, getCacheManager, getConnectionManager, getConnectorBaseDn, getConnectorConfig, getConnectorDnRdn, getConnectorPassThroughValue, getLdapExceptionPrefix, getLdapNamingAttr, getLdapObjectClass, getLogger, getMethodStyleOpProcessor, getName, getPartition, getPassThroughAttrIdToConnector, getScriptStyleOpProcessor, getStateFlags, getStoredSuffix, getTransactionManager, getType, getUpSuffix, isActivated, isAutoDirectAssocRequired, isBehaviourCachingRequired, isBehaviourSearchObjAsLookup, isBehaviourSearchSingleClass, isBehaviourStrictConnectorDns, isCachingActive, isCachingPossible, isCachingRequired, isCheckObjectExistenceForDeletion, isConnectorPassThrough, isHiddenLdapBaseDn, isIndirectAssociations, isObjectClassRequired, isSuffix, list, mapAttributeIdsToConnector, modifyAttributes, noQuote, passThroughAttrIdToConnector, postProcessLdapSearchResult, removeConnectorBaseDN, setAcceptedUnknownAttrIds, setActivated, setAttributes, setCacheManager, setCachingRequired, setConnectionManager, setConnectorBaseDn, setConnectorConfig, setLdapNamingAttr, setLdapObjectClass, setLogger, setName, setQuoteString, setStateFlags, setStoredSuffix, setTransactionManager, setType, splitConnectorPassThroughAttrId, toString, unbind, upName
 
Methods inherited from class org.apache.directory.server.core.partition.AbstractPartition
destroy, doDestroy, getConfiguration, getFactoryConfiguration, getSuffix, hasEntry, init, isInitialized, lookup, modify, sync
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface com.ca.jcs.PartitionOps
lookup, modify, sync
 
Methods inherited from interface org.apache.directory.server.core.partition.Partition
destroy, getSuffix, hasEntry, init, isInitialized, lookup, modify, sync
 
Methods inherited from interface com.ca.jcs.processor.OpProcessorStyleFactory
createAttributeStyleOpProcessor
 

Field Detail

dailyLog

public static final Logger dailyLog
Logs all fully converted values on the way to/from the connector.

logConnAttrs

public static final Logger logConnAttrs

virtualContainers

protected VirtualContainers virtualContainers

CONN_NAME_ATTR

public static final String CONN_NAME_ATTR
Standard connectorMapTo= values expected in Connector class' metadata. Not all connectors have to use all these values, and some may choose slightly different mapped names for the same logical placeholder, but this list provides a useful library to encourage standardisation. Of course, connector-specific derivations of this class are free to add their own extra values (or override these constants with different strings) as required.

See Also:
Constant Field Values

CONN_URL_ATTR

public static final String CONN_URL_ATTR
Where possible connection based on a flexible URL is preferred on the server-side to a large collection of specific fields, as it provides a much easier means of handling extensions to the set of attributes and deals naturally with different attributes required by different vendors. On the GUI-side a useful paradigm may be to prompt for separate fields from average users and then concatenate them into a URL, allowing power-users to just enter the URL directly and/or edit the concatenated one created for them.

See Also:
Constant Field Values

CONN_BASE_DN_ATTR

public static final String CONN_BASE_DN_ATTR
See Also:
Constant Field Values

CONN_DESCRIPTION_ATTR

public static final String CONN_DESCRIPTION_ATTR
See Also:
Constant Field Values

CONN_LOG_SEVERITY_ATTR

public static final String CONN_LOG_SEVERITY_ATTR
Can be mapped to an attribute containing Log4j Level string.

See Also:
Constant Field Values

CONN_SECURE_ATTR

public static final String CONN_SECURE_ATTR
Secure communications to managed system, eg TLS for JNDI.

See Also:
Constant Field Values

CONN_REMOTE_VERSION_ATTR

public static final String CONN_REMOTE_VERSION_ATTR
Version of interface running on managed sytem.

See Also:
Constant Field Values

CONN_HOST_ATTR

public static final String CONN_HOST_ATTR
Standard connectorMapTo value for endpoint host.

See Also:
Constant Field Values

CONN_PORT_ATTR

public static final String CONN_PORT_ATTR
Standard connectorMapTo value for endpoint port.

See Also:
Constant Field Values

CONN_PASSWORD_ATTR

public static final String CONN_PASSWORD_ATTR
Standard connectorMapTo value for endpoint password.

See Also:
Constant Field Values

CONN_USERNAME_ATTR

public static final String CONN_USERNAME_ATTR
Standard connectorMapTo value for endpoint username.

See Also:
Constant Field Values

ALIAS_ACCOUNT_OBJECT

public static final String ALIAS_ACCOUNT_OBJECT
Standard ConnectorMapToAlias= values expected in Connector class metadata.

See Also:
Constant Field Values

ALIAS_GROUP_OBJECT

public static final String ALIAS_GROUP_OBJECT
See Also:
Constant Field Values

DYNAMIC_ATTR_INFO_ATTR

public static final String DYNAMIC_ATTR_INFO_ATTR
connectorMapTo value for multi-valued attribute in which easily parsed summary of custom attribute values will be returned (each value is a pair of the form "ldap attr id;display name").

See Also:
Constant Field Values

READ_ONLY_VALIDATOR

protected static final ReadOnlyPropertyValidator READ_ONLY_VALIDATOR
Constructor Detail

MetaConnector

public MetaConnector(ConnectorType type,
                     String name,
                     Logger log,
                     ConnectorConfig config)
Create a connector, including settings from a configuration object.

Parameters:
type - Parent connector type for new connector.
name - Name of new connector as seen by clients and used in logging messages.
log - Logger created specifically for the output from this connector (name will appear in the filename containing the output).
config - Configuration object for the connector, usually taken from a connector's /conf/connector.xml XML descriptor file.
Method Detail

getVirtualContainers

public VirtualContainers getVirtualContainers()

getMetaConnectorConfig

public MetaConnectorConfig getMetaConnectorConfig()

getCacheableStatus

public CacheableStatus getCacheableStatus(ObjectInfo objInfo)
Is the provided object potentially cacheable? By default is true if it has an ambiguous naming attribute or is within a container and one or more container objectclasses have ambiguous naming attributes. Note when called from mapLdapDNToConn(com.ca.jcs.ObjectInfo, java.lang.String, java.lang.String, boolean) objInfo.getLdapDn() might be null as resolving one RDN level at a time.

Specified by:
getCacheableStatus in interface CachingConnector
Overrides:
getCacheableStatus in class BaseConnector

isAcceptedUnknownAttrId

public boolean isAcceptedUnknownAttrId(String ldapAttrId)

getConnectorAttributesProcessor

public ConnectorAttributesProcessor getConnectorAttributesProcessor()

setConnectorAttributesProcessor

public void setConnectorAttributesProcessor(ConnectorAttributesProcessor connectorAttributesProcessor)
Handles operation on connector level of the DIT.

getAttributeStyleOpProcessorChain

public AttributeStyleOpProcessorChain getAttributeStyleOpProcessorChain()

getPostQueryAttributesProcessor

public PostQueryAttributesProcessor getPostQueryAttributesProcessor()
Return null if this optional interface isn't implemented by connector's AttributeStyleProcessor or if it is flagged as inactive, otherwise return the active implementation of the interface.

getClassMappings

public MetaObjectClassMappings getClassMappings()

setClassMappings

public void setClassMappings(MetaObjectClassMappings classMappings)

hasMetaOpBindingsProxy

public boolean hasMetaOpBindingsProxy()
Returns:
true if a proxy interposed by MetaOpBindingsProxyHandler sits between this class and a registered attribute style processor, false otherwise.

setAttributeStyleOpProcessor

public void setAttributeStyleOpProcessor(AttributeStyleOpProcessor asp)
Remember the provided processor, possibly proxying it depending on resiliency configuration settings.

Specified by:
setAttributeStyleOpProcessor in interface Connector
Overrides:
setAttributeStyleOpProcessor in class BaseConnector
Parameters:
asp - Processor to be used for future attribute-style operations.

setMethodStyleOpProcessor

public void setMethodStyleOpProcessor(MethodStyleOpProcessor obp)
Should be called by connectors that implement method operation bindings (eg JDBC stored procedures), where the actual reference stored may be proxied depending on resiliency / deployment configuration settings from connector.xml. If this is the case one or more proxies will be interposed which intercept calls to the method-style processor.

Specified by:
setMethodStyleOpProcessor in interface Connector
Overrides:
setMethodStyleOpProcessor in class BaseConnector
Parameters:
obp - Processor to be called after guard conditions have been checked against an operation to determine relevance.

setScriptStyleOpProcessor

public void setScriptStyleOpProcessor(ScriptStyleOpProcessor sop)
Should be called by connectors that implement connector-executed script operation bindings, where the actual reference stored may be proxied depending on resiliency / deployment configuration settings from connector.xml. If this is the case one or more proxies will be interposed which intercept calls to the script-style processor.

Specified by:
setScriptStyleOpProcessor in interface Connector
Overrides:
setScriptStyleOpProcessor in class BaseConnector
Parameters:
sop - Processor to be called after guard conditions have been checked against an operation to determine relevance.

getMetaConnectorType

public MetaConnectorType getMetaConnectorType()

getEhCacheManager

public net.sf.ehcache.CacheManager getEhCacheManager()
This manager is for general use and implemented using EHCache (com.ca.jcs.cache.CacheManager deals with caching endpoint data and is configurable).

getModifyMonitorCache

public net.sf.ehcache.Cache getModifyMonitorCache()
This cache provides monitor to stop collision of MODIFY requests: for instance guards multiple DELTA MODIFY requests for SAP Roles which has forceModificationMode=REPLACE so that each (lookup of current values + modify of values using delta) sequence happens atomically.

activate

public void activate()
              throws NamingException
Calls super.activate() which creates and registers the connection manager, as well as notifying this connector instance of its metadata.

Specified by:
activate in interface Activatable
Specified by:
activate in interface Connector
Overrides:
activate in class BaseConnector
Throws:
NamingException

deactivate

public void deactivate()
                throws NamingException
Description copied from class: BaseConnector
Deactivates this connector's connection manager if one exists.

Specified by:
deactivate in interface Activatable
Specified by:
deactivate in interface Connector
Overrides:
deactivate in class BaseConnector
Throws:
NamingException

getOpProcessor

public OpProcessor getOpProcessor(ObjectInfo objInfo)
Delegate processing according to level in DIT, connector level will be handled by ConnectorAttributesProcessor. and deeper levels will be handled by AttributeStyleOpProcessor.

convertDNToConnector

public Name convertDNToConnector(LdapDN ldapDn,
                                 boolean queryCache)
                          throws NamingException,
                                 LdapNoSuchAttributeException
Convert LDAP DN to connector-speak equivalent, which means stripping the partition suffix from it when present. Note that even when a connector has a connectorBaseDn specified, it is not stripped from DNs as persistently stored DNs should be valid even when accessed with a different connectorBaseDn (i.e. connectorBaseDn defines a "window" onto which the connector looks, but doesn't impact the model itself).

Where ambiguous naming attributes are involved, this method may have to go all the way to the managed system in order to determine which choice is the right one at each level of the DN (up to N look-ups may be required for each ambiguous DN component, where N is the number of possible choices). Consequently a cache of connector DNs/objectclasses is going to be added to the JCS framework.

Parameters:
ldapDn - DN to be converted.
queryCache - Should the cache be queried (if it is active) to determine if the connector DN has been previously determined (false if DN returned by cache previously turns out to be stale).
Returns:
DN relative to managed system's root (ignoring any connectorBaseDn which has been specified).
Throws:
NamingException
LdapNoSuchAttributeException
See Also:
convertDNToConnector(LdapDN)

normalizeConnectorDn

@NotNull
public String normalizeConnectorDn(@NotNull
                                           MetaObjectClassMapping classMap,
                                           @NotNull
                                           String dnStr,
                                           @NotNull
                                           String ldapAttrId)
                            throws NamingException
Perform conn-speak DN/attribute value normalization given the value and the ldap-speak id Required for JNDI-ADAM which returns attributes from search/lookup with DN values uppercased: CN=foo,OU=bar,DC=baz. Whilst the framework can map these and end up with values that differ by case. This entrypoint allows a chance to normalize these.

Throws:
NamingException

normalizeConnectorDnAttrs

public void normalizeConnectorDnAttrs(@NotNull
                                      MetaObjectClassMapping classMap,
                                      @NotNull
                                      Attributes attrs)
                               throws NamingException
Perform conn-speak DN/attribute value normalization given the Attributes Required for JNDI-ADAM which returns attributes from search/lookup with DN values uppercased: CN=foo,OU=bar,DC=baz. Whilst the framework can map these and end up with values that differ by case. This entrypoint allows a chance to normalize these.

Throws:
NamingException

normalizeConnDn

@Nullable
public String normalizeConnDn(@NotNull
                                       String dnStr,
                                       @NotNull
                                       MetaDataDefs.NormalizeConnValue normalizeMode,
                                       @NotNull
                                       MetaDataDefs.NormalizeConnValueStyle normalizeStyle)
Perform normalization of a conn-speak DN value defined by mode and style

normalizeConnDnAttr

@NotNull
public Attribute normalizeConnDnAttr(@NotNull
                                             Attribute attr,
                                             @NotNull
                                             MetaDataDefs.NormalizeConnValue normalizeMode,
                                             @NotNull
                                             MetaDataDefs.NormalizeConnValueStyle normalizeStyle)
                              throws NamingException
Perform normalization of a conn-speak DN attribute defined by mode and style

Throws:
NamingException

convertDNToConnector

public Name convertDNToConnector(LdapDN ldapDn)
                          throws NamingException,
                                 LdapNoSuchAttributeException
Call convertDNToConnector(org.apache.directory.shared.ldap.name.LdapDN, boolean) with last arg (tryCache) =true.

Throws:
NamingException
LdapNoSuchAttributeException

convertDNFromConnector

public LdapDN convertDNFromConnector(Name connDn,
                                     MetaObjectClassMapping leafClassMap,
                                     SearchResult sr,
                                     Boolean isRelative)
                              throws NamingException,
                                     LdapNoSuchAttributeException
Convert a DN (distinguished name) from connector-speak to it's LDAP equivalent, where this is required for:
  1. Each search result returned by list() or search()
  2. Any attribute values stored on the connector end that contain DN values.

Parameters:
connDn - DN to be converted.
leafClassMap - Mappings for objectClass which DN is a references an instance of. In the presence of ambiguous naming attributes this may be critical in performing the DN resolution, and consequently search results must always include an "objectClass=" attribute to disambiguate. In the second case above (connector-speak DN values) the author of the metadata is responsible for providing the objectClass name when creating a DNPropertyConverter for the containing attribute.
sr - Connector-speak search results provided when available (i.e. when stepping through search results as opposed to converting DNs in an association attribute like group.members), as some connectors may need to know some attribute values in order to compute LDAP DN (for example UniqueOU support for LND). When null means DN is absolute otherwise sr.isRelative() is used to determine if a relative, rather then an absolute, DN returned. Note either way that any specified connectorBaseDn is ignored (see convertDNToConnector(LdapDN) for discussion of why). Expect absolute case will be useful for query results only, and that persistently stored DNs will always be relative.
isRelative - If sr is null then this argument can be used used to specify whether connDn is relative or absolute (see comments on searchResult above), otherwise it should be null.
Returns:
connDn converted to LDAP.
Throws:
NamingException
LdapNoSuchAttributeException

getDNAttrIds

public String[] getDNAttrIds(Collection<MetaObjectClassMapping> classMaps,
                             String[] connAttrIds)
Given a set of conn-speak attr Ids, return all DN typed attr Ids given the classMaps

matchDNToClassMap

protected MetaObjectClassMapping matchDNToClassMap(Name dn,
                                                   String connNamingAttrId)
                                            throws NamingException
A helper method that attempts to match a conn-speak DN to a classMap via a lookup

Throws:
NamingException

isRootDN

public boolean isRootDN(LdapDN name)
                 throws NamingException
Throws:
NamingException

isRootDN

public boolean isRootDN(Name name)
                 throws NamingException
Throws:
NamingException

getConnectorClassMap

public MetaObjectClassMapping getConnectorClassMap()
Deprecated. Use MetaObjectClassMappings.getConnectorClassMap() instead.

getObjectInfo

public ObjectInfo getObjectInfo(LdapDN ldapDn,
                                boolean mapDN)
                         throws NamingException
Return null when passed the top-level connector DN, and otherwise break it up into separate components and determine object class for object

Throws:
NamingException

getObjectInfo

public ObjectInfo getObjectInfo(LdapDN ldapDn)
                         throws NamingException
Return null when passed the top-level connector DN, and otherwise break it up into separate components and automatically perform lookups based on these components.

Throws:
NamingException

getObjectInfo

public ObjectInfo getObjectInfo(LdapDN ldapDn,
                                Name connDn)
                         throws NamingException
Create object information using as already-known connDn.

Throws:
NamingException

getObjectInfo

public ObjectInfo getObjectInfo(Name connDn)
                         throws NamingException
Construct ObjectInfo for a connector DN

Throws:
NamingException

getObjectInfo

public ObjectInfo getObjectInfo(Name connDn,
                                MetaObjectClassMapping classMap)
                         throws NamingException
Throws:
NamingException

getRootObjectInfo

public ObjectInfo getRootObjectInfo()
                             throws NamingException
Return object information for the root node in the DIT, ie the connector itself.

Throws:
NamingException

delete

public void delete(LdapDN name)
            throws NamingException
Throws:
NamingException

getAssocReverseConnectorAttrId

public String getAssocReverseConnectorAttrId(ObjectInfo referencingObjInfo,
                                             Association assoc)
                                      throws NamingException
Have to override this method (which updates group membership based on the assignment to the person.memberOf attribute), because eTLDAGroup has an ambiguous objectclass mapping to either of groupOfUniqueNames or groupOfNames which use the different membership attributes uniqueMember and member respectively.

Throws:
NamingException

mapObjectClassAttributeIdsToConnector

protected String mapObjectClassAttributeIdsToConnector(ObjectInfo objInfo,
                                                       Attribute connObjClassAttr)
                                                throws NamingException
Throws:
NamingException

mapAttributesIdsToConnector

protected Attributes mapAttributesIdsToConnector(ObjectInfo objInfo,
                                                 Attributes attrs)
                                          throws NamingException
Map attributes from LDAP to connector speak before passing them to the concrete connector for processing, which involves the following steps:
  1. Map attribute names from LDAP to connector-speak (note we use the less-strict BasicAttributes instead of ApacheDS LockableAttributesImpl in order to handle cases like JDBC where column names which may include multi-byte characters are used as attribute ids).
  2. Validate and/or convert attribute values (strings) have appropriate format expected by the connector.
  3. For any attributes configured as encrypted, encrypt their values prior to passing them to the connector.

Parameters:
objInfo - Information about the target object owning the attributes.
attrs - The attributes to be passed to the connector.
Returns:
The attributes adjusted to the connector-speak.
Throws:
NamingException

mapAttributeIdToConnector

protected Attribute mapAttributeIdToConnector(String objName,
                                              MetaObjectClassMapping classMap,
                                              Attribute attr)
                                       throws NamingException
Throws:
NamingException

mapAttributesIdsToLdap

protected Attributes mapAttributesIdsToLdap(Name dn,
                                            MetaObjectClassMapping classMap,
                                            Set<String> requestedConnAttrIds,
                                            Attributes attrs)
                                     throws NamingException
Does the reverse of mapAttributesIdsToConnector(com.ca.jcs.ObjectInfo, javax.naming.directory.Attributes), so attributes passed back by the concrete connector are mapped back into a form suitable for passing back to the LDAP client, which involves the following steps:
  1. Map attribute names from connector-speak to LDAP.
  2. Validate and/or convert attribute values (strings) from the connector's format to the standard forms universally exposed by the JCS.
  3. For any attributes configured as encrypted, decrypt their values passed back by the connector, so that they appear in clear-text for the LDAP client.

Parameters:
classMap - Mapping for object returned by the connector.
requestedConnAttrIds - Connector
attrs - Attributes mapped from connector-speak to JCS's LDAP format.
Returns:
Converted form of attrs.
Throws:
NamingException - Problem reading values provided by the connector.

mapAttributeIdToLdap

protected Attribute mapAttributeIdToLdap(MetaObjectClassMapping classMap,
                                         Attribute connAttr)

isAmibguousLdapDn

public boolean isAmibguousLdapDn(LdapDN ldapDn)
                          throws NamingException
Returns true if any RDN in ldapDN has ambiguous mappings.

Throws:
NamingException

add

public void add(LdapDN name,
                Attributes attrs)
         throws NamingException
Handle an LDAP ADD request for a connector itself, or a child object of a connector. Any default values defined for the target objectClass are automatically filled in.

Throws:
NamingException

convertToException

public NamingException convertToException(String name,
                                          MetaObjectClassMapping classMap,
                                          ErrorMessages errs)
Initialize headers from name and classMap, and generate an exception to be thrown back to the client.

convertToException

public NamingException convertToException(ObjectInfo objInfo,
                                          ErrorMessages errs)
Initialize headers from objInfo and generate an exception to be thrown back to the client.

validateAttributes

protected void validateAttributes(String name,
                                  MetaObjectClassMapping classMap,
                                  Attributes attrs,
                                  boolean isQuery,
                                  ErrorMessages errs)
                           throws NamingException
Run all relevant validators against the provided LDAP domain attributes (never connector-speak) in either direction as dictated by isQuery which, if true, causes class-level validators to be skipped. Note only called by modify() for compound values, where a MODIFY is really an ADD.

Throws:
NamingException

validateAttributes

protected void validateAttributes(String name,
                                  MetaObjectClassMapping classMap,
                                  Attributes attrs,
                                  boolean isQuery)
                           throws NamingException
Run all relevant validators against the provided LDAP domain attributes (never connector-speak) in either direction as dictated by isQuery which, if true, causes class-level validators to be skipped.

Throws:
NamingException

getErrClassId

protected static String getErrClassId(MetaObjectClassMapping classMap)

convertAttributes

protected static void convertAttributes(MetaObjectClassMapping classMap,
                                        Attributes attrs,
                                        boolean toConnector)
                                 throws NamingException
Handle conversion of attributes in either direction, as dictated by the toConnector.

Throws:
NamingException

mapModificationItems

protected ModificationItem[] mapModificationItems(ObjectInfo objInfo,
                                                  ModificationItem[] items)
                                           throws NamingException
Clone items and remap to connector-speak attr names, resolving an ambiguous to-connector mappings as required.

Throws:
NamingException

modify

public void modify(LdapDN name,
                   ModificationItem[] rawItems)
            throws NamingException
Throws:
NamingException

isLockedModify

public boolean isLockedModify(ObjectInfo objInfo,
                              String[] attrIds)
Allows connector to identify on a per attribute basis whether modifications of the attribute always require locking to prevent data integrity violations during concurrent modifies where native attribute only supports REPLACE style modify semantics. By default attributes marked as MetaDataDefs.MD_IS_IMPLEMENTED_AS_ASSOC and virtual association attributes are locked.

isLockedModify

public boolean isLockedModify(ObjectInfo objInfo,
                              Association assoc)
By default virtual associations are modified in a locked context

performLockedOperation

@Nullable
public <T,C> C performLockedOperation(@NotNull
                                               ObjectInfo objInfo,
                                               @NotNull
                                               T[] items,
                                               @NotNull
                                               Callable<C> callback)
                         throws NamingException
Performs operation in a locked context on target entry using callback

Throws:
NamingException

convertModificationItems

public ModificationItem[] convertModificationItems(ObjectInfo objInfo,
                                                   ModificationItem[] items)
                                            throws NamingException
Run all relevant converters on items passed to modify operation.

Throws:
NamingException

getObjectClassFromConnAttr

public String[] getObjectClassFromConnAttr(MetaObjectClassMapping classMap,
                                           String connAttrId)
Return objectClass value to which a connector speak attribute is mapped to either via ambiguous mappings or not.

Parameters:
classMap - ClassMap from which the objectClass is determined
connAttrId - Connector speak attribute for which the objectClass is determined
Returns:
objectClass value

getObjectClassFromAmbiguousConnAttr

public String[] getObjectClassFromAmbiguousConnAttr(MetaObjectClassMapping classMap,
                                                    String connAttrId)
Return connector objectClass value given a classMap and an ambiguous connector speak attribute

Parameters:
classMap - ClassMap from which the objectClass is determined
connAttrId - One of the ambiguous connector speak attribute values
Returns:
objectClass value corresponding to the ambiguous connector speak attribute

getFilterInfo

public FilterInfo getFilterInfo(ExprNode filter,
                                boolean needObjClassesInFilter)
                         throws LdapNamingException
Throws:
LdapNamingException

getFilterInfo

public FilterInfo getFilterInfo(ObjectInfo baseObjInfo,
                                SearchControls searchControls,
                                ExprNode filter,
                                boolean needObjClassesInFilter,
                                boolean searchSingleClass,
                                MetaObjectClassMapping searchSingleClassMap)
                         throws LdapNamingException
Throws:
LdapNamingException

getFilterInfo

public FilterInfo getFilterInfo(ObjectInfo baseObjInfo,
                                SearchControls searchControls,
                                ExprNode filter,
                                ExprNode origClonedFilter,
                                boolean needObjClassesInFilter,
                                boolean searchSingleClass,
                                MetaObjectClassMapping searchSingleClassMap)
                         throws LdapNamingException
Throws:
LdapNamingException

getFilterInfo

public FilterInfo getFilterInfo(ExprNode filter)
                         throws LdapNamingException
Determine objectClass information from filter, and also map attribute names in the filter to their connector-speak equivalents. Any references from unmapped attributes are pruned from the contained filter returned, and if BaseConnector.isObjectClassRequired() is false the object class assertions are also pruned too.

Throws:
LdapNamingException

getFilterInfo

public FilterInfo getFilterInfo(ObjectInfo baseObjInfo,
                                SearchControls searchControls,
                                ExprNode filter)
                         throws LdapNamingException
Throws:
LdapNamingException

searchObjectScopeAsLookup

public NamingEnumeration<SearchResult> searchObjectScopeAsLookup(Name ldapBaseDn,
                                                                 Name connBaseDn,
                                                                 Attributes attrs,
                                                                 String includeDnLdapAttrId)
                                                          throws NamingException
Turn lookup results (attributes) into query results. Note it is important that the search result DN falls under the baseDN provided to the original search, even if DNs are added to (eg because of virtual containers) because the Sun JNDI client libraries will handle this case: object-scope search on 
      eTDYNGroupName=grp1,eTDYNDirectoryName=dir,eTNamespaceName=NS,dc=DOM,dc=etasa
yielding search results with DN
      eTDYNGroupName=grp1,eTDYNGroupContainerName=Groups,eTDYNDirectoryName=dir,eTNamespaceName=NS,dc=DOM,dc=etasa
by converting the search result DN into a bizarre LDAP referral: 
      ldap://[host]:[port]/eTDYNGroupName=grp1,eTDYNGroupContainerName=Groups,eTDYNDirectoryName=dir,
          eTNamespaceName=NS,dc=DOM,dc=etasa,eTDYNGroupName=grp1,eTDYNDirectoryName=dir,eTNamespaceName=NS,
          dc=DOM,dc=etasa
.

Throws:
NamingException

getFilterObjClass

protected FilterInfo getFilterObjClass(ExprNode filter)
Determine objectClass information from filter without changing it.

getSearchBaseObjectInfo

public ObjectInfo getSearchBaseObjectInfo(MetaObjectClassMapping classMap)
                                   throws NamingException
Work out suitable search base for a class and return equivalent ObjectInfo representing this search base

Throws:
NamingException

getSearchBaseObjectInfo

public ObjectInfo getSearchBaseObjectInfo(ObjectInfo baseObjInfo,
                                          MetaObjectClassMapping classMap)
                                   throws NamingException
Work out suitable search base for a class and return equivalent ObjectInfo 'baseObjInfo' is used to determine if any defined search container base should take effect over current search base

Throws:
NamingException

isSearchOutsideClassContainer

public boolean isSearchOutsideClassContainer(ObjectInfo baseObjInfo,
                                             MetaObjectClassMapping classMap)
Check if current search base is outside any search container DNs defined for the target class

searchOneClass

protected NamingEnumeration<SearchResult> searchOneClass(ObjectInfo baseObjInfo,
                                                         Map<String,String> environment,
                                                         FilterInfo filterInfo,
                                                         SearchControls searchControls,
                                                         MetaObjectClassMapping classMap)
                                                  throws NamingException
Search over a single class of object specified either by the filter (objectClass assertion) or because it is implied by the baseName.

Throws:
NamingException

searchVirtualContainers

protected NamingEnumeration<SearchResult> searchVirtualContainers(ObjectInfo objInfo,
                                                                  Map<String,String> environment,
                                                                  FilterInfo filterInfo,
                                                                  SearchControls searchControls)
                                                           throws NamingException,
                                                                  MetaConnector.SearchFinishedException
Throws:
NamingException
MetaConnector.SearchFinishedException

search

protected NamingEnumeration<SearchResult> search(ObjectInfo baseObjInfo,
                                                 Map<String,String> environment,
                                                 FilterInfo filterInfo,
                                                 SearchControls searchControls)
                                          throws NamingException
Submit single search over multiple classMaps to concrete connector.

Throws:
NamingException

getFilterAwareness

public Collection<? extends MetaConnector.FilterAware> getFilterAwareness()
Override in a connector to flag whether connector fully implements search filter support. This means an ability to work with complex filters and support for various types of filter expressions. When a complex search filter is encountered and connector is not filter aware the framework will impose post filtering on any search results. Note that post filtering always achieves correctness at a cost of effiency because connector is going to supply all the data (filter is ignored) for the post filtering to deal with. It's always a good idea to not have to rely on isFilterAware=false and implement the filtering in the connector itself using native semantics. Note that any simple filters will not result in post filtering unless the connector is sufficiently dumbed down such that use of non filterable attributes is imposed (isConnectorFilterable=false) or use of filter types to complex for a given connector.

Returns:
Collection of FilterAware levels corresponding to the state of connector's filter support

search

public NamingEnumeration<SearchResult> search(LdapDN baseName,
                                              Map environment,
                                              ExprNode filter,
                                              SearchControls searchControls)
                                       throws NamingException
Throws:
NamingException

isSearchAsLookup

protected boolean isSearchAsLookup(ObjectInfo baseObjInfo)
Detect if a search qualifies to be replaced by a lookup

searchImpl

@NotNull
protected NamingEnumeration<SearchResult> searchImpl(ObjectInfo baseObjInfo,
                                                             Map<String,String> environment,
                                                             FilterInfo filterInfo,
                                                             SearchControls searchControls)
                                              throws NamingException
Note that this method can not return null, but must instead return an empty NamingEnumeration if there are no results.

Throws:
NamingException

getClassMappingFromConnectorAttrs

public MetaObjectClassMapping getClassMappingFromConnectorAttrs(String name,
                                                                Attributes attrs)
                                                         throws NamingException
Throws:
NamingException

getClassMappingFromConnectorObjectClass

protected MetaObjectClassMapping getClassMappingFromConnectorObjectClass(Attribute objectClassAttr)
                                                                  throws NamingException
Returns:
MetaObjectClassMapping matching the given connector-speak object class
Throws:
NamingException

mapAttributeIdsToConnector

public String[] mapAttributeIdsToConnector(Collection<MetaObjectClassMapping> classMaps,
                                           String[] ldapAttrIds,
                                           boolean objectScope)
Map ldapAttrIds belonging to the LDAP object class matching objectInfo to their connector-speak equivalents, where the naming attribute is always forced to be present in the first position.

Specified by:
mapAttributeIdsToConnector in class BaseConnector
Parameters:
classMaps - List of MetaObjectClassMappings for all objectclasses that may be returned by a query.
ldapAttrIds - Ldap attributes ids requested by the client.
objectScope - If true null ldapAttrIds list is interpretted as meaning "all attributes". If false a null ldapAttrIds list is interpretted as meaning "all cheap attributes".
Returns:
ldapAttrIds mapped to connector speak, where the special attribute BaseConnector.CONN_DN will be deleted if it is mapped to.

mapAttributeIdsToConnector

protected String[] mapAttributeIdsToConnector(Collection<MetaObjectClassMapping> classMaps,
                                              String[] ldapAttrIds,
                                              boolean objectScope,
                                              boolean translateSpecialAttrs)

getDefaultSearchLdapAttrIds

protected String[] getDefaultSearchLdapAttrIds(MetaObjectClassMapping classMap)

getDefaultConnectorSearchAttrIds

protected String[] getDefaultConnectorSearchAttrIds(MetaObjectClassMapping classMap)

lookup

public Attributes lookup(LdapDN name,
                         String[] attrIds)
                  throws NamingException
Throws:
NamingException

getRequestedConnAttrIds

protected Set<String> getRequestedConnAttrIds(String[] mapAttrIds,
                                              String dnLdapAttrId)

convertAttributesFromConnector

public Attributes convertAttributesFromConnector(Name connDn,
                                                 String ldapDnStr,
                                                 MetaObjectClassMapping classMap,
                                                 Set<String> requestedConnAttrIds,
                                                 Attributes connAttrs,
                                                 boolean strict)
                                          throws NamingException
Handles taking connector-speak attributes and fully converting them into LDAP equivalent.

Parameters:
connDn - Connector-speak DN for this object.
ldapDnStr - LDAP equivalent to connDn.
classMap - Details about object's objectClass mappings.
requestedConnAttrIds - Connector-speak attribute ids originally requested by the client.
connAttrs - Connector-speak attributes to be converted.
strict - should it return error when empty attribute values are found?
Returns:
Attributes fully mapped validated/converted and mapped to LDAP.
Throws:
NamingException

modifyRn

public void modifyRn(LdapDN name,
                     String newRdnStr,
                     boolean deleteOldRn)
              throws NamingException
Throws:
NamingException

move

public void move(LdapDN oldName,
                 LdapDN newParentName,
                 String newRdnStr,
                 boolean deleteOldRn)
          throws NamingException
Move an existing object called oldName under new container newParentName, also changing its RDN (renaming it) if newRdnStr != null (otherwise it keeps the most nested RDN it had in oldName). Calls OpProcessor#doMove(ObjectInfo, Name) on this connector's attribute-style processor, where implementations need to check both that the object referenced by oldName exists, and that there is no object already existing with the destination name.

Specified by:
move in interface PartitionOps
Specified by:
move in interface Partition
Overrides:
move in class AbstractPartition
Throws:
NamingException

move

public void move(LdapDN oldName,
                 LdapDN newParentName)
          throws NamingException
Simply calls move(LdapDN, LdapDN, String, boolean) with null and true as the last two parameters.

Specified by:
move in interface PartitionOps
Specified by:
move in interface Partition
Overrides:
move in class AbstractPartition
Throws:
NamingException

getIncludedDnLdapAttrId

public String getIncludedDnLdapAttrId(MetaObjectClassMapping classMap,
                                      String[] ldapAttrIds)
Return it if any provided attribute id maps to BaseConnector.CONN_DN on the connector side, including the special BaseConnector.LDAP_CONN_DN attribute which will always serve this role regardless of metadata settings.

Parameters:
classMap - Represents object class for instance being queried.
ldapAttrIds - Attribute ids client requested be returned in query results.
Returns:
DN should be included in return results.

getConnectorObjectClasses

public String[] getConnectorObjectClasses(ObjectInfo objInfo)
                                   throws NamingException
Return a list of all objectClass values present on the native object

Throws:
NamingException

getConnectorObjectClass

public String getConnectorObjectClass(ObjectInfo objInfo)
                               throws NamingException
Return a single connector speak objectClass value

Throws:
NamingException

getFilterInfo

public FilterInfo getFilterInfo(String ldapFilterStr)
                         throws LdapNamingException
Return information for provided (ldap-speak) LDAP filter string; useful for connectors which need to use filter strings of their own devising, possibly so to make use of the framework's ability to expand ambiguous connector mappings starting from an ldap-speak filter.

Parameters:
ldapFilterStr - LDAP filter string to be converted to connctor-speak.
Returns:
Information on provided filter.
Throws:
LdapNamingException

getFilterInfo

public FilterInfo getFilterInfo(ObjectInfo baseObjInfo,
                                SearchControls searchControls,
                                String ldapFilterStr)
                         throws LdapNamingException
Throws:
LdapNamingException

notifyMetaData

public void notifyMetaData(MetaObjectClassMappings mappings,
                           boolean opBindChange)
                    throws NamingException
Used to inform connector of new metadata, which may trigger the creation / destruction of various styles of op processors depending on the exact content of the new metadata (and whether concrete connector implements each style). Also sets BaseConnector.setCachingRequired(boolean) to true if mappings has one more objectclasses in it with connectorMapToAmbiguous= set on their naming attributes. Also sets nonFilterableAttrs if any attributes have the flag MD_IS_CONNECTOR_FILTERABLE set false.

Parameters:
mappings - New attribute-style mappings calculated by parent connector type.
opBindChange - True if op bindings changed (which may effect method-style or script-style processors or both).
Throws:
NamingException

resolveObjectClass

public MetaObjectClassMapping resolveObjectClass(String ldapAttributeId,
                                                 Name connDN,
                                                 Collection<MetaObjectClassMapping> classMaps)
                                          throws NamingException
Can be used by connectors that support association attributes containing references to more then one objectclass (refer MetaDataDefs.MD_DN_LDAP_OBJECT_CLASSES which can't be distinguished by their connector-speak naming attributes alone. Overriding methods might make use of special knowledge about connector-speak DN syntax or in the most demanding case may have to actually query the endpoint system itself to determine the connector-speak objectclass. Unless overridden this method throws an exception explaining that it needs to be implemented.

Parameters:
ldapAttributeId - Name of the attribute requiring resolution to be performed, which is not sufficient to be any kind of key as it's parent classMap is not know but is useful for log messages and establishing context nonetheless (note that this method's task is logically independent of which attribute requires the provided classMaps to be disambiguated).
connDN - Connector-speak DN for which objectclass needs to be resolved.
classMaps - Possible class maps from which objectclass needs to be resolved (as specified in metadata).
Returns:
Class map chosen from classMaps referenced by connDN.
Throws:
NamingException

isFilterSingleClassMatching

protected boolean isFilterSingleClassMatching(FilterInfo filterInfo)
Check if a filter is targetting a single class

validateDNForSearchContainer

public boolean validateDNForSearchContainer(MetaObjectClassMapping classMap,
                                            String connDnStr,
                                            boolean throwOnError)
                                     throws LdapInvalidAttributeValueException
Throws:
LdapInvalidAttributeValueException

getOpProcessorForSearch

protected OpProcessor getOpProcessorForSearch(MetaObjectClassMapping classMap)
Get the correct op processor to use for a search.

Parameters:
classMap - the class mapping of the base object being search.
Returns:
the op processor to use for a search.

isValidContainmentSearchResult

public boolean isValidContainmentSearchResult(SearchResult sr,
                                              Name mapName,
                                              Name baseDN,
                                              SearchControls searchControls)
Verifies a SearchResult validity

Parameters:
sr - SearchResult to verify
mapName - ETA DN corresponding to the SearchResult
baseDN - ETA DN corresponding to the search base
searchControls - SearchControls used for the search operation
Returns:
true if search result LDAP name is valid in relation to the containment levels for the search scope given. That is a 1 level search cant return results 2 levels below the base or base search cant return results contained below the base.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Created 2011-07-14 13:27 EST