public class CoreConfigManager extends Object implements ConfigurationChangeListener<GlobalCfg>
These configuration attributes appear in the "cn=config" configuration entry.
Modifier and Type | Class and Description |
---|---|
static interface |
CoreConfigManager.EtimeService
Definition of a service providing etimes.
|
static class |
CoreConfigManager.EtimeServices
Implementation of services providing etimes.
|
Constructor and Description |
---|
CoreConfigManager(ServerContext serverContext)
Creates a new instance of this core config manager.
|
Modifier and Type | Method and Description |
---|---|
ConfigChangeResult |
applyConfigurationChange(GlobalCfg configuration)
Applies the configuration changes to this change listener.
|
Set<String> |
getAllowedTasks()
Retrieves a set containing the names of the allowed tasks that may be invoked in the server.
|
int |
getCursorEntryLimit()
Retrieves the default maximum number of entry IDs that the server may retrieve by cursoring through
an index during a search.
|
Dn |
getDefaultPasswordPolicyDN()
Retrieves the DN of the configuration entry for the default password policy for the Directory Server.
|
Set<Privilege> |
getDisabledPrivileges()
Retrieves the set of privileges that have been disabled.
|
long |
getIdleTimeLimit()
Retrieves the idle time limit for the server.
|
int |
getLookthroughLimit()
Retrieves the default maximum number of entries that should checked for matches during a search.
|
List<Properties> |
getMailServerPropertySets()
Retrieves the sets of information about the mail servers configured for use by the Directory Server.
|
long |
getMaxAllowedConnections()
Retrieves the maximum number of connections that will be allowed at any given time.
|
int |
getMaxInternalBufferSize()
Returns the threshold capacity beyond which internal cached buffers used for encoding and decoding entries and
protocol messages will be trimmed after use.
|
int |
getMaxPSearches()
Retrieves the maximum number of concurrent persistent searches that will be allowed.
|
Dn |
getProxiedAuthorizationIdentityMapperDN()
Retrieves the DN of the configuration entry for the identity mapper that should be used in conjunction with
proxied authorization V2 controls.
|
AcceptRejectWarn |
getSingleStructuralObjectClassPolicy()
Retrieves the policy that should be used regarding enforcement of a single structural objectclass per entry.
|
int |
getSizeLimit()
Retrieves the default maximum number of entries that should be returned for a search.
|
Set<Dn> |
getSubordinateBaseDNs()
Retrieves the restricted set of subordinate base DNs to use when searching the root suffix "".
|
AcceptRejectWarn |
getSyntaxEnforcementPolicy()
Retrieves the policy that should be used when an attribute value is found that is not valid according to the
associated attribute syntax.
|
int |
getTimeLimit()
Retrieves the default maximum length of time in seconds that should be allowed when processing a search.
|
GlobalCfgDefn.UnauthenticatedRequestsPolicy |
getUnauthenticatedRequestsPolicy()
Indicates how unauthenticated requests should be handled by the server.
|
WritabilityMode |
getWritabilityMode()
Retrieves the writability mode for the Directory Server.
|
void |
initializeCoreConfig()
Initializes the Directory Server's core configuration.
|
boolean |
isAddMissingRDNAttributes()
Indicates whether the Directory Server should automatically add missing RDN attributes to an entry whenever it is
added.
|
boolean |
isBindWithDNRequiresPassword()
Indicates whether simple bind requests that contain a bind DN will also be required to have a password.
|
boolean |
isCheckSchema()
Indicates whether the Directory Server should perform schema checking.
|
boolean |
isConfigurationChangeAcceptable(GlobalCfg configuration,
List<LocalizableMessage> unacceptableReasons)
Indicates whether the proposed change to the configuration is acceptable
to this change listener.
|
boolean |
isDisabled(Privilege privilege)
Indicates whether the specified privilege is disabled.
|
boolean |
isMailServerConfigured()
Indicates whether the Directory Server is configured with information about one or more mail servers and may
therefore be used to send e-mail messages.
|
boolean |
isNotifyAbandonedOperations()
Indicates whether the Directory Server should send a response to an operation that has been abandoned.
|
boolean |
isReturnBindErrorMessages()
Indicates whether responses to failed bind operations should include a message explaining the reason for the
failure.
|
boolean |
isSaveConfigOnSuccessfulStartup()
Indicates whether configuration should be saved on successful startup of the server.
|
boolean |
isUseNanoTime()
Retrieves whether operation processing times should be collected with nanosecond resolution.
|
SchemaValidationPolicy |
serverPolicy()
Returns the default schema validation policy that should be used by the server.
|
boolean |
shouldTrustTransactionIds()
Indicates if transaction IDs received from requests should be trusted and logged.
|
public CoreConfigManager(ServerContext serverContext)
serverContext
- The server context.public void initializeCoreConfig() throws ConfigException
ConfigException
- If a configuration problem causes the identity mapper initialization process to fail.public boolean isConfigurationChangeAcceptable(GlobalCfg configuration, List<LocalizableMessage> unacceptableReasons)
ConfigurationChangeListener
isConfigurationChangeAcceptable
in interface ConfigurationChangeListener<GlobalCfg>
configuration
- The new configuration containing the changes.unacceptableReasons
- A list that can be used to hold messages about why the
provided configuration is not acceptable.true
if the proposed change is acceptable,
or false
if it is not.public ConfigChangeResult applyConfigurationChange(GlobalCfg configuration)
ConfigurationChangeListener
applyConfigurationChange
in interface ConfigurationChangeListener<GlobalCfg>
configuration
- The new configuration containing the changes.public Set<String> getAllowedTasks()
public Dn getDefaultPasswordPolicyDN()
public Set<Privilege> getDisabledPrivileges()
public long getIdleTimeLimit()
public int getLookthroughLimit()
public int getCursorEntryLimit()
public List<Properties> getMailServerPropertySets()
public long getMaxAllowedConnections()
public int getMaxInternalBufferSize()
public int getMaxPSearches()
public Dn getProxiedAuthorizationIdentityMapperDN()
null
if none is defined.public AcceptRejectWarn getSingleStructuralObjectClassPolicy()
public SchemaValidationPolicy serverPolicy()
public int getSizeLimit()
public Set<Dn> getSubordinateBaseDNs()
public AcceptRejectWarn getSyntaxEnforcementPolicy()
public int getTimeLimit()
public WritabilityMode getWritabilityMode()
public boolean isAddMissingRDNAttributes()
true
if the Directory Server should automatically add missing RDN attributes to an entry, or
false
if it should return an error to the client.public boolean isBindWithDNRequiresPassword()
true
if simple bind requests containing a bind DN will be required to have a password, or
false
if not (and therefore will be treated as anonymous binds).public boolean isCheckSchema()
true
if the Directory Server should perform schema checking, or false
if not.public boolean isDisabled(Privilege privilege)
privilege
- The privilege for which to make the determination.true
if the specified privilege is disabled, or false
if not.public boolean isMailServerConfigured()
true
if the Directory Server is configured to be able to send e-mail messages, or false
if not.public boolean isNotifyAbandonedOperations()
true
if the Directory Server should send a response to an operation that has been abandoned, or
false
if not.public GlobalCfgDefn.UnauthenticatedRequestsPolicy getUnauthenticatedRequestsPolicy()
public boolean isReturnBindErrorMessages()
true
if bind responses should include error messages, or false
if not.public boolean isUseNanoTime()
true
if nanosecond resolution times are collected or false
if only millisecond resolution
times are being collected.public boolean isSaveConfigOnSuccessfulStartup()
true
if configuration should be saved, false
otherwise.public boolean shouldTrustTransactionIds()
true
, the
server will add a transaction ID control to all the requests which do not already include one, and the server
will add a sub-transaction ID control to all the forwarded requests. If set to false
, the server will
discard all incoming transaction IDs and create new ones.true
if transactionIds should be trusted, false
otherwiseCopyright 2010-2022 ForgeRock AS.