protocol-ldap/src/main/java/org/apache/directory/server/ldap/replication/SyncreplConfiguration.java - directory-server - Git at Google

 /*
  *  Licensed to the Apache Software Foundation (ASF) under one
  *  or more contributor license agreements.  See the NOTICE file
  *  distributed with this work for additional information
  *  regarding copyright ownership.  The ASF licenses this file
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
  *
  *    http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License.
  *
  */
 package org.apache.directory.server.ldap.replication;


 import java.util.HashSet;
 import java.util.Set;

 import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
 import org.apache.directory.shared.ldap.model.constants.SchemaConstants;
 import org.apache.directory.shared.ldap.model.filter.SearchScope;
 import org.apache.directory.shared.ldap.model.message.AliasDerefMode;
 import org.apache.directory.shared.util.Strings;

 import javax.net.ssl.X509TrustManager;


 /**
  *
  * A class for holding the syncrepl consumer's configuration.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
 public class SyncreplConfiguration
 {
     /** host name of the syncrepl provider server, default value is localhost */
     private String providerHost = "localhost";

     /** port number of the syncrepl provider server, default is 389 */
     private int port = 389;

     /** replication user's Dn */
     private String replUserDn;

     /** password for binding with replication user dn */
     private byte[] replUserPassword;

     /** flag to represent refresh and persist or refresh only mode, defaults to true */
     private boolean refreshNPersist = true;

     /** time interval for successive sync requests, default is 60 seconds */
     private long refreshInterval = 60 * 1000;

     /** the base Dn whose content will be searched for replicating */
     private String baseDn;

     /** the ldap filter for fetching the entries, default value is (objectClass=*) */
     private String filter = "(objectClass=*)";

     /** names of attributes to be replicated, default value is all user attributes */
     private Set<String> attributes;

     /** the numer for setting the limit on number of search results to be fetched
      * default value is 0 (i.e no limit) */
     private int searchSizeLimit = 0;

     /** the timeout value to be used while doing a search
      * default value is 0 (i.e no limit)*/
     private int searchTimeout = 0;

     /** the search scope, default is sub tree level */
     private SearchScope searchScope = SearchScope.SUBTREE;

     /** alias dereferencing mode, default is set to 'never deref aliases' */
     private AliasDerefMode aliasDerefMode = AliasDerefMode.NEVER_DEREF_ALIASES;

     /** the cookie received from server */
     private byte[] cookie;

     /** the replica's id */
     private int replicaId;

     /** a flag to indicate to store the cookie in a file, default is false
      *  NOTE: a value of true indicates that the cookie will be stored
      *  on file system, which is useful while testing the consumer
      *  without loading config partition
      */
     private boolean storeCookieInFile = false;

     private static final String REPL_CONFIG_AREA = "ou=replProviders,ou=config";

     /** flag to indicate whether to chase referrals or not, default is false hence passes ManageDsaITControl with syncsearch request*/
     private boolean chaseReferrals = false;

     /** flag to indicate the use of TLS, default is true */
     private boolean useTls = true;

     /** flag to indicate the use of strict certificate verification, default is true */
     private boolean strictCertVerification = true;

     /** the X509 certificate trust manager used, default value set to {@link NoVerificationTrustManager} */
     private X509TrustManager trustManager = new NoVerificationTrustManager();


     public SyncreplConfiguration()
     {
         attributes = new HashSet<String>();
         attributes.add( SchemaConstants.ALL_USER_ATTRIBUTES );
         attributes.add( SchemaConstants.ENTRY_UUID_AT.toLowerCase() );
         attributes.add( SchemaConstants.ENTRY_CSN_AT.toLowerCase() );
         attributes.add( SchemaConstants.REF_AT.toLowerCase() );
     }


     /**
      * @return the providerHost
      */
     public String getProviderHost()
     {
         return providerHost;
     }


     /**
      * @param providerHost the providerHost to set
      */
     public void setProviderHost( String providerHost )
     {
         this.providerHost = providerHost;
     }


     /**
      * @return the port
      */
     public int getPort()
     {
         return port;
     }


     /**
      * @param port the port to set
      */
     public void setPort( int port )
     {
         this.port = port;
     }


     /**
      * @return the replication user's Dn
      */
     public String getReplUserDn()
     {
         return replUserDn;
     }


     /**
      * @param replUserdDn the Dn of the replication user
      */
     public void setReplUserDn( String replUserdDn )
     {
         this.replUserDn = replUserdDn;
     }


     /**
      * @return the replication user's password
      */
     public String getReplUserPassword()
     {
         return Strings.utf8ToString(replUserPassword);
     }


     /**
      * @param replUserPassword the replication user's password
      */
     public void setReplUserPassword( String replUserPassword )
     {
         setReplUserPassword( replUserPassword.getBytes() );
     }


     /**
      * @param replUserPassword the replication user's password
      */
     public void setReplUserPassword( byte[] replUserPassword )
     {
         this.replUserPassword = replUserPassword;
     }


     /**
      * @return the refreshPersist
      */
     public boolean isRefreshNPersist()
     {
         return refreshNPersist;
     }


     /**
      * @param refreshNPersist the falg indicating to run the consumer in refreshAndPersist mode
      */
     public void setRefreshNPersist( boolean refreshNPersist )
     {
         this.refreshNPersist = refreshNPersist;
     }


     /**
      * @return the refresh interval
      */
     public long getRefreshInterval()
     {
         return refreshInterval;
     }


     /**
      * @param refreshInterval the consumerInterval to set
      */
     public void setRefreshInterval( long refreshInterval )
     {
         if ( refreshInterval <= 0 )
         {
             throw new IllegalArgumentException( "refresh interval should be more than zero" );
         }
         this.refreshInterval = refreshInterval;
     }


     /**
      * @return the baseDn
      */
     public String getBaseDn()
     {
         return baseDn;
     }


     /**
      * @param baseDn the baseDn to set
      */
     public void setBaseDn( String baseDn )
     {
         this.baseDn = baseDn;
     }


     /**
      * @return the filter
      */
     public String getFilter()
     {
         return filter;
     }


     /**
      * @param filter the filter to set
      */
     public void setFilter( String filter )
     {
         this.filter = filter;
     }


     /**
      * @return the attributes
      */
     public String[] getAttributes()
     {
         return attributes.toArray( new String[]
             {} );
     }


     /**
      * @param attr the attributes to set
      */
     public void setAttributes( String[] attr )
     {
         if ( attr == null )
         {
             throw new IllegalArgumentException( "attributes to be replicated cannot be null or empty" );
         }

         // if user specified some attributes then remove the * from attributes
         // NOTE: if the user specifies * in the given array that eventually gets added later
         if ( attr.length > 0 )
         {
             attributes.remove( SchemaConstants.ALL_USER_ATTRIBUTES );
         }

         for ( String at : attr )
         {
             at = at.trim();

             if ( !attributes.contains( at.toLowerCase() ) )
             {
                 attributes.add( at );
             }
         }
     }


     /**
      * @return the searchSizeLimit
      */
     public int getSearchSizeLimit()
     {
         return searchSizeLimit;
     }


     /**
      * @param searchSizeLimit the searchSizeLimit to set
      */
     public void setSearchSizeLimit( int searchSizeLimit )
     {
         if ( searchTimeout < 0 )
         {
             throw new IllegalArgumentException( "search size limit value cannot be negative " + searchSizeLimit );
         }

         this.searchSizeLimit = searchSizeLimit;
     }


     /**
      * @return the searchTimeout
      */
     public int getSearchTimeout()
     {
         return searchTimeout;
     }


     /**
      * @param searchTimeout the searchTimeout to set
      */
     public void setSearchTimeout( int searchTimeout )
     {
         if ( searchTimeout < 0 )
         {
             throw new IllegalArgumentException( "search timeout value cannot be negative " + searchTimeout );
         }

         this.searchTimeout = searchTimeout;
     }


     /**
      * @return the searchScope
      */
     public SearchScope getSearchScope()
     {
         return searchScope;
     }


     /**
      * @param searchScope the searchScope to set
      */
     public void setSearchScope( SearchScope searchScope )
     {
         this.searchScope = searchScope;
     }


     /**
      * @return the replicaId
      */
     public int getReplicaId()
     {
         return replicaId;
     }


     /**
      * @param replicaId the replicaId to set
      */
     public void setReplicaId( int replicaId )
     {
         this.replicaId = replicaId;
     }


     public AliasDerefMode getAliasDerefMode()
     {
         return aliasDerefMode;
     }


     public void setAliasDerefMode( AliasDerefMode aliasDerefMode )
     {
         if ( aliasDerefMode != AliasDerefMode.NEVER_DEREF_ALIASES
             || aliasDerefMode != AliasDerefMode.DEREF_FINDING_BASE_OBJ )
         {
             throw new IllegalArgumentException(
                 "alias deref mode should only be set to either 'NEVER_DEREF_ALIASES' or 'DEREF_FINDING_BASE_OBJ'" );
         }

         this.aliasDerefMode = aliasDerefMode;
     }


     public byte[] getCookie()
     {
         return cookie;
     }


     public void setCookie( byte[] cookie )
     {
         this.cookie = cookie;
     }


     public boolean isStoreCookieInFile()
     {
         return storeCookieInFile;
     }


     public void setStoreCookieInFile( boolean storeCookieInFile )
     {
         this.storeCookieInFile = storeCookieInFile;
     }


     public boolean isChaseReferrals()
     {
         return chaseReferrals;
     }


     public void setChaseReferrals( boolean chaseReferrals )
     {
         if ( chaseReferrals )
         {
             throw new UnsupportedOperationException( "client-api currently doesn't support chasing referrals" );
         }

         this.chaseReferrals = chaseReferrals;
     }


     public String getConfigEntryDn()
     {
         return "ads-dsReplicaId=" + replicaId + "," + REPL_CONFIG_AREA;
     }


     public boolean isUseTls()
     {
         return useTls;
     }


     /**
      * set the option to turn on/off use of TLS
      *
      * @param useTls
      */
     public void setUseTls( boolean useTls )
     {
         this.useTls = useTls;
     }


     public boolean isStrictCertVerification()
     {
         return strictCertVerification;
     }


     /**
      * set the strict certificate verification
      *
      * @param strictCertVerification
      */
     public void setStrictCertVerification( boolean strictCertVerification )
     {
         if ( strictCertVerification )
         {
             trustManager = ReplicationTrustManager.getInstance();
         }
         else
         {
             trustManager = new NoVerificationTrustManager();
         }

         this.strictCertVerification = strictCertVerification;
     }


     public X509TrustManager getTrustManager()
     {
         return trustManager;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/
	package org.apache.directory.server.ldap.replication;


	import java.util.HashSet;
	import java.util.Set;

	import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
	import org.apache.directory.shared.ldap.model.constants.SchemaConstants;
	import org.apache.directory.shared.ldap.model.filter.SearchScope;
	import org.apache.directory.shared.ldap.model.message.AliasDerefMode;
	import org.apache.directory.shared.util.Strings;

	import javax.net.ssl.X509TrustManager;


	/**
	*
	* A class for holding the syncrepl consumer's configuration.
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	*/
	public class SyncreplConfiguration
	{
	/** host name of the syncrepl provider server, default value is localhost */
	private String providerHost = "localhost";

	/** port number of the syncrepl provider server, default is 389 */
	private int port = 389;

	/** replication user's Dn */
	private String replUserDn;

	/** password for binding with replication user dn */
	private byte[] replUserPassword;

	/** flag to represent refresh and persist or refresh only mode, defaults to true */
	private boolean refreshNPersist = true;

	/** time interval for successive sync requests, default is 60 seconds */
	private long refreshInterval = 60 * 1000;

	/** the base Dn whose content will be searched for replicating */
	private String baseDn;

	/** the ldap filter for fetching the entries, default value is (objectClass=) /
	private String filter = "(objectClass=*)";

	/** names of attributes to be replicated, default value is all user attributes */
	private Set<String> attributes;

	/** the numer for setting the limit on number of search results to be fetched
	* default value is 0 (i.e no limit) */
	private int searchSizeLimit = 0;

	/** the timeout value to be used while doing a search
	* default value is 0 (i.e no limit)*/
	private int searchTimeout = 0;

	/** the search scope, default is sub tree level */
	private SearchScope searchScope = SearchScope.SUBTREE;

	/** alias dereferencing mode, default is set to 'never deref aliases' */
	private AliasDerefMode aliasDerefMode = AliasDerefMode.NEVER_DEREF_ALIASES;

	/** the cookie received from server */
	private byte[] cookie;

	/** the replica's id */
	private int replicaId;

	/** a flag to indicate to store the cookie in a file, default is false
	* NOTE: a value of true indicates that the cookie will be stored
	* on file system, which is useful while testing the consumer
	* without loading config partition
	*/
	private boolean storeCookieInFile = false;

	private static final String REPL_CONFIG_AREA = "ou=replProviders,ou=config";

	/** flag to indicate whether to chase referrals or not, default is false hence passes ManageDsaITControl with syncsearch request*/
	private boolean chaseReferrals = false;

	/** flag to indicate the use of TLS, default is true */
	private boolean useTls = true;

	/** flag to indicate the use of strict certificate verification, default is true */
	private boolean strictCertVerification = true;

	/** the X509 certificate trust manager used, default value set to {@link NoVerificationTrustManager} */
	private X509TrustManager trustManager = new NoVerificationTrustManager();


	public SyncreplConfiguration()
	{
	attributes = new HashSet<String>();
	attributes.add( SchemaConstants.ALL_USER_ATTRIBUTES );
	attributes.add( SchemaConstants.ENTRY_UUID_AT.toLowerCase() );
	attributes.add( SchemaConstants.ENTRY_CSN_AT.toLowerCase() );
	attributes.add( SchemaConstants.REF_AT.toLowerCase() );
	}


	/**
	* @return the providerHost
	*/
	public String getProviderHost()
	{
	return providerHost;
	}


	/**
	* @param providerHost the providerHost to set
	*/
	public void setProviderHost( String providerHost )
	{
	this.providerHost = providerHost;
	}


	/**
	* @return the port
	*/
	public int getPort()
	{
	return port;
	}


	/**
	* @param port the port to set
	*/
	public void setPort( int port )
	{
	this.port = port;
	}


	/**
	* @return the replication user's Dn
	*/
	public String getReplUserDn()
	{
	return replUserDn;
	}


	/**
	* @param replUserdDn the Dn of the replication user
	*/
	public void setReplUserDn( String replUserdDn )
	{
	this.replUserDn = replUserdDn;
	}


	/**
	* @return the replication user's password
	*/
	public String getReplUserPassword()
	{
	return Strings.utf8ToString(replUserPassword);
	}


	/**
	* @param replUserPassword the replication user's password
	*/
	public void setReplUserPassword( String replUserPassword )
	{
	setReplUserPassword( replUserPassword.getBytes() );
	}


	/**
	* @param replUserPassword the replication user's password
	*/
	public void setReplUserPassword( byte[] replUserPassword )
	{
	this.replUserPassword = replUserPassword;
	}


	/**
	* @return the refreshPersist
	*/
	public boolean isRefreshNPersist()
	{
	return refreshNPersist;
	}


	/**
	* @param refreshNPersist the falg indicating to run the consumer in refreshAndPersist mode
	*/
	public void setRefreshNPersist( boolean refreshNPersist )
	{
	this.refreshNPersist = refreshNPersist;
	}


	/**
	* @return the refresh interval
	*/
	public long getRefreshInterval()
	{
	return refreshInterval;
	}


	/**
	* @param refreshInterval the consumerInterval to set
	*/
	public void setRefreshInterval( long refreshInterval )
	{
	if ( refreshInterval <= 0 )
	{
	throw new IllegalArgumentException( "refresh interval should be more than zero" );
	}
	this.refreshInterval = refreshInterval;
	}


	/**
	* @return the baseDn
	*/
	public String getBaseDn()
	{
	return baseDn;
	}


	/**
	* @param baseDn the baseDn to set
	*/
	public void setBaseDn( String baseDn )
	{
	this.baseDn = baseDn;
	}


	/**
	* @return the filter
	*/
	public String getFilter()
	{
	return filter;
	}


	/**
	* @param filter the filter to set
	*/
	public void setFilter( String filter )
	{
	this.filter = filter;
	}


	/**
	* @return the attributes
	*/
	public String[] getAttributes()
	{
	return attributes.toArray( new String[]
	{} );
	}


	/**
	* @param attr the attributes to set
	*/
	public void setAttributes( String[] attr )
	{
	if ( attr == null )
	{
	throw new IllegalArgumentException( "attributes to be replicated cannot be null or empty" );
	}

	// if user specified some attributes then remove the * from attributes
	// NOTE: if the user specifies * in the given array that eventually gets added later
	if ( attr.length > 0 )
	{
	attributes.remove( SchemaConstants.ALL_USER_ATTRIBUTES );
	}

	for ( String at : attr )
	{
	at = at.trim();

	if ( !attributes.contains( at.toLowerCase() ) )
	{
	attributes.add( at );
	}
	}
	}


	/**
	* @return the searchSizeLimit
	*/
	public int getSearchSizeLimit()
	{
	return searchSizeLimit;
	}


	/**
	* @param searchSizeLimit the searchSizeLimit to set
	*/
	public void setSearchSizeLimit( int searchSizeLimit )
	{
	if ( searchTimeout < 0 )
	{
	throw new IllegalArgumentException( "search size limit value cannot be negative " + searchSizeLimit );
	}

	this.searchSizeLimit = searchSizeLimit;
	}


	/**
	* @return the searchTimeout
	*/
	public int getSearchTimeout()
	{
	return searchTimeout;
	}


	/**
	* @param searchTimeout the searchTimeout to set
	*/
	public void setSearchTimeout( int searchTimeout )
	{
	if ( searchTimeout < 0 )
	{
	throw new IllegalArgumentException( "search timeout value cannot be negative " + searchTimeout );
	}

	this.searchTimeout = searchTimeout;
	}


	/**
	* @return the searchScope
	*/
	public SearchScope getSearchScope()
	{
	return searchScope;
	}


	/**
	* @param searchScope the searchScope to set
	*/
	public void setSearchScope( SearchScope searchScope )
	{
	this.searchScope = searchScope;
	}


	/**
	* @return the replicaId
	*/
	public int getReplicaId()
	{
	return replicaId;
	}


	/**
	* @param replicaId the replicaId to set
	*/
	public void setReplicaId( int replicaId )
	{
	this.replicaId = replicaId;
	}


	public AliasDerefMode getAliasDerefMode()
	{
	return aliasDerefMode;
	}


	public void setAliasDerefMode( AliasDerefMode aliasDerefMode )
	{
	if ( aliasDerefMode != AliasDerefMode.NEVER_DEREF_ALIASES
	\|\| aliasDerefMode != AliasDerefMode.DEREF_FINDING_BASE_OBJ )
	{
	throw new IllegalArgumentException(
	"alias deref mode should only be set to either 'NEVER_DEREF_ALIASES' or 'DEREF_FINDING_BASE_OBJ'" );
	}

	this.aliasDerefMode = aliasDerefMode;
	}


	public byte[] getCookie()
	{
	return cookie;
	}


	public void setCookie( byte[] cookie )
	{
	this.cookie = cookie;
	}


	public boolean isStoreCookieInFile()
	{
	return storeCookieInFile;
	}


	public void setStoreCookieInFile( boolean storeCookieInFile )
	{
	this.storeCookieInFile = storeCookieInFile;
	}


	public boolean isChaseReferrals()
	{
	return chaseReferrals;
	}


	public void setChaseReferrals( boolean chaseReferrals )
	{
	if ( chaseReferrals )
	{
	throw new UnsupportedOperationException( "client-api currently doesn't support chasing referrals" );
	}

	this.chaseReferrals = chaseReferrals;
	}


	public String getConfigEntryDn()
	{
	return "ads-dsReplicaId=" + replicaId + "," + REPL_CONFIG_AREA;
	}


	public boolean isUseTls()
	{
	return useTls;
	}


	/**
	* set the option to turn on/off use of TLS
	*
	* @param useTls
	*/
	public void setUseTls( boolean useTls )
	{
	this.useTls = useTls;
	}


	public boolean isStrictCertVerification()
	{
	return strictCertVerification;
	}


	/**
	* set the strict certificate verification
	*
	* @param strictCertVerification
	*/
	public void setStrictCertVerification( boolean strictCertVerification )
	{
	if ( strictCertVerification )
	{
	trustManager = ReplicationTrustManager.getInstance();
	}
	else
	{
	trustManager = new NoVerificationTrustManager();
	}

	this.strictCertVerification = strictCertVerification;
	}


	public X509TrustManager getTrustManager()
	{
	return trustManager;
	}
	}