core/src/main/java/org/apache/ldap/server/jndi/DefaultContextFactoryService.java - directory-server - Git at Google

 /*
  *   Copyright 2004 The Apache Software Foundation
  *
  *   Licensed under the Apache License, Version 2.0 (the "License");
  *   you may not use this file except in compliance with the License.
  *   You may obtain a copy of the License at
  *
  *       http://www.apache.org/licenses/LICENSE-2.0
  *
  *   Unless required by applicable law or agreed to in writing, software
  *   distributed under the License is distributed on an "AS IS" BASIS,
  *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *   See the License for the specific language governing permissions and
  *   limitations under the License.
  *
  */
 package org.apache.ldap.server.jndi;

 import java.util.Hashtable;
 import java.util.Iterator;

 import javax.naming.Context;
 import javax.naming.Name;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;

 import org.apache.ldap.common.exception.LdapAuthenticationNotSupportedException;
 import org.apache.ldap.common.exception.LdapConfigurationException;
 import org.apache.ldap.common.exception.LdapNoPermissionException;
 import org.apache.ldap.common.message.LockableAttributesImpl;
 import org.apache.ldap.common.message.ResultCodeEnum;
 import org.apache.ldap.common.name.DnParser;
 import org.apache.ldap.common.name.LdapName;
 import org.apache.ldap.common.name.NameComponentNormalizer;
 import org.apache.ldap.common.util.DateUtils;
 import org.apache.ldap.server.configuration.Configuration;
 import org.apache.ldap.server.configuration.ConfigurationException;
 import org.apache.ldap.server.configuration.StartupConfiguration;
 import org.apache.ldap.server.interceptor.InterceptorChain;
 import org.apache.ldap.server.partition.ContextPartitionNexus;
 import org.apache.ldap.server.partition.DefaultContextPartitionNexus;
 import org.apache.ldap.server.schema.AttributeTypeRegistry;
 import org.apache.ldap.server.schema.ConcreteNameComponentNormalizer;
 import org.apache.ldap.server.schema.GlobalRegistries;
 import org.apache.ldap.server.schema.bootstrap.BootstrapRegistries;
 import org.apache.ldap.server.schema.bootstrap.BootstrapSchemaLoader;


 /**
  * Default implementation of {@link ContextFactoryService}.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$
  */
 class DefaultContextFactoryService implements ContextFactoryService
 {
     private final ContextFactoryConfiguration configuration = new DefaultContextFactoryConfiguration( this );

     private ContextFactoryServiceListener serviceListener;

     /** the initial context environment that fired up the backend subsystem */
     private Hashtable environment;

     /** the configuration */
     private StartupConfiguration startupConfiguration;

     /** the registries for system schema objects */
     private GlobalRegistries globalRegistries;

     /** the root nexus */
     private DefaultContextPartitionNexus partitionNexus;

     /** whether or not server is started for the first time */
     private boolean firstStart;

     /** The interceptor (or interceptor chain) for this service */
     private InterceptorChain interceptorChain;

     /** whether or not this instance has been shutdown */
     private boolean started = false;


     // ------------------------------------------------------------------------
     // Constructor
     // ------------------------------------------------------------------------

     /**
      * Creates a new instance.
      */
     public DefaultContextFactoryService()
     {
         // Register shutdown hook.
         Runtime.getRuntime().addShutdownHook( new Thread( new Runnable() {
             public void run()
             {
                 try
                 {
                     shutdown();
                 }
                 catch( NamingException e )
                 {
                     e.printStackTrace();
                 }
             }
         }, "ApacheDS Shutdown Hook" ) );
     }

     // ------------------------------------------------------------------------
     // BackendSubsystem Interface Method Implemetations
     // ------------------------------------------------------------------------

     public Context getJndiContext( String rootDN ) throws NamingException
     {
         return this.getJndiContext( null, null, "none", rootDN );
     }

     public synchronized Context getJndiContext( String principal, byte[] credential, String authentication, String rootDN ) throws NamingException
     {
         checkSecuritySettings( principal, credential, authentication );

         if ( !started )
         {
             return new DeadContext();
         }

         Hashtable environment = getEnvironment();
         if( principal != null )
         {
             environment.put( Context.SECURITY_PRINCIPAL, principal );
         }

         if( credential != null )
         {
             environment.put( Context.SECURITY_CREDENTIALS, credential );
         }

         if( authentication != null )
         {
             environment.put( Context.SECURITY_AUTHENTICATION, authentication );
         }

         if( rootDN == null )
         {
             rootDN = "";
         }
         environment.put( Context.PROVIDER_URL, rootDN );

         return new ServerLdapContext( this, environment );
     }

     public synchronized void startup( ContextFactoryServiceListener listener, Hashtable env ) throws NamingException
     {
         if( started )
         {
             return;
         }

         StartupConfiguration cfg = ( StartupConfiguration ) Configuration.toConfiguration( env );

         env.put( Context.PROVIDER_URL, "" );

         try
         {
             cfg.validate();
         }
         catch( ConfigurationException e )
         {
             NamingException ne = new LdapConfigurationException( "Invalid configuration." );
             ne.initCause( e );
             throw ne;
         }

         this.environment = env;
         this.startupConfiguration = cfg;

         listener.beforeStartup( this );
         try
         {
             initialize();
             firstStart = createBootstrapEntries();
             createTestEntries();
             this.serviceListener = listener;
             started = true;
         }
         finally
         {
             listener.afterStartup( this );
         }
     }

     public synchronized void sync() throws NamingException
     {
         if ( !started )
         {
             return;
         }

         serviceListener.beforeSync( this );
         try
         {
             this.partitionNexus.sync();
         }
         finally
         {
             serviceListener.afterSync( this );
         }
     }


     public synchronized void shutdown() throws NamingException
     {
         if ( !started )
         {
             return;
         }

         serviceListener.beforeShutdown( this );
         try
         {
             this.partitionNexus.sync();
             this.partitionNexus.destroy();
             this.interceptorChain.destroy();
             this.started = false;
         }
         finally
         {
             environment = null;
             interceptorChain = null;
             startupConfiguration = null;
             serviceListener.afterShutdown( this );
         }
     }

     public ContextFactoryConfiguration getConfiguration()
     {
         return configuration;
     }


     public Hashtable getEnvironment()
     {
         return ( Hashtable ) environment.clone();
     }

     public ContextFactoryServiceListener getServiceListener()
     {
         return serviceListener;
     }

     public StartupConfiguration getStartupConfiguration()
     {
         return startupConfiguration;
     }

     public GlobalRegistries getGlobalRegistries()
     {
         return globalRegistries;
     }

     public ContextPartitionNexus getPartitionNexus()
     {
         return partitionNexus;
     }

     public InterceptorChain getInterceptorChain()
     {
         return interceptorChain;
     }

     public boolean isFirstStart()
     {
         return firstStart;
     }

     public boolean isStarted()
     {
         return started;
     }

     /**
      * Checks to make sure security environment parameters are set correctly.
      *
      * @throws javax.naming.NamingException if the security settings are not correctly configured.
      */
     private void checkSecuritySettings( String principal, byte[] credential, String authentication ) throws NamingException
     {
         if( authentication == null )
         {
             authentication = "";
         }

         /*
          * If bind is simple make sure we have the credentials and the
          * principal name set within the environment, otherwise complain
          */
         if ( "simple".equalsIgnoreCase( authentication ) )
         {
             if ( credential == null )
             {
                 throw new LdapConfigurationException( "missing required "
                         + Context.SECURITY_CREDENTIALS + " property for simple authentication" );
             }

             if ( principal == null )
             {
                 throw new LdapConfigurationException( "missing required "
                         + Context.SECURITY_PRINCIPAL + " property for simple authentication" );
             }
         }
         /*
          * If bind is none make sure credentials and the principal
          * name are NOT set within the environment, otherwise complain
          */
         else if ( "none".equalsIgnoreCase( authentication ) )
         {
             if ( credential != null )
             {
                 throw new LdapConfigurationException( "ambiguous bind "
                         + "settings encountered where bind is anonymous yet "
                         + Context.SECURITY_CREDENTIALS + " property is set" );
             }
             if ( principal != null )
             {
                 throw new LdapConfigurationException( "ambiguous bind "
                         + "settings encountered where bind is anonymous yet "
                         + Context.SECURITY_PRINCIPAL + " property is set" );
             }

             if( !startupConfiguration.isAllowAnonymousAccess() )
             {
                 throw new LdapNoPermissionException( "Anonymous access disabled." );
             }
         }
         else
         {
             /*
              * If bind is anything other than simple or none we need to
              * complain because SASL is not a supported auth method yet
              */
             throw new LdapAuthenticationNotSupportedException( "Unknown authentication type: '" + authentication + "'", ResultCodeEnum.AUTHMETHODNOTSUPPORTED );
         }
     }


     /**
      * Returns true if we had to create the bootstrap entries on the first
      * start of the server.  Otherwise if all entries exist, meaning none
      * had to be created, then we are not starting for the first time.
      *
      * @throws javax.naming.NamingException
      */
     private boolean createBootstrapEntries() throws NamingException
     {
         boolean firstStart = false;

         // -------------------------------------------------------------------
         // create admin entry
         // -------------------------------------------------------------------

         /*
          * If the admin entry is there, then the database was already created
          */
         if ( !partitionNexus.hasEntry( ContextPartitionNexus.getAdminName() ) )
         {
             firstStart = true;

             Attributes attributes = new LockableAttributesImpl();
             attributes.put( "objectClass", "top" );
             attributes.put( "objectClass", "person" );
             attributes.put( "objectClass", "organizationalPerson" );
             attributes.put( "objectClass", "inetOrgPerson" );
             attributes.put( "uid", ContextPartitionNexus.ADMIN_UID );
             attributes.put( "userPassword", ContextPartitionNexus.ADMIN_PW );
             attributes.put( "displayName", "Directory Superuser" );
             attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
             attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
             attributes.put( "displayName", "Directory Superuser" );

             partitionNexus.add( ContextPartitionNexus.ADMIN_PRINCIPAL, ContextPartitionNexus.getAdminName(), attributes );
         }

         // -------------------------------------------------------------------
         // create system users area
         // -------------------------------------------------------------------

         if ( !partitionNexus.hasEntry( new LdapName( "ou=users,ou=system" ) ) )
         {
             firstStart = true;

             Attributes attributes = new LockableAttributesImpl();
             attributes.put( "objectClass", "top" );
             attributes.put( "objectClass", "organizationalUnit" );
             attributes.put( "ou", "users" );
             attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
             attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );

             partitionNexus.add( "ou=users,ou=system", new LdapName( "ou=users,ou=system" ), attributes );
         }

         // -------------------------------------------------------------------
         // create system groups area
         // -------------------------------------------------------------------

         if ( !partitionNexus.hasEntry( new LdapName( "ou=groups,ou=system" ) ) )
         {
             firstStart = true;

             Attributes attributes = new LockableAttributesImpl();
             attributes.put( "objectClass", "top" );
             attributes.put( "objectClass", "organizationalUnit" );
             attributes.put( "ou", "groups" );
             attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
             attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );

             partitionNexus.add( "ou=groups,ou=system", new LdapName( "ou=groups,ou=system" ), attributes );
         }

         // -------------------------------------------------------------------
         // create system preferences area
         // -------------------------------------------------------------------

         if ( !partitionNexus.hasEntry( new LdapName( "prefNodeName=sysPrefRoot,ou=system" ) ) )
         {
             firstStart = true;

             Attributes attributes = new LockableAttributesImpl();
             attributes.put( "objectClass", "top" );
             attributes.put( "objectClass", "prefNode" );
             attributes.put( "objectClass", "extensibleObject" );
             attributes.put( "prefNodeName", "sysPrefRoot" );
             attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
             attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );

             LdapName dn = new LdapName( "prefNodeName=sysPrefRoot,ou=system" );

             partitionNexus.add( "prefNodeName=sysPrefRoot,ou=system", dn, attributes );
         }

         return firstStart;
     }


     private void createTestEntries() throws NamingException
     {
         /*
          * Unfortunately to test non-root user startup of the core and make sure
          * all the appropriate functionality is there we need to load more user
          * entries at startup due to a chicken and egg like problem.  The value
          * of this property is a list of attributes to be added.
          */
         Iterator i = startupConfiguration.getTestEntries().iterator();
         while( i.hasNext() )
         {
             Attributes entry = ( Attributes ) i.next();
             entry.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
             entry.put( "createTimestamp", DateUtils.getGeneralizedTime() );

             Attribute dn = entry.remove( "dn" );
             AttributeTypeRegistry registry = globalRegistries.getAttributeTypeRegistry();
             NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( registry );
             DnParser parser = new DnParser( ncn );
             Name ndn = parser.parse( ( String ) dn.get() );

             partitionNexus.add( ( String ) dn.get(), ndn, entry );
         }
     }

     /**
      * Kicks off the initialization of the entire system.
      *
      * @throws javax.naming.NamingException if there are problems along the way
      */
     private void initialize() throws NamingException
     {
         // --------------------------------------------------------------------
         // Load the schema here and check that it is ok!
         // --------------------------------------------------------------------

         BootstrapRegistries bootstrapRegistries = new BootstrapRegistries();

         BootstrapSchemaLoader loader = new BootstrapSchemaLoader();
         loader.load( startupConfiguration.getBootstrapSchemas(), bootstrapRegistries );

         java.util.List errors = bootstrapRegistries.checkRefInteg();
         if ( !errors.isEmpty() )
         {
             NamingException e = new NamingException();

             e.setRootCause( ( Throwable ) errors.get( 0 ) );

             throw e;
         }

         globalRegistries = new GlobalRegistries( bootstrapRegistries );

         partitionNexus = new DefaultContextPartitionNexus( new LockableAttributesImpl() );
         partitionNexus.init( configuration, null );

         interceptorChain = new InterceptorChain();
         interceptorChain.init( configuration );
     }
 }
	/*
	* Copyright 2004 The Apache Software Foundation
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	*/
	package org.apache.ldap.server.jndi;

	import java.util.Hashtable;
	import java.util.Iterator;

	import javax.naming.Context;
	import javax.naming.Name;
	import javax.naming.NamingException;
	import javax.naming.directory.Attribute;
	import javax.naming.directory.Attributes;

	import org.apache.ldap.common.exception.LdapAuthenticationNotSupportedException;
	import org.apache.ldap.common.exception.LdapConfigurationException;
	import org.apache.ldap.common.exception.LdapNoPermissionException;
	import org.apache.ldap.common.message.LockableAttributesImpl;
	import org.apache.ldap.common.message.ResultCodeEnum;
	import org.apache.ldap.common.name.DnParser;
	import org.apache.ldap.common.name.LdapName;
	import org.apache.ldap.common.name.NameComponentNormalizer;
	import org.apache.ldap.common.util.DateUtils;
	import org.apache.ldap.server.configuration.Configuration;
	import org.apache.ldap.server.configuration.ConfigurationException;
	import org.apache.ldap.server.configuration.StartupConfiguration;
	import org.apache.ldap.server.interceptor.InterceptorChain;
	import org.apache.ldap.server.partition.ContextPartitionNexus;
	import org.apache.ldap.server.partition.DefaultContextPartitionNexus;
	import org.apache.ldap.server.schema.AttributeTypeRegistry;
	import org.apache.ldap.server.schema.ConcreteNameComponentNormalizer;
	import org.apache.ldap.server.schema.GlobalRegistries;
	import org.apache.ldap.server.schema.bootstrap.BootstrapRegistries;
	import org.apache.ldap.server.schema.bootstrap.BootstrapSchemaLoader;


	/**
	* Default implementation of {@link ContextFactoryService}.
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	* @version $Rev$
	*/
	class DefaultContextFactoryService implements ContextFactoryService
	{
	private final ContextFactoryConfiguration configuration = new DefaultContextFactoryConfiguration( this );

	private ContextFactoryServiceListener serviceListener;

	/** the initial context environment that fired up the backend subsystem */
	private Hashtable environment;

	/** the configuration */
	private StartupConfiguration startupConfiguration;

	/** the registries for system schema objects */
	private GlobalRegistries globalRegistries;

	/** the root nexus */
	private DefaultContextPartitionNexus partitionNexus;

	/** whether or not server is started for the first time */
	private boolean firstStart;

	/** The interceptor (or interceptor chain) for this service */
	private InterceptorChain interceptorChain;

	/** whether or not this instance has been shutdown */
	private boolean started = false;


	// ------------------------------------------------------------------------
	// Constructor
	// ------------------------------------------------------------------------

	/**
	* Creates a new instance.
	*/
	public DefaultContextFactoryService()
	{
	// Register shutdown hook.
	Runtime.getRuntime().addShutdownHook( new Thread( new Runnable() {
	public void run()
	{
	try
	{
	shutdown();
	}
	catch( NamingException e )
	{
	e.printStackTrace();
	}
	}
	}, "ApacheDS Shutdown Hook" ) );
	}

	// ------------------------------------------------------------------------
	// BackendSubsystem Interface Method Implemetations
	// ------------------------------------------------------------------------

	public Context getJndiContext( String rootDN ) throws NamingException
	{
	return this.getJndiContext( null, null, "none", rootDN );
	}

	public synchronized Context getJndiContext( String principal, byte[] credential, String authentication, String rootDN ) throws NamingException
	{
	checkSecuritySettings( principal, credential, authentication );

	if ( !started )
	{
	return new DeadContext();
	}

	Hashtable environment = getEnvironment();
	if( principal != null )
	{
	environment.put( Context.SECURITY_PRINCIPAL, principal );
	}

	if( credential != null )
	{
	environment.put( Context.SECURITY_CREDENTIALS, credential );
	}

	if( authentication != null )
	{
	environment.put( Context.SECURITY_AUTHENTICATION, authentication );
	}

	if( rootDN == null )
	{
	rootDN = "";
	}
	environment.put( Context.PROVIDER_URL, rootDN );

	return new ServerLdapContext( this, environment );
	}

	public synchronized void startup( ContextFactoryServiceListener listener, Hashtable env ) throws NamingException
	{
	if( started )
	{
	return;
	}

	StartupConfiguration cfg = ( StartupConfiguration ) Configuration.toConfiguration( env );

	env.put( Context.PROVIDER_URL, "" );

	try
	{
	cfg.validate();
	}
	catch( ConfigurationException e )
	{
	NamingException ne = new LdapConfigurationException( "Invalid configuration." );
	ne.initCause( e );
	throw ne;
	}

	this.environment = env;
	this.startupConfiguration = cfg;

	listener.beforeStartup( this );
	try
	{
	initialize();
	firstStart = createBootstrapEntries();
	createTestEntries();
	this.serviceListener = listener;
	started = true;
	}
	finally
	{
	listener.afterStartup( this );
	}
	}

	public synchronized void sync() throws NamingException
	{
	if ( !started )
	{
	return;
	}

	serviceListener.beforeSync( this );
	try
	{
	this.partitionNexus.sync();
	}
	finally
	{
	serviceListener.afterSync( this );
	}
	}


	public synchronized void shutdown() throws NamingException
	{
	if ( !started )
	{
	return;
	}

	serviceListener.beforeShutdown( this );
	try
	{
	this.partitionNexus.sync();
	this.partitionNexus.destroy();
	this.interceptorChain.destroy();
	this.started = false;
	}
	finally
	{
	environment = null;
	interceptorChain = null;
	startupConfiguration = null;
	serviceListener.afterShutdown( this );
	}
	}

	public ContextFactoryConfiguration getConfiguration()
	{
	return configuration;
	}


	public Hashtable getEnvironment()
	{
	return ( Hashtable ) environment.clone();
	}

	public ContextFactoryServiceListener getServiceListener()
	{
	return serviceListener;
	}

	public StartupConfiguration getStartupConfiguration()
	{
	return startupConfiguration;
	}

	public GlobalRegistries getGlobalRegistries()
	{
	return globalRegistries;
	}

	public ContextPartitionNexus getPartitionNexus()
	{
	return partitionNexus;
	}

	public InterceptorChain getInterceptorChain()
	{
	return interceptorChain;
	}

	public boolean isFirstStart()
	{
	return firstStart;
	}

	public boolean isStarted()
	{
	return started;
	}

	/**
	* Checks to make sure security environment parameters are set correctly.
	*
	* @throws javax.naming.NamingException if the security settings are not correctly configured.
	*/
	private void checkSecuritySettings( String principal, byte[] credential, String authentication ) throws NamingException
	{
	if( authentication == null )
	{
	authentication = "";
	}

	/*
	* If bind is simple make sure we have the credentials and the
	* principal name set within the environment, otherwise complain
	*/
	if ( "simple".equalsIgnoreCase( authentication ) )
	{
	if ( credential == null )
	{
	throw new LdapConfigurationException( "missing required "
	+ Context.SECURITY_CREDENTIALS + " property for simple authentication" );
	}

	if ( principal == null )
	{
	throw new LdapConfigurationException( "missing required "
	+ Context.SECURITY_PRINCIPAL + " property for simple authentication" );
	}
	}
	/*
	* If bind is none make sure credentials and the principal
	* name are NOT set within the environment, otherwise complain
	*/
	else if ( "none".equalsIgnoreCase( authentication ) )
	{
	if ( credential != null )
	{
	throw new LdapConfigurationException( "ambiguous bind "
	+ "settings encountered where bind is anonymous yet "
	+ Context.SECURITY_CREDENTIALS + " property is set" );
	}
	if ( principal != null )
	{
	throw new LdapConfigurationException( "ambiguous bind "
	+ "settings encountered where bind is anonymous yet "
	+ Context.SECURITY_PRINCIPAL + " property is set" );
	}

	if( !startupConfiguration.isAllowAnonymousAccess() )
	{
	throw new LdapNoPermissionException( "Anonymous access disabled." );
	}
	}
	else
	{
	/*
	* If bind is anything other than simple or none we need to
	* complain because SASL is not a supported auth method yet
	*/
	throw new LdapAuthenticationNotSupportedException( "Unknown authentication type: '" + authentication + "'", ResultCodeEnum.AUTHMETHODNOTSUPPORTED );
	}
	}


	/**
	* Returns true if we had to create the bootstrap entries on the first
	* start of the server. Otherwise if all entries exist, meaning none
	* had to be created, then we are not starting for the first time.
	*
	* @throws javax.naming.NamingException
	*/
	private boolean createBootstrapEntries() throws NamingException
	{
	boolean firstStart = false;

	// -------------------------------------------------------------------
	// create admin entry
	// -------------------------------------------------------------------

	/*
	* If the admin entry is there, then the database was already created
	*/
	if ( !partitionNexus.hasEntry( ContextPartitionNexus.getAdminName() ) )
	{
	firstStart = true;

	Attributes attributes = new LockableAttributesImpl();
	attributes.put( "objectClass", "top" );
	attributes.put( "objectClass", "person" );
	attributes.put( "objectClass", "organizationalPerson" );
	attributes.put( "objectClass", "inetOrgPerson" );
	attributes.put( "uid", ContextPartitionNexus.ADMIN_UID );
	attributes.put( "userPassword", ContextPartitionNexus.ADMIN_PW );
	attributes.put( "displayName", "Directory Superuser" );
	attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
	attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
	attributes.put( "displayName", "Directory Superuser" );

	partitionNexus.add( ContextPartitionNexus.ADMIN_PRINCIPAL, ContextPartitionNexus.getAdminName(), attributes );
	}

	// -------------------------------------------------------------------
	// create system users area
	// -------------------------------------------------------------------

	if ( !partitionNexus.hasEntry( new LdapName( "ou=users,ou=system" ) ) )
	{
	firstStart = true;

	Attributes attributes = new LockableAttributesImpl();
	attributes.put( "objectClass", "top" );
	attributes.put( "objectClass", "organizationalUnit" );
	attributes.put( "ou", "users" );
	attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
	attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );

	partitionNexus.add( "ou=users,ou=system", new LdapName( "ou=users,ou=system" ), attributes );
	}

	// -------------------------------------------------------------------
	// create system groups area
	// -------------------------------------------------------------------

	if ( !partitionNexus.hasEntry( new LdapName( "ou=groups,ou=system" ) ) )
	{
	firstStart = true;

	Attributes attributes = new LockableAttributesImpl();
	attributes.put( "objectClass", "top" );
	attributes.put( "objectClass", "organizationalUnit" );
	attributes.put( "ou", "groups" );
	attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
	attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );

	partitionNexus.add( "ou=groups,ou=system", new LdapName( "ou=groups,ou=system" ), attributes );
	}

	// -------------------------------------------------------------------
	// create system preferences area
	// -------------------------------------------------------------------

	if ( !partitionNexus.hasEntry( new LdapName( "prefNodeName=sysPrefRoot,ou=system" ) ) )
	{
	firstStart = true;

	Attributes attributes = new LockableAttributesImpl();
	attributes.put( "objectClass", "top" );
	attributes.put( "objectClass", "prefNode" );
	attributes.put( "objectClass", "extensibleObject" );
	attributes.put( "prefNodeName", "sysPrefRoot" );
	attributes.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
	attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );

	LdapName dn = new LdapName( "prefNodeName=sysPrefRoot,ou=system" );

	partitionNexus.add( "prefNodeName=sysPrefRoot,ou=system", dn, attributes );
	}

	return firstStart;
	}


	private void createTestEntries() throws NamingException
	{
	/*
	* Unfortunately to test non-root user startup of the core and make sure
	* all the appropriate functionality is there we need to load more user
	* entries at startup due to a chicken and egg like problem. The value
	* of this property is a list of attributes to be added.
	*/
	Iterator i = startupConfiguration.getTestEntries().iterator();
	while( i.hasNext() )
	{
	Attributes entry = ( Attributes ) i.next();
	entry.put( "creatorsName", ContextPartitionNexus.ADMIN_PRINCIPAL );
	entry.put( "createTimestamp", DateUtils.getGeneralizedTime() );

	Attribute dn = entry.remove( "dn" );
	AttributeTypeRegistry registry = globalRegistries.getAttributeTypeRegistry();
	NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( registry );
	DnParser parser = new DnParser( ncn );
	Name ndn = parser.parse( ( String ) dn.get() );

	partitionNexus.add( ( String ) dn.get(), ndn, entry );
	}
	}

	/**
	* Kicks off the initialization of the entire system.
	*
	* @throws javax.naming.NamingException if there are problems along the way
	*/
	private void initialize() throws NamingException
	{
	// --------------------------------------------------------------------
	// Load the schema here and check that it is ok!
	// --------------------------------------------------------------------

	BootstrapRegistries bootstrapRegistries = new BootstrapRegistries();

	BootstrapSchemaLoader loader = new BootstrapSchemaLoader();
	loader.load( startupConfiguration.getBootstrapSchemas(), bootstrapRegistries );

	java.util.List errors = bootstrapRegistries.checkRefInteg();
	if ( !errors.isEmpty() )
	{
	NamingException e = new NamingException();

	e.setRootCause( ( Throwable ) errors.get( 0 ) );

	throw e;
	}

	globalRegistries = new GlobalRegistries( bootstrapRegistries );

	partitionNexus = new DefaultContextPartitionNexus( new LockableAttributesImpl() );
	partitionNexus.init( configuration, null );

	interceptorChain = new InterceptorChain();
	interceptorChain.init( configuration );
	}
	}