trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/replication/SyncReplConfiguration.java - directory-server - Git at Google

 /*
  *  Licensed to the Apache Software Foundation (ASF) under one
  *  or more contributor license agreements.  See the NOTICE file
  *  distributed with this work for additional information
  *  regarding copyright ownership.  The ASF licenses this file
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
  *
  *    http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License.
  *
  */
 package org.apache.directory.server.ldap.replication;


 import java.util.HashSet;
 import java.util.Set;

 import javax.net.ssl.X509TrustManager;

 import org.apache.directory.api.ldap.model.constants.SchemaConstants;
 import org.apache.directory.api.ldap.model.message.AliasDerefMode;
 import org.apache.directory.api.ldap.model.message.SearchScope;
 import org.apache.directory.api.ldap.model.name.Dn;
 import org.apache.directory.ldap.client.api.NoVerificationTrustManager;


 /**
  * A class for holding the syncrepl consumer's configuration. the following parameters
  * are part of the Syncrepl Consumer configuration :<br>
  * <ul>
  *   <li>remoteHost : the remote server's name, defaults to 'localhost'</li>
  *   <li>remotePort : the remote server's LDAP port, defaults to 10389</li>
  *   <li>replUserDn : The replication User's DN</li>
  *   <li>replUserPassword : The replication User's password</li>
  *   <li>refreshNPersist : the replication mode, defaults to 'true'</li>
  *   <li>refreshInterval : the interval between replications when in refreshOnly mode, defaults to 60s</li>
  *   <li>baseDn : the base from which to fetch entries on the remote server</li>
  *   <li>filter : the filter to select entries,defaults to (ObjectClass=*)</li>
  *   <li>attributes : the list of attributes to replicate, defaults to all</li>
  *   <li>searchSizeLimit : the maximum number of entries to fetch, defaults to no limit</li>
  *   <li>searchTimeout : the maximum delay to wait for entries, defaults to no limit</li>
  *   <li>searchScope : the scope, defaults to SUBTREE</li>
  *   <li>aliasDerefMode : set the aliss derefence policy, defaults to NEVER </li>
  *   <li>replicaId : the replica identifier</li>
  *   <li>configEntryDn : the configuration entry's DN</li>
  *   <li>chaseReferrals : tells if we chase referrals, defaults to false</li>
  *   <li>cookie : the replication cookie</li>
  *   <li>useTls : the connection uses TLS, defaults to true</li>
  *   <li>strictCertVerification : strictly verify the certificate, defaults to true</li>
  *   <li>trustManager : the trustManager to use, defaults to @link{NoVerificationTrustManager}</li>
  *   <li></li>
  * </ul>
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
 public class SyncReplConfiguration implements ReplicationConsumerConfig
 {
     /** host name of the syncrepl remote server, default value is localhost */
     private String remoteHost = "localhost";

     /** port number of the syncrepl provider server, default is 10389 */
     private int remotePort = 10389;

     /** The producer, as <host>:<port> */
     private String producer = remoteHost + ":" + remotePort;

     /** replication user's Dn */
     private String replUserDn;

     /** password for binding with replication user dn */
     private byte[] replUserPassword;

     /** flag to represent refresh and persist or refresh only mode, defaults to true */
     private boolean refreshNPersist = true;

     /** time interval for successive sync requests, default is 60 seconds */
     private long refreshInterval = 60 * 1000;

     /** the base Dn whose content will be searched for replicating */
     private String baseDn;

     /** the ldap filter for fetching the entries, default value is (objectClass=*) */
     private String filter = "(objectClass=*)";

     /** names of attributes to be replicated, default value is all user attributes */
     private Set<String> attributes;

     /** the maximum number of search results to be fetched
      * default value is 0 (i.e no limit) */
     private int searchSizeLimit = 0;

     /** the timeout value to be used while doing a search
      * default value is 0 (i.e no limit)*/
     private int searchTimeout = 0;

     /** the search scope, default is sub tree level */
     private SearchScope searchScope = SearchScope.SUBTREE;

     /** alias dereferencing mode, default is set to 'never deref aliases' */
     private AliasDerefMode aliasDerefMode = AliasDerefMode.NEVER_DEREF_ALIASES;

     /** the cookie received from server */
     private byte[] cookie;

     /** the replica's id */
     private int replicaId;

     /** The configuration entry DN */
     private Dn configEntryDn = null;

     /** flag to indicate whether to chase referrals or not, default is false hence passes ManageDsaITControl with syncsearch request*/
     private boolean chaseReferrals = false;

     /** flag to indicate the use of TLS, default is true */
     private boolean useTls = true;

     /** flag to indicate the use of strict certificate verification, default is true */
     private boolean strictCertVerification = true;

     /** the X509 certificate trust manager used, default value set to {@link NoVerificationTrustManager} */
     private X509TrustManager trustManager = new NoVerificationTrustManager();

     /** flag to indicate if this node is part of a MMR setup, default value is true */
     private boolean mmrMode = true;


     /**
      * Creates a new instance of SyncreplConfiguration
      */
     public SyncReplConfiguration()
     {
         attributes = new HashSet<String>();
         // the default list of attributes
         attributes.add( SchemaConstants.ALL_USER_ATTRIBUTES );
     }


     /**
      * @return the remote Host
      */
     public String getRemoteHost()
     {
         return remoteHost;
     }


     /**
      * @param remoteHost the remote Host to set
      */
     public void setRemoteHost( String remoteHost )
     {
         this.remoteHost = remoteHost;
         producer = remoteHost + ":" + remotePort;
     }


     /**
      * A convenient method that concatenates the host and port of the producer
      * @return The <host>:<port> the consumer is connected to
      */
     public String getProducer()
     {
         return producer;
     }


     /**
      * @return the port
      */
     public int getRemotePort()
     {
         return remotePort;
     }


     /**
      * @param remotePort the remote port to set
      */
     public void setRemotePort( int remotePort )
     {
         this.remotePort = remotePort;
         producer = remoteHost + ":" + remotePort;
     }


     /**
      * @return the replication user's Dn
      */
     public String getReplUserDn()
     {
         return replUserDn;
     }


     /**
      * @param replUserdDn the Dn of the replication user
      */
     public void setReplUserDn( String replUserdDn )
     {
         this.replUserDn = replUserdDn;
     }


     /**
      * @return the replication user's password
      */
     public byte[] getReplUserPassword()
     {
         return replUserPassword;
     }


     /**
      * @param replUserPassword the replication user's password
      */
     public void setReplUserPassword( byte[] replUserPassword )
     {
         this.replUserPassword = replUserPassword;
     }


     /**
      * @return the refreshPersist
      */
     public boolean isRefreshNPersist()
     {
         return refreshNPersist;
     }


     /**
      * @param refreshNPersist the falg indicating to run the consumer in refreshAndPersist mode
      */
     public void setRefreshNPersist( boolean refreshNPersist )
     {
         this.refreshNPersist = refreshNPersist;
     }


     /**
      * @return the refresh interval
      */
     public long getRefreshInterval()
     {
         return refreshInterval;
     }


     /**
      * @param refreshInterval the consumerInterval to set
      */
     public void setRefreshInterval( long refreshInterval )
     {
         if ( refreshInterval <= 0 )
         {
             throw new IllegalArgumentException( "refresh interval should be more than zero" );
         }
         this.refreshInterval = refreshInterval;
     }


     /**
      * @return the baseDn
      */
     public String getBaseDn()
     {
         return baseDn;
     }


     /**
      * @param baseDn the baseDn to set
      */
     public void setBaseDn( String baseDn )
     {
         this.baseDn = baseDn;
     }


     /**
      * @return the filter
      */
     public String getFilter()
     {
         return filter;
     }


     /**
      * @param filter the filter to set
      */
     public void setFilter( String filter )
     {
         this.filter = filter;
     }


     /**
      * @return the attributes
      */
     public String[] getAttributes()
     {
         return attributes.toArray( new String[]
             {} );
     }


     /**
      * @param attrs the attributes to set
      */
     public void setAttributes( String[] attrs )
     {
         attributes.clear();

         for ( String attr : attrs )
         {
             attributes.add( attr );
         }
     }


     /**
      * @return the searchSizeLimit
      */
     public int getSearchSizeLimit()
     {
         return searchSizeLimit;
     }


     /**
      * @param searchSizeLimit the searchSizeLimit to set
      */
     public void setSearchSizeLimit( int searchSizeLimit )
     {
         if ( searchTimeout < 0 )
         {
             throw new IllegalArgumentException( "search size limit value cannot be negative " + searchSizeLimit );
         }

         this.searchSizeLimit = searchSizeLimit;
     }


     /**
      * @return the searchTimeout
      */
     public int getSearchTimeout()
     {
         return searchTimeout;
     }


     /**
      * @param searchTimeout the searchTimeout to set
      */
     public void setSearchTimeout( int searchTimeout )
     {
         if ( searchTimeout < 0 )
         {
             throw new IllegalArgumentException( "search timeout value cannot be negative " + searchTimeout );
         }

         this.searchTimeout = searchTimeout;
     }


     /**
      * @return the searchScope
      */
     public SearchScope getSearchScope()
     {
         return searchScope;
     }


     /**
      * @param searchScope the searchScope to set
      */
     public void setSearchScope( SearchScope searchScope )
     {
         this.searchScope = searchScope;
     }


     /**
      * @return the replicaId
      */
     public int getReplicaId()
     {
         return replicaId;
     }


     /**
      * @param replicaId the replicaId to set
      */
     public void setReplicaId( int replicaId )
     {
         this.replicaId = replicaId;
     }


     /**
      * @return The ALiasDerefMode parameter
      */
     public AliasDerefMode getAliasDerefMode()
     {
         return aliasDerefMode;
     }


     /**
      * @param aliasDerefMode Should be either NEVER_DEREF_ALIASES or DEREF_FINDING_BASE_OBJ
      */
     public void setAliasDerefMode( AliasDerefMode aliasDerefMode )
     {
         if ( aliasDerefMode != AliasDerefMode.NEVER_DEREF_ALIASES
             && aliasDerefMode != AliasDerefMode.DEREF_FINDING_BASE_OBJ )
         {
             throw new IllegalArgumentException(
                 "alias deref mode should only be set to either 'NEVER_DEREF_ALIASES' or 'DEREF_FINDING_BASE_OBJ'" );
         }

         this.aliasDerefMode = aliasDerefMode;
     }


     /**
      * @return The replication cookie
      */
     public byte[] getCookie()
     {
         return cookie;
     }


     /**
      * @param cookie The cookie to set
      */
     public void setCookie( byte[] cookie )
     {
         this.cookie = cookie;
     }


     /**
      * Tells if we chase referrals
      * @return true if we chase referals
      */
     public boolean isChaseReferrals()
     {
         return chaseReferrals;
     }


     /**
      * @param chaseReferrals Lust be false, always.
      */
     public void setChaseReferrals( boolean chaseReferrals )
     {
         if ( chaseReferrals )
         {
             throw new UnsupportedOperationException( "client-api currently doesn't support chasing referrals" );
         }

         this.chaseReferrals = chaseReferrals;
     }


     /**
      * @return The DN of the configuration entry
      */
     public Dn getConfigEntryDn()
     {
         return configEntryDn;
     }


     /**
      * @return true if we use TLS
      */
     public boolean isUseTls()
     {
         return useTls;
     }


     /**
      * set the option to turn on/off use of TLS
      *
      * @param useTls
      */
     public void setUseTls( boolean useTls )
     {
         this.useTls = useTls;
     }


     /**
      * @return true if the certificate verification is enforced
      */
     public boolean isStrictCertVerification()
     {
         return strictCertVerification;
     }


     /**
      * set the strict certificate verification
      *
      * @param strictCertVerification
      */
     public void setStrictCertVerification( boolean strictCertVerification )
     {
         if ( strictCertVerification )
         {
             trustManager = ReplicationTrustManager.getInstance();
         }
         else
         {
             trustManager = new NoVerificationTrustManager();
         }

         this.strictCertVerification = strictCertVerification;
     }


     /**
      * @return The Trustmanager instance
      */
     public X509TrustManager getTrustManager()
     {
         return trustManager;
     }


     /**
      * @param configEntryDn the configEntryDn to set
      */
     public void setConfigEntryDn( Dn configEntryDn )
     {
         this.configEntryDn = configEntryDn;
     }


     /**
      * @return true if this node is part of MMR setup
      */
     public boolean isMmrMode()
     {
         return mmrMode;
     }


     /**
      * enable/disable MMR option
      *
      * @param mmrMode
      */
     public void setMmrMode( boolean mmrMode )
     {
         this.mmrMode = mmrMode;
     }


     public String toString()
     {
         StringBuilder sb = new StringBuilder();

         sb.append( "[" );
         sb.append( "rid:" ).append( replicaId ).append( ", " );
         sb.append( "base:'" ).append( baseDn ).append( "', " );
         sb.append( "filter:" ).append( filter ).append( ", " );
         sb.append( "scope:" ).append( searchScope ).append( ", " );
         sb.append( "alias:" ).append( aliasDerefMode ).append( ", " );
         sb.append( "chase referrals:" ).append( chaseReferrals ).append( ", " );

         boolean isFirst = true;

         if ( attributes != null )
         {
             sb.append( "attributes:{" );

             for ( String attribute : attributes )
             {
                 if ( isFirst )
                 {
                     isFirst = false;
                 }
                 else
                 {
                     sb.append( "/" );
                 }

                 sb.append( attribute );
             }

             sb.append( "}, " );
         }

         if ( refreshNPersist )
         {
             sb.append( "refresh:" ).append( refreshInterval ).append( ", " );
         }
         else
         {
             sb.append( "refreshOnly, " );
         }

         if ( mmrMode )
         {
             sb.append( "MMR, " );
         }
         else
         {
             sb.append( "MS, " );
         }

         sb.append( "provider:" ).append( producer ).append( ", " );
         sb.append( "user:'" ).append( replUserDn ).append( "', " );

         if ( strictCertVerification )
         {
             sb.append( "strict" ).append( ", " );
         }

         sb.append( "TLS:" ).append( useTls ).append( "]" );

         return sb.toString();
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/
	package org.apache.directory.server.ldap.replication;


	import java.util.HashSet;
	import java.util.Set;

	import javax.net.ssl.X509TrustManager;

	import org.apache.directory.api.ldap.model.constants.SchemaConstants;
	import org.apache.directory.api.ldap.model.message.AliasDerefMode;
	import org.apache.directory.api.ldap.model.message.SearchScope;
	import org.apache.directory.api.ldap.model.name.Dn;
	import org.apache.directory.ldap.client.api.NoVerificationTrustManager;


	/**
	* A class for holding the syncrepl consumer's configuration. the following parameters
	* are part of the Syncrepl Consumer configuration :<br>
	* <ul>
	* <li>remoteHost : the remote server's name, defaults to 'localhost'</li>
	* <li>remotePort : the remote server's LDAP port, defaults to 10389</li>
	* <li>replUserDn : The replication User's DN</li>
	* <li>replUserPassword : The replication User's password</li>
	* <li>refreshNPersist : the replication mode, defaults to 'true'</li>
	* <li>refreshInterval : the interval between replications when in refreshOnly mode, defaults to 60s</li>
	* <li>baseDn : the base from which to fetch entries on the remote server</li>
	* <li>filter : the filter to select entries,defaults to (ObjectClass=*)</li>
	* <li>attributes : the list of attributes to replicate, defaults to all</li>
	* <li>searchSizeLimit : the maximum number of entries to fetch, defaults to no limit</li>
	* <li>searchTimeout : the maximum delay to wait for entries, defaults to no limit</li>
	* <li>searchScope : the scope, defaults to SUBTREE</li>
	* <li>aliasDerefMode : set the aliss derefence policy, defaults to NEVER </li>
	* <li>replicaId : the replica identifier</li>
	* <li>configEntryDn : the configuration entry's DN</li>
	* <li>chaseReferrals : tells if we chase referrals, defaults to false</li>
	* <li>cookie : the replication cookie</li>
	* <li>useTls : the connection uses TLS, defaults to true</li>
	* <li>strictCertVerification : strictly verify the certificate, defaults to true</li>
	* <li>trustManager : the trustManager to use, defaults to @link{NoVerificationTrustManager}</li>
	* <li></li>
	* </ul>
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	*/
	public class SyncReplConfiguration implements ReplicationConsumerConfig
	{
	/** host name of the syncrepl remote server, default value is localhost */
	private String remoteHost = "localhost";

	/** port number of the syncrepl provider server, default is 10389 */
	private int remotePort = 10389;

	/** The producer, as <host>:<port> */
	private String producer = remoteHost + ":" + remotePort;

	/** replication user's Dn */
	private String replUserDn;

	/** password for binding with replication user dn */
	private byte[] replUserPassword;

	/** flag to represent refresh and persist or refresh only mode, defaults to true */
	private boolean refreshNPersist = true;

	/** time interval for successive sync requests, default is 60 seconds */
	private long refreshInterval = 60 * 1000;

	/** the base Dn whose content will be searched for replicating */
	private String baseDn;

	/** the ldap filter for fetching the entries, default value is (objectClass=) /
	private String filter = "(objectClass=*)";

	/** names of attributes to be replicated, default value is all user attributes */
	private Set<String> attributes;

	/** the maximum number of search results to be fetched
	* default value is 0 (i.e no limit) */
	private int searchSizeLimit = 0;

	/** the timeout value to be used while doing a search
	* default value is 0 (i.e no limit)*/
	private int searchTimeout = 0;

	/** the search scope, default is sub tree level */
	private SearchScope searchScope = SearchScope.SUBTREE;

	/** alias dereferencing mode, default is set to 'never deref aliases' */
	private AliasDerefMode aliasDerefMode = AliasDerefMode.NEVER_DEREF_ALIASES;

	/** the cookie received from server */
	private byte[] cookie;

	/** the replica's id */
	private int replicaId;

	/** The configuration entry DN */
	private Dn configEntryDn = null;

	/** flag to indicate whether to chase referrals or not, default is false hence passes ManageDsaITControl with syncsearch request*/
	private boolean chaseReferrals = false;

	/** flag to indicate the use of TLS, default is true */
	private boolean useTls = true;

	/** flag to indicate the use of strict certificate verification, default is true */
	private boolean strictCertVerification = true;

	/** the X509 certificate trust manager used, default value set to {@link NoVerificationTrustManager} */
	private X509TrustManager trustManager = new NoVerificationTrustManager();

	/** flag to indicate if this node is part of a MMR setup, default value is true */
	private boolean mmrMode = true;


	/**
	* Creates a new instance of SyncreplConfiguration
	*/
	public SyncReplConfiguration()
	{
	attributes = new HashSet<String>();
	// the default list of attributes
	attributes.add( SchemaConstants.ALL_USER_ATTRIBUTES );
	}


	/**
	* @return the remote Host
	*/
	public String getRemoteHost()
	{
	return remoteHost;
	}


	/**
	* @param remoteHost the remote Host to set
	*/
	public void setRemoteHost( String remoteHost )
	{
	this.remoteHost = remoteHost;
	producer = remoteHost + ":" + remotePort;
	}


	/**
	* A convenient method that concatenates the host and port of the producer
	* @return The <host>:<port> the consumer is connected to
	*/
	public String getProducer()
	{
	return producer;
	}


	/**
	* @return the port
	*/
	public int getRemotePort()
	{
	return remotePort;
	}


	/**
	* @param remotePort the remote port to set
	*/
	public void setRemotePort( int remotePort )
	{
	this.remotePort = remotePort;
	producer = remoteHost + ":" + remotePort;
	}


	/**
	* @return the replication user's Dn
	*/
	public String getReplUserDn()
	{
	return replUserDn;
	}


	/**
	* @param replUserdDn the Dn of the replication user
	*/
	public void setReplUserDn( String replUserdDn )
	{
	this.replUserDn = replUserdDn;
	}


	/**
	* @return the replication user's password
	*/
	public byte[] getReplUserPassword()
	{
	return replUserPassword;
	}


	/**
	* @param replUserPassword the replication user's password
	*/
	public void setReplUserPassword( byte[] replUserPassword )
	{
	this.replUserPassword = replUserPassword;
	}


	/**
	* @return the refreshPersist
	*/
	public boolean isRefreshNPersist()
	{
	return refreshNPersist;
	}


	/**
	* @param refreshNPersist the falg indicating to run the consumer in refreshAndPersist mode
	*/
	public void setRefreshNPersist( boolean refreshNPersist )
	{
	this.refreshNPersist = refreshNPersist;
	}


	/**
	* @return the refresh interval
	*/
	public long getRefreshInterval()
	{
	return refreshInterval;
	}


	/**
	* @param refreshInterval the consumerInterval to set
	*/
	public void setRefreshInterval( long refreshInterval )
	{
	if ( refreshInterval <= 0 )
	{
	throw new IllegalArgumentException( "refresh interval should be more than zero" );
	}
	this.refreshInterval = refreshInterval;
	}


	/**
	* @return the baseDn
	*/
	public String getBaseDn()
	{
	return baseDn;
	}


	/**
	* @param baseDn the baseDn to set
	*/
	public void setBaseDn( String baseDn )
	{
	this.baseDn = baseDn;
	}


	/**
	* @return the filter
	*/
	public String getFilter()
	{
	return filter;
	}


	/**
	* @param filter the filter to set
	*/
	public void setFilter( String filter )
	{
	this.filter = filter;
	}


	/**
	* @return the attributes
	*/
	public String[] getAttributes()
	{
	return attributes.toArray( new String[]
	{} );
	}


	/**
	* @param attrs the attributes to set
	*/
	public void setAttributes( String[] attrs )
	{
	attributes.clear();

	for ( String attr : attrs )
	{
	attributes.add( attr );
	}
	}


	/**
	* @return the searchSizeLimit
	*/
	public int getSearchSizeLimit()
	{
	return searchSizeLimit;
	}


	/**
	* @param searchSizeLimit the searchSizeLimit to set
	*/
	public void setSearchSizeLimit( int searchSizeLimit )
	{
	if ( searchTimeout < 0 )
	{
	throw new IllegalArgumentException( "search size limit value cannot be negative " + searchSizeLimit );
	}

	this.searchSizeLimit = searchSizeLimit;
	}


	/**
	* @return the searchTimeout
	*/
	public int getSearchTimeout()
	{
	return searchTimeout;
	}


	/**
	* @param searchTimeout the searchTimeout to set
	*/
	public void setSearchTimeout( int searchTimeout )
	{
	if ( searchTimeout < 0 )
	{
	throw new IllegalArgumentException( "search timeout value cannot be negative " + searchTimeout );
	}

	this.searchTimeout = searchTimeout;
	}


	/**
	* @return the searchScope
	*/
	public SearchScope getSearchScope()
	{
	return searchScope;
	}


	/**
	* @param searchScope the searchScope to set
	*/
	public void setSearchScope( SearchScope searchScope )
	{
	this.searchScope = searchScope;
	}


	/**
	* @return the replicaId
	*/
	public int getReplicaId()
	{
	return replicaId;
	}


	/**
	* @param replicaId the replicaId to set
	*/
	public void setReplicaId( int replicaId )
	{
	this.replicaId = replicaId;
	}


	/**
	* @return The ALiasDerefMode parameter
	*/
	public AliasDerefMode getAliasDerefMode()
	{
	return aliasDerefMode;
	}


	/**
	* @param aliasDerefMode Should be either NEVER_DEREF_ALIASES or DEREF_FINDING_BASE_OBJ
	*/
	public void setAliasDerefMode( AliasDerefMode aliasDerefMode )
	{
	if ( aliasDerefMode != AliasDerefMode.NEVER_DEREF_ALIASES
	&& aliasDerefMode != AliasDerefMode.DEREF_FINDING_BASE_OBJ )
	{
	throw new IllegalArgumentException(
	"alias deref mode should only be set to either 'NEVER_DEREF_ALIASES' or 'DEREF_FINDING_BASE_OBJ'" );
	}

	this.aliasDerefMode = aliasDerefMode;
	}


	/**
	* @return The replication cookie
	*/
	public byte[] getCookie()
	{
	return cookie;
	}


	/**
	* @param cookie The cookie to set
	*/
	public void setCookie( byte[] cookie )
	{
	this.cookie = cookie;
	}


	/**
	* Tells if we chase referrals
	* @return true if we chase referals
	*/
	public boolean isChaseReferrals()
	{
	return chaseReferrals;
	}


	/**
	* @param chaseReferrals Lust be false, always.
	*/
	public void setChaseReferrals( boolean chaseReferrals )
	{
	if ( chaseReferrals )
	{
	throw new UnsupportedOperationException( "client-api currently doesn't support chasing referrals" );
	}

	this.chaseReferrals = chaseReferrals;
	}


	/**
	* @return The DN of the configuration entry
	*/
	public Dn getConfigEntryDn()
	{
	return configEntryDn;
	}


	/**
	* @return true if we use TLS
	*/
	public boolean isUseTls()
	{
	return useTls;
	}


	/**
	* set the option to turn on/off use of TLS
	*
	* @param useTls
	*/
	public void setUseTls( boolean useTls )
	{
	this.useTls = useTls;
	}


	/**
	* @return true if the certificate verification is enforced
	*/
	public boolean isStrictCertVerification()
	{
	return strictCertVerification;
	}


	/**
	* set the strict certificate verification
	*
	* @param strictCertVerification
	*/
	public void setStrictCertVerification( boolean strictCertVerification )
	{
	if ( strictCertVerification )
	{
	trustManager = ReplicationTrustManager.getInstance();
	}
	else
	{
	trustManager = new NoVerificationTrustManager();
	}

	this.strictCertVerification = strictCertVerification;
	}


	/**
	* @return The Trustmanager instance
	*/
	public X509TrustManager getTrustManager()
	{
	return trustManager;
	}


	/**
	* @param configEntryDn the configEntryDn to set
	*/
	public void setConfigEntryDn( Dn configEntryDn )
	{
	this.configEntryDn = configEntryDn;
	}


	/**
	* @return true if this node is part of MMR setup
	*/
	public boolean isMmrMode()
	{
	return mmrMode;
	}


	/**
	* enable/disable MMR option
	*
	* @param mmrMode
	*/
	public void setMmrMode( boolean mmrMode )
	{
	this.mmrMode = mmrMode;
	}


	public String toString()
	{
	StringBuilder sb = new StringBuilder();

	sb.append( "[" );
	sb.append( "rid:" ).append( replicaId ).append( ", " );
	sb.append( "base:'" ).append( baseDn ).append( "', " );
	sb.append( "filter:" ).append( filter ).append( ", " );
	sb.append( "scope:" ).append( searchScope ).append( ", " );
	sb.append( "alias:" ).append( aliasDerefMode ).append( ", " );
	sb.append( "chase referrals:" ).append( chaseReferrals ).append( ", " );

	boolean isFirst = true;

	if ( attributes != null )
	{
	sb.append( "attributes:{" );

	for ( String attribute : attributes )
	{
	if ( isFirst )
	{
	isFirst = false;
	}
	else
	{
	sb.append( "/" );
	}

	sb.append( attribute );
	}

	sb.append( "}, " );
	}

	if ( refreshNPersist )
	{
	sb.append( "refresh:" ).append( refreshInterval ).append( ", " );
	}
	else
	{
	sb.append( "refreshOnly, " );
	}

	if ( mmrMode )
	{
	sb.append( "MMR, " );
	}
	else
	{
	sb.append( "MS, " );
	}

	sb.append( "provider:" ).append( producer ).append( ", " );
	sb.append( "user:'" ).append( replUserDn ).append( "', " );

	if ( strictCertVerification )
	{
	sb.append( "strict" ).append( ", " );
	}

	sb.append( "TLS:" ).append( useTls ).append( "]" );

	return sb.toString();
	}
	}