From 621d9e5c413e561293d7484b93882d985b3fe15f Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Sat, 24 Mar 2012 02:27:47 -0500 Subject: Removed unnecessary pki folder. Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131 --- .../com/netscape/certsrv/ldap/ELdapException.java | 93 +++++++++++++++++++ .../certsrv/ldap/ELdapServerDownException.java | 40 +++++++++ .../com/netscape/certsrv/ldap/ILdapAuthInfo.java | 100 +++++++++++++++++++++ .../certsrv/ldap/ILdapBoundConnFactory.java | 38 ++++++++ .../netscape/certsrv/ldap/ILdapConnFactory.java | 97 ++++++++++++++++++++ .../com/netscape/certsrv/ldap/ILdapConnInfo.java | 80 +++++++++++++++++ .../com/netscape/certsrv/ldap/ILdapConnModule.java | 59 ++++++++++++ .../com/netscape/certsrv/ldap/LdapResources.java | 42 +++++++++ 8 files changed, 549 insertions(+) create mode 100644 base/common/src/com/netscape/certsrv/ldap/ELdapException.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java create mode 100644 base/common/src/com/netscape/certsrv/ldap/LdapResources.java (limited to 'base/common/src/com/netscape/certsrv/ldap') diff --git a/base/common/src/com/netscape/certsrv/ldap/ELdapException.java b/base/common/src/com/netscape/certsrv/ldap/ELdapException.java new file mode 100644 index 000000000..8c1d2d4a5 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ELdapException.java @@ -0,0 +1,93 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +import com.netscape.certsrv.base.EBaseException; + +/** + * A class that represents a Ldap exception. Various + * errors can occur when interacting with a Ldap directory server. + *

+ * + * @version $Revision$, $Date$ + */ +public class ELdapException extends EBaseException { + + /** + * + */ + private static final long serialVersionUID = -4345538974758823452L; + /** + * Ldap resource class name. + */ + private static final String LDAP_RESOURCES = LdapResources.class.getName(); + + /** + * Constructs a Ldap exception. + * + * @param msgFormat Resource Key, if key not present, serves as the message. + *

+ */ + public ELdapException(String msgFormat) { + super(msgFormat); + } + + /** + * Constructs a Ldap exception. + * + * @param msgFormat Resource Key, if key not present, serves as the message. + * Include a message string parameter for variable content. + * @param param Message string parameter. + *

+ */ + public ELdapException(String msgFormat, String param) { + super(msgFormat, param); + } + + /** + * Constructs a Ldap exception. + * + * @param msgFormat Resource Key, if key not present, serves as the message. + * @param e Common exception. + *

+ */ + public ELdapException(String msgFormat, Exception e) { + super(msgFormat, e); + } + + /** + * Constructs a Ldap exception. + * + * @param msgFormat Resource Key, if key not present, serves as the message. + * @param params Array of Message string parameters. + *

+ */ + public ELdapException(String msgFormat, Object params[]) { + super(msgFormat, params); + } + + /** + * Gets the resource bundle name + * + * @return Name of the Ldap Exception resource bundle name. + *

+ */ + protected String getBundleName() { + return LDAP_RESOURCES; + } +} diff --git a/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java b/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java new file mode 100644 index 000000000..f347b1714 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ELdapServerDownException.java @@ -0,0 +1,40 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +/** + * This represents exception which indicates Ldap server is down. + * + * @version $Revision$, $Date$ + */ +public class ELdapServerDownException extends ELdapException { + + /** + * + */ + private static final long serialVersionUID = -21440748379854829L; + + /** + * Constructs a ldap server down exception with host & port info. + * + * @param errorString Detailed error message. + */ + public ELdapServerDownException(String errorString) { + super(errorString); + } +} diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java b/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java new file mode 100644 index 000000000..4325f077c --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ILdapAuthInfo.java @@ -0,0 +1,100 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; + +/** + * Class for obtaining ldap authentication info from the configuration store. + * Two types of authentication is basic and SSL client authentication. + * + * @version $Revision$, $Date$ + */ +public interface ILdapAuthInfo { + static public final String PROP_LDAPAUTHTYPE = "authtype"; + static public final String PROP_CLIENTCERTNICKNAME = "clientCertNickname"; + static public final String PROP_BINDDN = "bindDN"; + static public final String PROP_BINDPW = "bindPassword"; + static public final String PROP_BINDPW_PROMPT = "bindPWPrompt"; + static public final String PROP_BINDDN_DEFAULT = "cn=Directory Manager"; + + static public final String LDAP_BASICAUTH_STR = "BasicAuth"; + static public final String LDAP_SSLCLIENTAUTH_STR = "SslClientAuth"; + + static public final int LDAP_AUTHTYPE_NONE = 0; // illegal + static public final int LDAP_AUTHTYPE_BASICAUTH = 1; + static public final int LDAP_AUTHTYPE_SSLCLIENTAUTH = 2; + + /** + * Initialize this class from the config store. + * + * @param config The config store from which to initialize. + * @exception EBaseException Due to failure of the initialization process. + * + */ + public void init(IConfigStore config) throws EBaseException; + + /** + * Initialize this class from the config store. + * Based on host, port, and secure boolean info. + * which allows an actual attempt on the server to verify credentials. + * + * @param config The config store from which to initialize. + * @exception EBaseException Due to failure of the initialization process. + * + */ + public void init(IConfigStore config, String host, int port, boolean secure) + throws EBaseException; + + /** + * Reset the connection to the host + */ + public void reset(); + + /** + * Get authentication type. + * + * @return one of:
+ * LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or + * LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH + */ + public int getAuthType(); + + /** + * Get params for authentication. + * + * @return array of parameters for this authentication as an array of Strings. + */ + public String[] getParms(); + + /** + * Add password to private password data structure. + * + * @param prompt Password prompt. + * @param pw Password itself. + */ + public void addPassword(String prompt, String pw); + + /** + * Remove password from private password data structure. + * + * @param prompt Identify password to remove with prompt. + */ + public void removePassword(String prompt); +} diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java b/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java new file mode 100644 index 000000000..846f51749 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ILdapBoundConnFactory.java @@ -0,0 +1,38 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +/** + * Maintains a pool of connections to the LDAP server. + * CMS requests are processed on a multi threaded basis. + * A pool of connections then must be be maintained so this + * access to the Ldap server can be easily managed. The min and + * max size of this connection pool should be configurable. Once + * the maximum limit of connections is exceeded, the factory + * should provide proper synchronization to resolve contention issues. + * + * @version $Revision$, $Date$ + */ +public interface ILdapBoundConnFactory extends ILdapConnFactory { + + public static final String PROP_MINCONNS = "minConns"; + public static final String PROP_MAXCONNS = "maxConns"; + public static final String PROP_LDAPCONNINFO = "ldapconn"; + public static final String PROP_LDAPAUTHINFO = "ldapauth"; + +} diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java b/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java new file mode 100644 index 000000000..738f5832d --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ILdapConnFactory.java @@ -0,0 +1,97 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +import netscape.ldap.LDAPConnection; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; + +/** + * Maintains a pool of connections to the LDAP server. + * Multiple threads use this interface to utilize and release + * the Ldap connection resources. + * + * @version $Revision$, $Date$ + */ +public interface ILdapConnFactory { + + /** + * Initialize the poll from the config store. + * + * @param config The configuration substore. + * @exception EBaseException On configuration error. + * @exception ELdapException On all other errors. + */ + public void init(IConfigStore config) + throws EBaseException, ELdapException; + + /** + * + * Used for disconnecting all connections. + * Used just before a subsystem + * shutdown or process exit. + * + * @exception EldapException on Ldap failure when closing connections. + */ + public void reset() + throws ELdapException; + + /** + * Returns the number of free connections available from this pool. + * + * @return Integer number of free connections. + */ + + public int freeConn(); + + /** + * Returns the number of total connections available from this pool. + * Includes sum of free and in use connections. + * + * @return Integer number of total connections. + */ + public int totalConn(); + + /** + * Returns the maximum number of connections available from this pool. + * + * @return Integer maximum number of connections. + */ + public int maxConn(); + + /** + * Request access to a Ldap connection from the pool. + * + * @exception ELdapException if any error occurs, such as a + * @return Ldap connection object. + * connection is not available + */ + public LDAPConnection getConn() + throws ELdapException; + + /** + * Return connection to the factory. mandatory after a getConn(). + * + * @param conn Ldap connection object to be returned to the free list of the pool. + * @exception ELdapException On any failure to return the connection. + */ + public void returnConn(LDAPConnection conn) + throws ELdapException; + +} diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java b/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java new file mode 100644 index 000000000..aa5b388a3 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ILdapConnInfo.java @@ -0,0 +1,80 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; + +/** + * Class for reading ldap connection information from the config store. + * Ldap connection info: host name, port number,whether of not it is a secure connection. + * + * @version $Revision$, $Date$ + */ +public interface ILdapConnInfo { + public static final String PROP_HOST = "host"; + public static final String PROP_PORT = "port"; + public static final String PROP_SECURE = "secureConn"; + public static final String PROP_PROTOCOL = "version"; + public static final String PROP_FOLLOW_REFERRALS = "followReferrals"; + public static final String PROP_HOST_DEFAULT = "localhost"; + public static final String PROP_PORT_DEFAULT = "389"; + + public static final int LDAP_VERSION_2 = 2; + public static final int LDAP_VERSION_3 = 3; + + /** + * Initializes an instance from a config store. + * + * @param config Configuration store. + * @exception ELdapException Ldap related error found. + * @exception EBaseException Other errors and errors with params included in the config store. + */ + public void init(IConfigStore config) throws EBaseException, ELdapException; + + /** + * Return the name of the Host. + * + */ + + public String getHost(); + + /** + * Return the port number of the host. + * + */ + public int getPort(); + + /** + * Return the Ldap version number of the Ldap server. + */ + + public int getVersion(); + + /** + * Return whether or not the connection is secure. + */ + public boolean getSecure(); + + /** + * Return whether or not the server is to follow referrals + * to other servers when servicing a query. + */ + public boolean getFollowReferrals(); + +} diff --git a/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java b/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java new file mode 100644 index 000000000..efa1c271e --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/ILdapConnModule.java @@ -0,0 +1,59 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; + +/** + * Class on behalf of the Publishing system that controls an instance of an ILdapConnFactory. + * Allows a factory to be intialized and grants access + * to the factory to other interested parties. + * + * @version $Revision$, $Date$ + */ + +public interface ILdapConnModule { + + /** + * Initialize ldap publishing module with config store. + * + * @param owner Entity that is interested in this instance of Publishing. + * @param config Config store containing the info needed to set up Publishing. + * @exception ELdapException Due to Ldap error. + * @exception EBaseException Due to config value errors and all other errors. + */ + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException, ELdapException; + + /** + * Returns the internal ldap connection factory. + * This can be useful to get a ldap connection to the + * ldap publishing directory without having to get it again from the + * config file. Note that this means sharing a ldap connection pool + * with the ldap publishing module so be sure to return connections to pool. + * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap + * publishing directory. + * Use ILdapConnFactory.returnConn() to return the connection. + * + * @return Instance of ILdapConnFactory. + */ + + public ILdapConnFactory getLdapConnFactory(); +} diff --git a/base/common/src/com/netscape/certsrv/ldap/LdapResources.java b/base/common/src/com/netscape/certsrv/ldap/LdapResources.java new file mode 100644 index 000000000..332fcaddf --- /dev/null +++ b/base/common/src/com/netscape/certsrv/ldap/LdapResources.java @@ -0,0 +1,42 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.ldap; + +import java.util.ListResourceBundle; + +/** + * A resource bundle for ldap subsystem. + * + * @version $Revision$, $Date$ + */ +public class LdapResources extends ListResourceBundle { + + /** + * Returns the content of this resource. + */ + public Object[][] getContents() { + return contents; + } + + /** + * Constants. The suffix represents the number of + * possible parameters. + */ + + static final Object[][] contents = {}; +} -- cgit