001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.server.core.api; 021 022 023import java.io.IOException; 024import java.util.List; 025import java.util.Set; 026 027import org.apache.directory.api.ldap.codec.api.LdapApiService; 028import org.apache.directory.api.ldap.model.csn.Csn; 029import org.apache.directory.api.ldap.model.entry.Entry; 030import org.apache.directory.api.ldap.model.exception.LdapException; 031import org.apache.directory.api.ldap.model.ldif.LdifEntry; 032import org.apache.directory.api.ldap.model.name.Dn; 033import org.apache.directory.api.ldap.model.schema.SchemaManager; 034import org.apache.directory.api.ldap.util.tree.DnNode; 035import org.apache.directory.api.util.TimeProvider; 036import org.apache.directory.server.core.api.administrative.AccessControlAdministrativePoint; 037import org.apache.directory.server.core.api.administrative.CollectiveAttributeAdministrativePoint; 038import org.apache.directory.server.core.api.administrative.SubschemaAdministrativePoint; 039import org.apache.directory.server.core.api.administrative.TriggerExecutionAdministrativePoint; 040import org.apache.directory.server.core.api.changelog.ChangeLog; 041import org.apache.directory.server.core.api.entry.ServerEntryFactory; 042import org.apache.directory.server.core.api.event.EventService; 043import org.apache.directory.server.core.api.interceptor.Interceptor; 044import org.apache.directory.server.core.api.journal.Journal; 045import org.apache.directory.server.core.api.partition.Partition; 046import org.apache.directory.server.core.api.partition.PartitionNexus; 047import org.apache.directory.server.core.api.schema.SchemaPartition; 048import org.apache.directory.server.core.api.subtree.SubentryCache; 049import org.apache.directory.server.core.api.subtree.SubtreeEvaluator; 050 051 052/** 053 * All the features a DirectroyService instance must implement. This gives a control 054 * of the Directory based server. 055 * 056 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 057 */ 058public interface DirectoryService extends ServerEntryFactory 059{ 060 String JNDI_KEY = DirectoryService.class.getName(); 061 062 063 /** 064 * Reverts the server's state to an earlier revision. Note that the revsion number 065 * still increases to revert back even though the state reverted to is the same. 066 * Note that implementations may lock the server from making changes or searching 067 * the directory until this operation has completed. 068 * 069 * @param revision the revision number to revert to 070 * @return the new revision reached by applying all changes needed to revert to the 071 * original state 072 * @throws LdapException if there are problems reverting back to the earlier state 073 */ 074 long revert( long revision ) throws LdapException; 075 076 077 /** 078 * Reverts the server's state to the latest tagged snapshot if one was taken. If 079 * there is no tag a illegal state exception will result. If the latest revision 080 * is not earlier than the current revision (both are same), then no changes were 081 * made to the directory to be reverted. In this case we return the current 082 * revision and do nothing logging the fact that we ignored the request to revert. 083 * 084 * @return the new revision reached by applying all changes needed to revert 085 * to the new state or the same version before this call if no revert actually 086 * took place 087 * @throws LdapException if there are problems reverting back to the earlier state 088 */ 089 long revert() throws LdapException; 090 091 092 PartitionNexus getPartitionNexus(); 093 094 095 void addPartition( Partition partition ) throws LdapException; 096 097 098 void removePartition( Partition partition ) throws LdapException; 099 100 101 /** 102 * @return The Directory Service SchemaManager 103 */ 104 SchemaManager getSchemaManager(); 105 106 107 /** 108 * @return The LDAP codec service. 109 */ 110 LdapApiService getLdapCodecService(); 111 112 113 /** 114 * @return The referral manager 115 */ 116 ReferralManager getReferralManager(); 117 118 119 /** 120 * Set the referralManager 121 * 122 * @param referralManager The initialized referralManager 123 */ 124 void setReferralManager( ReferralManager referralManager ); 125 126 127 /** 128 * @return The schema partition 129 */ 130 SchemaPartition getSchemaPartition(); 131 132 133 /** 134 * Set the SchemaPartition 135 * @param schemaPartition the SchemaPartition instance 136 */ 137 void setSchemaPartition( SchemaPartition schemaPartition ); 138 139 140 EventService getEventService(); 141 142 143 /** 144 * @param eventService The {@link EventService} instance 145 */ 146 void setEventService( EventService eventService ); 147 148 149 /** 150 * Starts up this service. 151 * 152 * @throws LdapException if failed to start up 153 */ 154 void startup() throws LdapException; 155 156 157 /** 158 * Shuts down this service. 159 * 160 * @throws LdapException if failed to shut down 161 */ 162 void shutdown() throws LdapException; 163 164 165 /** 166 * Calls {@link Partition#sync()} for all registered {@link Partition}s. 167 * @throws LdapException if synchronization failed 168 */ 169 void sync() throws LdapException; 170 171 172 /** 173 * Returns <tt>true</tt> if this service is started. 174 * @return true if the service has started, false otherwise 175 */ 176 boolean isStarted(); 177 178 179 /** 180 * @return The Admin session 181 */ 182 CoreSession getAdminSession(); 183 184 185 /** 186 * @return Returns the hash mapping the Dn of a subentry to its SubtreeSpecification/types 187 **/ 188 SubentryCache getSubentryCache(); 189 190 191 /** 192 * @return Returns the subentry evaluator 193 */ 194 SubtreeEvaluator getEvaluator(); 195 196 197 /** 198 * Gets a logical session to perform operations on this DirectoryService 199 * as the anonymous user. This bypasses authentication without 200 * propagating a bind operation into the core. 201 * 202 * @return a logical session as the anonymous user 203 * @throws LdapException If we weren't able to get the session 204 */ 205 CoreSession getSession() throws LdapException; 206 207 208 /** 209 * Gets a logical session to perform operations on this DirectoryService 210 * as a specific user. This bypasses authentication without propagating 211 * a bind operation into the core. 212 * 213 * @param principal The Principal 214 * @return a logical session as a specific user 215 * @throws LdapException If we weren't able to get the session 216 */ 217 CoreSession getSession( LdapPrincipal principal ) throws LdapException; 218 219 220 /** 221 * Gets a logical session to perform operations on this DirectoryService 222 * as a specific user with a separate authorization principal. This 223 * bypasses authentication without propagating a bind operation into the 224 * core. 225 * 226 * @param principalDn The principal Dn 227 * @param credentials The principal credentials 228 * @return a logical session as a specific user 229 * @throws LdapException If we weren't able to get the session 230 */ 231 CoreSession getSession( Dn principalDn, byte[] credentials ) throws LdapException; 232 233 234 /** 235 * Gets a logical session to perform operations on this DirectoryService 236 * as a specific user with a separate authorization principal. This 237 * bypasses authentication without propagating a bind operation into the 238 * core. 239 * 240 * @param principalDn The principal Dn 241 * @param credentials The principal credentials 242 * @param saslMechanism The SASL mechanisms 243 * @param saslAuthId The SASL authorization ID 244 * @return a logical session as a specific user 245 * @throws LdapException If we weren't able to get the session 246 */ 247 CoreSession getSession( Dn principalDn, byte[] credentials, String saslMechanism, String saslAuthId ) 248 throws LdapException; 249 250 251 /** 252 * Set the instance Identifier 253 * 254 * @param instanceId The instance identifier 255 */ 256 void setInstanceId( String instanceId ); 257 258 259 /** 260 * @return The instance identifier 261 */ 262 String getInstanceId(); 263 264 265 /** 266 * Gets the {@link Partition}s used by this DirectoryService. 267 * 268 * @return the set of partitions used 269 */ 270 Set<? extends Partition> getPartitions(); 271 272 273 /** 274 * Sets {@link Partition}s used by this DirectoryService. 275 * 276 * @param partitions the partitions to used 277 */ 278 void setPartitions( Set<? extends Partition> partitions ); 279 280 281 /** 282 * Returns <tt>true</tt> if access control checks are enabled. 283 * 284 * @return true if access control checks are enabled, false otherwise 285 */ 286 boolean isAccessControlEnabled(); 287 288 289 /** 290 * Sets whether to enable basic access control checks or not. 291 * 292 * @param accessControlEnabled true to enable access control checks, false otherwise 293 */ 294 void setAccessControlEnabled( boolean accessControlEnabled ); 295 296 297 /** 298 * Returns <tt>true</tt> if anonymous access is allowed on entries besides the RootDSE. 299 * If the access control subsystem is enabled then access to some entries may not be 300 * allowed even when full anonymous access is enabled. 301 * 302 * @return true if anonymous access is allowed on entries besides the RootDSE, false 303 * if anonymous access is allowed to all entries. 304 */ 305 boolean isAllowAnonymousAccess(); 306 307 308 /** 309 * Returns <tt>true</tt> if the service requires the userPassword attribute 310 * to be masked. It's an option in the server.xml file. 311 * 312 * @return true if the service requires that the userPassword is to be hidden 313 */ 314 boolean isPasswordHidden(); 315 316 317 /** 318 * Sets whether the userPassword attribute is readable, or hidden. 319 * 320 * @param passwordHidden true to enable hide the userPassword attribute, false otherwise 321 */ 322 void setPasswordHidden( boolean passwordHidden ); 323 324 325 /** 326 * Sets whether to allow anonymous access to entries other than the RootDSE. If the 327 * access control subsystem is enabled then access to some entries may not be allowed 328 * even when full anonymous access is enabled. 329 * 330 * @param enableAnonymousAccess true to enable anonymous access, false to disable it 331 */ 332 void setAllowAnonymousAccess( boolean enableAnonymousAccess ); 333 334 335 /** 336 * Returns interceptors in the server. 337 * 338 * @return the interceptors in the server. 339 */ 340 List<Interceptor> getInterceptors(); 341 342 343 /** 344 * Returns interceptors in the server. 345 * 346 * @param operation The operation that the interceptors must implement 347 * @return the interceptors in the server. 348 */ 349 List<String> getInterceptors( OperationEnum operation ); 350 351 352 /** 353 * Sets the interceptors in the server. 354 * 355 * @param interceptors the interceptors to be used in the server. 356 */ 357 void setInterceptors( List<Interceptor> interceptors ); 358 359 360 /** 361 * Add an interceptor in the first position in the interceptor list. 362 * 363 * @param interceptor The added interceptor 364 * @throws LdapException If the interceptor can't be added 365 */ 366 void addFirst( Interceptor interceptor ) throws LdapException; 367 368 369 /** 370 * Add an interceptor in the last position in the interceptor list. 371 * 372 * @param interceptor The added interceptor 373 * @throws LdapException If the interceptor can't be added 374 */ 375 void addLast( Interceptor interceptor ) throws LdapException; 376 377 378 /** 379 * Add an interceptor after a given interceptor in the interceptor list. 380 * 381 * @param interceptorName The interceptor name to find 382 * @param interceptor The added interceptor 383 */ 384 void addAfter( String interceptorName, Interceptor interceptor ); 385 386 387 /** 388 * Remove an interceptor from the list of interceptors 389 * @param interceptorName The interceptor to remove 390 */ 391 void remove( String interceptorName ); 392 393 394 /** 395 * Sets the journal in the server. 396 * 397 * @param journal the journal to be used in the server. 398 */ 399 void setJournal( Journal journal ); 400 401 402 /** 403 * Returns test directory entries({@link org.apache.directory.api.ldap.model.ldif.LdifEntry}) to be loaded while 404 * bootstrapping. 405 * 406 * @return test entries to load during bootstrapping 407 */ 408 List<LdifEntry> getTestEntries(); 409 410 411 /** 412 * Sets test directory entries to be loaded while bootstrapping. 413 * 414 * @param testEntries the test entries to load while bootstrapping 415 */ 416 void setTestEntries( List<? extends LdifEntry> testEntries ); 417 418 419 /** 420 * Returns the instance layout which contains the path for various directories 421 * 422 * @return the InstanceLayout for this directory service. 423 */ 424 InstanceLayout getInstanceLayout(); 425 426 427 /** 428 * Sets the InstanceLayout used by the DirectoryService to store the files 429 * @param instanceLayout The InstanceLayout to set 430 * @throws IOException If the layout could not be created 431 */ 432 void setInstanceLayout( InstanceLayout instanceLayout ) throws IOException; 433 434 435 /** 436 * Sets the shutdown hook flag which controls whether or not this DirectoryService 437 * registers a JVM shutdown hook to flush caches and synchronize to disk safely. This is 438 * enabled by default. 439 * 440 * @param shutdownHookEnabled true to enable the shutdown hook, false to disable 441 */ 442 void setShutdownHookEnabled( boolean shutdownHookEnabled ); 443 444 445 /** 446 * Checks to see if this DirectoryService has registered a JVM shutdown hook 447 * to flush caches and synchronize to disk safely. This is enabled by default. 448 * 449 * @return true if a shutdown hook is registered, false if it is not 450 */ 451 boolean isShutdownHookEnabled(); 452 453 454 void setExitVmOnShutdown( boolean exitVmOnShutdown ); 455 456 457 boolean isExitVmOnShutdown(); 458 459 460 void setSystemPartition( Partition systemPartition ); 461 462 463 Partition getSystemPartition(); 464 465 466 boolean isDenormalizeOpAttrsEnabled(); 467 468 469 void setDenormalizeOpAttrsEnabled( boolean denormalizeOpAttrsEnabled ); 470 471 472 /** 473 * Gets the ChangeLog service for this DirectoryService used for tracking 474 * changes (revisions) to the server and using them to revert the server 475 * to earlier revisions. 476 * 477 * @return the change log service 478 */ 479 ChangeLog getChangeLog(); 480 481 482 /** 483 * Gets the Journal service for this DirectoryService used for tracking 484 * changes to the server. 485 * 486 * @return the journal service 487 */ 488 Journal getJournal(); 489 490 491 /** 492 * Sets the ChangeLog service for this DirectoryService used for tracking 493 * changes (revisions) to the server and using them to revert the server 494 * to earlier revisions. 495 * 496 * @param changeLog the change log service to set 497 */ 498 void setChangeLog( ChangeLog changeLog ); 499 500 501 /** 502 * Create a new Entry. 503 * 504 * @param ldif the String representing the attributes, in LDIF format 505 * @param dn the Dn for this new entry 506 * @return The new Entry instance 507 */ 508 Entry newEntry( String ldif, String dn ); 509 510 511 /** 512 * Gets the operation manager. 513 * 514 * @return the OperationManager instance 515 */ 516 OperationManager getOperationManager(); 517 518 519 /** 520 * @return The maximum allowed size for an incoming PDU 521 */ 522 int getMaxPDUSize(); 523 524 525 /** 526 * Set the maximum allowed size for an incoming PDU 527 * @param maxPDUSize A positive number of bytes for the PDU. A negative or 528 * null value will be transformed to {@link Integer#MAX_VALUE} 529 */ 530 void setMaxPDUSize( int maxPDUSize ); 531 532 533 /** 534 * Get an Interceptor instance from its name 535 * @param interceptorName The interceptor's name for which we want the instance 536 * @return the interceptor for the given name 537 */ 538 Interceptor getInterceptor( String interceptorName ); 539 540 541 /** 542 * Get a new CSN 543 * @return The CSN generated for this directory service 544 */ 545 Csn getCSN(); 546 547 548 /** 549 * @return the replicaId 550 */ 551 int getReplicaId(); 552 553 554 /** 555 * @param replicaId the replicaId to set 556 */ 557 void setReplicaId( int replicaId ); 558 559 560 /** 561 * Associates a SchemaManager to the service 562 * 563 * @param schemaManager The SchemaManager to associate 564 */ 565 void setSchemaManager( SchemaManager schemaManager ); 566 567 568 /** 569 * the time interval at which the DirectoryService's data is flushed to disk 570 * 571 * @param syncPeriodMillis the syncPeriodMillis to set 572 */ 573 void setSyncPeriodMillis( long syncPeriodMillis ); 574 575 576 /** 577 * @return the syncPeriodMillis 578 */ 579 long getSyncPeriodMillis(); 580 581 582 /** 583 * @return The AccessControl AdministrativePoint cache 584 */ 585 DnNode<AccessControlAdministrativePoint> getAccessControlAPCache(); 586 587 588 /** 589 * @return The CollectiveAttribute AdministrativePoint cache 590 */ 591 DnNode<CollectiveAttributeAdministrativePoint> getCollectiveAttributeAPCache(); 592 593 594 /** 595 * @return The Subschema AdministrativePoint cache 596 */ 597 DnNode<SubschemaAdministrativePoint> getSubschemaAPCache(); 598 599 600 /** 601 * @return The TriggerExecution AdministrativePoint cache 602 */ 603 DnNode<TriggerExecutionAdministrativePoint> getTriggerExecutionAPCache(); 604 605 606 /** 607 * @return true if the password policy is enabled, false otherwise 608 */ 609 boolean isPwdPolicyEnabled(); 610 611 612 /** 613 * Gets the Dn factory. 614 * 615 * @return the Dn factory 616 */ 617 DnFactory getDnFactory(); 618 619 620 /** 621 * Sets the Dn factory. 622 * 623 * @param dnFactory The Dn factory to use 624 */ 625 void setDnFactory( DnFactory dnFactory ); 626 627 628 /** 629 * Gets the {@link AttributeTypeProvider}. 630 * 631 * @return the {@link AttributeTypeProvider} 632 */ 633 AttributeTypeProvider getAtProvider(); 634 635 636 /** 637 * Gets the {@link ObjectClassProvider}. 638 * 639 * @return the {@link ObjectClassProvider} 640 */ 641 ObjectClassProvider getOcProvider(); 642 643 644 /** 645 * Gets the time provider. 646 * 647 * @return the time provider 648 */ 649 TimeProvider getTimeProvider(); 650 651 652 /** 653 * Sets the time provider. 654 * 655 * @param timeProvider the time provider 656 */ 657 void setTimeProvider( TimeProvider timeProvider ); 658}