org.opends.server.admin.std.meta

Class LDAPConnectionHandlerCfgDefn

java.lang.Object

org.opends.server.admin.AbstractManagedObjectDefinition<C,S>

org.opends.server.admin.ManagedObjectDefinition<LDAPConnectionHandlerCfgClient,LDAPConnectionHandlerCfg>

org.opends.server.admin.std.meta.LDAPConnectionHandlerCfgDefn

public final class LDAPConnectionHandlerCfgDefn
extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient,LDAPConnectionHandlerCfg>

An interface for querying the LDAP Connection Handler managed object definition meta information.

The LDAP Connection Handler is used to interact with clients using LDAP.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	LDAPConnectionHandlerCfgDefn.SSLClientAuthPolicy Defines the set of permissable values for the "ssl-client-auth-policy" property.

Method Summary

Methods

Modifier and Type	Method and Description
LDAPConnectionHandlerCfgClient	createClientConfiguration(ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) Creates a client configuration view of the provided managed object.
LDAPConnectionHandlerCfg	createServerConfiguration(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) Creates a server configuration view of the provided server managed object.
IntegerPropertyDefinition	getAcceptBacklogPropertyDefinition() Get the "accept-backlog" property definition.
IPAddressMaskPropertyDefinition	getAllowedClientPropertyDefinition() Get the "allowed-client" property definition.
BooleanPropertyDefinition	getAllowLDAPV2PropertyDefinition() Get the "allow-ldap-v2" property definition.
BooleanPropertyDefinition	getAllowStartTLSPropertyDefinition() Get the "allow-start-tls" property definition.
BooleanPropertyDefinition	getAllowTCPReuseAddressPropertyDefinition() Get the "allow-tcp-reuse-address" property definition.
SizePropertyDefinition	getBufferSizePropertyDefinition() Get the "buffer-size" property definition.
IPAddressMaskPropertyDefinition	getDeniedClientPropertyDefinition() Get the "denied-client" property definition.
BooleanPropertyDefinition	getEnabledPropertyDefinition() Get the "enabled" property definition.
static LDAPConnectionHandlerCfgDefn	getInstance() Get the LDAP Connection Handler configuration definition singleton.
ClassPropertyDefinition	getJavaClassPropertyDefinition() Get the "java-class" property definition.
BooleanPropertyDefinition	getKeepStatsPropertyDefinition() Get the "keep-stats" property definition.
AggregationPropertyDefinition<KeyManagerProviderCfgClient,KeyManagerProviderCfg>	getKeyManagerProviderPropertyDefinition() Get the "key-manager-provider" property definition.
IPAddressPropertyDefinition	getListenAddressPropertyDefinition() Get the "listen-address" property definition.
IntegerPropertyDefinition	getListenPortPropertyDefinition() Get the "listen-port" property definition.
DurationPropertyDefinition	getMaxBlockedWriteTimeLimitPropertyDefinition() Get the "max-blocked-write-time-limit" property definition.
SizePropertyDefinition	getMaxRequestSizePropertyDefinition() Get the "max-request-size" property definition.
IntegerPropertyDefinition	getNumRequestHandlersPropertyDefinition() Get the "num-request-handlers" property definition.
BooleanPropertyDefinition	getSendRejectionNoticePropertyDefinition() Get the "send-rejection-notice" property definition.
Class<LDAPConnectionHandlerCfg>	getServerConfigurationClass() Gets the server configuration class instance associated with this managed object definition.
StringPropertyDefinition	getSSLCertNicknamePropertyDefinition() Get the "ssl-cert-nickname" property definition.
StringPropertyDefinition	getSSLCipherSuitePropertyDefinition() Get the "ssl-cipher-suite" property definition.
EnumPropertyDefinition<LDAPConnectionHandlerCfgDefn.SSLClientAuthPolicy>	getSSLClientAuthPolicyPropertyDefinition() Get the "ssl-client-auth-policy" property definition.
StringPropertyDefinition	getSSLProtocolPropertyDefinition() Get the "ssl-protocol" property definition.
AggregationPropertyDefinition<TrustManagerProviderCfgClient,TrustManagerProviderCfg>	getTrustManagerProviderPropertyDefinition() Get the "trust-manager-provider" property definition.
BooleanPropertyDefinition	getUseSSLPropertyDefinition() Get the "use-ssl" property definition.
BooleanPropertyDefinition	getUseTCPKeepAlivePropertyDefinition() Get the "use-tcp-keep-alive" property definition.
BooleanPropertyDefinition	getUseTCPNoDelayPropertyDefinition() Get the "use-tcp-no-delay" property definition.

Methods inherited from class org.opends.server.admin.AbstractManagedObjectDefinition

getAggregationPropertyDefinition, getAggregationPropertyDefinitions, getAllAggregationPropertyDefinitions, getAllChildren, getAllConstraints, getAllPropertyDefinitions, getAllRelationDefinitions, getAllReverseAggregationPropertyDefinitions, getAllReverseRelationDefinitions, getAllTags, getChild, getChildren, getConstraints, getDescription, getDescription, getName, getParent, getPropertyDefinition, getPropertyDefinitions, getRelationDefinition, getRelationDefinitions, getReverseAggregationPropertyDefinitions, getReverseRelationDefinitions, getSynopsis, getSynopsis, getUserFriendlyName, getUserFriendlyName, getUserFriendlyPluralName, getUserFriendlyPluralName, hasChildren, hasOption, hasTag, initialize, isChildOf, isParentOf, isTop, registerConstraint, registerOption, registerPropertyDefinition, registerRelationDefinition, registerTag, resolveManagedObjectDefinition, toString, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Detail

getInstance

public static LDAPConnectionHandlerCfgDefn getInstance()

Get the LDAP Connection Handler configuration definition singleton.

Returns:

Returns the LDAP Connection Handler configuration definition singleton.

createClientConfiguration

public LDAPConnectionHandlerCfgClient createClientConfiguration(ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl)

Creates a client configuration view of the provided managed object. Modifications made to the underlying managed object will be reflected in the client configuration view and vice versa.

Specified by:

createClientConfiguration in class ManagedObjectDefinition<LDAPConnectionHandlerCfgClient,LDAPConnectionHandlerCfg>

Parameters:

impl - The managed object.

Returns:

Returns a client configuration view of the provided managed object.

createServerConfiguration

public LDAPConnectionHandlerCfg createServerConfiguration(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl)

Creates a server configuration view of the provided server managed object.

Specified by:

createServerConfiguration in class ManagedObjectDefinition<LDAPConnectionHandlerCfgClient,LDAPConnectionHandlerCfg>

Parameters:

impl - The server managed object.

Returns:

Returns a server configuration view of the provided server managed object.

getServerConfigurationClass

public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass()

Gets the server configuration class instance associated with this managed object definition.

Specified by:

getServerConfigurationClass in class ManagedObjectDefinition<LDAPConnectionHandlerCfgClient,LDAPConnectionHandlerCfg>

Returns:

Returns the server configuration class instance associated with this managed object definition.

getAcceptBacklogPropertyDefinition

public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition()

Get the "accept-backlog" property definition.

Specifies the maximum number of pending connection attempts that are allowed to queue up in the accept backlog before the server starts rejecting new connection attempts.

This is primarily an issue for cases in which a large number of connections are established to the server in a very short period of time (for example, a benchmark utility that creates a large number of client threads that each have their own connection to the server) and the connection handler is unable to keep up with the rate at which the new connections are established.

Returns:

Returns the "accept-backlog" property definition.

getAllowedClientPropertyDefinition

public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition()

Get the "allowed-client" property definition.

Specifies a set of host names or address masks that determine the clients that are allowed to establish connections to this LDAP Connection Handler.

Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask.

Returns:

Returns the "allowed-client" property definition.

getAllowLDAPV2PropertyDefinition

public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition()

Get the "allow-ldap-v2" property definition.

Indicates whether connections from LDAPv2 clients are allowed.

If LDAPv2 clients are allowed, then only a minimal degree of special support are provided for them to ensure that LDAPv3-specific protocol elements (for example, Configuration Guide 25 controls, extended response messages, intermediate response messages, referrals) are not sent to an LDAPv2 client.

Returns:

Returns the "allow-ldap-v2" property definition.

getAllowStartTLSPropertyDefinition

public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition()

Get the "allow-start-tls" property definition.

Indicates whether clients are allowed to use StartTLS.

If enabled, the LDAP Connection Handler allows clients to use the StartTLS extended operation to initiate secure communication over an otherwise insecure channel. Note that this is only allowed if the LDAP Connection Handler is not configured to use SSL, and if the server is configured with a valid key manager provider and a valid trust manager provider.

Returns:

Returns the "allow-start-tls" property definition.

getAllowTCPReuseAddressPropertyDefinition

public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition()

Get the "allow-tcp-reuse-address" property definition.

Indicates whether the LDAP Connection Handler should reuse socket descriptors.

If enabled, the SO_REUSEADDR socket option is used on the server listen socket to potentially allow the reuse of socket descriptors for clients in a TIME_WAIT state. This may help the server avoid temporarily running out of socket descriptors in cases in which a very large number of short-lived connections have been established from the same client system.

Returns:

Returns the "allow-tcp-reuse-address" property definition.

getBufferSizePropertyDefinition

public SizePropertyDefinition getBufferSizePropertyDefinition()

Get the "buffer-size" property definition.

Specifies the size in bytes of the LDAP response message write buffer.

This property specifies write buffer size allocated by the server for each client connection and used to buffer LDAP response messages data when writing.

Returns:

Returns the "buffer-size" property definition.

getDeniedClientPropertyDefinition

public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition()

Get the "denied-client" property definition.

Specifies a set of host names or address masks that determine the clients that are not allowed to establish connections to this LDAP Connection Handler.

Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask. If both allowed and denied client masks are defined and a client connection matches one or more masks in both lists, then the connection is denied. If only a denied list is specified, then any client not matching a mask in that list is allowed.

Returns:

Returns the "denied-client" property definition.

getEnabledPropertyDefinition

public BooleanPropertyDefinition getEnabledPropertyDefinition()

Get the "enabled" property definition.

Indicates whether the LDAP Connection Handler is enabled.

Returns:

Returns the "enabled" property definition.

getJavaClassPropertyDefinition

public ClassPropertyDefinition getJavaClassPropertyDefinition()

Get the "java-class" property definition.

Specifies the fully-qualified name of the Java class that provides the LDAP Connection Handler implementation.

Returns:

Returns the "java-class" property definition.

getKeepStatsPropertyDefinition

public BooleanPropertyDefinition getKeepStatsPropertyDefinition()

Get the "keep-stats" property definition.

Indicates whether the LDAP Connection Handler should keep statistics.

If enabled, the LDAP Connection Handler maintains statistics about the number and types of operations requested over LDAP and the amount of data sent and received.

Returns:

Returns the "keep-stats" property definition.

getKeyManagerProviderPropertyDefinition

public AggregationPropertyDefinition<KeyManagerProviderCfgClient,KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition()

Get the "key-manager-provider" property definition.

Specifies the name of the key manager that should be used with this LDAP Connection Handler .

Returns:

Returns the "key-manager-provider" property definition.

getListenAddressPropertyDefinition

public IPAddressPropertyDefinition getListenAddressPropertyDefinition()

Get the "listen-address" property definition.

Specifies the address or set of addresses on which this LDAP Connection Handler should listen for connections from LDAP clients.

Multiple addresses may be provided as separate values for this attribute. If no values are provided, then the LDAP Connection Handler listens on all interfaces.

Returns:

Returns the "listen-address" property definition.

getListenPortPropertyDefinition

public IntegerPropertyDefinition getListenPortPropertyDefinition()

Get the "listen-port" property definition.

Specifies the port number on which the LDAP Connection Handler will listen for connections from clients.

Only a single port number may be provided.

Returns:

Returns the "listen-port" property definition.

getMaxBlockedWriteTimeLimitPropertyDefinition

public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition()

Get the "max-blocked-write-time-limit" property definition.

Specifies the maximum length of time that attempts to write data to LDAP clients should be allowed to block.

If an attempt to write data to a client takes longer than this length of time, then the client connection is terminated.

Returns:

Returns the "max-blocked-write-time-limit" property definition.

getMaxRequestSizePropertyDefinition

public SizePropertyDefinition getMaxRequestSizePropertyDefinition()

Get the "max-request-size" property definition.

Specifies the size in bytes of the largest LDAP request message that will be allowed by this LDAP Connection handler.

This property is analogous to the maxBERSize configuration attribute of the Sun Java System Directory Server. This can help prevent denial-of-service attacks by clients that indicate they send extremely large requests to the server causing it to attempt to allocate large amounts of memory.

Returns:

Returns the "max-request-size" property definition.

getNumRequestHandlersPropertyDefinition

public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition()

Get the "num-request-handlers" property definition.

Specifies the number of request handlers that are used to read requests from clients.

The LDAP Connection Handler uses one thread to accept new connections from clients, but uses one or more additional threads to read requests from existing client connections. This ensures that new requests are read efficiently and that the connection handler itself does not become a bottleneck when the server is under heavy load from many clients at the same time.

Returns:

Returns the "num-request-handlers" property definition.

getSendRejectionNoticePropertyDefinition

public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition()

Get the "send-rejection-notice" property definition.

Indicates whether the LDAP Connection Handler should send a notice of disconnection extended response message to the client if a new connection is rejected for some reason.

The extended response message may provide an explanation indicating the reason that the connection was rejected.

Returns:

Returns the "send-rejection-notice" property definition.

getSSLCertNicknamePropertyDefinition

public StringPropertyDefinition getSSLCertNicknamePropertyDefinition()

Get the "ssl-cert-nickname" property definition.

Specifies the nicknames (also called the aliases) of the certificates that the LDAP Connection Handler should use when performing SSL communication. The property can be used multiple times (referencing different nicknames) when an RSA, a DSA, and an ECC based server certificate is used in parallel.

This is only applicable when the LDAP Connection Handler is configured to use SSL.

Returns:

Returns the "ssl-cert-nickname" property definition.

getSSLCipherSuitePropertyDefinition

public StringPropertyDefinition getSSLCipherSuitePropertyDefinition()

Get the "ssl-cipher-suite" property definition.

Specifies the names of the SSL cipher suites that are allowed for use in SSL or StartTLS communication.

Returns:

Returns the "ssl-cipher-suite" property definition.

getSSLClientAuthPolicyPropertyDefinition

public EnumPropertyDefinition<LDAPConnectionHandlerCfgDefn.SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition()

Get the "ssl-client-auth-policy" property definition.

Specifies the policy that the LDAP Connection Handler should use regarding client SSL certificates. Clients can use the SASL EXTERNAL mechanism only if the policy is set to "optional" or "required".

This is only applicable if clients are allowed to use SSL.

Returns:

Returns the "ssl-client-auth-policy" property definition.

getSSLProtocolPropertyDefinition

public StringPropertyDefinition getSSLProtocolPropertyDefinition()

Get the "ssl-protocol" property definition.

Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.

Returns:

Returns the "ssl-protocol" property definition.

getTrustManagerProviderPropertyDefinition

public AggregationPropertyDefinition<TrustManagerProviderCfgClient,TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition()

Get the "trust-manager-provider" property definition.

Specifies the name of the trust manager that should be used with the LDAP Connection Handler .

Returns:

Returns the "trust-manager-provider" property definition.

getUseSSLPropertyDefinition

public BooleanPropertyDefinition getUseSSLPropertyDefinition()

Get the "use-ssl" property definition.

Indicates whether the LDAP Connection Handler should use SSL.

If enabled, the LDAP Connection Handler will use SSL to encrypt communication with the clients.

Returns:

Returns the "use-ssl" property definition.

getUseTCPKeepAlivePropertyDefinition

public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition()

Get the "use-tcp-keep-alive" property definition.

Indicates whether the LDAP Connection Handler should use TCP keep-alive.

If enabled, the SO_KEEPALIVE socket option is used to indicate that TCP keepalive messages should periodically be sent to the client to verify that the associated connection is still valid. This may also help prevent cases in which intermediate network hardware could silently drop an otherwise idle client connection, provided that the keepalive interval configured in the underlying operating system is smaller than the timeout enforced by the network hardware.

Returns:

Returns the "use-tcp-keep-alive" property definition.

getUseTCPNoDelayPropertyDefinition

public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition()

Get the "use-tcp-no-delay" property definition.

Indicates whether the LDAP Connection Handler should use TCP no-delay.

If enabled, the TCP_NODELAY socket option is used to ensure that response messages to the client are sent immediately rather than potentially waiting to determine whether additional response messages can be sent in the same packet. In most cases, using the TCP_NODELAY socket option provides better performance and lower response times, but disabling it may help for some cases in which the server sends a large number of entries to a client in response to a search request.

Returns:

Returns the "use-tcp-no-delay" property definition.