Source code

001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008-2010 Sun Microsystems, Inc.
025 *      Portions Copyright 2014-2015 ForgeRock AS
026 */
027package org.opends.server.tasks;
028import org.forgerock.i18n.LocalizableMessage;
029
030
031
032import java.net.InetAddress;
033
034import org.opends.server.backends.task.Task;
035import org.opends.server.backends.task.TaskState;
036import org.opends.server.core.DirectoryServer;
037import org.opends.server.types.*;
038import org.forgerock.opendj.ldap.ResultCode;
039import static org.opends.messages.TaskMessages.*;
040
041
042
043/**
044 * This class provides an implementation of a Directory Server task that can be
045 * used to place the server in lockdown mode.
046 */
047public class EnterLockdownModeTask
048       extends Task
049{
050
051  /** {@inheritDoc} */
052  public LocalizableMessage getDisplayName() {
053    return INFO_TASK_ENTER_LOCKDOWN_MODE_NAME.get();
054  }
055
056  /** {@inheritDoc} */
057  @Override
058  public void initializeTask()
059         throws DirectoryException
060  {
061    // If the client connection is available, then make sure it is authorized
062    // as a root user.
063    Operation operation = getOperation();
064    if (operation != null)
065    {
066      DN authzDN = operation.getAuthorizationDN();
067      if (authzDN == null || !operation.getClientConnection().hasPrivilege(
068          Privilege.SERVER_LOCKDOWN, operation))
069      {
070        LocalizableMessage message = ERR_TASK_ENTERLOCKDOWN_NOT_ROOT.get();
071        throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message);
072      }
073
074      InetAddress clientAddress = operation.getClientConnection().getRemoteAddress();
075      if (clientAddress != null && !clientAddress.isLoopbackAddress())
076      {
077        LocalizableMessage message = ERR_TASK_ENTERLOCKDOWN_NOT_LOOPBACK.get();
078        throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message);
079      }
080    }
081  }
082
083
084
085  /** {@inheritDoc} */
086  protected TaskState runTask()
087  {
088    DirectoryServer.setLockdownMode(true);
089    return TaskState.COMPLETED_SUCCESSFULLY;
090  }
091}
092