Search in sources :

Example 61 with Nullable

use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.

the class Schema method getSchema.

/**
 * Reads schema information from one or more files containing the schema
 * represented in LDIF form, with the definitions represented in the form
 * described in section 4.1 of RFC 4512.  Each file should contain a single
 * entry.  Any unparsable schema elements will be silently ignored.
 *
 * @param  schemaFiles  The paths to the LDIF files containing the schema
 *                      information to be read.  At least one file must be
 *                      specified.  If multiple files are specified, then they
 *                      will be processed in the order in which they have been
 *                      listed.
 *
 * @return  The schema read from the specified schema files, or {@code null}
 *          if none of the files contains any LDIF data to be read.
 *
 * @throws  IOException  If a problem occurs while attempting to read from
 *                       any of the specified files.
 *
 * @throws  LDIFException  If a problem occurs while attempting to parse the
 *                         contents of any of the schema files.
 */
@Nullable()
public static Schema getSchema(@NotNull final String... schemaFiles) throws IOException, LDIFException {
    Validator.ensureNotNull(schemaFiles);
    Validator.ensureFalse(schemaFiles.length == 0);
    final ArrayList<File> files = new ArrayList<>(schemaFiles.length);
    for (final String s : schemaFiles) {
        files.add(new File(s));
    }
    return getSchema(files);
}
Also used : ArrayList(java.util.ArrayList) File(java.io.File) Nullable(com.unboundid.util.Nullable)

Example 62 with Nullable

use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.

the class Schema method getSchema.

/**
 * Retrieves the directory server schema that governs the specified entry.
 * In some servers, different portions of the DIT may be served by different
 * schemas, and in such cases it will be necessary to provide the DN of the
 * target entry in order to ensure that the appropriate schema which governs
 * that entry is returned.  For servers that support only a single schema,
 * any entry DN (including that of the root DSE) should be sufficient.  This
 * method may optionally throw an exception if the retrieved schema contains
 * one or more unparsable schema elements.
 *
 * @param  connection                The connection to use in order to
 *                                   retrieve the server schema.  It must not
 *                                   be {@code null}.
 * @param  entryDN                   The DN of the entry for which to retrieve
 *                                   the governing schema.  It may be
 *                                   {@code null} or an empty string in order
 *                                   to retrieve the schema that governs the
 *                                   server's root DSE.
 * @param  throwOnUnparsableElement  Indicates whether to throw an exception
 *                                   if the schema entry that is retrieved has
 *                                   one or more unparsable schema elements.
 *
 * @return  A decoded representation of the server schema, or {@code null} if
 *          it is not available for some reason (e.g., the client does not
 *          have permission to read the server schema).
 *
 * @throws  LDAPException  If a problem occurs while obtaining the server
 *                         schema, or if the schema contains one or more
 *                         unparsable elements and
 *                         {@code throwOnUnparsableElement} is {@code true}.
 */
@Nullable()
public static Schema getSchema(@NotNull final LDAPConnection connection, @Nullable final String entryDN, final boolean throwOnUnparsableElement) throws LDAPException {
    Validator.ensureNotNull(connection);
    final String subschemaSubentryDN;
    if (entryDN == null) {
        subschemaSubentryDN = getSubschemaSubentryDN(connection, "");
    } else {
        subschemaSubentryDN = getSubschemaSubentryDN(connection, entryDN);
    }
    if (subschemaSubentryDN == null) {
        return null;
    }
    final Entry schemaEntry = connection.searchForEntry(subschemaSubentryDN, SearchScope.BASE, Filter.createEqualityFilter("objectClass", "subschema"), SCHEMA_REQUEST_ATTRS);
    if (schemaEntry == null) {
        return null;
    }
    if (throwOnUnparsableElement) {
        return parseSchemaEntry(schemaEntry);
    } else {
        return new Schema(schemaEntry);
    }
}
Also used : Entry(com.unboundid.ldap.sdk.Entry) ReadOnlyEntry(com.unboundid.ldap.sdk.ReadOnlyEntry) Nullable(com.unboundid.util.Nullable)

Example 63 with Nullable

use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.

the class RedactAttributeTransformation method redactDN.

/**
 * Applies any appropriate redaction to the provided DN.
 *
 * @param  dn  The DN for which to apply any appropriate redaction.
 *
 * @return  The DN with any appropriate redaction applied.
 */
@Nullable()
private String redactDN(@Nullable final String dn) {
    if (dn == null) {
        return null;
    }
    try {
        boolean changeApplied = false;
        final RDN[] originalRDNs = new DN(dn).getRDNs();
        final RDN[] newRDNs = new RDN[originalRDNs.length];
        for (int i = 0; i < originalRDNs.length; i++) {
            final String[] names = originalRDNs[i].getAttributeNames();
            final String[] originalValues = originalRDNs[i].getAttributeValues();
            final String[] newValues = new String[originalValues.length];
            for (int j = 0; j < names.length; j++) {
                if (attributes.contains(StaticUtils.toLowerCase(names[j]))) {
                    changeApplied = true;
                    newValues[j] = "***REDACTED***";
                } else {
                    newValues[j] = originalValues[j];
                }
            }
            newRDNs[i] = new RDN(names, newValues, schema);
        }
        if (changeApplied) {
            return new DN(newRDNs).toString();
        } else {
            return dn;
        }
    } catch (final Exception e) {
        Debug.debugException(e);
        return dn;
    }
}
Also used : DN(com.unboundid.ldap.sdk.DN) RDN(com.unboundid.ldap.sdk.RDN) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) RDN(com.unboundid.ldap.sdk.RDN) Nullable(com.unboundid.util.Nullable)

Example 64 with Nullable

use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.

the class PersistUtils method getEntryAsObject.

/**
 * Retrieves the entry with the specified DN and decodes it as an object of
 * the specified type.
 *
 * @param  <T>  The type of object as which to decode the entry.
 *
 * @param  dn    The DN of the entry to retrieve.  It must not be
 *               {@code null}.
 * @param  type  The type of object as which the entry should be decoded.  It
 *               must not be {@code null}, and the class must be marked with
 *               the {@link LDAPObject} annotation type.
 * @param  conn  The connection that should be used to retrieve the entry.  It
 *               must not be {@code null}.
 *
 * @return  The object decoded from the specified entry, or {@code null} if
 *          the entry cannot be retrieved (e.g., because it does not exist or
 *          is not readable by the authenticated user).
 *
 * @throws  LDAPException  If a problem occurs while trying to retrieve the
 *                         entry or decode it as the specified type of object.
 */
@Nullable()
public static <T> T getEntryAsObject(@NotNull final DN dn, @NotNull final Class<T> type, @NotNull final LDAPInterface conn) throws LDAPException {
    Validator.ensureNotNull(dn, type, conn);
    final LDAPPersister<T> p = LDAPPersister.getInstance(type);
    final Entry e = conn.getEntry(dn.toString(), p.getObjectHandler().getAttributesToRequest());
    if (e == null) {
        return null;
    }
    return p.decode(e);
}
Also used : Entry(com.unboundid.ldap.sdk.Entry) Nullable(com.unboundid.util.Nullable)

Example 65 with Nullable

use of com.unboundid.util.Nullable in project ldapsdk by pingidentity.

the class ManageCertificates method getKeystorePassword.

/**
 * Retrieves the password needed to access the keystore.
 *
 * @param  keystoreFile  The path to the keystore file for which to get the
 *                       password.
 * @param  prefix        The prefix string to use for the arguments.  This may
 *                       be {@code null} if no prefix is needed.
 *
 * @return  The password needed to access the keystore, or {@code null} if
 *          no keystore password was configured.
 *
 * @throws  LDAPException  If a problem is encountered while trying to get the
 *                         keystore password.
 */
@Nullable()
private char[] getKeystorePassword(@NotNull final File keystoreFile, @Nullable final String prefix) throws LDAPException {
    final String prefixDash;
    if (prefix == null) {
        prefixDash = "";
    } else {
        prefixDash = prefix + '-';
    }
    final StringArgument keystorePasswordArgument = subCommandParser.getStringArgument(prefixDash + "keystore-password");
    if ((keystorePasswordArgument != null) && keystorePasswordArgument.isPresent()) {
        final char[] keystorePWChars = keystorePasswordArgument.getValue().toCharArray();
        if ((!keystoreFile.exists()) && (keystorePWChars.length < 6)) {
            throw new LDAPException(ResultCode.PARAM_ERROR, ERR_MANAGE_CERTS_GET_KS_PW_TOO_SHORT.get());
        }
        return keystorePWChars;
    }
    final FileArgument keystorePasswordFileArgument = subCommandParser.getFileArgument(prefixDash + "keystore-password-file");
    if ((keystorePasswordFileArgument != null) && keystorePasswordFileArgument.isPresent()) {
        final File f = keystorePasswordFileArgument.getValue();
        try {
            final char[] passwordChars = getPasswordFileReader().readPassword(f);
            if (passwordChars.length < 6) {
                throw new LDAPException(ResultCode.PARAM_ERROR, ERR_MANAGE_CERTS_GET_KS_PW_TOO_SHORT.get());
            }
            return passwordChars;
        } catch (final LDAPException e) {
            Debug.debugException(e);
            throw e;
        } catch (final Exception e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.LOCAL_ERROR, ERR_MANAGE_CERTS_GET_KS_PW_ERROR_READING_FILE.get(f.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
        }
    }
    final BooleanArgument promptArgument = subCommandParser.getBooleanArgument("prompt-for-" + prefixDash + "keystore-password");
    if ((promptArgument != null) && promptArgument.isPresent()) {
        out();
        if (keystoreFile.exists() && (!"new".equals(prefix))) {
            // We're only going to prompt once.
            if ((prefix != null) && prefix.equals("current")) {
                return promptForPassword(INFO_MANAGE_CERTS_KEY_KS_PW_EXISTING_CURRENT_PROMPT.get(keystoreFile.getAbsolutePath()), false);
            } else {
                return promptForPassword(INFO_MANAGE_CERTS_KEY_KS_PW_EXISTING_PROMPT.get(keystoreFile.getAbsolutePath()), false);
            }
        } else {
            // twice to prevent setting the wrong password because of a typo.
            while (true) {
                final String prompt1;
                if ("new".equals(prefix)) {
                    prompt1 = INFO_MANAGE_CERTS_KEY_KS_PW_EXISTING_NEW_PROMPT.get();
                } else {
                    prompt1 = INFO_MANAGE_CERTS_KEY_KS_PW_NEW_PROMPT_1.get(keystoreFile.getAbsolutePath());
                }
                final char[] pwChars = promptForPassword(prompt1, false);
                if (pwChars.length < 6) {
                    wrapErr(0, WRAP_COLUMN, ERR_MANAGE_CERTS_GET_KS_PW_TOO_SHORT.get());
                    err();
                    continue;
                }
                final char[] confirmChars = promptForPassword(INFO_MANAGE_CERTS_KEY_KS_PW_NEW_PROMPT_2.get(), true);
                if (Arrays.equals(pwChars, confirmChars)) {
                    Arrays.fill(confirmChars, '\u0000');
                    return pwChars;
                } else {
                    wrapErr(0, WRAP_COLUMN, ERR_MANAGE_CERTS_KEY_KS_PW_PROMPT_MISMATCH.get());
                    err();
                }
            }
        }
    }
    return null;
}
Also used : LDAPException(com.unboundid.ldap.sdk.LDAPException) BooleanArgument(com.unboundid.util.args.BooleanArgument) ASN1BitString(com.unboundid.asn1.ASN1BitString) FileArgument(com.unboundid.util.args.FileArgument) File(java.io.File) ArgumentException(com.unboundid.util.args.ArgumentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) LDAPException(com.unboundid.ldap.sdk.LDAPException) IOException(java.io.IOException) StringArgument(com.unboundid.util.args.StringArgument) Nullable(com.unboundid.util.Nullable)

Aggregations

Nullable (com.unboundid.util.Nullable)149 ArrayList (java.util.ArrayList)47 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)42 Entry (com.unboundid.ldap.sdk.Entry)30 LDAPException (com.unboundid.ldap.sdk.LDAPException)30 ASN1Sequence (com.unboundid.asn1.ASN1Sequence)21 Attribute (com.unboundid.ldap.sdk.Attribute)21 ASN1Element (com.unboundid.asn1.ASN1Element)20 Filter (com.unboundid.ldap.sdk.Filter)20 SearchResult (com.unboundid.ldap.sdk.SearchResult)18 IOException (java.io.IOException)16 ReadOnlyEntry (com.unboundid.ldap.sdk.ReadOnlyEntry)14 File (java.io.File)14 DN (com.unboundid.ldap.sdk.DN)12 ArgumentException (com.unboundid.util.args.ArgumentException)10 RDN (com.unboundid.ldap.sdk.RDN)9 LDIFException (com.unboundid.ldif.LDIFException)8 ChangeLogEntry (com.unboundid.ldap.sdk.ChangeLogEntry)7 Modification (com.unboundid.ldap.sdk.Modification)7 LDIFModifyChangeRecord (com.unboundid.ldif.LDIFModifyChangeRecord)7