org.opends.server.extensions (OpenDJ Public API Javadoc 7.4.3-20241015115352-209ff3c0000cb208c40a9a5f707924f0af03b332 Documentation)

Contains various implementations of Directory Server APIs that are not appropriate for other packages. This includes components like:

Password Storage Schemes
SASL Mechanism Handlers
Extended Operation Handlers
Key Manager Providers
Trust Manager Providers
Entry Caches
Alert Handlers
Connection Security Providers

Interface Summary
Interface	Description
TLSCapableConnection	This interface defines a set of methods that must be implemented by a class (expected to be a client connection) that can dynamically enable and disable the TLS connection security provider.

Class Summary
Class	Description
AdminDataTrustManagerProvider	This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
AESPasswordStorageScheme	This class defines a Directory Server password storage scheme that will encode values using the AES reversible encryption algorithm.
AnonymousSASLMechanismHandler	This class provides an implementation of a SASL mechanism, as defined in RFC 4505, that does not perform any authentication.
Argon2PasswordStorageScheme	This class defines a Directory Server password storage scheme that will encode values using the Argon2 encryption algorithm.
AttributeValuePasswordValidator	This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained in another attribute in the user's entry.
Base64PasswordStorageScheme	This class defines a Directory Server password storage scheme that will store the values in base64-encoded form.
BCrypt	BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
BcryptPasswordStorageScheme	This class defines a Directory Server password storage scheme that will encode values using the BCrypt encryption algorithm.
BlindTrustManagerProvider	This class provides an implementation of a trust manager provider that will indicate that any certificate presented should be blindly trusted by the Directory Server.
BlowfishPasswordStorageScheme	This class defines a Directory Server password storage scheme that will encode values using the Blowfish reversible encryption algorithm.
CancelExtendedOperation	This class implements the LDAP cancel extended operation defined in RFC 3909.
CharacterSetPasswordValidator	This class provides an OpenDJ password validator that may be used to ensure that proposed passwords contain at least a specified number of characters from one or more user-defined character sets.
ClearPasswordStorageScheme	This class defines a Directory Server password storage scheme that will store the values in clear-text with no encoding at all.
CollectiveAttributeSubentriesVirtualAttributeProvider	This class implements a virtual attribute provider to serve the collectiveAttributeSubentries operational attribute as described in RFC 3671.
CRAMMD5SASLMechanismHandler	This class provides an implementation of a SASL mechanism that authenticates clients through CRAM-MD5.
CryptPasswordStorageScheme	This class defines a Directory Server password storage scheme based on the UNIX Crypt algorithm.
DictionaryPasswordValidator	This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained in a specified dictionary.
DigestMD5SASLMechanismHandler	This class provides an implementation of a SASL mechanism that authenticates clients through DIGEST-MD5.
DiskSpaceMonitor	This class provides an application-wide disk space monitoring service.
DynamicGroup	This class provides a dynamic group implementation, in which membership is determined dynamically based on criteria provided in the form of one or more LDAP URLs.
EntityTagVirtualAttributeProvider	This class implements a virtual attribute provider which ensures that all entries contain an "entity tag" or "Etag" as defined in section 3.11 of RFC 2616.
EntryDNVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the entryDN operational attribute as described in draft-zeilenga-ldap-entrydn.
EntryUUIDVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the entryUUID operational attribute as described in RFC 4530.
ErrorLogAccountStatusNotificationHandler	This class defines an account status notification handler that will write information about status notifications using the Directory Server's error logging facility.
ExactMatchIdentityMapper	This class provides an implementation of a Directory Server identity mapper that looks for the exact value provided as the ID string to appear in an attribute of a user's entry.
ExtensionsConstants	This class defines a number of constants that may be used by Directory Server extensions.
ExternalSASLMechanismHandler	This class provides an implementation of a SASL mechanism that relies on some form of authentication that has already been done outside the LDAP layer.
FIFOEntryCache	This class defines a Directory Server entry cache that uses a FIFO to keep track of the entries.
FileBasedKeyManagerProvider	This class defines a key manager provider that will access keys stored in a file located on the Directory Server filesystem.
FileBasedTrustManagerProvider	This class defines a trust manager provider that will reference certificates stored in a file located on the Directory Server filesystem.
FingerprintCertificateMapper	This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the fingerprint of the client certificate.
GetConnectionIDExtendedOperation	This class implements the "Get Connection ID" extended operation that can be used to get the connection ID of the associated client connection.
GoverningStructureRuleVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the governingStructuralRule operational attribute as described in RFC 4512.
GSSAPISASLMechanismHandler	This class provides an implementation of a SASL mechanism that authenticates clients through Kerberos v5 over GSSAPI.
HasSubordinatesVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute as described in X.501.
IndexedAttributesChecks	Utility class that checks whether attributes indexed.
IsMemberOfVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the isMemberOf operational attribute.
JMXAlertHandler	This class provides an implementation of a Directory Server alert handler that will send alerts using JMX notifications.
JvmKeyManagerProvider	Represents a `KeyManagerProvider` which use the JVM keystore.
JvmTrustManagerProvider	Represents a `TrustManagerProvider` which use the JVM truststore.
LDAPKeyManagerProvider	This class defines a key manager provider that will access keys stored in an LDAP backend.
LDAPPassThroughAuthenticationPolicyFactory	LDAP pass through authentication policy implementation.
LDAPTrustManagerProvider	This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
LengthBasedPasswordValidator	This class provides a password validator that can ensure that the provided password meets minimum and/or maximum length requirements.
MD5PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
MemberVirtualAttributeProvider	This class implements a virtual attribute provider that works in conjunction with virtual static groups to generate the values for the member or uniqueMember attribute.
NotificationMessageNotificationMessageTemplateElement	This class implements a notification message template element that will generate a value that is the message for the account status notification.
NotificationMessageTemplateElement	This class defines the base class for elements that may be used to generate an account status notification message.
NotificationTypeNotificationMessageTemplateElement	This class implements a notification message template element that will generate a value that is the name of the account status notification type.
NumSubordinatesVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute as described in draft-ietf-boreham-numsubordinates.
PasswordExpirationTimeVirtualAttributeProvider	Provider for the password expiration time virtual attribute.
PasswordModifyExtendedOperation	This class implements the password modify extended operation defined in RFC 3062.
PasswordPolicyStateExtendedOperation	This class implements an LDAP extended operation that can be used to query and update elements of the Directory Server password policy state for a given user.
PasswordPolicySubentryVirtualAttributeProvider	This class implements a virtual attribute provider to serve the pwdPolicySubentry operational attribute as described in Password Policy for LDAP Directories Internet-Draft.
PBKDF2HmacSHA256PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898, using HMAC-SHA256 pseudorandom function.
PBKDF2HmacSHA512PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898, using HMAC-SHA512 pseudorandom function.
PBKDF2PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898.
PemKeyManagerProvider	A `KeyManagerProvider` that reads keys from PEM files in a configured file system directory and automatically reacts to file modification, deletion or addition.
PemTrustManagerProvider	A `TrustManagerProvider` that reads trusted certificates from PEM files in a configured file system directory and automatically reacts to file modification, deletion or addition.
PKCS11KeyManagerProvider	This class defines a key manager provider that will access keys stored on a PKCS#11 device.
Pkcs11TrustManagerProvider	Define a trust manager provider that will access certificates stored on a PKCS#11 device.
PKCS5S2PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the Atlassian PBKDF2-base hash algorithm.
PlainSASLMechanismHandler	This class provides an implementation of a SASL mechanism that uses plain-text authentication.
RandomPasswordGenerator	This class provides an implementation of a Directory Server password generator that will create random passwords based on fixed-length strings built from one or more character sets.
RC4PasswordStorageScheme	This class defines a Directory Server password storage scheme that will encode values using the RC4 reversible encryption algorithm.
RegularExpressionIdentityMapper	This class provides an implementation of a Directory Server identity mapper that uses a regular expression to process the provided ID string, and then looks for that processed value to appear in an attribute of a user's entry.
RepeatedCharactersPasswordValidator	This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not allowed to have the same character appear several times consecutively.
SaltedMD5PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
SaltedSHA1PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
SaltedSHA256PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the 256-bit SHA-2 algorithm defined in FIPS 180-2.
SaltedSHA384PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the 384-bit SHA-2 algorithm defined in FIPS 180-2.
SaltedSHA512PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the 512-bit SHA-2 algorithm defined in FIPS 180-2.
SASLContext	This class defines the SASL context needed to process SASL bind requests that use a `SaslServer`.
ScramSha256PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
ScramSha256SASLMechanismHandler	This class defines the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
ScramSha512PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
ScramSha512SASLMechanismHandler	This class defines the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
SHA1PasswordStorageScheme	This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
SimilarityBasedPasswordValidator	This class provides a password validator that can ensure that the provided password meets minimum similarity requirements.
SMTPAccountStatusNotificationHandler	This class provides an implementation of an account status notification handler that can send e-mail messages via SMTP to end users and/or administrators whenever an account status notification occurs.
SMTPAlertHandler	This class implements a Directory Server alert handler that may be used to send administrative alerts via SMTP.
SoftReferenceEntryCache	This class defines a Directory Server entry cache that uses soft references to manage objects in a way that will allow them to be freed if the JVM is running low on memory.
StartTLSExtendedOperation	This class provides an implementation of the StartTLS extended operation as defined in RFC 2830.
StaticGroup	A static group implementation, in which the DNs of all members are explicitly listed.
StructuralObjectClassVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the structuralObjectClass operational attribute as described in RFC 4512.
SubjectAttributeToUserAttributeCertificateMapper	This class implements a very simple Directory Server certificate mapper that will map a certificate to a user based on attributes contained in both the certificate subject and the user's entry.
SubjectDNToUserAttributeCertificateMapper	This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the subject of the client certificate.
SubjectEqualsDNCertificateMapper	This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if the subject of the peer certificate exactly matches the DN of a user in the Directory Server.
SubschemaSubentryVirtualAttributeProvider	This class implements a virtual attribute provider that is meant to serve the subschemaSubentry operational attribute as described in RFC 4512.
TextNotificationMessageTemplateElement	This class implements a notification message template element that will generate a value using static text.
TraditionalWorkQueue	This class defines a data structure for storing and interacting with the Directory Server work queue.
TripleDESPasswordStorageScheme	This class defines a Directory Server password storage scheme that will encode values using the triple-DES (DES/EDE) reversible encryption algorithm.
UniqueCharactersPasswordValidator	This class provides an OpenDS password validator that may be used to ensure that proposed passwords contain at least a specified number of different characters.
UserDefinedVirtualAttributeProvider	This class implements a virtual attribute provider that allows administrators to define their own values that will be inserted into any entry that matches the criteria defined in the virtual attribute rule.
UserDNNotificationMessageTemplateElement	This class implements a notification message template element that will generate a value that is the string representation of the target user's DN.
UserTemplateVirtualAttributeProvider	This class implements a virtual attribute provider that allows administrators to define their own virtual attribute with template that will be evaluated by taking the data from the attributes only for the entry that matches the criteria defined in the virtual attribute rule.
VirtualStaticGroup	This class provides a virtual static group implementation, in which membership is based on membership of another group.
WhoAmIExtendedOperation	This class implements the "Who Am I?" extended operation defined in RFC 4532.

Enum Summary
Enum	Description
CertificateValidationPolicy	This class implements an enumeration that may be used to indicate if/how a client's certificate should be validated against the corresponding user entry in the Directory Server.

Package org.opends.server.extensions