All Classes and Interfaces
Class
Description
This class defines an operation that may be used to abandon an operation that may already be in progress in the
Directory Server.
The Abandon operation allows a client to request that the server abandon an
uncompleted operation.
This exception is thrown when a cursor that has been aborted is used.
This exception is thrown when the Log on which a cursor is operating has been closed (shutdown) OR cleared (reset
generation-id).
This exception is thrown when a cursor is operating on a log file which has been purged because it's too old in
regard of the configured "purge delay".
A default behavior provider which retrieves default values from a managed
object in an absolute location.
An abstract connection whose synchronous methods are implemented in terms of
asynchronous methods.
An abstract connection whose synchronous methods are implemented in terms of
asynchronous methods.
This class provides a skeletal implementation of the
Attribute interface, to minimize the effort required to
implement this interface.This class provides a skeletal implementation of the
Connection
interface, to minimize the effort required to implement this interface.An abstract base class from which connection wrappers may be easily
implemented.
An abstract base class from which connection wrappers may be easily
implemented.
A base implementation of the
Context interface for OpenDJ.This class provides a skeletal implementation of the
Entry interface, to minimize the effort required to
implement this interface.An abstract Extended request which can be used as the basis for implementing new Extended operations.
An abstract Extended result which can be used as the basis for implementing
new Extended operations.
This class provides a skeletal implementation of the
ExtendedResultDecoder interface, to minimize the effort required to
implement this interface.An abstract Intermediate response which can be used as the basis for
implementing new Intermediate responses.
This class defines the wrapper that will invoke all registered loggers for each type of request received or response
sent.
An abstract managed object implementation.
Defines the structure of an abstract managed object.
Abstract implementation for
Map based entries.Creates and manages your application's set of meters.
This class implements a default ordering matching rule that matches
normalized values in byte order.
Deprecated.
Abstract class that implements the
RequestVisitor interface.Abstract class for property mappers mapping a DN (or DN and JSON) LDAP attribute to a JSON object.
AbstractReverseResourceReferencePropertyMapper<T extends AbstractReverseResourceReferencePropertyMapper<T>>
A property mapper which provides a mapping from a JSON value to a DN valued LDAP attribute in another resource.
An abstract connection whose asynchronous methods are implemented in terms of
synchronous methods.
This class implements an enumeration that may be used for configuration items that may have three possible values:
accept, reject, or warn.
Builder for audit access events.
The status of the access request.
This class manages the application-wide access-control configuration.
This class defines the set of methods and structures that must be implemented by a Directory Server access control
handler.
A server-side interface for querying Access Control Handler
settings.
A client-side interface for reading and modifying Access Control
Handler settings.
An interface for querying the Access Control Handler managed object
definition meta information.
Enforces access controls for a single request and its responses.
A server-side interface for querying Access Log Filtering Criteria
settings.
A client-side interface for reading and modifying Access Log
Filtering Criteria settings.
An interface for querying the Access Log Filtering Criteria managed
object definition meta information.
Defines the set of permissible values for the "log-record-type" property.
This class defines the wrapper that will invoke all registered access loggers for each type of request received or
response sent.
This class defines the set of methods and structures that must be implemented for a Directory Server access log
publisher.
A server-side interface for querying Access Log Publisher settings.
A client-side interface for reading and modifying Access Log
Publisher settings.
An interface for querying the Access Log Publisher managed object
definition meta information.
Defines the set of permissible values for the "filtering-policy" property.
Defines access modes of a Storage.
This class defines a data type for storing information associated with an account status notification.
This class defines the set of methods that must be implemented for an account status notification handler.
A server-side interface for querying Account Status Notification
Handler settings.
A client-side interface for reading and modifying Account Status
Notification Handler settings.
An interface for querying the Account Status Notification Handler
managed object definition meta information.
This class defines a utility that will be used to manage the set of account status notification handlers defined in
the Directory Server.
This class implements an enumeration that holds the possible set of additional properties that can be included in an
account status notification.
This class implements an enumeration that holds the possible event types that can trigger an account status
notification.
The Aci class represents ACI strings.
This class represents the body of an ACI.
This class implements the dseecompat geteffectiverights evaluation.
Interface that provides a view of the AciContainer that is used by the ACI evaluation code to evaluate an ACI.
The AciException class defines an exception that may be thrown either during ACI syntax verification of an "aci"
attribute type value or during evaluation of an LDAP operation using a set of applicable ACIs.
A DSEE-compatible access control handler.
The AciList class performs caching of the ACI attribute values using the entry DN as the key.
The AciListenerManager updates an ACI list after each modification operation.
ACI property definition.
An interface for incrementally constructing ACI property definitions.
The AciTargetMatchContext interface provides a view of an AciContainer that exposes information to be used by the
Aci.isApplicable() method to determine if an ACI is applicable (targets matched) to the LDAP operation, operation
rights and entry and attributes having access checked on.
This class represents target part of an ACI's syntax.
Represents an
action that may be performed against a resource.An
Runnable functional interface which can throw a checked Exception.An implementation specific action, or operation, upon a JSON resource.
Response object for JSON responses.
Builder for audit activity events.
This class describes the context that is attached to Add Operation.
An additional log item for an operation which may be processed in the access log.
This class is used to exchange Add operation between LDAP servers and replication servers.
This class defines an operation that may be used to add a new entry to the Directory Server.
The Add operation allows a client to request the addition of an entry into
the Directory.
An address mask can be used to perform efficient comparisons against IP
addresses to determine whether a particular IP address is in a given range.
This class provides an implementation of a Directory Server task that can be used to add the contents of a new schema
file into the server schema.
This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
A server-side interface for querying cn=admin data Trust Manager
Provider settings.
A client-side interface for reading and modifying cn=admin data
Trust Manager Provider settings.
An interface for querying the cn=admin data Trust Manager Provider
managed object definition meta information.
An HTTP endpoint providing access to the server's monitoring backend (cn=monitor) and its configuration (cn=config).
A server-side interface for querying Admin Endpoint settings.
A client-side interface for reading and modifying Admin Endpoint
settings.
An interface for querying the Admin Endpoint managed object
definition meta information.
Exceptions thrown when interacting with administration framework.
This class is a wrapper on top of LDAPConnectionHandler to manage the administration connector, which is an
LDAPConnectionHandler with specific (limited) configuration properties.
A server-side interface for querying Administration Connector
settings.
A client-side interface for reading and modifying Administration
Connector settings.
An interface for querying the Administration Connector managed
object definition meta information.
Check if information found in "cn=admin data" is coherent with cn=config.
Defines an optional action which administators must perform after they have
modified a property.
Specifies the type of administrator action which must be performed in
order for pending changes to take effect.
The persistent search request control for Active Directory as defined by
Microsoft.
A
Context containing information which should be returned to the user in some
appropriate form to the user.WarningHeader implements RFC 2616 section 14.46 - Warning.
This class defines a Directory Server password storage scheme that will encode values using the AES reversible
encryption algorithm.
A server-side interface for querying AES Password Storage Scheme
settings.
A client-side interface for reading and modifying AES Password
Storage Scheme settings.
An interface for querying the AES Password Storage Scheme managed
object definition meta information.
An affinity context can be used to bypass any load-balancing and always direct
a requests to the same server.
Aggregation property definition.
An interface for incrementally constructing aggregation property
definitions.
This class defines an interface that may be used to define a set of alert notifications that may be generated by this
Directory Server component.
This interface defines the set of methods that must be implemented for a Directory Server alert handler.
A server-side interface for querying Alert Handler settings.
A client-side interface for reading and modifying Alert Handler
settings.
An interface for querying the Alert Handler managed object
definition meta information.
This class defines a utility that will be used to manage the set of alert handlers defined in the Directory Server.
A default behavior provider which indicates special behavior.
An HTTP endpoint for exposing the server liveness status.
A server-side interface for querying Alive HTTP endpoint settings.
A client-side interface for reading and modifying Alive HTTP
endpoint settings.
An interface for querying the Alive HTTP endpoint managed object
definition meta information.
This class provides an implementation of a SASL mechanism, as defined in RFC 4505, that does not perform any
authentication.
A server-side interface for querying Anonymous SASL Mechanism
Handler settings.
A client-side interface for reading and modifying Anonymous SASL
Mechanism Handler settings.
An interface for querying the Anonymous SASL Mechanism Handler
managed object definition meta information.
AnyTypeValidator applies all the constraints of a
any type.A utility class for dealing with
CrestApplication instances.This class defines a Directory Server password storage scheme that will encode values using the Argon2 encryption
algorithm.
A server-side interface for querying Argon2 Password Storage Scheme
settings.
A client-side interface for reading and modifying Argon2 Password
Storage Scheme settings.
An interface for querying the Argon2 Password Storage Scheme
managed object definition meta information.
Defines the set of permissible values for the "argon2-variant" property.
Defines the set of permissible values for the "rehash-policy" property.
ArrayTypeValidator applies all the constraints of a
array type.This class contains various static factory methods for creating ASN.1 readers
and writers.
An interface for decoding ASN.1 elements from a data source.
Provides methods for building and analyzing ASN.1 tag bytes.
The Asn1 tag classes.
An ASN.1 encoder writes ASN.1 elements to an internal byte buffer.
A compiled attribute value assertion.
Thrown when the result code returned in a Result indicates that the Request
failed because the filter contained in an assertion control failed to match
the target entry.
The assertion request control as defined in RFC 4528.
Attribute value assertion utilities.
An asynchronous
Function which returns a result at some point in the
future.A Text Writer which writes log records asynchronously to character-based stream.
This class store historical information for a provided attribute.
This class is used to store historical information for multiple valued attributes.
This class is used to store historical information for single valued attributes.
An attribute, comprising of an attribute description and zero or more attribute values.
The attribute cleanup plugin implementation class.
A server-side interface for querying Attribute Cleanup Plugin
settings.
A client-side interface for reading and modifying Attribute Cleanup
Plugin settings.
An interface for querying the Attribute Cleanup Plugin managed
object definition meta information.
An attribute description as defined in RFC 4512 section 2.5.
A configurable factory for filtering the attributes exposed by an entry.
A fluent API for parsing attributes as different types of object.
This class contains methods for creating and manipulating attributes.
This class defines a data structure for storing and interacting with an
attribute type, which contains information about the format of an attribute
and the syntax and matching rules that should be used when interacting with
it.
A fluent API for incrementally constructing attribute type.
Attribute type property definition.
An interface for incrementally constructing attribute type property definitions.
This enumeration defines the set of possible attribute usage values that may
apply to an attribute type, as defined in RFC 2252.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained
in another attribute in the user's entry.
A server-side interface for querying Attribute Value Password
Validator settings.
A client-side interface for reading and modifying Attribute Value
Password Validator settings.
An interface for querying the Attribute Value Password Validator
managed object definition meta information.
AttrValueHistorical is the historical information of the modification of one attribute value.
Denotes audit dependencies.
Represents an audit event.
Root builder for all audit events.
The interface for an AuditEventHandler.
Abstract AuditEventHandler class.
Factory interface for creating instances of
AuditEventHandler.Helper methods for AuditEvents.
Stores the state of the details sent to
AuditEventHandler.publishEvent(Context, String, JsonValue).Root class of all exceptions in the Commons Audit Framework.
A Context used when auditing over the router.
Utility class to facilitate creation and configuration of audit service and audit event handlers
through JSON.
CREST
RequestHandler responsible for storing and retrieving audit events.Builder for AuditService.
Configuration of the audit service.
AuditService proxy that allows products to implement threadsafe hot-swappable configuration updates.
General utilities for commons audit.
This class provides a data structure which maps an authenticated user DN to the set of client connections
authenticated as that user.
Builder for audit authentication events.
Defines a fixed set of authentication statuses that can be logged.
Thrown when the result code returned in a Result indicates that the Bind
Request failed due to an authentication failure.
This class defines a data structure that may be used to store information about an authenticated user.
An abstract authentication policy.
A server-side interface for querying Authentication Policy
settings.
A client-side interface for reading and modifying Authentication
Policy settings.
An interface for querying the Authentication Policy managed object
definition meta information.
A factory for creating configurable authentication policies.
The authentication policy context associated with a user's entry, which is responsible for managing the user's
account, their password, as well as authenticating the user.
Factory methods of
AuthenticationStrategy allowing to perform authentication against LDAP server through
different method.Authenticate a user and create a
SecurityContext as a result.This enumeration defines the set of possible authentication types that may be used for a bind request.
The AuthMethod class represents an authmethod bind rule keyword expression.
Factory methods to create
Filter performing authentication and authorizations.Thrown when the result code returned in a Result indicates that the Request
failed due to an authorization failure.
The authorization request control as defined in RFC 3829.
The authorization response control as defined in RFC 3829.
An authentication password, it has a storage scheme, authentication info and authentication value.
An attribute value assertion (AVA) as defined in RFC 4512 section 2.3
consists of an attribute description with zero options and an attribute
value.
Represents a directory server backend, which can be either local or remote (proxy).
A server-side interface for querying Backend settings.
A client-side interface for reading and modifying Backend settings.
An interface for querying the Backend managed object definition
meta information.
Responsible for managing the lifecycle of backends in the Directory Server.
This class is a wrapper around a backend file path and a backend file ID.
This is an implementation of a Directory Server Backend which stores entries locally in a pluggable storage.
A server-side interface for querying Backend Index settings.
A client-side interface for reading and modifying Backend Index
settings.
An interface for querying the Backend Index managed object
definition meta information.
Defines the set of permissible values for the "index-type" property.
This program provides a utility that may be used to debug a Pluggable Backend.
This class provides utility functions for all backend client tools.
Contains backend infos:
LocalBackend, baseDNs and BackendCfg.A server-side interface for querying Backend VLV Index settings.
A client-side interface for reading and modifying Backend VLV Index
settings.
An interface for querying the Backend VLV Index managed object
definition meta information.
Defines the set of permissible values for the "scope" property.
This class contains all the metadata associated with a backup.
This interface must be implemented by backends that support backup and restore.
An exception that may be thrown when there is a problem with a backup file.
A backup file manager is responsible for securely and lazily saving backend files and metadata to its underlying
backup storage.
A backup identifier, it is made out of a backend name and a tag.
This is the primary class for managing backups, it works on top of an arbitrary backup storage and allows to backup
and restore backupable entities as well as listing and verifying backups.
Filters the available backups using the provided criteria.
Iterator able to return a count of progress and the total number of items to be processed.
Counted iterator returning elements from a list.
This class provides an implementation of a Directory Server task that may be used to purge
backups of a Directory Server.
This class implements all the business logic for the dsbackup create sub-command, whether offline or
online.
A backup storage is responsible for writing and reading backup files in a persistent location.
Configuration of a backup storage.
An interface to create a backup storage.
This class provides an implementation of a Directory Server task that may be used to back up a Directory Server
backend in a binary form.
This interface defines a set of methods that may be used to notify various Directory Server components whenever a
backend backup task is about to begin or has just completed.
An exception that is thrown during a operation on a resource when the
requested operation is malformed.
This class provides methods for performing base64 encoding and decoding.
Provides RFC 4648 / RFC 2045 compatible Base64 encoding and decoding.
This class defines a Directory Server password storage scheme that will store the values in base64-encoded form.
A server-side interface for querying Base64 Password Storage Scheme
settings.
A client-side interface for reading and modifying Base64 Password
Storage Scheme settings.
An interface for querying the Base64 Password Storage Scheme
managed object definition meta information.
Makes use of the
Base64 class to encode and decode to and from URL-safe Base64.A base implementation of
QueryFilterVisitor where
all methods throw an UnsupportedOperationException by default -
override just the methods you need.Implementation is responsible for being able to build up a batch payload and to publish that payload.
Indicates failure during a batch operation.
Implementations of
BatchPublisher are able to consume multiple audit events
and build batches out of them.Batch publisher factory provides new instances of
BatchPublisher.Basic batch publisher factory implementation.
BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password
Scheme" by Niels Provos and David Mazieres.
This class defines a Directory Server password storage scheme that will encode values using the BCrypt encryption
algorithm.
A server-side interface for querying Bcrypt Password Storage Scheme
settings.
A client-side interface for reading and modifying Bcrypt Password
Storage Scheme settings.
An interface for querying the Bcrypt Password Storage Scheme
managed object definition meta information.
Defines the set of permissible values for the "rehash-policy" property.
A
BiFunction functional interface which can throw a checked Exception.This class defines an operation that may be used to authenticate a user to the Directory Server.
The Bind operation allows authentication information to be exchanged between the client and server.
A Bind result indicates the status of the client's request for
authentication.
This class represents a single bind rule of an ACI permission-bind rule pair.
This class can be used for filtering string elements by using blacklists and/or whitelists.
This class provides an implementation of a trust manager provider that will indicate that any certificate presented
should be blindly trusted by the Directory Server.
A server-side interface for querying Blind Trust Manager Provider
settings.
A client-side interface for reading and modifying Blind Trust
Manager Provider settings.
An interface for querying the Blind Trust Manager Provider managed
object definition meta information.
Allows to connect a non back-pressure aware
Publisher into a reactive stream.This class defines a Directory Server password storage scheme that will encode values using the Blowfish reversible
encryption algorithm.
A server-side interface for querying Blowfish Password Storage
Scheme settings.
A client-side interface for reading and modifying Blowfish Password
Storage Scheme settings.
An interface for querying the Blowfish Password Storage Scheme
managed object definition meta information.
Boolean property definition.
An interface for incrementally constructing boolean property definitions.
BooleanTypeValidator applies all the constraints of a
boolean type.A QueueingStrategy that concurrently enqueues a bounded number of operations to the DirectoryServer work queue.
BSD MD5 Crypt algorithm, ported from C.
Buffers audit events to a bounded queue, periodically flushing the queue to a provided
BatchConsumer.Builder used to construct a new
BufferedBatchPublisher.Utility class used for manipulating OpenDJ instance, binary and data versions.
Byte array builder class encodes data into byte arrays to send messages over the replication protocol.
Byte array scanner class helps decode data from byte arrays received via messages over the replication protocol.
An immutable sequence of bytes backed by a byte array.
A mutable sequence of bytes backed by a byte array.
An interface for iteratively reading data from a
ByteString .This class implements the LDAP cancel extended operation defined in RFC 3909.
A server-side interface for querying Cancel Extended Operation
Handler settings.
A client-side interface for reading and modifying Cancel Extended
Operation Handler settings.
An interface for querying the Cancel Extended Operation Handler
managed object definition meta information.
The cancel extended request as defined in RFC 3909.
Base for data structures that define configuration for operations.
Thrown when the result code returned in a Result indicates that the Request
was cancelled.
An object that registers to be notified when a cancellation request has been
received and processing of the request should be aborted if possible.
This class defines the set of methods and structures that must be implemented by a Directory Server module that
implements the functionality required to uniquely map an SSL client certificate to a Directory Server user entry.
A server-side interface for querying Certificate Mapper settings.
A client-side interface for reading and modifying Certificate
Mapper settings.
An interface for querying the Certificate Mapper managed object
definition meta information.
This class defines a utility that will be used to manage the set of certificate mappers defined in the Directory
Server.
This class implements an enumeration that may be used to indicate if/how a client's certificate should be validated
against the corresponding user entry in the Directory Server.
A key used for verifying certificate signatures.
Contains a chain of
PropertyResolvers that should be used to get a token replacement property.A backend that provides access to the changelog, i.e.
This interface is the entry point for the changelog database which stores the replication data on persistent storage.
Generates a file a containing file names, sizes and permissions for all changelogDb files
equivalent to an ls -laR on Unix.
This class define an Exception that must be used when some error condition was detected in the changelog database
that cannot be recovered automatically.
Tool that may be used to debug a replication changelog.
This is the changelog state stored in the changelogStateDB.
Small interface for common Replication Environment operations.
This class implements a Directory Server plugin that will add the replication CSN to a response whenever the CSN
control is received.
The control used by this plugin.
A server-side interface for querying Change Number Control Plugin
settings.
A client-side interface for reading and modifying Change Number
Control Plugin settings.
An interface for querying the Change Number Control Plugin managed
object definition meta information.
This class stores an index of all the changes seen by this server in the form of
ChangeNumberIndexRecords.Thread responsible for inserting replicated updates into the ChangeNumber Index DB (CNIndexDB for short).
The Change Number Index Record class represents records stored in the
ChangeNumberIndexDB.A request to modify the content of the Directory in some way.
An interface for reading change records from a data source, typically an LDIF
file.
A visitor of
ChangeRecords, in the style of the visitor design pattern.An interface for writing change records to a data source, typically an LDIF
file.
This message is used by the replica to tell the replication server he is changing his status (new status field used),
or by the replication server to request that the replica changes his status (requested status field used).
Class that define messages sent by a replication domain (DS) to the replication server to let the RS know the DS
current change time.
This class provides an OpenDJ password validator that may be used to ensure that proposed passwords contain at least
a specified number of characters from one or more user-defined character sets.
A server-side interface for querying Character Set Password
Validator settings.
A client-side interface for reading and modifying Character Set
Password Validator settings.
An interface for querying the Character Set Password Validator
managed object definition meta information.
Class used by script to ensure the running java version is compatible with OpenDJ software.
Class property definition.
An interface for incrementally constructing class property definitions.
This class defines a Directory Server password storage scheme that will store the values in clear-text with no
encoding at all.
A server-side interface for querying Clear Password Storage Scheme
settings.
A client-side interface for reading and modifying Clear Password
Storage Scheme settings.
An interface for querying the Clear Password Storage Scheme managed
object definition meta information.
This class defines the set of methods and structures that must be implemented by a Directory Server client
connection.
An interface for performing client-side constraint validation.
Used to measure absolute and relative time.
Common utility methods for Closeables.
AsyncFunction that silently closes an input-parameter after
a delegate-function's AsyncFunction.apply(Object) is completed.Function that silently closes an input-parameter after a delegate-function's Function.apply(Object)
is invoked.Coercions that can be applied to a given json value.
The CollectErrorsHandler implements the
ErrorHandler and never throws
any exception, but collects them so callers can retrieve all of them in one
go.An implementation interface for resource providers which exposes a collection
of resource instances.
Defines a one-to-many relationship between a parent resource and its children.
Utility class for
Collections.A server-side interface for querying Collective Attribute
Subentries Virtual Attribute settings.
A client-side interface for reading and modifying Collective
Attribute Subentries Virtual Attribute settings.
An interface for querying the Collective Attribute Subentries
Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider to serve the collectiveAttributeSubentries operational attribute
as described in RFC 3671.
Entry point for the common audit facility.
Represents a ForgeRock common audit based logger which can be used to log HTTP access audit events.
A server-side interface for querying Common Audit Access Log
Publisher settings.
A client-side interface for reading and modifying Common Audit
Access Log Publisher settings.
An interface for querying the Common Audit Access Log Publisher
managed object definition meta information.
This class stores the common audit logging batch process configurations.
This filter aims to send some access audit events to the AuditService managed as a CREST handler.
A compact attribute represents values using a hash array map trie (HAMT) index and an array of encoded values.
A compact read-only entry suitable for storing in caches.
This class defines an operation that may be used to determine whether a specified entry in the Directory Server
contains a given attribute-value pair.
The Compare operation allows a client to compare an assertion value with the
values of a particular attribute in a particular entry in the Directory.
An Compare result indicates the final status of an Compare operation.
This exception is thrown when a critical concurrent modification is detected
by the client.
An interface for evaluating conditions.
Encapsulate a
ConditionalFilters.Condition which must be fulfilled in order to apply the Filter.Condition which have to be fulfilled in order to apply the
Filter.Encapsulate a
Filter which will be processed only if the attached ConditionalFilters.Condition is true.The result of a tri-state logical expression.
This class consists exclusively of static methods that operate on or return conditions.
This interface defines the methods that a Directory Server component should
implement if it wishes to be able to receive notification of new entries
added below a configuration entry.
Builder for audit config events.
This interface defines the methods that a Directory Server component should
implement if it wishes to be able to receive notification of changes to a
configuration entry.
This class defines a data structure that can be used to hold information
about the result of processing a configuration change.
This class defines a number of constants used by the Directory Server configuration, including configuration
attribute and objectclass names, and attribute options.
This interface defines the methods that a Directory Server component should
implement if it wishes to be able to receive notification if entries below a
configuration entry are removed.
Thrown during the course of interactions with the Directory Server configuration.
Defines the logging category for the config module.
Parameters to configure a directory server.
A common base interface for all server managed object configurations.
This interface defines the methods that a Directory Server configurable
component should implement if it wishes to be able to receive notifications
when a new configuration is added.
Back-end responsible for management of configuration entries.
This interface defines the methods that a Directory Server configurable
component should implement if it wishes to be able to receive notifications
when a its associated configuration is changed.
A common base interface for all managed object configuration clients.
This interface defines the methods that a Directory Server configurable
component should implement if it wishes to be able to receive notifications
when an existing configuration is deleted.
This class is responsible for managing the configuration framework including:
loading core components during application initialization
loading extensions during and after application initialization
changing the property validation strategy based on whether the application is a client or server.
Represents parameters used for initializing a
ConfigurationFramework.Responsible for managing configuration, including listeners on configuration entries.
Provides configuration entries and listener registration on the entries.
This class is used to configure the Windows service for this instance on this machine.
Return codes for the method disableService.
Return codes for the method enableService.
Return codes for the method stopService.
An exception that is thrown during a operation on a resource when such an
operation would result in a conflict.
Thrown when addition of a schema element to a schema builder fails because
the OID of the schema element conflicts with an existing schema element and
the caller explicitly requested not to override existing schema elements.
A client connection to a JSON resource provider over which read and update
requests may be performed.
A connection with a Directory Server over which read and update operations
may be performed.
A
ConnectionChangeRecordWriter is a bridge from Connections
to ChangeRecordWriters.A
ConnectionEntryReader is a bridge from Connections to
EntryReaders.A
ConnectionEntryWriter is a bridge from Connections to
EntryWriters.An object that registers to be notified when a connection is closed by the
application, receives an unsolicited notification, or experiences a fatal
error.
Thrown when the result code returned in a Result indicates that the Request
was unsuccessful because of a connection failure.
A connection factory provides an interface for obtaining a connection to a
JSON resource provider.
A connection factory provides an interface for obtaining a connection to a
Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server connection
handler.
A server-side interface for querying Connection Handler settings.
A client-side interface for reading and modifying Connection
Handler settings.
An interface for querying the Connection Handler managed object
definition meta information.
This class defines a utility that will be used to manage the configuration for the set of connection handlers defined
in the Directory Server.
Parameters to establish connections to a directory server.
A connection pool which maintains a cache of client sockets with a configurable core pool size,
maximum size, and expiration policy.
Statistics for a connection pool.
An object that registers to be notified when a connection pool grows or shrinks.
This class contains methods for creating and manipulating LDAP clients and connections.
Indicates whether LDAP client connections should use SSL or StartTLS.
An implementation of "consistent hashing" supporting per-partition weighting.
This class provides an implementation of an error log publisher.
A server-side interface for querying Console Error Log Publisher
settings.
A client-side interface for reading and modifying Console Error Log
Publisher settings.
An interface for querying the Console Error Log Publisher managed
object definition meta information.
Constants is the collection of all constant values used by the object validator implementation.
An interface for enforcing constraints and dependencies between managed
objects and their properties.
Thrown when the result code returned in a Result indicates that the update
Request failed because it would have left the Directory in an inconsistent
state.
A
Consumer functional interface which can throw a checked Exception.A condition which evaluates to
true if and only if a property
contains a particular value.Controls provide a mechanism whereby the semantics and arguments of existing
LDAP operations may be extended.
A factory interface for decoding a control as a control of specific type.
Utility class to resolve controls OID from aliases.
Manages the set of core configuration attributes of the Directory Server.
Definition of a service providing etimes.
Implementation of services providing etimes.
The OpenDJ SDK core schema contains standard LDAP RFC schema elements.
A server-side interface for querying Core Schema settings.
A client-side interface for reading and modifying Core Schema
settings.
An interface for querying the Core Schema managed object definition
meta information.
Defines the set of permissible values for the "json-validation-policy" property.
Provides the core schema, which includes core matching rules and syntaxes.
Provides a map of supported locale tags to OIDs.
An exception that may be thrown when a wrapped key entry is corrupted.
The count accumulated to a histogram bucket.
Used to measure the rate of change based on calls to increment.
Fluent builder for counters.
An enum of count policy types.
This class provides an implementation of a SASL mechanism that authenticates clients through CRAM-MD5.
A server-side interface for querying CRAM-MD5 SASL Mechanism
Handler settings.
A client-side interface for reading and modifying CRAM-MD5 SASL
Mechanism Handler settings.
An interface for querying the CRAM-MD5 SASL Mechanism Handler
managed object definition meta information.
A specific exception for when Create is not supported, but Upsert might be being attempted so distinguish from
other
BadRequestExceptions.This program provides a tool that may be used to generate either an RC script that can be used to start, stop,
restart and get status of the Directory Server, OR to a systemd(1) service file for Linux.
A request to create a new JSON resource.
Factory method for function extracting credentials from HTTP request
Headers.Credential pair implementation.
Declare a CREST Application.
A CREST HTTP utility class which creates instances of the
HttpAdapter
to handle CREST HTTP requests.Represents a read-only ForgeRock Common REST HTTP Endpoint which exposes server metrics.
A server-side interface for querying Common REST Metrics HTTP
Endpoint settings.
A client-side interface for reading and modifying Common REST
Metrics HTTP Endpoint settings.
An interface for querying the Common REST Metrics HTTP Endpoint
managed object definition meta information.
Implements a
ScheduledExecutorService on top of a cached thread pool
to achieve UNIX's cron-like capabilities.UNIX Crypt cipher, ported from the Sun OpenSolaris project.
Constants for Crypto Algorithms and Json Crypto Json pointer keys.
Base class for all secrets that are used as keys for cryptographic operations.
This class implements part of the Directory Server cryptographic framework.
Provides cryptographic related operations and key management.
A server-side interface for querying Crypto Manager settings.
A client-side interface for reading and modifying Crypto Manager
settings.
An interface for querying the Crypto Manager managed object
definition meta information.
Defines the set of permissible values for the "key-wrapping-mode" property.
This class defines an exception that is thrown in the case of problems with encryption key management, and is a
wrapper for a variety of other cipher related exceptions.
This class defines an object that synchronizes secret-key entries from the admin data branch to the crypto manager
secret-key cache.
This class defines a Directory Server password storage scheme based on the UNIX Crypt algorithm.
A server-side interface for querying Crypt Password Storage Scheme
settings.
A client-side interface for reading and modifying Crypt Password
Storage Scheme settings.
An interface for querying the Crypt Password Storage Scheme managed
object definition meta information.
Defines the set of permissible values for the "crypt-password-storage-encryption-algorithm" property.
Class used to represent Change Sequence Numbers.
The version of a CSN to ask for a particular representation.
Handles AuditEvents by writing them to a CSV file.
A configuration for CSV audit event handler.
Contains the csv writer configuration parameters.
Contains the configuration parameters to configure tamper evident logging.
Configuration of event buffering.
A server-side interface for querying CSV File Access Log Publisher
settings.
A client-side interface for reading and modifying CSV File Access
Log Publisher settings.
An interface for querying the CSV File Access Log Publisher managed
object definition meta information.
A server-side interface for querying CSV File HTTP Access Log
Publisher settings.
A client-side interface for reading and modifying CSV File HTTP
Access Log Publisher settings.
An interface for querying the CSV File HTTP Access Log Publisher
managed object definition meta information.
Command line interface for verifying an archived set of tamper evident CSV audit log files for a particular topic.
Sequential cursor extended with navigation methods.
A key that is used for decrypting confidential data.
A key that is used for encrypting confidential data.
This class implements the dayofweek bind rule keyword.
Generic cursor interface into the changelog database.
Options to create a cursor.
Represents a cursor key positioning strategy.
Displays the components of a CSN in human understandable format.
Thrown when data from an input source cannot be decoded, perhaps due to the
data being malformed in some way.
Decode options allow applications to control how requests and responses are
decoded.
The requested managed object was found but it could not be decoded.
Marker interface for all key types that can be used for decryption.
An interface for determining the default behavior of a property.
A visitor of default behavior providers, in the style of the visitor design
pattern.
Default implementation of
KeyStoreHandlerProvider.Default implementation of
LocalHostNameProvider using InetAddress to lookup host name of local host.A default managed object which should be created when a parent managed object
is created.
An interface for incrementally constructing default managed objects.
Default implementation of
SecureStorageProvider.A default behavior provider which represents a well-defined set of default
values.
The requested managed object was found but its type could not be determined.
An enumeration defining the reasons why the definition could not be resolved.
This interface is used to determine the "best match" managed object
definition in a definition hierarchy.
This class is used to describe the context attached to a Delete Operation.
Object used when sending delete information to replication servers.
This class defines an operation that may be used to remove an entry from the Directory Server.
A request to delete a JSON resource.
The Delete operation allows a client to request the removal of an entry from
the Directory.
Configuration wrapper for JMS
DeliveryMode persistence constants.An interface for a simple dependency provider.
AuditEventFactory capable of performing construction injection by resolving dependencies using a DependencyProvider.
Base DependencyProvider that has provides no dependencies.
A deployment ID, together with its password, facilitates the generation of the cryptographic keys required to
protect a deployment, such as a root CA key-pair for SSL/TLS and a master key-pair for protecting symmetric keys
used for data encryption.
The deployment ID information to be displayed by the deployment ID tool.
Holds deprecation information of configuration objects or properties.
A Search operation alias dereferencing policy as defined in RFC 4511 section
4.5.1.3 is used to indicate whether alias entries (as defined in RFC 4512)
are to be dereferenced during stages of a Search operation.
Decorator for a request handler that can return an api descriptor of the underlying handler.
Version of
SynchronousRequestHandlerAdapter that exposes a described handler.This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained
in a specified dictionary.
A server-side interface for querying Dictionary Password Validator
settings.
A client-side interface for reading and modifying Dictionary
Password Validator settings.
An interface for querying the Dictionary Password Validator managed
object definition meta information.
This class provides an implementation of a SASL mechanism that authenticates clients through DIGEST-MD5.
A server-side interface for querying DIGEST-MD5 SASL Mechanism
Handler settings.
A client-side interface for reading and modifying DIGEST-MD5 SASL
Mechanism Handler settings.
An interface for querying the DIGEST-MD5 SASL Mechanism Handler
managed object definition meta information.
Defines the set of permissible values for the "quality-of-protection" property.
This class provides a set of properties that may control various aspects of the server environment.
This class defines the core of the Directory Server.
Class that prints the version of OpenDJ server to System.out.
Initialize the client DirectoryServer singleton by using a fluent interface.
This interface must be implemented by all Directory Server components that interact with JMX in any way.
This class defines the set of methods and structures that are available for use in Directory Server plugins.
This class defines a shutdown hook that will be invoked automatically when the JVM is shutting down.
This class defines a generic thread that should be the superclass for all threads created by the Directory Server.
High-level interface to the
WatchService API for detecting filesystem change events.This class provides an implementation of a Directory Server task that can be used to terminate a client connection.
A disconnect exception is thrown in order to indicate that an accepted connection has been rejected and must be
disconnected immediately.
This enumeration defines the set of possible reasons for the closure of a connection between a client and the
Directory Server.
This class provides an application-wide disk space monitoring service.
This interface defines the set of methods that must be implemented for a DiskSpaceMonitorHandler.
A
RetentionPolicy that will retain/delete log files based off the total disk space used.Track the sample distribution of events.
Fluent builder for distribution summaries.
The DITCacheMap class implements custom Map for structural storage of arbitrary objects in Directory Information Tree
(DIT) like structure.
This class defines a DIT content rule, which defines the set of allowed,
required, and prohibited attributes for entries with a given structural
objectclass, and also indicates which auxiliary classes may be included in
the entry.
A fluent API for incrementally constructing DIT content rule.
This class defines a DIT structure rule, which is used to indicate the types
of children that entries may have.
A fluent API for incrementally constructing DIT structure rules.
This class checks a
Number instance.A distinguished name (DN) as defined in RFC 4512 section 2.3 is the
concatenation of its relative distinguished name (RDN) and its immediate
superior's DN.
DN property definition.
An interface for incrementally constructing DN property definitions.
This class implements the dns bind rule keyword.
Adds a hidden sub-command to write generated reference documentation for the
dsconfig command.Cursor iterating over a replication domain's replica DBs.
Identifier comprised of the domain baseDN and its replicaId within this domain.
Marker annotation during the migration.
This message is part of the replication protocol.
An abstract management connection context driver which should form the basis
of driver implementations.
Driver based client management connection context.
Implementation of a MeterRegistry supporting tags using dropwizard metric types.
A CREST CollectionResourceProvider that adds queryFilter, field filtering, sorting abilities, and paging
to the dropwizard json metrics data.
While Dropwizard is well suited for representing hierarchical metrics, it has no support for dimensional metrics.
A describable counter, implementing both the dropwizard's and the monitoring-api's relevant APIs.
A describable gauge, implementing both the dropwizard's and the monitoring-api's relevant APIs.
A describable histogram, implementing both the dropwizard's meter and the monitoring-api's relevant APIs.
A describable meter, implementing both the dropwizard's meter and the monitoring-api's relevant APIs.
A describable dropwizard metric.
A describable timer, implementing both the dropwizard's and the monitoring-api's relevant APIs.
dsbackup tool implementation.
This class provides a command-line tool which enables administrators to configure the Directory Server.
A server-side interface for querying DSEE Compatible Access Control
Handler settings.
A client-side interface for reading and modifying DSEE Compatible
Access Control Handler settings.
An interface for querying the DSEE Compatible Access Control
Handler managed object definition meta information.
This class holds information about a DS connected to the topology.
Implementation of "dsrepl" command line tool that provides commands for managing replication for a server.
Represents a duration in english.
Duration property definition.
An interface for incrementally constructing duration property definitions.
This class provides a dynamic group implementation, in which membership is determined dynamically based on criteria
provided in the form of one or more LDAP URLs.
Multi domain DB cursor that only returns updates for the domains which have been enabled for the external changelog.
AuditEventHandler for Elasticsearch.A configuration for Elasticsearch audit event handler.
Configuration of connection to Elasticsearch.
Configuration of event buffering.
Configuration of index mapping.
Utilities for working with Elasticsearch.
This class defines an e-mail message that may be sent to one or more recipients via SMTP.
The MIME text subtype for the message body.
Represents an embedded directory server on which high-level operations
are available (setup, upgrade, start, stop, ...).
Exception that may be thrown by an embedded directory server if a problem occurs while performing an operation on the
server.
Implementation of an empty
Cursor, for simulating no records to cursor on.This program provides a utility that may be used to interact with the password storage schemes defined in the
Directory Server.
Marker interface for all key types that can be used for encryption.
This class provides an implementation of a Directory Server task that can be used to place the server in lockdown
mode.
This class implements a Directory Server plugin that will add an "entity tag" or "Etag" attribute to an entry
whenever it is added, modified or imported.
A server-side interface for querying ETag Plugin settings.
A client-side interface for reading and modifying ETag Plugin
settings.
An interface for querying the ETag Plugin managed object definition
meta information.
A server-side interface for querying Entity Tag Virtual Attribute
settings.
A client-side interface for reading and modifying Entity Tag
Virtual Attribute settings.
An interface for querying the Entity Tag Virtual Attribute managed
object definition meta information.
Defines the set of permissible values for the "checksum-algorithm" property.
This class implements a virtual attribute provider which ensures that all entries contain an "entity tag" or "Etag"
as defined in section 3.11 of RFC 2616.
This class contains methods for creating and manipulating entries.
Contains server-specific methods that deal with entries.
Defines the available strategy to compute changes.
An
Entry which implements the null object pattern.Defines the available strategy to generate changes.
An entry, comprising of a distinguished name and zero or more attributes.
This class defines the set of methods that must be implemented by a Directory Server entry cache.
A server-side interface for querying Entry Cache settings.
A client-side interface for reading and modifying Entry Cache
settings.
An interface for querying the Entry Cache managed object definition
meta information.
This class defines a utility that will be used to manage the configuration for the Directory Server entry cache.
This class defines the entry cache dispatcher which acts as an arbiter for every entry cache implementation
configured and installed within the Directory Server or acts an an empty cache if no implementation specific
entry cache is configured.
This class implements the ECL cookie control.
The entry change notification response control as defined in
draft-ietf-ldapext-psearch.
Storage container for LDAP entries.
A server-side interface for querying entryDN Virtual Attribute
settings.
A client-side interface for reading and modifying entryDN Virtual
Attribute settings.
An interface for querying the entryDN Virtual Attribute managed
object definition meta information.
This class implements a virtual attribute provider that is meant to serve the entryDN operational attribute as
described in draft-zeilenga-ldap-entrydn.
A template driven entry generator, as used by the makeldif tool.
This class is used to store historical information that is used to resolve modify conflicts:
it is effectively the content of the
ds-sync-hist attribute.A specialized
Attribute implementations that performs lazy conversion of EntryHistorical
(ds-sync-hist) meta-data to its LDAP attribute representation as well as from its compact
org.opends.server.backends.pluggable.ID2Entry representation.This message is part of the replication protocol.
Thrown when the result code returned in a Result indicates that the Request
failed because the target entry was not found by the Directory Server.
An interface for reading entries from a data source, typically an LDIF file.
This class implements a Directory Server plugin that will add the entryUUID attribute to an entry whenever it is
added or imported as per RFC 4530.
A server-side interface for querying entryUUID Plugin settings.
A client-side interface for reading and modifying entryUUID Plugin
settings.
An interface for querying the entryUUID Plugin managed object
definition meta information.
A server-side interface for querying entryUUID Virtual Attribute
settings.
A client-side interface for reading and modifying entryUUID Virtual
Attribute settings.
An interface for querying the entryUUID Virtual Attribute managed
object definition meta information.
This class implements a virtual attribute provider that is meant to serve the entryUUID operational attribute as
described in RFC 4530.
An interface for writing entries to a data source, typically an LDIF file.
This class provides an enumeration of the reasons why an ACI evaluation returned a result from the AciHandler's
testApplicableLists call.
This class provides an enumeration of evaluation results returned by the bind rule evaluation methods.
This class implements "enum" validation on all types of objects as defined in
the paragraph 5.19 of the JSON Schema specification.
Enumeration property definition.
An interface for incrementally constructing enumeration property
definitions.
This class provides an enumeration of the ACI rights.
This class provides an enumeration of the valid ACI target operators.
Provides a
EnumValueOfHelper.valueOf(String) method as a replacement for the implicitly declared enum function
valueOf(String), which has the advantage of not throwing exceptions when the name argument
is null or cannot be found in the enum's values.A property accessor that allows access to environment variables.
ErrorHandler is the abstract base class for Validators.
This class defines an account status notification handler that will write information about status notifications
using the Directory Server's error logging facility.
A server-side interface for querying Error Log Account Status
Notification Handler settings.
A client-side interface for reading and modifying Error Log Account
Status Notification Handler settings.
An interface for querying the Error Log Account Status Notification
Handler managed object definition meta information.
Defines the set of permissible values for the "account-status-notification-type" property.
This class defines the wrapper that will invoke all registered error loggers for each type of request received or
response sent.
Logs internal server errors and runtime exceptions once the request has been processed.
This class defines the set of methods and structures that must be implemented for a Directory Server error log
publisher.
A server-side interface for querying Error Log Publisher settings.
A client-side interface for reading and modifying Error Log
Publisher settings.
An interface for querying the Error Log Publisher managed object
definition meta information.
Defines the set of permissible values for the "default-severity" property.
This message is part of the replication protocol.
Base class for audit event handler configuration.
Encapsulates meta-data for event topics.
Builder for
EventTopicsMetaData.This class provides an implementation of a Directory Server identity mapper that looks for the exact value provided
as the ID string to appear in an attribute of a user's entry.
A server-side interface for querying Exact Match Identity Mapper
settings.
A client-side interface for reading and modifying Exact Match
Identity Mapper settings.
An interface for querying the Exact Match Identity Mapper managed
object definition meta information.
A completion handler for consuming exceptions which occur during the execution of
asynchronous tasks.
Responsible for generating ExecutorService instances which are automatically
wired up to shutdown when the ShutdownListener event triggers.
This enumeration defines the set of possible behaviors that should be taken when attempting to write to a file that
already exists.
An exception generated by a
TokenHandler on extraction when the token is expired.This program provides a utility that may be used to export the contents of a Directory Server backend to an LDIF
file.
This class provides an implementation of a Directory Server task that can be used to export the contents of a
Directory Server backend to an LDIF file.
This interface defines a set of methods that may be used to notify various Directory Server components whenever an
LDIF export task is about to begin or has just completed.
Exception related to decoding of expression.
Utility class to manage expressions.
Utility methods for obtaining Expression syntaxes that are based on existing syntaxes.
This class defines an extended operation, which can perform virtually any kind of task.
This class defines a utility that will be used to manage the set of extended operation handlers defined in the
Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server module that
implements the functionality required for one or more types of extended operations.
A server-side interface for querying Extended Operation Handler
settings.
A client-side interface for reading and modifying Extended
Operation Handler settings.
An interface for querying the Extended Operation Handler managed
object definition meta information.
The Extended operation allows additional operations to be defined for
services not already available in the protocol; for example, to implement an
operation which installs transport layer security (see
StartTlsExtendedRequest).A factory interface for decoding a generic extended request as an extended
request of specific type.
A Extended result indicates the status of an Extended operation and any
additional information associated with the Extended operation, including the
optional response name and value.
A factory interface for decoding a generic extended result as an extended
result of specific type.
Added in protocol V10 to exchange additional information during handshake.
This class defines a number of constants that may be used by Directory Server extensions.
A server-side interface for querying External Access Log Publisher
settings.
A client-side interface for reading and modifying External Access
Log Publisher settings.
An interface for querying the External Access Log Publisher managed
object definition meta information.
This class implements the request control used to browse the external changelog.
A server-side interface for querying External HTTP Access Log
Publisher settings.
A client-side interface for reading and modifying External HTTP
Access Log Publisher settings.
An interface for querying the External HTTP Access Log Publisher
managed object definition meta information.
A service provider interface for externalizing the strategy used for wrapping individual private/secret keys.
This class provides an implementation of a SASL mechanism that relies on some form of authentication that has already
been done outside the LDAP layer.
A server-side interface for querying External SASL Mechanism
Handler settings.
A client-side interface for reading and modifying External SASL
Mechanism Handler settings.
An interface for querying the External SASL Mechanism Handler
managed object definition meta information.
Defines the set of permissible values for the "certificate-validation-policy" property.
This class represents an ACI's extop keyword rule.
Defines the standard Syslog message facilities.
A factory interface.
This enumeration defines the various ways that a task can behave if it is dependent upon another task and that
earlier task is done running but did not complete successfully.
FailFastErrorHandler implements the
ErrorHandler in a way it re-throws the exception
at first time.This class defines a Directory Server entry cache that uses a FIFO to keep track of the entries.
A server-side interface for querying FIFO Entry Cache settings.
A client-side interface for reading and modifying FIFO Entry Cache
settings.
An interface for querying the FIFO Entry Cache managed object
definition meta information.
A server-side interface for querying File Based Access Log
Publisher settings.
A client-side interface for reading and modifying File Based Access
Log Publisher settings.
An interface for querying the File Based Access Log Publisher
managed object definition meta information.
Defines the set of permissible values for the "log-format" property.
A server-side interface for querying File Based Audit Log Publisher
settings.
A client-side interface for reading and modifying File Based Audit
Log Publisher settings.
An interface for querying the File Based Audit Log Publisher
managed object definition meta information.
A server-side interface for querying File Based Error Log Publisher
settings.
A client-side interface for reading and modifying File Based Error
Log Publisher settings.
An interface for querying the File Based Error Log Publisher
managed object definition meta information.
Configures time based or size based log file rotation.
Groups the file retention config parameters.
Groups the file rotation config parameters.
A server-side interface for querying File Based HTTP Access Log
Publisher settings.
A client-side interface for reading and modifying File Based HTTP
Access Log Publisher settings.
An interface for querying the File Based HTTP Access Log Publisher
managed object definition meta information.
This class defines a key manager provider that will access keys stored in a file located on the Directory Server
filesystem.
A server-side interface for querying File Based Key Manager
Provider settings.
A client-side interface for reading and modifying File Based Key
Manager Provider settings.
An interface for querying the File Based Key Manager Provider
managed object definition meta information.
This class defines a trust manager provider that will reference certificates stored in a file located on the
Directory Server filesystem.
A server-side interface for querying File Based Trust Manager
Provider settings.
A client-side interface for reading and modifying File Based Trust
Manager Provider settings.
An interface for querying the File Based Trust Manager Provider
managed object definition meta information.
Log file implementation of the ChangelogDB interface.
Property resolver that considers only the property keys that begins with the "file:" string, and
then interprets the remaining part of the key as a relative or absolute file path that must be read
to return a value.
A server-side interface for querying File Count Log Retention
Policy settings.
A client-side interface for reading and modifying File Count Log
Retention Policy settings.
An interface for querying the File Count Log Retention Policy
managed object definition meta information.
An interface to declare the names of audit log files.
This class implements a retention policy based on the number of files.
This class provides a mechanism for setting file permissions in a more abstract manner than is provided by the
underlying operating system and/or filesystem.
A backup storage implementation that reads and writes files in a file system directory.
This class creates instances of
BackupStorage plugged on the local file system.A
SecretStore that reads secrets from a directory with the expectation that each file
contains a separate secret.A builder for more fluently creating a FileSystemSecretStore.
Interface that represents an audit filter.
An interface for implementing request handler filters.
A search filter as defined in RFC 4511.
This enumeration defines the set of possible filter types that may be used for search filters.
Builds a
Filter for a given set of FilterPolicy.A chain of filters terminated by a target request handler.
A condition which controls whether or not a filter will be invoked or not.
Represents a FilterPolicy which contains the includeIf and excludeIf values for the filter.
This class contains methods for creating various kinds of
Filter and
FilterConditions.This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if
that user's entry contains an attribute with the fingerprint of the client certificate.
A server-side interface for querying Fingerprint Certificate Mapper
settings.
A client-side interface for reading and modifying Fingerprint
Certificate Mapper settings.
An interface for querying the Fingerprint Certificate Mapper
managed object definition meta information.
Defines the set of permissible values for the "fingerprint-algorithm" property.
A server-side interface for querying Fixed Time Log Rotation Policy
settings.
A client-side interface for reading and modifying Fixed Time Log
Rotation Policy settings.
An interface for querying the Fixed Time Log Rotation Policy
managed object definition meta information.
Rotates audit files at fixed times throughout the day.
This class implements a rotation policy based on fixed day/time of day.
Deprecated.
This class is currently only used in conjunction with the PropertyResolverSecretStore and this
pairing is deprecated.
An exception that is thrown when access to a resource is forbidden during an
operation on an resource.
This class implements "format" validation on primitive types of objects as defined in
the paragraph 5.23 of the JSON Schema specification.
This class implements a Directory Server plugin that is used in fractional replication to initialize a just
configured fractional domain (when an online full update occurs or offline/online ldif import).
A server-side interface for querying Fractional LDIF Import Plugin
settings.
A client-side interface for reading and modifying Fractional LDIF
Import Plugin settings.
An interface for querying the Fractional LDIF Import Plugin managed
object definition meta information.
A server-side interface for querying Free Disk Space Log Retention
Policy settings.
A client-side interface for reading and modifying Free Disk Space
Log Retention Policy settings.
An interface for querying the Free Disk Space Log Retention Policy
managed object definition meta information.
A
RetentionPolicy that will retain/delete log files given a minimum amount of disk space the file system
must contain.This class implements a retention policy based on the free disk space available expressed as a percentage.
A synchronous function which returns a result immediately.
Common
Function implementations which may be used when parsing attributes.Fluent builder for gauges.
An LDAP generalized time as defined in RFC 4517.
This class is used to generate bash completion scripts out of the tools.
The generation id used for a replication domain.
This class computes the generation id used for a replication domain.
A generic constraint which comprises of an underlying condition and a
description.
A generic control which can be used to represent arbitrary raw request and
response controls.
A generic Extended request which should be used for unsupported extended
operations.
A Generic Extended result indicates the final status of an Generic Extended
operation.
A Generic Intermediate response provides a mechanism for communicating
unrecognized or unsupported Intermediate responses to the client.
A generic secret represented as an opaque blob of bytes, such as a password or API key.
This class implements the "Get Connection ID" extended operation that can be used to get the connection ID of the
associated client connection.
A server-side interface for querying Get Connection ID Extended
Operation Handler settings.
A client-side interface for reading and modifying Get Connection ID
Extended Operation Handler settings.
An interface for querying the Get Connection ID Extended Operation
Handler managed object definition meta information.
A partial implementation of the get effective rights request control as
defined in draft-ietf-ldapext-acl-model.
This class implements the get symmetric key extended operation, an OpenDS proprietary extension used for distribution
of symmetric keys amongst servers.
A server-side interface for querying Get Symmetric Key Extended
Operation Handler settings.
A client-side interface for reading and modifying Get Symmetric Key
Extended Operation Handler settings.
An interface for querying the Get Symmetric Key Extended Operation
Handler managed object definition meta information.
A server-side interface for querying Global Access Control Policy
settings.
A client-side interface for reading and modifying Global Access
Control Policy settings.
An interface for querying the Global Access Control Policy managed
object definition meta information.
Defines the set of permissible values for the "permission" property.
A server-side interface for querying Global Configuration settings.
A client-side interface for reading and modifying Global
Configuration settings.
An interface for querying the Global Configuration managed object
definition meta information.
Defines the set of permissible values for the "disabled-privilege" property.
Defines the set of permissible values for the "etime-resolution" property.
Defines the set of permissible values for the "invalid-attribute-syntax-behavior" property.
Defines the set of permissible values for the "single-structural-objectclass-behavior" property.
Defines the set of permissible values for the "unauthenticated-requests-policy" property.
Defines the set of permissible values for the "writability-mode" property.
A server-side interface for querying Governing Structure Rule
Virtual Attribute settings.
A client-side interface for reading and modifying Governing
Structure Rule Virtual Attribute settings.
An interface for querying the Governing Structure Rule Virtual
Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the governingStructuralRule operational
attribute as described in RFC 4512.
DirectoryServerPlugin responsible for pushing monitoring data to a Graphite server.A server-side interface for querying Graphite Monitor Reporter
Plugin settings.
A client-side interface for reading and modifying Graphite Monitor
Reporter Plugin settings.
An interface for querying the Graphite Monitor Reporter Plugin
managed object definition meta information.
This interface defines the set of methods that must be implemented by a Directory Server group.
Class holding the already visited groups.
This class provides a mechanism for interacting with all groups defined in the Directory Server.
This class implements a parser for strings which are encoded using the
Generic String Encoding Rules (GSER) defined in RFC 3641.
This class provides an implementation of a SASL mechanism that authenticates clients through Kerberos v5 over GSSAPI.
A server-side interface for querying GSSAPI SASL Mechanism Handler
settings.
A client-side interface for reading and modifying GSSAPI SASL
Mechanism Handler settings.
An interface for querying the GSSAPI SASL Mechanism Handler managed
object definition meta information.
Defines the set of permissible values for the "quality-of-protection" property.
This visitor detects if there is any token/placeholder inside the given
Template.A server-side interface for querying Has Subordinates Virtual
Attribute settings.
A client-side interface for reading and modifying Has Subordinates
Virtual Attribute settings.
An interface for querying the Has Subordinates Virtual Attribute
managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute
as described in X.501.
Lightweight REST API providing native LDAP capabilities.
A server-side interface for querying HDAP Authorization Mechanism
settings.
A client-side interface for reading and modifying HDAP
Authorization Mechanism settings.
An interface for querying the HDAP Authorization Mechanism managed
object definition meta information.
Encapsulates configuration required to start a HDAP endpoint embedded in this LDAP server.
A server-side interface for querying Hdap Endpoint settings.
A client-side interface for reading and modifying Hdap Endpoint
settings.
An interface for querying the Hdap Endpoint managed object
definition meta information.
Hdap Http application.
A composite
HealthStatusProvider that computes its health status based on the registered
HealthStatusProvider.A
HealthChecker implementation that is safe for using with multiple threads provided that the
aggregated HealthStatusProvider are thread-safe.Represent health diagnostic information.
A
MonitorProvider for monitoring the server health status.Provides a health diagnostic for a component or the whole application.
An HTTP endpoint for exposing the server health status.
A server-side interface for querying Healthy HTTP endpoint
settings.
A client-side interface for reading and modifying Healthy HTTP
endpoint settings.
An interface for querying the Healthy HTTP endpoint managed object
definition meta information.
This message is sent at regular intervals by the replication server when it is sending no other messages.
Publishes a
HeartbeatMsg on a given protocol session if no message has been published since the last
heartbeat interval period.Routines for encoding and decoding binary data in hexadecimal format.
Enumeration used for storing type of attribute modification in the value of the replication historical information.
ForgeRock changes:
- Removed @incubating annotation
Matching rule used to establish an order between historical information and index them.
Extensible matching rule to allow a range search on CSNs for a given replica.
Implements the HKDF key deriviation function to allow a
single input key to be expanded into multiple component keys.
A secret key designed to be used as the master key for HKDF key generation.
Property definition associated to a Host:Port syntax.
An interface for incrementally constructing
HostPortPropertyDefinition.Property definition for a host.
An interface for incrementally constructing IP address property definitions.
A loader for the
KeyStoreSecretStore that knows how to load standard PKCS#11 Hardware Security Module
(HSM) providers on our supported platforms.This class defines the wrapper that will invoke all registered HTTP access loggers for each type of request received
or response sent.
This class defines the set of methods and structures that must be implemented for a Directory Server HTTP access log
publisher.
A server-side interface for querying HTTP Access Log Publisher
settings.
A client-side interface for reading and modifying HTTP Access Log
Publisher settings.
An interface for querying the HTTP Access Log Publisher managed
object definition meta information.
A server-side interface for querying HTTP Anonymous Authorization
Mechanism settings.
A client-side interface for reading and modifying HTTP Anonymous
Authorization Mechanism settings.
An interface for querying the HTTP Anonymous Authorization
Mechanism managed object definition meta information.
Provides foundation for http authorization mechanisms.
A server-side interface for querying HTTP Authorization Mechanism
settings.
A client-side interface for reading and modifying HTTP
Authorization Mechanism settings.
An interface for querying the HTTP Authorization Mechanism managed
object definition meta information.
Creates
HttpAuthorizationMechanism performing the authentication/authorization of incoming Request.A server-side interface for querying HTTP Basic Authorization
Mechanism settings.
A client-side interface for reading and modifying HTTP Basic
Authorization Mechanism settings.
An interface for querying the HTTP Basic Authorization Mechanism
managed object definition meta information.
An
HttpClientConnectionContext is created by the HTTP connection handler at the front-end and passes the
unauthenticated HttpClientConnection to the downstream HTTP authentication mechanisms via an
LdapClientSocket adapter.This class defines a connection handler that will be used for communicating with clients over HTTP.
A server-side interface for querying HTTP Connection Handler
settings.
A client-side interface for reading and modifying HTTP Connection
Handler settings.
An interface for querying the HTTP Connection Handler managed
object definition meta information.
Defines the set of permissible values for the "ssl-client-auth-policy" property.
A
Context containing information relating to the originating HTTP request.A factory which is responsible for creating new request
Contexts for
each JSON request.Endpoint attach an
HttpApplication to an URI.A server-side interface for querying HTTP Endpoint settings.
A client-side interface for reading and modifying HTTP Endpoint
settings.
An interface for querying the HTTP Endpoint managed object
definition meta information.
This class defines a utility that will be used to manage the set of HTTP endpoints defined in the Directory Server.
This context contains the logging informations related to the request processing.
A server-side interface for querying HTTP OAuth2 Authorization
Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2
Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 Authorization Mechanism
managed object definition meta information.
A server-side interface for querying HTTP OAuth2 CTS Authorization
Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 CTS
Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 CTS Authorization
Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 File Based
Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 File
Based Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 File Based Authorization
Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 OpenAM
Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2
OpenAM Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 OpenAM Authorization
Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 Token
Introspection (RFC 7662) Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 Token
Introspection (RFC 7662) Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 Token Introspection (RFC
7662) Authorization Mechanism managed object definition meta
information.
Contains the information required for logging the HTTP request.
Collects statistics for HTTP.
HTTP utility methods and constants.
QueryResourceHandler that searches for a specific identifier value.This class defines the set of methods and structures that must be implemented by a Directory Server identity mapper.
A server-side interface for querying Identity Mapper settings.
A client-side interface for reading and modifying Identity Mapper
settings.
An interface for querying the Identity Mapper managed object
definition meta information.
This class defines a utility that will be used to manage the set of identity mappers defined in the Directory Server.
Defines the contract to generate global unique identifiers.
Default implementation of the
IdGenerator that will output some ids based on the following pattern :
<uuid> + '-' + an incrementing sequence.This class defines a thread that will be used to terminate client connections if they have been idle for too long.
Thrown when an attempt is made to create a new managed object with an illegal
name.
Allows to run an import.
Parameters for import / export tasks.
This program provides a utility that may be used to import the contents of an LDIF file into a Directory Server
backend.
Parameters to import LDIF data to a directory server.
This class provides an implementation of a Directory Server task that can be used to import data from an LDIF file
into a backend.
This interface defines a set of methods that may be used to notify various Directory Server components whenever an
LDIF import task is about to begin or has just completed.
Interface of an object that can be indexed with a unique key.
Utility class that checks whether attributes indexed.
This class is registered with a Backend and it provides callbacks
for indexing attribute values.
Contains options indicating how indexing must be performed.
A factory for creating arbitrarily complex index queries.
This class implements an enumeration that may be used to define the ways in which an attribute may be indexed within
the server.
This class defines an exception that may be thrown if a problem occurs while trying to initialize a Directory Server
component.
This is an abstract class of messages of the replication protocol for message that needs to contain information about
the server that send them and the destination servers to which they should be sent.
This message is used by Replicas to update the send window of the peer replica.
This message is part of the replication protocol.
This message is part of the replication protocol.
This class provides an implementation of a Directory Server task that can be used to initialize another server by
exporting data over the replication protocol.
This class provides an implementation of a Directory Server task that can be used to import data over the replication
protocol from another server hosting the same replication domain.
A property mapper which provides a mapping from a DN (or DN and JSON) LDAP attribute to a JSON object.
This class defines a set of methods that are available for use by plugins for operations that are currently in the
middle of their "core" processing (e.g., for examining search result entries or references before they are sent to
the client).
This class defines a set of methods that are available for use by in progress search plugins.
Class to be used by client tools to retrieve install and instance paths.
A managed object composite relationship definition which represents a
composition of zero or more managed objects.
An interface for incrementally constructing instantiable relation
definitions.
Integer property definition.
An interface for incrementally constructing integer property definitions.
IntegerTypeValidator applies all the constraints of a
integer type.An Intermediate response provides a general mechanism for defining
single-request/multiple-response operations.
A completion handler for consuming intermediate responses returned from
extended operations, or other operations for which an appropriate control was
sent.
An internal directory server plugin which can be registered with the server without requiring any associated
configuration.
A control providing additional modifications to a request.
An exception that is thrown during an operation on a resource when the server
encountered an unexpected condition which prevented it from fulfilling the
request.
Represents a request which has been received and decoded but is invalid according to the LDAP standard because of
an invalid DN syntax or an invalid attribute syntax.
An exception generated by a
TokenHandler on validation or extraction when the token is invalid.This class represents a single ACI's IP bind rule expression.
IP address mask property definition.
An interface for incrementally constructing IP address mask property definitions.
A server-side interface for querying Is Member Of Virtual Attribute
settings.
A client-side interface for reading and modifying Is Member Of
Virtual Attribute settings.
An interface for querying the Is Member Of Virtual Attribute
managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the isMemberOf operational attribute.
A condition which evaluates to
true if and only if a particular
property has any values specified.Default implementation of a Keystore handler.
Class defined in the configuration for this backend type.
A server-side interface for querying JE Backend settings.
A client-side interface for reading and modifying JE Backend
settings.
An interface for querying the JE Backend managed object definition
meta information.
Defines the set of permissible values for the "db-cache-mode" property.
Defines the set of permissible values for the "db-durability" property.
Berkeley DB Java Edition (JE for short) database implementation of the
Storage engine.Publishes Audit events on a JMS Topic.
Configuration object for the
JmsAuditEventHandler.This class holds the configuration properties that are used by the {#link BatchPublisher} to control the
batch queue and worker threads that process the items in the queue.
Stores the JNDI context properties and lookup names.
Interface for retrieving a
JMS topic and a JMS connection factory.This class provides an implementation of a Directory Server alert handler that will send alerts using JMX
notifications.
A server-side interface for querying JMX Alert Handler settings.
A client-side interface for reading and modifying JMX Alert Handler
settings.
An interface for querying the JMX Alert Handler managed object
definition meta information.
This class defines the set of methods and structures that must be implemented by a Directory Server client
connection.
This class defines a connection handler that will be used for communicating with administrative clients over JMX.
A server-side interface for querying JMX Connection Handler
settings.
A client-side interface for reading and modifying JMX Connection
Handler settings.
An interface for querying the JMX Connection Handler managed object
definition meta information.
This class defines a JMX MBean that can be registered with the Directory Server to provide monitoring and statistical
information, provide read and/or read-write access to the monitoring, and provide notifications and alerts if a
significant event or severe/fatal error occurs.
AuditEventHandler for persisting raw JSON events to a file.Configuration for
JsonAuditEventHandler.Configuration of event buffering.
A server-side interface for querying JSON Equality Matching Rule
settings.
A client-side interface for reading and modifying JSON Equality
Matching Rule settings.
An interface for querying the JSON Equality Matching Rule managed
object definition meta information.
Allows users to configure JSON matching rules.
An exception that is thrown during JSON operations.
A server-side interface for querying JSON File Based Access Log
Publisher settings.
A client-side interface for reading and modifying JSON File Based
Access Log Publisher settings.
An interface for querying the JSON File Based Access Log Publisher
managed object definition meta information.
A server-side interface for querying JSON File Based HTTP Access
Log Publisher settings.
A client-side interface for reading and modifying JSON File Based
HTTP Access Log Publisher settings.
An interface for querying the JSON File Based HTTP Access Log
Publisher managed object definition meta information.
This class contains methods for creating and manipulating connection factories and connections.
A server-side interface for querying JSON Ordering Matching Rule
settings.
A client-side interface for reading and modifying JSON Ordering
Matching Rule settings.
An interface for querying the JSON Ordering Matching Rule managed
object definition meta information.
Allows users to configure JSON matching rules.
Processes partial modifications to JSON values.
RFC6902 expects the patch value to be a predetermined, static value to be used in the
patch operation's execution.
Identifies a specific value within a JSON structure.
A property mapper which provides a mapping from a JSON value to an LDAP attribute having the JSON syntax.
A server-side interface for querying JSON Query Equality Matching
Rule settings.
A client-side interface for reading and modifying JSON Query
Equality Matching Rule settings.
An interface for querying the JSON Query Equality Matching Rule
managed object definition meta information.
Allows users to configure custom JSON matching rules and indexing.
Utility methods for obtaining JSON syntaxes and matching rules.
JSON value validation policies.
Contains Utility methods for dealing with JsonSchema data.
AuditEventHandler for persisting raw JSON events to stdout.Configuration for
JsonStdoutAuditEventHandler.This class contains methods for creating and manipulating connection factories and connections.
Represents a value in a JSON object model structure.
An exception that is thrown during JSON value operations.
A
QueryFilterVisitor that returns true if the provide JsonValue meets the criteria of
the QueryFilter assertions and false if it does not.This class contains the utility functions to convert a
JsonValue to another type.This class contains the utility functions to convert a
JsonValue to CREST (json-resource) types.A utility that traverses a
JsonValue and does property substitution as well as type coercion.The specification for a coercion function.
Builder to create a
JsonValuePropertyEvaluator.CoercionFunctionSpec.A configuration property resolver that uses a JsonValue to resolve properties.
Contains some JsonValue Utility methods.
Represents a
KeyManagerProvider which use the JVM keystore.This class defines a monitor provider that reports information about the JVM it is running into.
Represents a
TrustManagerProvider which use the JVM truststore.Decodes a JSON Web Key (JWK) as a secret.
Factory class for various Jwt classes.
A
SecretsProvider whose clock is accessible.A class used to verify whether a given
SignedJwt is valid.A factory class to generate
SignedJwt.Factory methods to build
Filters that handle the JWT mechanism.A context containing a
JwtFactories.SignedJwtFactory to sign authentication requests with a JWT.A key that is used in a key-agreement protocol (such as Diffie-Hellman) to agree another key.
A key that is used to decrypt (or "unwrap") other keys that have been encrypted with a
KeyEncryptionKey.A key that is used to encrypt ("wrap") other keys.
A format that can be used for exporting key material.
Exports a key in the PEM (Privacy Enhanced Mail) format.
Exports the raw key.
This class defines an API that may be used to obtain a set of
javax.net.ssl.KeyManager objects for use when
performing SSL communication.This class implements a monitor provider that will report alias name and expiry date for each X509 certificate
associated to a key manager provider.
A server-side interface for querying Key Manager Provider settings.
A client-side interface for reading and modifying Key Manager
Provider settings.
An interface for querying the Key Manager Provider managed object
definition meta information.
This class defines a utility that will be used to manage the set of key manager providers defined in the Directory
Server.
This class contains methods for creating common types of key manager.
Builder class for loading key stores.
Handles the access to a KeyStore.
Decorate a
KeyStoreHandler in order to add some commons utility methods to read or write keystore's entries.Strategy for obtaining a keystore handler.
A class that manages a Java Key Store and has methods for extracting out public/private keys and certificates.
Represents an exception from an operation using the KeyStoreManager class.
A service provider interface for implementing key store caches.
The parameters which configure how the LDAP key store will be accessed.
A secret store for cryptographic keys based on a standard Java
KeyStore.Specifies an alias with its validity for use in the store.
Permits to retrieve the list of usable AliasSpecs of a specific KeyStore.
Aggregates multiple AliasSpecProviders results to serve the list of AliasSpec for a KeyStore.
Serves a matching subset of the aliases present in a KeyStore based on a predicate.
An interface to allow the consuming application to provide the stable ID for the secret.
Serves a static list of AliasSpecs, without looking at the real content of a KeyStore.
Implementation of a secure storage using a keystore.
Indicates the type of key.
Indicates the allowed usages for a particular key.
This interface represents a keyword bind rule class that can evaluate an evaluation context.
Utility methods for interacting with lambdas that throw exceptions.
This class implements a Directory Server plugin that will add the creatorsName and createTimestamp attributes to an
entry whenever it is added to the server, and will add the modifiersName and modifyTimestamp attributes whenever the
entry is modified or renamed.
A server-side interface for querying Last Mod Plugin settings.
A client-side interface for reading and modifying Last Mod Plugin
settings.
An interface for querying the Last Mod Plugin managed object
definition meta information.
A list with lazy initialization.
A map with lazy initialization.
A
Supplier that lazily computes a value the first time it is accessed and then caches the result to return
on subsequent requests.This class contains various static utility methods encoding and decoding LDAP
protocol elements.
This pre-parse plugin modifies the operation to allow an object class identifier to be specified in attributes lists,
such as in Search requests, to request the return all attributes belonging to an object class as per the
specification in RFC 4529.
A server-side interface for querying LDAP Attribute Description
List Plugin settings.
A client-side interface for reading and modifying LDAP Attribute
Description List Plugin settings.
An interface for querying the LDAP Attribute Description List
Plugin managed object definition meta information.
An LDAP client provides an interface for obtaining a
connection to a Directory Server.A
Context containing an LdapClient, which will be used for reading the LDAP schema from the server,
and an LdapClientSocket which will be used for performing LDAP requests on behalf of the authenticated user.This class contains methods for creating and manipulating LDAP clients and connections.
A connection with a Directory Server over which read and update operations may be performed.
A factory class which can be used to obtain connections to an LDAP Directory Server.
This class defines a connection handler that will be used for communicating with clients over LDAP.
A server-side interface for querying LDAP Connection Handler
settings.
A client-side interface for reading and modifying LDAP Connection
Handler settings.
An interface for querying the LDAP Connection Handler managed
object definition meta information.
Defines the set of permissible values for the "ssl-client-auth-policy" property.
Thrown when the result code returned in a Result indicates that the Request
was unsuccessful.
This class defines a key manager provider that will access keys stored in an LDAP backend.
A server-side interface for querying LDAP Key Manager Provider
settings.
A client-side interface for reading and modifying LDAP Key Manager
Provider settings.
An interface for querying the LDAP Key Manager Provider managed
object definition meta information.
An LDAP management connection context.
An LDAP management context factory for the DSConfig tool.
Encapsulates a
ProtocolOp with LDAP specific message information.A server-side interface for querying LDAP Pass Through
Authentication Policy settings.
A client-side interface for reading and modifying LDAP Pass Through
Authentication Policy settings.
An interface for querying the LDAP Pass Through Authentication
Policy managed object definition meta information.
Defines the set of permissible values for the "mapping-policy" property.
LDAP pass through authentication policy implementation.
This class is used to map configuration elements to their LDAP schema names.
LDAP profile wrappers can be used to provide temporary LDAP profile
information for components which do not have LDAP profile property files.
A handle which can be used to retrieve the Result of an asynchronous Request.
Reads LDAP messages from an underlying ASN.1 reader.
This class implements the bulk part of the Directory Server side of the replication code.
A completion handler for consuming the result of an asynchronous operation or
connection attempts.
An LDAP server connection listener which waits for LDAP connection requests to come in over the network and binds
them to a server connection created using the provided server connection factory.
Server side representation of a connected LDAP client.
A reactive socket implementation representing a stream of LDAP messages.
This class defines a data structure that will be used to keep track of various metrics related to LDAP communication
that the server has conducted.
This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
A server-side interface for querying LDAP Trust Manager Provider
settings.
A client-side interface for reading and modifying LDAP Trust
Manager Provider settings.
An interface for querying the LDAP Trust Manager Provider managed
object definition meta information.
Abstract class that must be extended to define a message used for sending Updates between servers.
An LDAP URL as defined in RFC 4516.
This class defines a data structure that represents the components of an LDAP URL, including the scheme, host, port,
base DN, attributes, scope, filter, and extensions.
Writes LDAP messages to an underlying ASN.1 writer.
This class contains common utility methods for creating and manipulating
readers and writers.
This class provides a backend implementation that stores the underlying data in an LDIF file.
A server-side interface for querying LDIF Backend settings.
A client-side interface for reading and modifying LDIF Backend
settings.
An interface for querying the LDIF Backend managed object
definition meta information.
An LDIF change record reader reads change records using the LDAP Data
Interchange Format (LDIF) from a user defined source.
An LDIF change record writer writes change records using the LDAP Data
Interchange Format (LDIF) to a user defined destination.
This class defines an LDIF connection handler, which can be used to watch for new LDIF files to be placed in a
specified directory.
A server-side interface for querying LDIF Connection Handler
settings.
A client-side interface for reading and modifying LDIF Connection
Handler settings.
An interface for querying the LDIF Connection Handler managed
object definition meta information.
An LDIF entry reader reads attribute value records (entries) using the LDAP
Data Interchange Format (LDIF) from a user defined source.
An LDIF entry writer writes attribute value records (entries) using the LDAP
Data Interchange Format (LDIF) to a user defined destination.
This class defines an exception that may be thrown while attempting to parse LDIF content.
This class defines a data structure for holding configuration information to use when performing an LDIF export.
This class defines a data structure for holding configuration information to use when performing an LDIF import.
This class provides the ability to read information from an LDIF file.
This class provides an implementation of a Directory Server task that can be used bring the server out of lockdown
mode.
This class provides a password validator that can ensure that the provided password meets minimum and/or maximum
length requirements.
A server-side interface for querying Length Based Password
Validator settings.
A client-side interface for reading and modifying Length Based
Password Validator settings.
An interface for querying the Length Based Password Validator
managed object definition meta information.
This class provides an implementation of the Levenshtein distance algorithm, which may be used to determine the
minimum number of changes required to transform one string into another.
Represents information about the license file.
An implementation of the
Attribute interface with predictable iteration order.An implementation of the
Entry interface which uses a LinkedHashMap for storing attributes.Wraps another map.
An object that registers to be notified when an LDAP client associated
with a load-balancer changes state from offline to online or vice-versa.
Provides methods for dynamically loading classes.
This class defines the set of methods and structures that must be implemented for a Directory Server backend.
Enumeration of optional backend operations.
Provides information about the state of a completed LDIF import, including
the total number of entries read, skipped, and rejected.
A server-side interface for querying Local Backend settings.
A client-side interface for reading and modifying Local Backend
settings.
An interface for querying the Local Backend managed object
definition meta information.
Defines the set of permissible values for the "writability-mode" property.
This interface defines a set of methods that may be used by server components to perform any processing that they
might find necessary whenever a local backend is initialized and/or finalized.
This class implements a monitor provider that will report generic information for an enabled Directory Server
backend, including its backend ID, base DNs, writability mode, and the number of entries it contains.
Stores metric data local backends.
Strategy for obtaining the server's local hostname.
A mix-in interface which can be used to identify exceptions which support
localization.
A localizable message whose
String representation can be retrieved in
one or more locales.A mutable sequence of localizable messages and their parameters.
An opaque handle to a localizable message.
Subclass for creating messages with no arguments.
Subclass for creating messages with one argument.
Subclass for creating messages with two arguments.
Subclass for creating messages with three arguments.
Subclass for creating messages with four arguments.
Subclass for creating messages with five arguments.
Subclass for creating messages with six arguments.
Subclass for creating messages with seven arguments.
Subclass for creating messages with eight arguments.
Subclass for creating messages with nine arguments.
Subclass for creating messages with an any number of arguments.
Represents a String which could be localizable.
Thrown to indicate that an
HttpApplication was unable to start.Thrown to indicate that a method has been passed an illegal or inappropriate argument.
A localized
KeyStoreException.A logger implementation which formats and localizes messages before
forwarding them to an underlying SLF4J
Logger.An implementation of SLF4J marker that contains a
LocalizableMessage
and does not allow to manage references to other markers.This class provides a mechanism for allowing the Directory Server to utilize file locks as provided by the underlying
OS.
A lock manager coordinates directory update operations so that the DIT structure remains in a consistent state, as
well as providing repeatable read isolation.
A simple log aggregator to prevent a burst of regularly repeated messages from flooding the logs.
Defines whether and how to encrypt replication changelog files.
This class defines a utility that will be used to manage the set of loggers used in the Directory Server.
Defines the logging categories and their associated logger.
This class defines the set of methods and structures that must be implemented for a Directory Server log publisher.
A server-side interface for querying Log Publisher settings.
A client-side interface for reading and modifying Log Publisher
settings.
An interface for querying the Log Publisher managed object
definition meta information.
A server-side interface for querying Log Retention Policy settings.
A client-side interface for reading and modifying Log Retention
Policy settings.
An interface for querying the Log Retention Policy managed object
definition meta information.
This class defines a utility that will be used to manage the set of log retention policies used in the Directory
Server.
A server-side interface for querying Log Rotation Policy settings.
A client-side interface for reading and modifying Log Rotation
Policy settings.
An interface for querying the Log Rotation Policy managed object
definition meta information.
This class defines a utility that will be used to manage the set of log rotation policies used in the Directory
Server.
Helper class for logging securely sensitive values.
A server-side interface for querying Mail Server settings.
A client-side interface for reading and modifying Mail Server
settings.
An interface for querying the Mail Server managed object definition
meta information.
This class manages the set of (zero or more) configurations for connecting to the mail servers defined in the
Directory Server.
A generic interface for accessing client-side managed objects.
A managed object could not be created because there is an existing managed
object with the same name.
The requested managed object was found but one or more of its properties could not be decoded successfully.
Defines the structure of a managed object which can be instantiated.
A class for retrieving internationalized resource properties associated with
a managed object definition.
A class for retrieving non-internationalized resource properties associated
with a managed object definition.
The requested managed object could not be located.
This enumeration contains various options that can be associated with managed
object definitions.
A path which can be used to determine the location of a managed object
instance.
A strategy for serializing managed object paths.
The ManageDsaIT request control as defined in RFC 3296.
Client management connection context.
A management context factory for the dsconfig tool.
Tool for getting information and managing tasks in the Directory Server.
Annotation for property getters and setters for which a value is mandatory.
Wraps another map.
A
QueryFilterVisitor that produces a Map representation of the filter tree.Configures a keystore based on a key/value map.
The matched values request control as defined in RFC 3876.
The types of compiled matcher.
This class defines a data structure for storing and interacting with matching
rules, which are used by servers to compare attribute values against
assertion values when performing Search and Compare operations.
A fluent API for incrementally constructing matching rules.
Represents the types of matching rules, according to RFC 4517 section 4.1.
This interface defines the set of methods that must be implemented to define
a new matching rule.
This class defines a data structure for storing and interacting with a
matching rule use definition, which may be used to restrict the set of
attribute types that may be used for a given matching rule.
A fluent API for incrementally constructing matching rule uses.
Helper compares two
Numbers to check the maximum constraint.This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
A server-side interface for querying MD5 Password Storage Scheme
settings.
A client-side interface for reading and modifying MD5 Password
Storage Scheme settings.
An interface for querying the MD5 Password Storage Scheme managed
object definition meta information.
Store SLF4J Mapped Diagnosed Context (aka MDC) when tasks
are submitted, and re-inject it when tasks are executed.
Store SLF4J Mapped Diagnosed Context (aka MDC) when tasks
are submitted, and re-inject it when tasks are executed.
A measurement sampled from a meter.
A server-side interface for querying Member Virtual Attribute
settings.
A client-side interface for reading and modifying Member Virtual
Attribute settings.
An interface for querying the Member Virtual Attribute managed
object definition meta information.
This class implements a virtual attribute provider that works in conjunction with virtual static groups to generate
the values for the member or uniqueMember attribute.
A simple in-memory collection resource provider which uses a
Map to
store resources.A simple in-memory back-end which can be used for testing.
This class defines a very simple backend that stores its information in memory.
A server-side interface for querying Memory Backend settings.
A client-side interface for reading and modifying Memory Backend
settings.
An interface for querying the Memory Backend managed object
definition meta information.
Estimates the amount of memory in the running JVM for use of long term caches by looking at the Old Generation, where
implemented, or at the Runtime information as fallback.
A counter, gauge, timer, or distribution summary that results collects one or more metrics.
Fluent builder for custom meters.
A meter is uniquely identified by its combination of name and tags.
Custom meters may emit metrics like one of these types without implementing
the corresponding interface.
Binders register one or more metrics to provide information about the state
of some aspect of the application or its container.
A metered stream is a subclass of OutputStream that
(a) forwards all its output to a target stream
(b) keeps track of how many bytes have been written.
A metered stream is a subclass of OutputStream that (a) forwards all its output to a target stream (b) keeps track of
how many bytes have been written.
As requests are made of a
MeterRegistry to create new metrics, allow for filtering out
the metric altogether, transforming its ID (name or tags) in some way, and transforming its
configuration.Creates and manages your application's set of meters.
Access to configuration options for this registry.
Additional, less commonly used meter types.
Decorator for a meter registry.
Decorator for a meter registry.
Helper compares two
Numbers to check the minimum constraint.This exception is thrown when an attempt is made to add or modify a managed
object when one or more of its mandatory properties are undefined.
A modification to be performed on an entry during a Modify operation.
A Modify operation change type as defined in RFC 4511 section 4.6 is used to
specify the type of modification being performed on an attribute.
Contains equivalent values for the ModificationType values.
This class holds every common code for the modify messages (mod, moddn).
This class describe the replication context that is attached to Modify operation.
This class describe the replication context that is attached to ModifyDN operation.
Message used to send Modify DN information.
This class defines an operation used to move an entry (alter the DN of an entry) in the Directory Server.
The Modify DN operation allows a client to change the Relative Distinguished
Name (RDN) of an entry in the Directory and/or to move a subtree of entries
to a new location in the Directory.
Message used to send Modify information.
This class defines an operation that may be used to modify an entry in the Directory Server.
The Modify operation allows a client to request that a modification of an
entry be performed on its behalf by a server.
This class defines a backend to hold Directory Server monitor entries.
A server-side interface for querying Monitor Backend settings.
A client-side interface for reading and modifying Monitor Backend
settings.
An interface for querying the Monitor Backend managed object
definition meta information.
This class is used to hold monitoring data, i.e.
This thread regularly publishes monitoring information:
it sends monitoring messages regarding the direct topology (directly connected DSs and RSs) to the connected RSs
it sends monitoring messages regarding the whole topology (also includes the local RS) to the connected DSs
Note: as of today, monitoring messages mainly contains the server state of the entities.
The monitor message is sent by a RS to either a DS or a RS.
This class defines the set of methods and structures that must be implemented by a Directory Server module that can
provide usage, performance, availability, or other kinds of monitor information to clients.
This message is part of the replication protocol.
Cursor iterating over all the replication domains known to the changelog DB.
This object is used to store a list of ServerState object, one by replication domain.
This class is used to load the Replication code inside the JVM and to trigger initialization of the replication.
If replication is configured and then unconfigured, we need to remove replication metadata from entries being
updated to avoid OPENDJ-6235.
Keeps information on temporarily unreachable replication unreachableServers.
This class defines a simple
OutputStream object that can be used to write all messages to multiple targets at
the same time, much like the UNIX "tee" command.Thrown when the result code returned in a Result indicates that the requested
single entry search operation or read operation failed because the Directory
Server returned multiple matching entries (or search references) when only a
single matching entry was expected.
A server-side interface for querying Name And JSON Query Equality
Matching Rule settings.
A client-side interface for reading and modifying Name And JSON
Query Equality Matching Rule settings.
An interface for querying the Name And JSON Query Equality Matching
Rule managed object definition meta information.
Allows users to configure custom a Name and JSON matching rule by declaring custom indexes for the JSON fields
of a Name and JSON attribute.
This class provides a data structure that makes it possible to associate a name with a given set of characters.
This class defines a data structure for storing and interacting with a name
form, which defines the attribute type(s) that must and/or may be used in the
RDN of an entry with a given structural objectclass.
A fluent API for incrementally constructing name forms.
Monitoring systems make different recommendations regarding naming convention.
The
NeverThrowsException class is an uninstantiable placeholder
exception which should be used for indicating that a Function or
AsyncFunction never throws an exception (i.e.Allows the Caching of an object.
An event handler that does nothing.
Indicates that no secret was configured for the given purpose, or the named secret is not available.
A condition which evaluates to
true if the sub-condition is
false, or false if the sub-condition is
true.An exception that is thrown when a specified resource cannot be found.
This class implements a notification message template element that will generate a value that is the message for the
account status notification.
This class defines the base class for elements that may be used to generate an account status notification message.
This class implements a notification message template element that will generate a value that is the name of the
account status notification type.
An exception that is thrown during an operation on a resource when the
resource does not implement/support the feature to fulfill the request.
This exception should be raised by the un-serialization code of a PDU (typically the constructor code with a byte[]
parameter), when the detected PDU type (deduced from the first received byte of the message) is a PDU used in an
older version of the replication protocol than the current one, and we do not support translation from this old
version PDU to his matching PDU in the current protocol version (if it exists).
A common annotation to declare that annotated elements can be
null under
some circumstance.This class implements /dev/null like backend for development and testing.
A server-side interface for querying Null Backend settings.
A client-side interface for reading and modifying Null Backend
settings.
An interface for querying the Null Backend managed object
definition meta information.
null Value MUST be null.
NumberTypeValidator applies all the constraints of a
number type.A server-side interface for querying Num Subordinates Virtual
Attribute settings.
A client-side interface for reading and modifying Num Subordinates
Virtual Attribute settings.
An interface for querying the Num Subordinates Virtual Attribute
managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute
as described in draft-ietf-boreham-numsubordinates.
This class defines a data structure for storing and interacting with an
objectclass, which contains a collection of attributes that must and/or may
be present in an entry with that objectclass.
A fluent API for incrementally constructing object classes.
This enumeration defines the set of possible objectclass types that may be
used, as defined in RFC 2252.
An property mapper which maps JSON objects to LDAP attributes.
Common utility methods for Objects.
ObjectTypeValidator applies all the constraints of a
object type.The ObjectValidator is a sample implementation of how to use the validator.
ObjectValidatorFactory initialises the validator instances for given schemas.
Factory to retrieve an openDJ implementation of SLF4J Logger.
The OpenDJ LDAP security provider which exposes an LDAP/LDIF based
KeyStore
service, as well as providing utility methods facilitating construction of LDAP/LDIF based key stores.Utility methods for accessing the LDAP schema elements required in order to support the OpenDJ security provider.
This class defines a base exception for OpenDS exceptions.
This class defines a generic operation that may be processed by the Directory Server.
This class describe the replication context that is attached to each Operation using the SYNCHROCONTEXT key.
This exception is thrown when the client or server refuses to create, delete,
or modify a managed object due to one or more constraints that cannot be
satisfied.
The type of operation that caused this exception.
Exceptions thrown as a result of errors that occurred when reading, listing,
and modifying managed objects.
A configuration option whose value can be stored in a set of
Options.A managed object composite relationship definition which represents a
composition of an optional single managed object (i.e.
An interface for incrementally constructing optional relation
definitions.
A set of options which can be used for customizing the behavior of HTTP
clients and servers.
A condition which evaluates to
false if and only if all of its
sub-conditions are false.A
StableIdResolver that uses a version suffix and a subsequent number to determine
the stableId of a Secret.Ordered pair of arbitrary objects.
Named set of servers defining a distributed service.
Named set of servers defining a distributed service.
A server from a partition.
A server from a partition.
An encoded password.
A server-side interface for querying Password Expiration Time
Virtual Attribute settings.
A client-side interface for reading and modifying Password
Expiration Time Virtual Attribute settings.
An interface for querying the Password Expiration Time Virtual
Attribute managed object definition meta information.
Provider for the password expiration time virtual attribute.
The Netscape password expired response control as defined in
draft-vchu-ldap-pwd-policy.
The Netscape password expiring response control as defined in
draft-vchu-ldap-pwd-policy.
This class defines a set of methods and structures that must be implemented by a Directory Server module that may be
used to generate user passwords.
A server-side interface for querying Password Generator settings.
A client-side interface for reading and modifying Password
Generator settings.
An interface for querying the Password Generator managed object
definition meta information.
This class defines a utility that will be used to manage the set of password generators defined in the Directory
Server.
This class implements the password modify extended operation defined in RFC 3062.
A server-side interface for querying Password Modify Extended
Operation Handler settings.
A client-side interface for reading and modifying Password Modify
Extended Operation Handler settings.
An interface for querying the Password Modify Extended Operation
Handler managed object definition meta information.
The password modify extended request as defined in RFC 3062.
The password modify extended result as defined in RFC 3062.
This class defines a data structure that holds information about a Directory Server password policy.
A server-side interface for querying Password Policy settings.
A client-side interface for reading and modifying Password Policy
settings.
An interface for querying the Password Policy managed object
definition meta information.
Defines the set of permissible values for the "state-update-failure-policy" property.
A password policy error type as defined in draft-behera-ldap-password-policy
is used to indicate problems concerning a user's account or password.
This class is the interface between the password policy configurable component and a password policy state object.
This class implements a Directory Server plugin that performs various password policy processing during an LDIF
import.
A server-side interface for querying Password Policy Import Plugin
settings.
A client-side interface for reading and modifying Password Policy
Import Plugin settings.
An interface for querying the Password Policy Import Plugin managed
object definition meta information.
The password policy request control as defined in
draft-behera-ldap-password-policy.
The password policy response control as defined in
draft-behera-ldap-password-policy.
This class provides a data structure for holding password policy state information for a user account.
This class implements an LDAP extended operation that can be used to query and update elements of the Directory
Server password policy state for a given user.
A server-side interface for querying Password Policy State Extended
Operation Handler settings.
A client-side interface for reading and modifying Password Policy
State Extended Operation Handler settings.
An interface for querying the Password Policy State Extended
Operation Handler managed object definition meta information.
A server-side interface for querying Password Policy Subentry
Virtual Attribute settings.
A client-side interface for reading and modifying Password Policy
Subentry Virtual Attribute settings.
An interface for querying the Password Policy Subentry Virtual
Attribute managed object definition meta information.
This class implements a virtual attribute provider to serve the pwdPolicySubentry operational attribute as described
in Password Policy for LDAP Directories Internet-Draft.
A password policy warning type as defined in
draft-behera-ldap-password-policy is used to indicate the current state of a
user's password.
This class defines the set of methods and structures that must be implemented by a Directory Server module that
implements a password storage scheme.
A server-side interface for querying Password Storage Scheme
settings.
A client-side interface for reading and modifying Password Storage
Scheme settings.
An interface for querying the Password Storage Scheme managed
object definition meta information.
This class defines a utility that will be used to manage the set of password storage schemes defined in the Directory
Server.
This class defines the set of methods and structures that must be implemented by a Directory Server module that may
be used to determine whether a proposed password is acceptable for a user.
A server-side interface for querying Password Validator settings.
A client-side interface for reading and modifying Password
Validator settings.
An interface for querying the Password Validator managed object
definition meta information.
This class defines a utility that will be used to manage the set of password validators defined in the Directory
Server.
Verifies password against user / authentication
PasswordStorageSchemes.An individual patch operation which is to be performed against a field within
a resource.
A request to update a JSON resource by applying a set of changes to its existing content.
This class is used to encapsulate DN pattern matching using wildcards.
A class representing a single IP address parsed from a IP bind rule expression.
This class is used to match RDN patterns containing wildcards in either the attribute types or the attribute values.
This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898,
using HMAC-SHA256 pseudorandom function.
A server-side interface for querying PBKDF2-HMAC-SHA256 Password
Storage Scheme settings.
A client-side interface for reading and modifying
PBKDF2-HMAC-SHA256 Password Storage Scheme settings.
An interface for querying the PBKDF2-HMAC-SHA256 Password Storage
Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898,
using HMAC-SHA512 pseudorandom function.
A server-side interface for querying PBKDF2-HMAC-SHA512 Password
Storage Scheme settings.
A client-side interface for reading and modifying
PBKDF2-HMAC-SHA512 Password Storage Scheme settings.
An interface for querying the PBKDF2-HMAC-SHA512 Password Storage
Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898.
A server-side interface for querying PBKDF2 Password Storage Scheme
settings.
A client-side interface for reading and modifying PBKDF2 Password
Storage Scheme settings.
An interface for querying the PBKDF2 Password Storage Scheme
managed object definition meta information.
Defines the set of permissible values for the "rehash-policy" property.
A
KeyManagerProvider that reads keys from PEM files in a configured file system directory and automatically
reacts to file modification, deletion or addition.A server-side interface for querying Pem Key Manager Provider
settings.
A client-side interface for reading and modifying Pem Key Manager
Provider settings.
An interface for querying the Pem Key Manager Provider managed
object definition meta information.
Supports decoding keys and certificates in PEM
format.
A
TrustManagerProvider that reads trusted certificates from PEM files in a configured file system directory
and automatically reacts to file modification, deletion or addition.A server-side interface for querying Pem Trust Manager Provider
settings.
A client-side interface for reading and modifying Pem Trust Manager
Provider settings.
An interface for querying the Pem Trust Manager Provider managed
object definition meta information.
Generator for a set of histogram buckets intended for use by a monitoring system that supports aggregable
percentile approximations such as Prometheus'
histogram_quantiles or Atlas' :percentiles.PerItemEvictionStrategyCache is a thread-safe write-through cache.
An exception that indicates that a failure is permanent, i.e.
A class representing a permission-bind rule pair.
A class representing the permissions of an bind rule.
The Microsoft defined permissive modify request control.
This class defines a data structure that will be used to hold the information necessary for processing a persistent
search.
A persistent search change type as defined in draft-ietf-ldapext-psearch is
used to indicate the type of update operation that caused an entry change
notification to occur.
The persistent search request control as defined in
draft-ietf-ldapext-psearch.
This class defines a key manager provider that will access keys stored on a PKCS#11 device.
A server-side interface for querying PKCS#11 Key Manager Provider
settings.
A client-side interface for reading and modifying PKCS#11 Key
Manager Provider settings.
An interface for querying the PKCS#11 Key Manager Provider managed
object definition meta information.
Define a trust manager provider that will access certificates stored on a PKCS#11 device.
A server-side interface for querying PKCS#11 Trust Manager Provider
settings.
A client-side interface for reading and modifying PKCS#11 Trust
Manager Provider settings.
An interface for querying the PKCS#11 Trust Manager Provider
managed object definition meta information.
This class defines a Directory Server password storage scheme based on the Atlassian PBKDF2-base hash algorithm.
A server-side interface for querying PKCS#5 V2.0 Scheme 2 Password
Storage Scheme settings.
A client-side interface for reading and modifying PKCS#5 V2.0
Scheme 2 Password Storage Scheme settings.
An interface for querying the PKCS#5 V2.0 Scheme 2 Password Storage
Scheme managed object definition meta information.
This class provides an implementation of a SASL mechanism that uses plain-text authentication.
A server-side interface for querying Plain SASL Mechanism Handler
settings.
A client-side interface for reading and modifying Plain SASL
Mechanism Handler settings.
An interface for querying the Plain SASL Mechanism Handler managed
object definition meta information.
Utility class for getting the default number of worker threads.
An
AutoCloseable which must be closed in order to reset the thread name back to its previous value.A server-side interface for querying Pluggable Backend settings.
A client-side interface for reading and modifying Pluggable Backend
settings.
An interface for querying the Pluggable Backend managed object
definition meta information.
A monitor provider for high level backend statistics, such as filter stats and search counters.
A server-side interface for querying Plugin settings.
A client-side interface for reading and modifying Plugin settings.
An interface for querying the Plugin managed object definition meta
information.
Defines the set of permissible values for the "plugin-type" property.
This class defines a utility that will be used to manage the configuration for the set of plugins defined in the
Directory Server.
This class defines a set of methods that are available for use by all types of plugins involved in operation
processing (pre-parse, pre-operation, post-operation, post-response, search result entry, search result reference,
and intermediate response).
This class defines a data structure that holds information about the result of processing by a plugin.
Defines a LDIF plugin result for import from LDIF processing consisting of either continue, skip further plugins,
or stop processing with an error message.
Defines an intermediate response plugin result for core server operation processing consisting of either
continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and
error message.
Contract for operation results.
Defines a post connect plugin result for client connection processing consisting of either continue, skip further
plugins, or stop.
Defines a post disconnect plugin result for client connection processing consisting of either continue or skip
further plugins.
Defines a post operation plugin result for core server operation processing consisting of either continue, skip
further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a post response plugin result for core server operation processing consisting of either continue or skip
further plugins.
Defines a pre operation plugin result for core server operation processing consisting of either continue, skip
further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a pre parse plugin result for core server operation processing consisting of either continue, skip
further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a startup plugin result consisting of either continue skip further plugins, or stop startup with an error
message.
Defines a subordinate delete plugin result for core server operation processing consisting of either continue,
skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error
message.
Defines a subordinate modify DN plugin result for core server operation processing consisting of either continue,
skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error
message.
A server-side interface for querying Plugin Root settings.
A client-side interface for reading and modifying Plugin Root
settings.
An interface for querying the Plugin Root managed object definition
meta information.
This class defines an enumeration containing the types of plugins that are supported for use in the Directory Server.
Provides coarse grained access control for all operations, regardless of whether they are destined for local or
proxy backends.
A server-side interface for querying Policy Based Access Control
Handler settings.
A client-side interface for reading and modifying Policy Based
Access Control Handler settings.
An interface for querying the Policy Based Access Control Handler
managed object definition meta information.
This class defines a set of methods that are available for use by post-commit plugins for add operations.
This class defines a set of methods that are available for use by post-commit plugins for delete operations.
This class defines a set of methods that are available for use by post-commit plugins for modify DN
operations.
This class defines a set of methods that are available for use by post-commit plugins for modify operations.
This class defines a set of methods that are available for use by post-commit plugins for all types of
operations.
This class defines a set of methods that are available for use by post-operation plugins for abandon operations.
This class defines a set of methods that are available for use by post-operation plugins for add operations.
This class defines a set of methods that are available for use by post-operation plugins for bind operations.
This class defines a set of methods that are available for use by post-operation plugins for compare operations.
This class defines a set of methods that are available for use by post-operation plugins for delete operations.
This class defines a set of methods that are available for use by post-operation plugins for extended operations.
This class defines a set of methods that are available for use by post-operation plugins for modify DN operations.
This class defines a set of methods that are available for use by post-operation plugins for modify operations.
This class defines a set of methods that are available for use by post-operation plugins for all types of operations.
This class defines a set of methods that are available for use by post-operation plugins for search operations.
This class defines a set of methods that are available for use by post-operation plugins for unbind operations.
The post-read request control as defined in RFC 4527.
The post-read response control as defined in RFC 4527.
This class defines a set of methods that are available for use by post-response plugins for add operations.
This class defines a set of methods that are available for use by post-response plugins for bind operations.
This class defines a set of methods that are available for use by post-response plugins for compare operations.
This class defines a set of methods that are available for use by post-response plugins for delete operations.
This class defines a set of methods that are available for use by post-response plugins for extended operations.
This class defines a set of methods that are available for use by post-response plugins for modify DN operations.
This class defines a set of methods that are available for use by post-response plugins for modify operations.
This class defines a set of methods that are available for use by post-response plugins for all types of operations.
This class defines a set of methods that are available for use by post-response plugins for search operations.
This class defines a set of methods that are available for use by post-synchronization plugins for add operations.
This class defines a set of methods that are available for use by post-synchronization plugins for delete operations.
This class defines a set of methods that are available for use by post-synchronization plugins for modify DN
operations.
This class defines a set of methods that are available for use by post-synchronization plugins for modify operations.
This class defines a set of methods that are available for use by post-synchronization plugins for all types of
operations.
An exception that is thrown to indicate that a resource's current version
does not match the version provided.
An exception that is thrown to indicate that a resource requires a version,
but no version was supplied in the request.
A
Predicate functional interface which can thrown a checked Exception.This class encapsulates an ordered list of preferred locales, and the logic
to use those to retrieve i18n
ResourceBundles.This class defines a set of methods that are available for use by pre-operation plugins for add operations.
This class defines a set of methods that are available for use by pre-operation plugins for bind operations.
This class defines a set of methods that are available for use by pre-operation plugins for compare operations.
This class defines a set of methods that are available for use by pre-operation plugins for delete operations.
This class defines a set of methods that are available for use by pre-operation plugins for extended operations.
This class defines a set of methods that are available for use by pre-operation plugins for modify DN operations.
This class defines a set of methods that are available for use by pre-operation plugins for modify operations.
This class defines a set of methods that are available for use by pre-operation plugins for all types of operations.
This class defines a set of methods that are available for use by pre-operation plugins for search operations.
This class defines a set of methods that are available for use by pre-parse plugins for abandon operations.
This class defines a set of methods that are available for use by pre-parse plugins for add operations.
This class defines a set of methods that are available for use by pre-parse plugins for bind operations.
This class defines a set of methods that are available for use by pre-parse plugins for compare operations.
This class defines a set of methods that are available for use by pre-parse plugins for delete operations.
This class defines a set of methods that are available for use by pre-parse plugins for extended operations.
This class defines a set of methods that are available for use by pre-parse plugins for modify DN operations.
This class defines a set of methods that are available for use by pre-parse plugins for modify operations.
This class defines a set of methods that are available for use by pre-parse plugins for all types of operations.
This class defines a set of methods that are available for use by pre-parse plugins for search operations.
This class defines a set of methods that are available for use by pre-parse plugins for unbind operations.
The pre-read request control as defined in RFC 4527.
The pre-read response control as defined in RFC 4527.
Container for a principal and secret.
This class implements an enumeration that defines the set of privileges available in the Directory Server.
Represents a process ID which allows differentiating DS and RS instances running in the same JVM.
Strategy for obtaining the information relating to the product in which the AuditService is deployed.
OpenDJ product information, including version number, build information, and references to documentation.
A property accessor for product paths.
Represents a setup profile.
Represents a constant defined in an
enumeration parameter.Represents when a profile
runs.Profile.ParameterValuesProvider base implementation which can be used to pass profile parameter values.Interface used by the setup model to retrieve profile parameter values.
A visitor of
parameters, in the style of the visitor design pattern.Represents the configuration of the setup associated to this profile.
A progress notification callback.
Represents an HTTP endpoint exposing OpenDJ metrics using
Prometheus text format.
A server-side interface for querying Prometheus HTTP Endpoint
settings.
A client-side interface for reading and modifying Prometheus HTTP
Endpoint settings.
An interface for querying the Prometheus HTTP Endpoint managed
object definition meta information.
An HTTP
Handler from which Prometheus and
OpenTelemetry Collector can scrape monitoring information.A
Promise represents the result of an asynchronous task.An implementation of
Promise which can be used as is, or as the basis
for more complex asynchronous behavior.Utility methods for creating and composing
Promises.Ordered list of joined asynchronous results.
Given a file path this will load the properties within the file as a
PropertyResolver.A managed object property comprising of the property's definition and its set
of values.
An interface for querying generic property definition features.
An interface for incrementally constructing property definitions.
A property definition visitor which can be used to generate syntax usage information.
A visitor of property definitions, in the style of the visitor design
pattern.
Exceptions thrown as a result of errors that occurred when decoding and
modifying property values.
Decodes secrets in raw base64 format.
A property mapper is responsible for converting JSON values to and from LDAP attributes.
Thrown when an attempt is made to retrieve a property using its name but the
name was not recognized.
This enumeration contains various options that can be associated with property definitions.
An interface which can be used to initialize the contents of a managed object.
A property resolver attempt to get the value of a given config property.
A utility class that gives access to the default property resolvers for a product.
A
SecretStore implementation that resolves secrets as base64-encoded strings from an underlying
PropertyResolver.A set of properties.
A visitor of property values, in the style of the visitor design pattern.
The base class of all requests and responses provides methods for querying and manipulating the set of Controls.
The version utility class for the replication protocol.
The proxy authorization v1 request control as defined in
draft-weltman-ldapv3-proxy-04.
The proxy authorization v2 request control as defined in RFC 4370.
Helper for using proxy auth controls.
Implements the proxy backend, i.e.
A server-side interface for querying Proxy Backend settings.
A client-side interface for reading and modifying Proxy Backend
settings.
An interface for querying the Proxy Backend managed object
definition meta information.
Defines the set of permissible values for the "hash-function" property.
This class defines the proxy protocol header as it is described in
the proxy protocol documentation.
Exposes the content of the "pp2_tlv_ssl" structure present in the
ProxyProtocolHeader.PP2_TYPE_SSL TLV
header.Represents the possible values for the client property of the "pp2_tlv_ssl" structure.
Represents the possible types of the "sub_tlv" contained in the "pp2_tlv_ssl" structure present in the
ProxyProtocolHeader.PP2_TYPE_SSL TLV header.Utility class to check arguments validity and conflicts for the purge command or task.
This class provides an implementation of a Directory Server task that can be used to purge the replication historical
informations stored in the user entries to solve conflicts.
This exception is thrown when a replica DB is fully purged by deleting all log files, invalidating all open
cursors on them.
This class implements the business logic for the dsbackup purge sub-command,
whether offline or online.
A purpose encapsulates both a name for a function that requires access to secrets, together with a hint as
to the intended usage of those secrets.
A filter which can be used to select resources, which is compatible with the CREST query filters.
QueryFilter constants.
A query string has the following string representation:
Convenience methods to create
QueryFilter that
specify fields in terms of JsonPointer instances.A visitor of
QueryFilters, in the style of the visitor design
pattern.A request to search for all JSON resources matching a user specified set of criteria.
A completion handler for consuming the results of a query request.
The final result of a query request returned after all resources matching the
request have been returned.
This class provides an implementation of a Directory Server password generator that will create random passwords
based on fixed-length strings built from one or more character sets.
A server-side interface for querying Random Password Generator
settings.
A client-side interface for reading and modifying Random Password
Generator settings.
An interface for querying the Random Password Generator managed
object definition meta information.
Represents a range of objects, where the bounds are always inclusive and may be
null.Exposes a range of integer values as a set.
This class defines a Directory Server password storage scheme that will encode values using the RC4 reversible
encryption algorithm.
A server-side interface for querying RC4 Password Storage Scheme
settings.
A client-side interface for reading and modifying RC4 Password
Storage Scheme settings.
An interface for querying the RC4 Password Storage Scheme managed
object definition meta information.
A relative distinguished name (RDN) as defined in RFC 4512 section 2.3 is the
name of an entry relative to its immediate superior.
Utility class for reactive handlers.
Represents a readable transaction on a storage engine.
Options applicable to
ReadableTransaction.openCursor(TreeName, ReadOption...).Thrown when the server or a tool attempts to access the storage while it is read-only.
The policy which should be used in order to read an entry before it is
deleted, or after it is added or modified.
Function performing a read operation.
A request to read a single identified JSON resource.
Configuration for the indexType rebuild process.
Identifies how indexes will be selected for rebuild.
This program provides a utility to rebuild the contents of the indexes of a Directory Server backend.
Parameters to rebuild the indexes of a directory server.
This class provides an implementation of a Directory Server task that can be used to rebuild indexes in a backend.
This class defines a information about a recurring task, which will be used to repeatedly schedule tasks for
processing.
A reference to another managed object.
ReferenceTypeValidator holds a reference to another validator.
This class implements a Directory Server post operation plugin that performs Referential Integrity processing on
successful delete and modify DN operations.
A server-side interface for querying Referential Integrity Plugin
settings.
A client-side interface for reading and modifying Referential
Integrity Plugin settings.
An interface for querying the Referential Integrity Plugin managed
object definition meta information.
Defines the set of permissible values for the "check-references-scope-criteria" property.
Thrown when the result code returned in a Result indicates that the Request
could not be processed by the Directory Server because the target entry is
located on another server.
This class provides an implementation of a Directory Server identity mapper that uses a regular expression to process
the provided ID string, and then looks for that processed value to appear in an attribute of a user's entry.
A server-side interface for querying Regular Expression Identity
Mapper settings.
A client-side interface for reading and modifying Regular
Expression Identity Mapper settings.
An interface for querying the Regular Expression Identity Mapper
managed object definition meta information.
A input parameter-validating utility class using fluent invocation:
A listener interface which is notified whenever a change record cannot be
applied to an entry.
A listener interface which is notified whenever LDIF records are skipped,
malformed, or fail schema validation.
Relation definitions define relationships between types of managed objects.
RelationDefinition.AbstractBuilder<C extends ConfigurationClient,S extends Configuration,D extends RelationDefinition<C,S>>
An interface for incrementally constructing relation definitions.
Opaque structure containing fields common to all relation definition
types.
A visitor of relation definitions, in the style of the visitor design
pattern.
This enumeration contains various options that can be associated with relation definitions.
A default behavior provider which retrieves default values from a parent
managed object.
The internet-draft defined Relax Rules control.
Contains CSNs identifying the last state for all replicas removed from the changelog for a domain.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not allowed
to have the same character appear several times consecutively.
A server-side interface for querying Repeated Characters Password
Validator settings.
A client-side interface for reading and modifying Repeated
Characters Password Validator settings.
An interface for querying the Repeated Characters Password
Validator managed object definition meta information.
Represents the server ID for a replica, called a replica ID.
Class that define messages sent by a replica (DS) to the replication server (RS) to let the RS know the date at which
a replica went offline.
Control that provides some replication context to requests.
The broker for Multi-master Replication.
This class should be used as a base for Replication implementations.
This class contains the context related to an import or export launched on the domain.
A server-side interface for querying Replication Domain settings.
A client-side interface for reading and modifying Replication
Domain settings.
An interface for querying the Replication Domain managed object
definition meta information.
This interface allows to query or control the replication domain database(s) (composed of one or more ReplicaDBs) and
query/update each ReplicaDB.
Describes the content of a Replica DB.
Describes the content of a Replica DB file.
Represents the replication environment, which allows to manage the lifecycle of the replication changelog.
This record represents the content of the domains state file.
Abstract class that must be used when defining messages that can be sent for replication purpose between servers.
This class implements the Sun-defined replication repair control.
ReplicationServer Listener.
A server-side interface for querying Replication Server settings.
A client-side interface for reading and modifying Replication
Server settings.
An interface for querying the Replication Server managed object
definition meta information.
Defines the set of permissible values for the "allow-updates-policy" property.
Defines the set of permissible values for the "changelog-enabled" property.
This class define an in-memory cache that will be used to store the messages that have been received from an LDAP
server or from another replication server and that should be forwarded to other servers.
Represents the server ID for a replication server, called a Replication Server ID.
Service Discovery Mechanism retrieving information from a replication topology.
Service Discovery Mechanism retrieving information from a replication topology.
A server-side interface for querying Replication Service Discovery
Mechanism settings.
A client-side interface for reading and modifying Replication
Service Discovery Mechanism settings.
An interface for querying the Replication Service Discovery
Mechanism managed object definition meta information.
A server-side interface for querying Replication Synchronization
Provider settings.
A client-side interface for reading and modifying Replication
Synchronization Provider settings.
An interface for querying the Replication Synchronization Provider
managed object definition meta information.
Defines the set of permissible values for the "isolation-policy" property.
Message sent by a replication server to a directory server in reply to the ServerStartMsg.
Message sent by a replication server to another replication server at Startup.
This class represents the security configuration for replication protocol sessions.
Common attributes of all JSON resource requests.
The base class of all Requests provides methods for querying and manipulating
the set of Controls included with a Request.
The type of this request.
Maintains the cancellation state of an active request, acting as a mediator between frontend,
ClientConnection request tracking and backend processing of the
request.Contextual state associated with the backend processing of a request.
Distinguishes operations from server components, not directly from LDAP clients.
Provides the ability to terminate an asynchronous LDAP request.
Represents the contract with a set of resources.
A utility class containing various factory methods for creating and
manipulating requests.
This class contains various methods for creating and manipulating requests.
An enumeration whose values represent the different types of request.
A visitor of
Requests, in the style of the visitor design pattern.A visitor of
Requests, in the style of the visitor design pattern.Search that requires the search terms are satisfiable, or an
MeterNotFoundException is thrown.This class provides an implementation of a Directory Server task that can be used to rebuild the change number index
with a given change number and a change represented by its CSN.
This message is used by an LDAP server to communicate to the topology that the generation must be reset for the
domain.
Defines the characteristics of a resource, including its properties, inheritance, and sub-resources.
API Version routing filter which creates a
ApiVersionRouterContext
which contains the default routing behaviour when the
Accept-API-Version header is set on the request.A
Filter supporting the specification of resource API version configuration to be
used when a request on a specific endpoint does not contain an Accept-API-Version
header.Handler allowing products to extend behaviour when a request has no resource API version supplied.
Class representing a mapping between a
ResourcePath and a Version.ResourceApiVersionSpecificationFilter.VersionSpecification supporting specification of a request's resource version
based on its resource path.Mechanism supporting specification of a version on the request.
An exception that is thrown during the processing of a JSON resource request.
Utility class to use on ResourceExceptions.
All resource limits for a user.
A relative path, or URL, to a resource.
A resource, comprising of a resource ID, a revision (etag), and its JSON
content.
This class contains methods for creating and manipulating connection
factories and connections.
Common response object of all resource responses.
The base class of all Responses provides methods for querying and
manipulating the set of Controls included with a Response.
Indicates whether a response can be cached and under what conditions.
A utility class containing various factory methods for creating and
manipulating responses.
This class contains various methods for creating and manipulating responses.
A stream of LDAP response messages.
Provides methods for constructing Rest2Ldap protocol gateways.
Encapsulates configuration required to start a REST2LDAP application embedded in this LDAP server.
A server-side interface for querying Rest2LDAP Endpoint settings.
A client-side interface for reading and modifying Rest2LDAP
Endpoint settings.
An interface for querying the Rest2LDAP Endpoint managed object
definition meta information.
Rest2ldap HTTP application.
Provides core factory methods and builders for constructing Rest2Ldap endpoints from JSON configuration.
This file contains localizable message descriptors having the resource
name
org.forgerock.opendj.rest2ldap.rest2ldap.Defines the logging categories for this module.
This class implements all the business logic for the dsbackup restore sub-command, whether offline or
online.
This class provides an implementation of a Directory Server task that can be used to restore a binary backup of a
Directory Server backend.
This interface defines a set of methods that may be used to notify various Directory Server components whenever a
backend restore task is about to begin or has just completed.
A Result is used to indicate the status of an operation performed by the
server.
An operation result code as defined in RFC 4511 section 4.1.9 is used to
indicate the final status of an operation.
Contains equivalent values for the ResultCode values.
A completion handler for consuming the results of asynchronous tasks.
Hook into the retention checking operations for a file.
RetentionHooks that do nothing.Defines the retention conditions and the files that need to be deleted.
This interface describes the retention policy that should be used for the logger.
An exception that indicates that a failure may be temporary, and that
retrying the same request may be able to succeed in the future.
A server-side interface for querying Root settings.
A client-side interface for reading and modifying Root settings.
An interface for querying the Root managed object definition meta
information.
Wrapper class for a backend "container".
The root DSE is a DSA-specific Entry (DSE) and not part of any naming context
(or any subtree), and which is uniquely identified by the empty DN.
This class defines a backend to hold the Directory Server root DSE.
A server-side interface for querying Root DSE Backend settings.
A client-side interface for reading and modifying Root DSE Backend
settings.
An interface for querying the Root DSE Backend managed object
definition meta information.
Represents a file that can be rotated based on size or on time.
Interface defining methods a rotatable file needs.
Supports file rotation and retention.
Callback hooks to allow custom action to be taken before and after the checks for rotation and
retention is performed.
This class holds some information while a file is being rotated.
Callback hooks to allow custom action to be taken before and after file rotation occurs.
RotationHooks that do nothing.Interface to decide if a file should be rotated or not.
This interface describes the rotation policy that should be used for the logger.
A utility class that contains methods for creating route matchers.
A router which routes requests based on route predicates.
Provides routing on LDAP requests based on Dns.
Represents a URI template string that will be used to match and route
incoming requests.
This class holds information about an RS connected to the topology.
A completion handler for consuming runtime exceptions which occur during the
execution of asynchronous tasks.
This class is used to gather and display information from the runtime environment.
Utility class for creating reactive transports and sockets.
A reactive server socket listens for incoming connections and binds them to a
RxSocket.A transport agnostic reactive socket abstraction.
This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
A server-side interface for querying Salted MD5 Password Storage
Scheme settings.
A client-side interface for reading and modifying Salted MD5
Password Storage Scheme settings.
An interface for querying the Salted MD5 Password Storage Scheme
managed object definition meta information.
This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
A server-side interface for querying Salted SHA-1 Password Storage
Scheme settings.
A client-side interface for reading and modifying Salted SHA-1
Password Storage Scheme settings.
An interface for querying the Salted SHA-1 Password Storage Scheme
managed object definition meta information.
This class defines a Directory Server password storage scheme based on the 256-bit SHA-2 algorithm defined in FIPS
180-2.
A server-side interface for querying Salted SHA-256 Password
Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-256
Password Storage Scheme settings.
An interface for querying the Salted SHA-256 Password Storage
Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the 384-bit SHA-2 algorithm defined in FIPS
180-2.
A server-side interface for querying Salted SHA-384 Password
Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-384
Password Storage Scheme settings.
An interface for querying the Salted SHA-384 Password Storage
Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the 512-bit SHA-2 algorithm defined in FIPS
180-2.
A server-side interface for querying Salted SHA-512 Password
Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-512
Password Storage Scheme settings.
An interface for querying the Salted SHA-512 Password Storage
Scheme managed object definition meta information.
The Samba password synchronization plugin implementation class.
A server-side interface for querying Samba Password Plugin
settings.
A client-side interface for reading and modifying Samba Password
Plugin settings.
An interface for querying the Samba Password Plugin managed object
definition meta information.
Defines the set of permissible values for the "pwd-sync-policy" property.
This class defines a utility that will be used to manage the set of SASL mechanism handlers defined in the Directory
Server.
This class defines the SASL context needed to process SASL bind requests that use a
SaslServer.This class defines the set of methods and structures that must be implemented by a Directory Server module that
implements the functionality required for one or more SASL mechanisms.
A server-side interface for querying SASL Mechanism Handler
settings.
A client-side interface for reading and modifying SASL Mechanism
Handler settings.
An interface for querying the SASL Mechanism Handler managed object
definition meta information.
A reactive socket which adds SASL QOP to an underlying reactive socket..
This class defines a data structure that holds information about the
components of the LDAP schema.
This class defines a backend to hold the Directory Server schema information.
A server-side interface for querying Schema Backend settings.
A client-side interface for reading and modifying Schema Backend
settings.
An interface for querying the Schema Backend managed object
definition meta information.
Schema builders should be used for incremental construction of new schemas.
Allows to perform modifications on element's builders before adding the result to this schema builder.
This class defines a number of constants used by Directory Server schema elements, like matching rules, syntaxes,
attribute types, and objectclasses.
Interface for schema elements.
Encapsulate a general JSON validator error.
Responsible for access to the server's schema.
Interface to update a schema provided a schema builder.
Common options for LDAP schemas.
Provides some schema elements to load at startup.
A server-side interface for querying Schema Provider settings.
A client-side interface for reading and modifying Schema Provider
settings.
An interface for querying the Schema Provider managed object
definition meta information.
Schema resolvers are included with a set of
DecodeOptions in order to
allow application to control how Schema instances are selected when
decoding requests and responses.Utility methods related to schema.
Represents a password type, including a "not a password" value.
This class provides various schema validation policy options for controlling
how entries should be validated against the directory schema.
An enumeration of the possible actions which can be performed when a
schema validation failure is encountered.
The SCRAM credential data persisted in the server using the representation described in RFC 5803 which is a
specialization of RFC 3112.
Server-side callback for obtaining the stored SCRAM credential for a given user and mechanism.
This class defines a Directory Server password storage scheme based on the SCRAM-SHA-256 SASL mechanism defined in
RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-256 Password Storage
Scheme settings.
A client-side interface for reading and modifying SCRAM-SHA-256
Password Storage Scheme settings.
An interface for querying the SCRAM-SHA-256 Password Storage Scheme
managed object definition meta information.
This class defines the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-256 SASL Mechanism
Handler settings.
A client-side interface for reading and modifying SCRAM-SHA-256
SASL Mechanism Handler settings.
An interface for querying the SCRAM-SHA-256 SASL Mechanism Handler
managed object definition meta information.
This class defines a Directory Server password storage scheme based on the SCRAM-SHA-512 SASL mechanism defined in
RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-512 Password Storage
Scheme settings.
A client-side interface for reading and modifying SCRAM-SHA-512
Password Storage Scheme settings.
An interface for querying the SCRAM-SHA-512 Password Storage Scheme
managed object definition meta information.
This class defines the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-512 SASL Mechanism
Handler settings.
A client-side interface for reading and modifying SCRAM-SHA-512
SASL Mechanism Handler settings.
An interface for querying the SCRAM-SHA-512 SASL Mechanism Handler
managed object definition meta information.
ForgeRock changes:
- Removed support for FunctionCounter, FunctionCounter, TimeGauge, LongTaskTimer
Tell the operation router to not run a search into subordinate backends.
This class defines an operation used to search for entries in the Directory Server.
The Search operation is used to request a server to return, subject to access
controls and other restrictions, a set of entries matching a complex search
criterion.
A Search Result Entry represents an entry found during a Search operation.
A completion handler for consuming the results of a Search operation.
A Search Result Reference represents an area not yet explored during a Search
operation.
Thrown when an iteration over a set of search results using a
ConnectionEntryReader encounters a SearchResultReference.A Search operation search scope as defined in RFC 4511 section 4.5.1.2 is
used to specify the scope of a Search operation.
Contains equivalent values for the SearchScope values.
A secret is any piece of data that should be kept confidential.
Provides a uniform way for secrets providers to construct secrets and keys.
Interface for constraints on a secret that must be satisfied for a given
Purpose.Specifies how data retrieved from a
SecretStore should be decoded into a secret object.Wraps a property format that decodes raw bytes and converts it into a property format for extracting secret keys
using some algorithm.
Defines the format of secrets loaded from configuration properties.
A long-lived reference to an active or named secret.
The secret resource used for creating a
Secret.An
X509ExtendedKeyManager implementation that gets keys and certificates from a SecretsProvider.A Java security provider that exposes a KeyStore view of a secret store.
Class used to initialise the keystore when it is initialised via the standard Java interfaces.
The secrets provider is used to get hold of active, named or valid secret objects.
A backend storage mechanism for certain kinds of secrets.
This class holds various methods and classes to manage some
SecretStores.Interface for
SecretKey generators.This
SecretStore uses a SecretStores.SecretKeyGenerator to produce secrets based
on the secret key generated by the SecretKeyGenerator.Provides an implementation of a standard Java TLS
X509ExtendedTrustManager that will retrieve trusted
certificates from the Secrets API.Represents a storage for secure keys, to be used for signing files.
Exception that can be thrown by a SecureStorage implementation.
Strategy for obtaining a secure storage, used by handlers providing tamper-evident feature.
Utility class to create secure peer to peer communications settings in a newly set up OpenDJ instance.
Abstract class which represents an existing keystore to use to setup a server instance.
Represents keystore data which will be used to secure the server instance to setup.
Represents a strategy to retrieve an existing password.
Represents a truststore to trust remote server certificates.
Deprecated.
This class will be removed once CAF has been migrated fully to CHF, at which point components should
create
SecurityContexts directly rather than via request attributes.Cursor extended with navigation methods.
This class defines a set of constants that may be referenced throughout the Directory Server source.
An interface for performing server-side constraint validation.
Context for the server, giving access to global properties of the server.
Represents a server ID, which can identify either a directory server or a replication server.
Defines the logging categories for the server and their associated logger.
A server-side managed object.
This interface defines the methods that a Directory Server configurable
component should implement if it wishes to be able to receive notifications
when a new server managed object is added.
This interface defines the methods that a Directory Server configurable
component should implement if it wishes to be able to receive notifications
when a its associated server managed object is changed.
The requested server managed object was found but one or more of its
properties could not be decoded successfully.
This interface defines the methods that a Directory Server configurable
component should implement if it wishes to be able to receive notifications
when an existing server managed object is deleted.
Server management connection context.
This file contains localizable message descriptors having the resource
name
org.opends.messages.server.This interface defines a method that may be used to notify various Directory Server components that the server is
shutting down.
The server-side sort request control as defined in RFC 2891.
The server-side sort response control as defined in RFC 2891.
This message is used by LDAP server when they first connect.
The various status a DS can take.
This interface defines the methods that a Service Discovery consumer should implement if it wishes to be notified of
changes in the service.
This interface defines the methods that a Service Discovery consumer should implement if it wishes to be notified of
changes in the service.
Maintains a set of
Partitions keeping it up to date according to a specific discovery mechanism.Maintains a set of
Partitions keeping it up to date according to a specific discovery mechanism.A server-side interface for querying Service Discovery Mechanism
settings.
A client-side interface for reading and modifying Service Discovery
Mechanism settings.
An interface for querying the Service Discovery Mechanism managed
object definition meta information.
Manages configuration additions and deletions of service discovery mechanisms in the server configuration.
An exception that is thrown during an operation on a resource when the server
is temporarily unable to handle the request.
Defines a replication session using TLS.
Configuration wrapper for JMS
Session.getAcknowledgeMode() SessionMode setting.This class provides an implementation of a Directory Server task that can be used to import data over the replication
protocol from another server hosting the same replication domain.
A managed object composite relationship definition which represents a
composition of zero or more managed objects each of which must have a
different type.
An interface for incrementally constructing set relation definitions.
Class used to install a new OpenDJ server instance.
OpenDJ Setup command line tool main class.
Utility class which contains all setup command line
Argument.Can be used to consume messages issued by
Setup process.Class which defines constants used to setup and opendj server instance.
Exception which may be thrown by the
Setup model.Interactively collect and validate setup parameters.
setup-profile command line tool main class.
Utility methods used by the
Setup class.This class implements a Directory Server plugin that can be used to ensure that the values for a specified set of
attributes (optionally, below a specified set of base DNs) are 7-bit clean (i.e., contain only ASCII characters).
A server-side interface for querying Seven Bit Clean Plugin
settings.
A client-side interface for reading and modifying Seven Bit Clean
Plugin settings.
An interface for querying the Seven Bit Clean Plugin managed object
definition meta information.
Defines the standard Syslog message severities.
Defines values for message severity.
This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
A server-side interface for querying SHA-1 Password Storage Scheme
settings.
A client-side interface for reading and modifying SHA-1 Password
Storage Scheme settings.
An interface for querying the SHA-1 Password Storage Scheme managed
object definition meta information.
Any component which needs to be shut down should implement this interface
and use the function to shut down the component.
Interface used by shutdown managers to allow for thread safe
adding and removing of shutdown listeners.
This class defines the shutdown priorities that are consumed by
com.sun.identity.common.ShutdownManager.Synchronizes the shutdown of DS and RS ensuring that the offline message triggered by the DS is forwarded
to all remote RS.
This class provides an implementation of a Directory Server task that can be used to stop the server.
Utility class for signing and verifying signatures.
A key that is used for signing digital signatures.
This class provides a password validator that can ensure that the provided password meets minimum similarity
requirements.
A server-side interface for querying Similarity Based Password
Validator settings.
A client-side interface for reading and modifying Similarity Based
Password Validator settings.
An interface for querying the Similarity Based Password Validator
managed object definition meta information.
The simple paged results request and response control as defined in RFC 2696.
An property mapper which provides a simple mapping from a JSON value to a single LDAP attribute.
SimpleValidator is a base interface for all validator implementation.
A managed object composite relationship definition which represents a
composition of a single managed object (i.e.
An interface for incrementally constructing singleton relation
definitions.
An implementation interface for resource providers which exposes a single
permanent resource instance.
A
StableIdResolver that matches a stableId exactly to the purpose for returning only one Secret.Represents a one-to-one relationship between a parent resource and a child sub-resource.
Created a size based file retention policy.
This class implements a retention policy based on the amount of space taken by the log files.
Creates a file size based rotation policy.
This class implements a rotation policy based on the size of the file.
An entry with its encoded size.
A server-side interface for querying Size Limit Log Retention
Policy settings.
A client-side interface for reading and modifying Size Limit Log
Retention Policy settings.
An interface for querying the Size Limit Log Retention Policy
managed object definition meta information.
A server-side interface for querying Size Limit Log Rotation Policy
settings.
A client-side interface for reading and modifying Size Limit Log
Rotation Policy settings.
An interface for querying the Size Limit Log Rotation Policy
managed object definition meta information.
Memory size property definition.
An interface for incrementally constructing memory size property definitions.
This enumeration defines various memory size units.
This class provides an implementation of an account status notification handler that can send e-mail messages via
SMTP to end users and/or administrators whenever an account status notification occurs.
A server-side interface for querying SMTP Account Status
Notification Handler settings.
A client-side interface for reading and modifying SMTP Account
Status Notification Handler settings.
An interface for querying the SMTP Account Status Notification
Handler managed object definition meta information.
This class implements a Directory Server alert handler that may be used to send administrative alerts via SMTP.
A server-side interface for querying SMTP Alert Handler settings.
A client-side interface for reading and modifying SMTP Alert
Handler settings.
An interface for querying the SMTP Alert Handler managed object
definition meta information.
This class defines a Directory Server entry cache that uses soft references to manage objects in a way that will
allow them to be freed if the JVM is running low on memory.
A server-side interface for querying Soft Reference Entry Cache
settings.
A client-side interface for reading and modifying Soft Reference
Entry Cache settings.
An interface for querying the Soft Reference Entry Cache managed
object definition meta information.
A sort key which can be used to specify the order in which JSON resources
should be included in the results of a query request.
A search result sort key as defined in RFC 2891 is used to specify how search
result entries should be ordered.
Comparator derived from a sort key which can be used to compare entries.
This comparator iterates through the provided sortKeys and finds the first comparative difference between the left
and right side JsonValues.
Defines possible positions for JsonValue that wraps a
null object.Audit event handler that writes out to Splunk's HTTP event collector RAW endpoint.
Configuration for the splunk audit event handler.
Configuration of event buffering.
Configuration of connection to Splunk.
The class represents the ssf keyword in a bind rule.SSF stands for security strength factor.
Encapsulates options for configuring SSL based security as well as providing methods for building
SSLEngines.Represents the client authentication policy option.
A reactive socket implementation which adds SSL to an underlying reactive socket.
Utility class for common SSL related setup.
Interface for resolving stable ids in a
SecretStore.This class defines a tool which starts up the server.
This abstract message class is the superclass for start messages used by LDAP servers and Replication servers to
initiate their communications.
This message is used by DS to confirm a RS he wants to connect to him (open a session).
This class provides an implementation of the StartTLS extended operation as defined in RFC 2830.
A server-side interface for querying StartTLS Extended Operation
Handler settings.
A client-side interface for reading and modifying StartTLS Extended
Operation Handler settings.
An interface for querying the StartTLS Extended Operation Handler
managed object definition meta information.
The start TLS extended request as defined in RFC 4511.
The start tls extended result as defined in RFC 4511.
A static group implementation, in which the DNs of all members are explicitly listed.
Binds
LoggerFactory class with an instance of ILoggerFactory.Binds
MarkerFactory class with an instance of IMarkerFactory.Binds
MarkerFactory class with an instance of IMarkerFactory.This mechanism only returns the list of servers in its configuration, without checking for availability.
This mechanism only returns the list of servers in its configuration, without checking for availability.
A server-side interface for querying Static Service Discovery
Mechanism settings.
A client-side interface for reading and modifying Static Service
Discovery Mechanism settings.
An interface for querying the Static Service Discovery Mechanism
managed object definition meta information.
This class defines a number of static utility methods that may be used throughout the server.
A description of the value contained in a measurement.
A tool which displays a server status.
This class provides a tool that can send a request to the Directory Server that will cause it to shut down.
Internal message to signal the stop of encryption.
This message is part of the replication protocol.
The reason why the connection might be terminated.
This interface abstracts the underlying storage engine, isolating the pluggable backend generic code from a
particular storage engine implementation.
Runtime exception for problems happening in the storage engine.
Represents the current status of a storage with respect to its resources.
Utility class for implementations of
Storage.Utility methods for operating on IO streams.
String property definition.
An interface for incrementally constructing string property definitions.
Common utility methods for Strings.
StringTypeValidator applies all the constraints of a
string type.A server-side interface for querying Structural Object Class
Virtual Attribute settings.
A client-side interface for reading and modifying Structural Object
Class Virtual Attribute settings.
An interface for querying the Structural Object Class Virtual
Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the structuralObjectClass operational
attribute as described in RFC 4512.
The sub-entries request control as defined in RFC 3672.
This class represents RFC 3672 subentries and RFC 3671 collective attribute subentries objects.
This interface defines a mechanism that Directory Server components may use if they need to be notified of changes
that are being made to subentries in the Directory Server.
This class provides a mechanism for interacting with subentries defined in the Directory Server.
This class represents subentry password policies either based on the Password Policy for LDAP Directories
Internet-Draft, or OpenDJ extended password policies.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user based
on attributes contained in both the certificate subject and the user's entry.
A server-side interface for querying Subject Attribute To User
Attribute Certificate Mapper settings.
A client-side interface for reading and modifying Subject Attribute
To User Attribute Certificate Mapper settings.
An interface for querying the Subject Attribute To User Attribute
Certificate Mapper managed object definition meta information.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if
that user's entry contains an attribute with the subject of the client certificate.
A server-side interface for querying Subject DN To User Attribute
Certificate Mapper settings.
A client-side interface for reading and modifying Subject DN To
User Attribute Certificate Mapper settings.
An interface for querying the Subject DN To User Attribute
Certificate Mapper managed object definition meta information.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if
the subject of the peer certificate exactly matches the DN of a user in the Directory Server.
A server-side interface for querying Subject Equals DN Certificate
Mapper settings.
A client-side interface for reading and modifying Subject Equals DN
Certificate Mapper settings.
An interface for querying the Subject Equals DN Certificate Mapper
managed object definition meta information.
This class defines a set of methods that are available for use by subordinate modify DN operation plugins.
A SubResource defines how to reach a resource relative to its parent resource.
A server-side interface for querying Subschema Subentry Virtual
Attribute settings.
A client-side interface for reading and modifying Subschema
Subentry Virtual Attribute settings.
An interface for querying the Subschema Subentry Virtual Attribute
managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the subschemaSubentry operational attribute
as described in RFC 4512.
A
SubstitutionContext holds both runtime and config time values for the substitution process.Exception thrown during substitution process.
Substitute tokens in the source String with their resolved value.
This visitor evaluates
Templates with the help of a PropertyResolver.Builder of
SubstitutionVisitor.The tree delete request control as defined in draft-armijo-ldap-treedelete.
An RFC 3672 subtree specification.
A refinement which uses a search filter.
Abstract interface for RFC3672 specification filter refinements.
Container for a whole suffix environment which stores all entries from the subtree of the suffix' baseDN.
A
Supplier functional interface which can throw a checked Exception.A tool that generates an archive with various server information, the archive can be sent to support for
troubleshooting.
A reactive socket implementation which delegates to a replaceable delegate reactive socket.
This class defines the set of methods and structures that are available for use in a Directory Server synchronization
provider.
A server-side interface for querying Synchronization Provider
settings.
A client-side interface for reading and modifying Synchronization
Provider settings.
An interface for querying the Synchronization Provider managed
object definition meta information.
This class defines a utility that will be used to manage the configuration for the set of synchronization providers
configured in the Directory Server.
This class defines a data structure that holds information about the result of processing by a synchronization
provider.
Defines a continue processing synchronization provider result.
Defines a stop processing synchronization provider result.
An interface for implementing synchronous
RequestHandlers.This class defines a data structure for storing and interacting with an LDAP
syntaxes, which constrain the structure of attribute values stored in an LDAP
directory, and determine the representation of attribute and assertion values
transferred in the LDAP protocol.
A fluent API for incrementally constructing syntaxes.
This interface defines the set of methods and structures that must be implemented to define a new attribute syntax.
The handler publishes audit events formatted using
SyslogFormatter to a syslog daemon using
the configured SyslogPublisher.Configuration object for the
SyslogAuditEventHandler.Configuration of event buffering.
Encapsulates configuration for mapping audit event field values to Syslog severity values.
A SystemPropertyResolver resolves a config token using system properties.
Key/value pair representing a dimension of a meter used to classify and drill into measurements.
An interface for querying the properties of a tag.
An immutable collection of
Tags.The TargAttrFilters class represents a targattrfilters rule of an ACI.
A class representing an ACI target keyword.
This class represents an ACI's targetcontrol keyword.
This class represents a targetfilter keyword of an aci.
This class defines a task that may be executed by the task backend within the Directory Server.
Data holder for work counters.
This class provides an implementation of a Directory Server backend that may be used to execute various kinds of
administrative tasks on a one-time or recurring basis.
A server-side interface for querying Task Backend settings.
A client-side interface for reading and modifying Task Backend
settings.
An interface for querying the Task Backend managed object
definition meta information.
Helper class for interacting with the task backend on behalf of utilities that are capable of being scheduled.
Exception for problems related to interacting with the task backend.
This interface must be implemented by tool commands or sub-commands that offer the possibility to run in offline mode
or via a Directory Server task.
Processes information from a task entry from the directory and provides accessors for attribute information.
A class that contains all the arguments related to the task scheduling.
Interface for tools that are capable of scheduling a task remotely through the task backend.
This class defines a task scheduler for the Directory Server that will control the execution of scheduled tasks and
other administrative functions that need to occur on a regular basis.
A generic data structure that contains the data that the user provided to schedule a task.
This enumeration defines the various states that a task can have during its lifetime.
A helper class for adding online capabilities to an offline tool.
Represents a templated string.
A template parser receives a string input source, tokenize it (honoring escaping settings)
and build a
Template that can be processed later on.A
TemplateVisitor represents an operation applied to a Template.This class represents a temporary log file which should be usually deleted if linked operation succeeded.
This class provides the implementation of the access logger used by the directory server.
This class provides the implementation of the audit logger used by the directory server.
This class provides an implementation of an error log publisher.
This class provides the implementation of the HTTP access logger used by the directory server.
This class implements a notification message template element that will generate a value using static text.
A TextWriter provides a character-based stream which can be queried for number of bytes written.
A TextWriter provides a character-based stream used by a Text Publishers as a target for outputting log records.
A TextWriter implementation which writes to a given output stream.
Wraps a
TextWriter in a Writer.A secret store that wraps another secret store and performs all query operations in a background thread using a
thread pool.
Common utility methods for Threads.
Fluent builder for time gauges.
A server-side interface for querying Time Limit Log Rotation Policy
settings.
A client-side interface for reading and modifying Time Limit Log
Rotation Policy settings.
An interface for querying the Time Limit Log Rotation Policy
managed object definition meta information.
Creates a rotation policy based on a time duration.
This class implements a fixed time based rotation policy.
This class represents the timeofday keyword in a bind rule.
Thrown when the result code returned in a Result indicates that the Request
was aborted because it did not complete in the required time out period.
Invokes
TimeoutScheduler.TimeoutEventListener at a regular interval.Listener on timeout events.
Timer intended to track of a large number of short running events.
Fluent builder for timers.
A
FilenameFilter that matches historical log files.Creates a time stamp based file naming policy.
A file name policy that names files suffixed by the time it was created.
This class provides an application-wide timing service.
Modification on
TimeUnit.convert(long, TimeUnit) that accepts and preserves
precision from a double argument.Responsible for the validation, generation and parsing of tokens used for keying a JsonValue
representative of some state.
An exception generated by a
TokenHandler on either creation, validation, or state extraction.Configuration definition
TopCfgDefn is the root of the
configuration definition hierarchy.Represents the topology of servers this local server is participating in.
This class defines a message that is sent:
By a RS to the other RSs in the topology, containing:
every DSs directly connected to the RS in the DS infos
every connected RSs (including the sending RS) in the RS infos
By a RS to his connected DSs, containing.
This class defines a data structure for storing and interacting with the Directory Server work queue.
A server-side interface for querying Traditional Work Queue
settings.
A client-side interface for reading and modifying Traditional Work
Queue settings.
An interface for querying the Traditional Work Queue managed object
definition meta information.
A reactive socket which wraps an underlying downstream reactive socket, providing opportunities to transform
transferred data or provide additional functionality.
Transport protocol over which Syslog messages should be published.
An implementation of the
Entry interface which uses a TreeMap for storing attributes.Represents the name of a tree (key-value store) in a database.
This class defines a Directory Server password storage scheme that will encode values using the triple-DES (DES/EDE)
reversible encryption algorithm.
A server-side interface for querying Triple-DES Password Storage
Scheme settings.
A client-side interface for reading and modifying Triple-DES
Password Storage Scheme settings.
An interface for querying the Triple-DES Password Storage Scheme
managed object definition meta information.
This class defines an API that may be used to obtain a set of
javax.net.ssl.TrustManager objects for use when
performing SSL/StartTLS negotiation.A server-side interface for querying Trust Manager Provider
settings.
A client-side interface for reading and modifying Trust Manager
Provider settings.
An interface for querying the Trust Manager Provider managed object
definition meta information.
This class defines a utility that will be used to manage the set of trust manager providers defined in the Directory
Server.
This class contains methods for creating common types of trust manager.
This class defines an operation that may be used to close the connection between the client and the Directory Server.
The Unbind operation allows a client to terminate an LDAP session.
An exception that indicates that a failure is not directly known to the
system, and hence requires out-of-band knowledge or enhancements to determine
if a failure should be categorized as temporary or permanent.
A default behavior provider which indicates undefined behavior.
Union Types An array of two or more simple validators definitions.
This class implements a Directory Server plugin that can be used to ensure that all values for a given attribute or
set of attributes are unique within the server (or optionally, below a specified set of base DNs).
A server-side interface for querying Unique Attribute Plugin
settings.
A client-side interface for reading and modifying Unique Attribute
Plugin settings.
An interface for querying the Unique Attribute Plugin managed
object definition meta information.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords contain at least
a specified number of different characters.
A server-side interface for querying Unique Characters Password
Validator settings.
A client-side interface for reading and modifying Unique Characters
Password Validator settings.
An interface for querying the Unique Characters Password Validator
managed object definition meta information.
Wraps a message that the
LdapServer was unable to decode because it did not recognize it.Exception thrown when a transport implementation can't be found.
Thrown when a schema query fails because the requested schema element could
not be found or is ambiguous.
Indicates a 415 Unsupported Media Type response that the Content-Type of the request was not acceptable.
Function that computes the new value of a record for a Read-Modify-Write operation inside a transaction.
Abstract class that must be extended to define a message used for sending Updates between servers.
A visitor of
UpdateMsgs, in the style of the visitor design pattern.Represents an update message with the base DN of the replication domain it belongs to, with support for easy
retrieval of the CSN and the replica ID corresponding to the message.
A request to update a JSON resource by replacing its existing content with new content.
This class contains the table of upgrade tasks that need performing when upgrading from one version to another.
This class provides the CLI used for upgrading the OpenDJ product.
Parameters to upgrade a Directory Server.
Represents the version used for determining if the upgrade tool must be run and whether an upgrade task must run
during the upgrade process.
This class implements the userattr bind rule keyword.
A server-side interface for querying User Defined Virtual Attribute
settings.
A client-side interface for reading and modifying User Defined
Virtual Attribute settings.
An interface for querying the User Defined Virtual Attribute
managed object definition meta information.
This class implements a virtual attribute provider that allows administrators to define their own values that will be
inserted into any entry that matches the criteria defined in the virtual attribute rule.
This class represents the userdn keyword in a bind rule.
This class implements a notification message template element that will generate a value that is the string
representation of the target user's DN.
An encoded user password that contains a storage scheme and an encoded vaulue.
A server-side interface for querying User Template Virtual
Attribute settings.
A client-side interface for reading and modifying User Template
Virtual Attribute settings.
An interface for querying the User Template Virtual Attribute
managed object definition meta information.
This class implements a virtual attribute provider that allows administrators to define their own virtual attribute
with template that will be evaluated by taking the data from the attributes only for the entry that matches the
criteria defined in the virtual attribute rule.
This class provides utility functions.
Internal utility methods.
Deprecated.
Encapsulate a JSON validator error.
Validator is the abstract base class of all typed validator.
A long-lived reference to a number of secrets.
A precomputed percentile of a distribution.
Wraps either a value of a given type or an expression string containing at least one token.
A key used for verifying digital signatures.
This class represents the configuration of a JE backend verification process.
This program provides a utility to verify the contents of the indexes of a Directory Server backend.
A server-side interface for querying Virtual Attribute settings.
A client-side interface for reading and modifying Virtual Attribute
settings.
An interface for querying the Virtual Attribute managed object
definition meta information.
Defines the set of permissible values for the "conflict-behavior" property.
Defines the set of permissible values for the "scope" property.
This class defines a utility that will be used to manage the set of virtual attribute providers defined in the
Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server module that
implements the functionality required for one or more virtual attributes.
This class defines a virtual attribute rule, which associates a virtual attribute provider with its associated
configuration, including the attribute type for which the values should be generated; the base DN(s), group DN(s),
and search filter(s) that should be used to identify which entries should have the virtual attribute, and how
conflicts between real and virtual values should be handled.
The virtual list view request control as defined in
draft-ietf-ldapext-ldapv3-vlv.
The virtual list view response control as defined in
draft-ietf-ldapext-ldapv3-vlv.
This class provides a virtual static group implementation, in which membership is based on membership of another
group.
This annotation doesn't actually do anything, other than provide documentation of the fact that a function has
either been marked public, or package private in order for a test (somewhere physically distant in the system)
to compile.
This program provides a simple tool that will wait for a specified file to be deleted before exiting.
This class implements the "Who Am I?" extended operation defined in RFC 4532.
A server-side interface for querying Who Am I Extended Operation
Handler settings.
A client-side interface for reading and modifying Who Am I Extended
Operation Handler settings.
An interface for querying the Who Am I Extended Operation Handler
managed object definition meta information.
The who am I extended request as defined in RFC 4532.
The who am I extended result as defined in RFC 4532.
This message is used by LDAP server or by Replication Servers to update the send window of the remote entities.
This message is used by LDAP or Replication Server that have been out of credit for a while and want to check if the
remote servers is able to accept more messages.
This class defines the structure and methods that must be implemented by a Directory Server work queue.
A server-side interface for querying Work Queue settings.
A client-side interface for reading and modifying Work Queue
settings.
An interface for querying the Work Queue managed object definition
meta information.
This class defines a utility that will be used to manage the Directory Server work queue.
This class implements an enumeration that may be used to control the writability mode for the entire server or for a
specific backend.
The writability policy determines whether an attribute supports updates.
Represents a writeable transaction on a storage engine.
Options applicable to a
WriteableTransaction.Function performing a write operation.
A class for building X509 certificates as described in RFC 5280.
An enumeration of extended key usages.
An enumeration of key usages.
This is a custom XML handler to load the dtds from the classpath This should
be used by all the xml parsing document builders to set the default entity
resolvers.
Utility classes for handling XML.
RequestHandlernow has default methods which implement the not-supported behavior.