All Classes and Interfaces

Class
Description
This class defines an operation that may be used to abandon an operation that may already be in progress in the Directory Server.
The Abandon operation allows a client to request that the server abandon an uncompleted operation.
This exception is thrown when a cursor that has been aborted is used.
This exception is thrown when the Log on which a cursor is operating has been closed (shutdown) OR cleared (reset generation-id).
This exception is thrown when a cursor is operating on a log file which has been purged because it's too old in regard of the configured "purge delay".
A default behavior provider which retrieves default values from a managed object in an absolute location.
An abstract connection whose synchronous methods are implemented in terms of asynchronous methods.
An abstract connection whose synchronous methods are implemented in terms of asynchronous methods.
This class provides a skeletal implementation of the Attribute interface, to minimize the effort required to implement this interface.
This class provides a skeletal implementation of the Connection interface, to minimize the effort required to implement this interface.
An abstract base class from which connection wrappers may be easily implemented.
An abstract base class from which connection wrappers may be easily implemented.
A base implementation of the Context interface for OpenDJ.
This class provides a skeletal implementation of the Entry interface, to minimize the effort required to implement this interface.
An abstract Extended request which can be used as the basis for implementing new Extended operations.
An abstract Extended result which can be used as the basis for implementing new Extended operations.
This class provides a skeletal implementation of the ExtendedResultDecoder interface, to minimize the effort required to implement this interface.
An abstract Intermediate response which can be used as the basis for implementing new Intermediate responses.
This class defines the wrapper that will invoke all registered loggers for each type of request received or response sent.
An abstract managed object implementation.
Defines the structure of an abstract managed object.
Abstract implementation for Map based entries.
Creates and manages your application's set of meters.
This class implements a default ordering matching rule that matches normalized values in byte order.
Deprecated.
RequestHandler now has default methods which implement the not-supported behavior.
Abstract class that implements the RequestVisitor interface.
Abstract class for property mappers mapping a DN (or DN and JSON) LDAP attribute to a JSON object.
A property mapper which provides a mapping from a JSON value to a DN valued LDAP attribute in another resource.
An abstract connection whose asynchronous methods are implemented in terms of synchronous methods.
This class implements an enumeration that may be used for configuration items that may have three possible values: accept, reject, or warn.
Builder for audit access events.
The status of the access request.
This class manages the application-wide access-control configuration.
This class defines the set of methods and structures that must be implemented by a Directory Server access control handler.
A server-side interface for querying Access Control Handler settings.
A client-side interface for reading and modifying Access Control Handler settings.
An interface for querying the Access Control Handler managed object definition meta information.
Enforces access controls for a single request and its responses.
A server-side interface for querying Access Log Filtering Criteria settings.
A client-side interface for reading and modifying Access Log Filtering Criteria settings.
An interface for querying the Access Log Filtering Criteria managed object definition meta information.
Defines the set of permissible values for the "log-record-type" property.
This class defines the wrapper that will invoke all registered access loggers for each type of request received or response sent.
This class defines the set of methods and structures that must be implemented for a Directory Server access log publisher.
A server-side interface for querying Access Log Publisher settings.
A client-side interface for reading and modifying Access Log Publisher settings.
An interface for querying the Access Log Publisher managed object definition meta information.
Defines the set of permissible values for the "filtering-policy" property.
Defines access modes of a Storage.
This class defines a data type for storing information associated with an account status notification.
This class defines the set of methods that must be implemented for an account status notification handler.
A server-side interface for querying Account Status Notification Handler settings.
A client-side interface for reading and modifying Account Status Notification Handler settings.
An interface for querying the Account Status Notification Handler managed object definition meta information.
This class defines a utility that will be used to manage the set of account status notification handlers defined in the Directory Server.
This class implements an enumeration that holds the possible set of additional properties that can be included in an account status notification.
This class implements an enumeration that holds the possible event types that can trigger an account status notification.
The Aci class represents ACI strings.
This class represents the body of an ACI.
This class implements the dseecompat geteffectiverights evaluation.
Interface that provides a view of the AciContainer that is used by the ACI evaluation code to evaluate an ACI.
The AciException class defines an exception that may be thrown either during ACI syntax verification of an "aci" attribute type value or during evaluation of an LDAP operation using a set of applicable ACIs.
A DSEE-compatible access control handler.
The AciList class performs caching of the ACI attribute values using the entry DN as the key.
The AciListenerManager updates an ACI list after each modification operation.
ACI property definition.
An interface for incrementally constructing ACI property definitions.
The AciTargetMatchContext interface provides a view of an AciContainer that exposes information to be used by the Aci.isApplicable() method to determine if an ACI is applicable (targets matched) to the LDAP operation, operation rights and entry and attributes having access checked on.
This class represents target part of an ACI's syntax.
Represents an action that may be performed against a resource.
Action<E extends Exception>
An Runnable functional interface which can throw a checked Exception.
An implementation specific action, or operation, upon a JSON resource.
Response object for JSON responses.
Builder for audit activity events.
This class describes the context that is attached to Add Operation.
An additional log item for an operation which may be processed in the access log.
This class is used to exchange Add operation between LDAP servers and replication servers.
This class defines an operation that may be used to add a new entry to the Directory Server.
The Add operation allows a client to request the addition of an entry into the Directory.
An address mask can be used to perform efficient comparisons against IP addresses to determine whether a particular IP address is in a given range.
This class provides an implementation of a Directory Server task that can be used to add the contents of a new schema file into the server schema.
This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
A server-side interface for querying cn=admin data Trust Manager Provider settings.
A client-side interface for reading and modifying cn=admin data Trust Manager Provider settings.
An interface for querying the cn=admin data Trust Manager Provider managed object definition meta information.
An HTTP endpoint providing access to the server's monitoring backend (cn=monitor) and its configuration (cn=config).
A server-side interface for querying Admin Endpoint settings.
A client-side interface for reading and modifying Admin Endpoint settings.
An interface for querying the Admin Endpoint managed object definition meta information.
Exceptions thrown when interacting with administration framework.
This class is a wrapper on top of LDAPConnectionHandler to manage the administration connector, which is an LDAPConnectionHandler with specific (limited) configuration properties.
A server-side interface for querying Administration Connector settings.
A client-side interface for reading and modifying Administration Connector settings.
An interface for querying the Administration Connector managed object definition meta information.
Check if information found in "cn=admin data" is coherent with cn=config.
Defines an optional action which administators must perform after they have modified a property.
Specifies the type of administrator action which must be performed in order for pending changes to take effect.
The persistent search request control for Active Directory as defined by Microsoft.
A Context containing information which should be returned to the user in some appropriate form to the user.
WarningHeader implements RFC 2616 section 14.46 - Warning.
This class defines a Directory Server password storage scheme that will encode values using the AES reversible encryption algorithm.
A server-side interface for querying AES Password Storage Scheme settings.
A client-side interface for reading and modifying AES Password Storage Scheme settings.
An interface for querying the AES Password Storage Scheme managed object definition meta information.
An affinity context can be used to bypass any load-balancing and always direct a requests to the same server.
Aggregation property definition.
An interface for incrementally constructing aggregation property definitions.
This class defines an interface that may be used to define a set of alert notifications that may be generated by this Directory Server component.
This interface defines the set of methods that must be implemented for a Directory Server alert handler.
A server-side interface for querying Alert Handler settings.
A client-side interface for reading and modifying Alert Handler settings.
An interface for querying the Alert Handler managed object definition meta information.
This class defines a utility that will be used to manage the set of alert handlers defined in the Directory Server.
A default behavior provider which indicates special behavior.
An HTTP endpoint for exposing the server liveness status.
A server-side interface for querying Alive HTTP endpoint settings.
A client-side interface for reading and modifying Alive HTTP endpoint settings.
An interface for querying the Alive HTTP endpoint managed object definition meta information.
This class provides an implementation of a SASL mechanism, as defined in RFC 4505, that does not perform any authentication.
A server-side interface for querying Anonymous SASL Mechanism Handler settings.
A client-side interface for reading and modifying Anonymous SASL Mechanism Handler settings.
An interface for querying the Anonymous SASL Mechanism Handler managed object definition meta information.
AnyTypeValidator applies all the constraints of a any type.
A utility class for dealing with CrestApplication instances.
This class defines a Directory Server password storage scheme that will encode values using the Argon2 encryption algorithm.
A server-side interface for querying Argon2 Password Storage Scheme settings.
A client-side interface for reading and modifying Argon2 Password Storage Scheme settings.
An interface for querying the Argon2 Password Storage Scheme managed object definition meta information.
Defines the set of permissible values for the "argon2-variant" property.
Defines the set of permissible values for the "rehash-policy" property.
ArrayTypeValidator applies all the constraints of a array type.
This class contains various static factory methods for creating ASN.1 readers and writers.
An interface for decoding ASN.1 elements from a data source.
Provides methods for building and analyzing ASN.1 tag bytes.
The Asn1 tag classes.
An ASN.1 encoder writes ASN.1 elements to an internal byte buffer.
A compiled attribute value assertion.
Thrown when the result code returned in a Result indicates that the Request failed because the filter contained in an assertion control failed to match the target entry.
The assertion request control as defined in RFC 4528.
Attribute value assertion utilities.
An asynchronous Function which returns a result at some point in the future.
A Text Writer which writes log records asynchronously to character-based stream.
This class store historical information for a provided attribute.
This class is used to store historical information for multiple valued attributes.
This class is used to store historical information for single valued attributes.
An attribute, comprising of an attribute description and zero or more attribute values.
The attribute cleanup plugin implementation class.
A server-side interface for querying Attribute Cleanup Plugin settings.
A client-side interface for reading and modifying Attribute Cleanup Plugin settings.
An interface for querying the Attribute Cleanup Plugin managed object definition meta information.
An attribute description as defined in RFC 4512 section 2.5.
A configurable factory for filtering the attributes exposed by an entry.
A fluent API for parsing attributes as different types of object.
This class contains methods for creating and manipulating attributes.
This class defines a data structure for storing and interacting with an attribute type, which contains information about the format of an attribute and the syntax and matching rules that should be used when interacting with it.
A fluent API for incrementally constructing attribute type.
Attribute type property definition.
An interface for incrementally constructing attribute type property definitions.
This enumeration defines the set of possible attribute usage values that may apply to an attribute type, as defined in RFC 2252.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained in another attribute in the user's entry.
A server-side interface for querying Attribute Value Password Validator settings.
A client-side interface for reading and modifying Attribute Value Password Validator settings.
An interface for querying the Attribute Value Password Validator managed object definition meta information.
AttrValueHistorical is the historical information of the modification of one attribute value.
Denotes audit dependencies.
Represents an audit event.
Root builder for all audit events.
The interface for an AuditEventHandler.
Abstract AuditEventHandler class.
Factory interface for creating instances of AuditEventHandler.
Helper methods for AuditEvents.
Stores the state of the details sent to AuditEventHandler.publishEvent(Context, String, JsonValue).
Root class of all exceptions in the Commons Audit Framework.
A Context used when auditing over the router.
Utility class to facilitate creation and configuration of audit service and audit event handlers through JSON.
CREST RequestHandler responsible for storing and retrieving audit events.
Builder for AuditService.
Configuration of the audit service.
AuditService proxy that allows products to implement threadsafe hot-swappable configuration updates.
General utilities for commons audit.
This class provides a data structure which maps an authenticated user DN to the set of client connections authenticated as that user.
Builder for audit authentication events.
Defines a fixed set of authentication statuses that can be logged.
Thrown when the result code returned in a Result indicates that the Bind Request failed due to an authentication failure.
This class defines a data structure that may be used to store information about an authenticated user.
An abstract authentication policy.
A server-side interface for querying Authentication Policy settings.
A client-side interface for reading and modifying Authentication Policy settings.
An interface for querying the Authentication Policy managed object definition meta information.
A factory for creating configurable authentication policies.
The authentication policy context associated with a user's entry, which is responsible for managing the user's account, their password, as well as authenticating the user.
Factory methods of AuthenticationStrategy allowing to perform authentication against LDAP server through different method.
Authenticate a user and create a SecurityContext as a result.
This enumeration defines the set of possible authentication types that may be used for a bind request.
The AuthMethod class represents an authmethod bind rule keyword expression.
Factory methods to create Filter performing authentication and authorizations.
Thrown when the result code returned in a Result indicates that the Request failed due to an authorization failure.
The authorization request control as defined in RFC 3829.
The authorization response control as defined in RFC 3829.
An authentication password, it has a storage scheme, authentication info and authentication value.
An attribute value assertion (AVA) as defined in RFC 4512 section 2.3 consists of an attribute description with zero options and an attribute value.
Represents a directory server backend, which can be either local or remote (proxy).
A server-side interface for querying Backend settings.
A client-side interface for reading and modifying Backend settings.
An interface for querying the Backend managed object definition meta information.
Responsible for managing the lifecycle of backends in the Directory Server.
This class is a wrapper around a backend file path and a backend file ID.
This is an implementation of a Directory Server Backend which stores entries locally in a pluggable storage.
A server-side interface for querying Backend Index settings.
A client-side interface for reading and modifying Backend Index settings.
An interface for querying the Backend Index managed object definition meta information.
Defines the set of permissible values for the "index-type" property.
This program provides a utility that may be used to debug a Pluggable Backend.
This class provides utility functions for all backend client tools.
Contains backend infos: LocalBackend, baseDNs and BackendCfg.
A server-side interface for querying Backend VLV Index settings.
A client-side interface for reading and modifying Backend VLV Index settings.
An interface for querying the Backend VLV Index managed object definition meta information.
Defines the set of permissible values for the "scope" property.
This class contains all the metadata associated with a backup.
This interface must be implemented by backends that support backup and restore.
An exception that may be thrown when there is a problem with a backup file.
A backup file manager is responsible for securely and lazily saving backend files and metadata to its underlying backup storage.
A backup identifier, it is made out of a backend name and a tag.
This is the primary class for managing backups, it works on top of an arbitrary backup storage and allows to backup and restore backupable entities as well as listing and verifying backups.
Filters the available backups using the provided criteria.
Iterator able to return a count of progress and the total number of items to be processed.
Counted iterator returning elements from a list.
This class provides an implementation of a Directory Server task that may be used to purge backups of a Directory Server.
This class implements all the business logic for the dsbackup create sub-command, whether offline or online.
A backup storage is responsible for writing and reading backup files in a persistent location.
Configuration of a backup storage.
An interface to create a backup storage.
This class provides an implementation of a Directory Server task that may be used to back up a Directory Server backend in a binary form.
This interface defines a set of methods that may be used to notify various Directory Server components whenever a backend backup task is about to begin or has just completed.
An exception that is thrown during a operation on a resource when the requested operation is malformed.
This class provides methods for performing base64 encoding and decoding.
Provides RFC 4648 / RFC 2045 compatible Base64 encoding and decoding.
This class defines a Directory Server password storage scheme that will store the values in base64-encoded form.
A server-side interface for querying Base64 Password Storage Scheme settings.
A client-side interface for reading and modifying Base64 Password Storage Scheme settings.
An interface for querying the Base64 Password Storage Scheme managed object definition meta information.
Makes use of the Base64 class to encode and decode to and from URL-safe Base64.
A base implementation of QueryFilterVisitor where all methods throw an UnsupportedOperationException by default - override just the methods you need.
Implementation is responsible for being able to build up a batch payload and to publish that payload.
Indicates failure during a batch operation.
Implementations of BatchPublisher are able to consume multiple audit events and build batches out of them.
Batch publisher factory provides new instances of BatchPublisher.
Basic batch publisher factory implementation.
BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
This class defines a Directory Server password storage scheme that will encode values using the BCrypt encryption algorithm.
A server-side interface for querying Bcrypt Password Storage Scheme settings.
A client-side interface for reading and modifying Bcrypt Password Storage Scheme settings.
An interface for querying the Bcrypt Password Storage Scheme managed object definition meta information.
Defines the set of permissible values for the "rehash-policy" property.
A BiFunction functional interface which can throw a checked Exception.
This class defines an operation that may be used to authenticate a user to the Directory Server.
The Bind operation allows authentication information to be exchanged between the client and server.
A Bind result indicates the status of the client's request for authentication.
This class represents a single bind rule of an ACI permission-bind rule pair.
This class can be used for filtering string elements by using blacklists and/or whitelists.
This class provides an implementation of a trust manager provider that will indicate that any certificate presented should be blindly trusted by the Directory Server.
A server-side interface for querying Blind Trust Manager Provider settings.
A client-side interface for reading and modifying Blind Trust Manager Provider settings.
An interface for querying the Blind Trust Manager Provider managed object definition meta information.
Allows to connect a non back-pressure aware Publisher into a reactive stream.
This class defines a Directory Server password storage scheme that will encode values using the Blowfish reversible encryption algorithm.
A server-side interface for querying Blowfish Password Storage Scheme settings.
A client-side interface for reading and modifying Blowfish Password Storage Scheme settings.
An interface for querying the Blowfish Password Storage Scheme managed object definition meta information.
Boolean property definition.
An interface for incrementally constructing boolean property definitions.
BooleanTypeValidator applies all the constraints of a boolean type.
A QueueingStrategy that concurrently enqueues a bounded number of operations to the DirectoryServer work queue.
BSD MD5 Crypt algorithm, ported from C.
Buffers audit events to a bounded queue, periodically flushing the queue to a provided BatchConsumer.
Builder used to construct a new BufferedBatchPublisher.
Utility class used for manipulating OpenDJ instance, binary and data versions.
Byte array builder class encodes data into byte arrays to send messages over the replication protocol.
Byte array scanner class helps decode data from byte arrays received via messages over the replication protocol.
An immutable sequence of bytes backed by a byte array.
A mutable sequence of bytes backed by a byte array.
An interface for iteratively reading data from a ByteString .
This class implements the LDAP cancel extended operation defined in RFC 3909.
A server-side interface for querying Cancel Extended Operation Handler settings.
A client-side interface for reading and modifying Cancel Extended Operation Handler settings.
An interface for querying the Cancel Extended Operation Handler managed object definition meta information.
The cancel extended request as defined in RFC 3909.
Base for data structures that define configuration for operations.
Thrown when the result code returned in a Result indicates that the Request was cancelled.
An object that registers to be notified when a cancellation request has been received and processing of the request should be aborted if possible.
This class defines the set of methods and structures that must be implemented by a Directory Server module that implements the functionality required to uniquely map an SSL client certificate to a Directory Server user entry.
A server-side interface for querying Certificate Mapper settings.
A client-side interface for reading and modifying Certificate Mapper settings.
An interface for querying the Certificate Mapper managed object definition meta information.
This class defines a utility that will be used to manage the set of certificate mappers defined in the Directory Server.
This class implements an enumeration that may be used to indicate if/how a client's certificate should be validated against the corresponding user entry in the Directory Server.
A key used for verifying certificate signatures.
Contains a chain of PropertyResolvers that should be used to get a token replacement property.
A backend that provides access to the changelog, i.e.
This interface is the entry point for the changelog database which stores the replication data on persistent storage.
Generates a file a containing file names, sizes and permissions for all changelogDb files equivalent to an ls -laR on Unix.
This class define an Exception that must be used when some error condition was detected in the changelog database that cannot be recovered automatically.
Tool that may be used to debug a replication changelog.
This is the changelog state stored in the changelogStateDB.
Small interface for common Replication Environment operations.
This class implements a Directory Server plugin that will add the replication CSN to a response whenever the CSN control is received.
The control used by this plugin.
A server-side interface for querying Change Number Control Plugin settings.
A client-side interface for reading and modifying Change Number Control Plugin settings.
An interface for querying the Change Number Control Plugin managed object definition meta information.
This class stores an index of all the changes seen by this server in the form of ChangeNumberIndexRecords.
Thread responsible for inserting replicated updates into the ChangeNumber Index DB (CNIndexDB for short).
The Change Number Index Record class represents records stored in the ChangeNumberIndexDB.
A request to modify the content of the Directory in some way.
An interface for reading change records from a data source, typically an LDIF file.
A visitor of ChangeRecords, in the style of the visitor design pattern.
An interface for writing change records to a data source, typically an LDIF file.
This message is used by the replica to tell the replication server he is changing his status (new status field used), or by the replication server to request that the replica changes his status (requested status field used).
Class that define messages sent by a replication domain (DS) to the replication server to let the RS know the DS current change time.
This class provides an OpenDJ password validator that may be used to ensure that proposed passwords contain at least a specified number of characters from one or more user-defined character sets.
A server-side interface for querying Character Set Password Validator settings.
A client-side interface for reading and modifying Character Set Password Validator settings.
An interface for querying the Character Set Password Validator managed object definition meta information.
Class used by script to ensure the running java version is compatible with OpenDJ software.
Class property definition.
An interface for incrementally constructing class property definitions.
This class defines a Directory Server password storage scheme that will store the values in clear-text with no encoding at all.
A server-side interface for querying Clear Password Storage Scheme settings.
A client-side interface for reading and modifying Clear Password Storage Scheme settings.
An interface for querying the Clear Password Storage Scheme managed object definition meta information.
This class defines the set of methods and structures that must be implemented by a Directory Server client connection.
An interface for performing client-side constraint validation.
Used to measure absolute and relative time.
Common utility methods for Closeables.
AsyncFunction that silently closes an input-parameter after a delegate-function's AsyncFunction.apply(Object) is completed.
Function that silently closes an input-parameter after a delegate-function's Function.apply(Object) is invoked.
Coercions that can be applied to a given json value.
The CollectErrorsHandler implements the ErrorHandler and never throws any exception, but collects them so callers can retrieve all of them in one go.
An implementation interface for resource providers which exposes a collection of resource instances.
Defines a one-to-many relationship between a parent resource and its children.
Utility class for Collections.
A server-side interface for querying Collective Attribute Subentries Virtual Attribute settings.
A client-side interface for reading and modifying Collective Attribute Subentries Virtual Attribute settings.
An interface for querying the Collective Attribute Subentries Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider to serve the collectiveAttributeSubentries operational attribute as described in RFC 3671.
Entry point for the common audit facility.
Represents a ForgeRock common audit based logger which can be used to log HTTP access audit events.
A server-side interface for querying Common Audit Access Log Publisher settings.
A client-side interface for reading and modifying Common Audit Access Log Publisher settings.
An interface for querying the Common Audit Access Log Publisher managed object definition meta information.
This class stores the common audit logging batch process configurations.
This filter aims to send some access audit events to the AuditService managed as a CREST handler.
A compact attribute represents values using a hash array map trie (HAMT) index and an array of encoded values.
A compact read-only entry suitable for storing in caches.
This class defines an operation that may be used to determine whether a specified entry in the Directory Server contains a given attribute-value pair.
The Compare operation allows a client to compare an assertion value with the values of a particular attribute in a particular entry in the Directory.
An Compare result indicates the final status of an Compare operation.
This exception is thrown when a critical concurrent modification is detected by the client.
An interface for evaluating conditions.
Encapsulate a ConditionalFilters.Condition which must be fulfilled in order to apply the Filter.
Condition which have to be fulfilled in order to apply the Filter.
Encapsulate a Filter which will be processed only if the attached ConditionalFilters.Condition is true.
The result of a tri-state logical expression.
This class consists exclusively of static methods that operate on or return conditions.
This interface defines the methods that a Directory Server component should implement if it wishes to be able to receive notification of new entries added below a configuration entry.
Builder for audit config events.
This interface defines the methods that a Directory Server component should implement if it wishes to be able to receive notification of changes to a configuration entry.
This class defines a data structure that can be used to hold information about the result of processing a configuration change.
This class defines a number of constants used by the Directory Server configuration, including configuration attribute and objectclass names, and attribute options.
This interface defines the methods that a Directory Server component should implement if it wishes to be able to receive notification if entries below a configuration entry are removed.
Thrown during the course of interactions with the Directory Server configuration.
Defines the logging category for the config module.
Parameters to configure a directory server.
A common base interface for all server managed object configurations.
This interface defines the methods that a Directory Server configurable component should implement if it wishes to be able to receive notifications when a new configuration is added.
Back-end responsible for management of configuration entries.
This interface defines the methods that a Directory Server configurable component should implement if it wishes to be able to receive notifications when a its associated configuration is changed.
A common base interface for all managed object configuration clients.
This interface defines the methods that a Directory Server configurable component should implement if it wishes to be able to receive notifications when an existing configuration is deleted.
This class is responsible for managing the configuration framework including: loading core components during application initialization loading extensions during and after application initialization changing the property validation strategy based on whether the application is a client or server.
Represents parameters used for initializing a ConfigurationFramework.
Responsible for managing configuration, including listeners on configuration entries.
Provides configuration entries and listener registration on the entries.
This class is used to configure the Windows service for this instance on this machine.
Return codes for the method disableService.
Return codes for the method enableService.
Return codes for the method stopService.
An exception that is thrown during a operation on a resource when such an operation would result in a conflict.
Thrown when addition of a schema element to a schema builder fails because the OID of the schema element conflicts with an existing schema element and the caller explicitly requested not to override existing schema elements.
A client connection to a JSON resource provider over which read and update requests may be performed.
A connection with a Directory Server over which read and update operations may be performed.
A ConnectionChangeRecordWriter is a bridge from Connections to ChangeRecordWriters.
A ConnectionEntryReader is a bridge from Connections to EntryReaders.
A ConnectionEntryWriter is a bridge from Connections to EntryWriters.
An object that registers to be notified when a connection is closed by the application, receives an unsolicited notification, or experiences a fatal error.
Thrown when the result code returned in a Result indicates that the Request was unsuccessful because of a connection failure.
A connection factory provides an interface for obtaining a connection to a JSON resource provider.
A connection factory provides an interface for obtaining a connection to a Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server connection handler.
A server-side interface for querying Connection Handler settings.
A client-side interface for reading and modifying Connection Handler settings.
An interface for querying the Connection Handler managed object definition meta information.
This class defines a utility that will be used to manage the configuration for the set of connection handlers defined in the Directory Server.
Parameters to establish connections to a directory server.
A connection pool which maintains a cache of client sockets with a configurable core pool size, maximum size, and expiration policy.
Statistics for a connection pool.
An object that registers to be notified when a connection pool grows or shrinks.
This class contains methods for creating and manipulating LDAP clients and connections.
Indicates whether LDAP client connections should use SSL or StartTLS.
An implementation of "consistent hashing" supporting per-partition weighting.
This class provides an implementation of an error log publisher.
A server-side interface for querying Console Error Log Publisher settings.
A client-side interface for reading and modifying Console Error Log Publisher settings.
An interface for querying the Console Error Log Publisher managed object definition meta information.
Constants is the collection of all constant values used by the object validator implementation.
An interface for enforcing constraints and dependencies between managed objects and their properties.
Thrown when the result code returned in a Result indicates that the update Request failed because it would have left the Directory in an inconsistent state.
A Consumer functional interface which can throw a checked Exception.
A condition which evaluates to true if and only if a property contains a particular value.
Controls provide a mechanism whereby the semantics and arguments of existing LDAP operations may be extended.
A factory interface for decoding a control as a control of specific type.
Utility class to resolve controls OID from aliases.
Manages the set of core configuration attributes of the Directory Server.
Definition of a service providing etimes.
Implementation of services providing etimes.
The OpenDJ SDK core schema contains standard LDAP RFC schema elements.
A server-side interface for querying Core Schema settings.
A client-side interface for reading and modifying Core Schema settings.
An interface for querying the Core Schema managed object definition meta information.
Defines the set of permissible values for the "json-validation-policy" property.
Provides the core schema, which includes core matching rules and syntaxes.
Provides a map of supported locale tags to OIDs.
An exception that may be thrown when a wrapped key entry is corrupted.
The count accumulated to a histogram bucket.
Used to measure the rate of change based on calls to increment.
Fluent builder for counters.
An enum of count policy types.
This class provides an implementation of a SASL mechanism that authenticates clients through CRAM-MD5.
A server-side interface for querying CRAM-MD5 SASL Mechanism Handler settings.
A client-side interface for reading and modifying CRAM-MD5 SASL Mechanism Handler settings.
An interface for querying the CRAM-MD5 SASL Mechanism Handler managed object definition meta information.
A specific exception for when Create is not supported, but Upsert might be being attempted so distinguish from other BadRequestExceptions.
This program provides a tool that may be used to generate either an RC script that can be used to start, stop, restart and get status of the Directory Server, OR to a systemd(1) service file for Linux.
A request to create a new JSON resource.
Factory method for function extracting credentials from HTTP request Headers.
Credential pair implementation.
Declare a CREST Application.
A CREST HTTP utility class which creates instances of the HttpAdapter to handle CREST HTTP requests.
Represents a read-only ForgeRock Common REST HTTP Endpoint which exposes server metrics.
A server-side interface for querying Common REST Metrics HTTP Endpoint settings.
A client-side interface for reading and modifying Common REST Metrics HTTP Endpoint settings.
An interface for querying the Common REST Metrics HTTP Endpoint managed object definition meta information.
Implements a ScheduledExecutorService on top of a cached thread pool to achieve UNIX's cron-like capabilities.
UNIX Crypt cipher, ported from the Sun OpenSolaris project.
Constants for Crypto Algorithms and Json Crypto Json pointer keys.
Base class for all secrets that are used as keys for cryptographic operations.
This class implements part of the Directory Server cryptographic framework.
Provides cryptographic related operations and key management.
A server-side interface for querying Crypto Manager settings.
A client-side interface for reading and modifying Crypto Manager settings.
An interface for querying the Crypto Manager managed object definition meta information.
Defines the set of permissible values for the "key-wrapping-mode" property.
This class defines an exception that is thrown in the case of problems with encryption key management, and is a wrapper for a variety of other cipher related exceptions.
This class defines an object that synchronizes secret-key entries from the admin data branch to the crypto manager secret-key cache.
This class defines a Directory Server password storage scheme based on the UNIX Crypt algorithm.
A server-side interface for querying Crypt Password Storage Scheme settings.
A client-side interface for reading and modifying Crypt Password Storage Scheme settings.
An interface for querying the Crypt Password Storage Scheme managed object definition meta information.
Defines the set of permissible values for the "crypt-password-storage-encryption-algorithm" property.
Class used to represent Change Sequence Numbers.
The version of a CSN to ask for a particular representation.
This class defines a structure that is used for storing the last CSNs generated on this server or received from other servers and generating new CSNs that are guaranteed to be larger than all the previously seen or generated CSNs.
Handles AuditEvents by writing them to a CSV file.
A configuration for CSV audit event handler.
Contains the csv writer configuration parameters.
Contains the configuration parameters to configure tamper evident logging.
Configuration of event buffering.
A server-side interface for querying CSV File Access Log Publisher settings.
A client-side interface for reading and modifying CSV File Access Log Publisher settings.
An interface for querying the CSV File Access Log Publisher managed object definition meta information.
A server-side interface for querying CSV File HTTP Access Log Publisher settings.
A client-side interface for reading and modifying CSV File HTTP Access Log Publisher settings.
An interface for querying the CSV File HTTP Access Log Publisher managed object definition meta information.
Command line interface for verifying an archived set of tamper evident CSV audit log files for a particular topic.
Sequential cursor extended with navigation methods.
A key that is used for decrypting confidential data.
A key that is used for encrypting confidential data.
This class implements the dayofweek bind rule keyword.
Generic cursor interface into the changelog database.
Options to create a cursor.
Represents a cursor key positioning strategy.
Displays the components of a CSN in human understandable format.
Thrown when data from an input source cannot be decoded, perhaps due to the data being malformed in some way.
Decode options allow applications to control how requests and responses are decoded.
The requested managed object was found but it could not be decoded.
Marker interface for all key types that can be used for decryption.
An interface for determining the default behavior of a property.
A visitor of default behavior providers, in the style of the visitor design pattern.
Default implementation of KeyStoreHandlerProvider.
Default implementation of LocalHostNameProvider using InetAddress to lookup host name of local host.
A default managed object which should be created when a parent managed object is created.
An interface for incrementally constructing default managed objects.
Default implementation of SecureStorageProvider.
A default behavior provider which represents a well-defined set of default values.
The requested managed object was found but its type could not be determined.
An enumeration defining the reasons why the definition could not be resolved.
This interface is used to determine the "best match" managed object definition in a definition hierarchy.
This class is used to describe the context attached to a Delete Operation.
Object used when sending delete information to replication servers.
This class defines an operation that may be used to remove an entry from the Directory Server.
A request to delete a JSON resource.
The Delete operation allows a client to request the removal of an entry from the Directory.
Configuration wrapper for JMS DeliveryMode persistence constants.
An interface for a simple dependency provider.
AuditEventFactory capable of performing construction injection by resolving dependencies using a DependencyProvider.
Base DependencyProvider that has provides no dependencies.
A deployment ID, together with its password, facilitates the generation of the cryptographic keys required to protect a deployment, such as a root CA key-pair for SSL/TLS and a master key-pair for protecting symmetric keys used for data encryption.
The deployment ID information to be displayed by the deployment ID tool.
Holds deprecation information of configuration objects or properties.
A Search operation alias dereferencing policy as defined in RFC 4511 section 4.5.1.3 is used to indicate whether alias entries (as defined in RFC 4512) are to be dereferenced during stages of a Search operation.
Decorator for a request handler that can return an api descriptor of the underlying handler.
Version of SynchronousRequestHandlerAdapter that exposes a described handler.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained in a specified dictionary.
A server-side interface for querying Dictionary Password Validator settings.
A client-side interface for reading and modifying Dictionary Password Validator settings.
An interface for querying the Dictionary Password Validator managed object definition meta information.
This class provides an implementation of a SASL mechanism that authenticates clients through DIGEST-MD5.
A server-side interface for querying DIGEST-MD5 SASL Mechanism Handler settings.
A client-side interface for reading and modifying DIGEST-MD5 SASL Mechanism Handler settings.
An interface for querying the DIGEST-MD5 SASL Mechanism Handler managed object definition meta information.
Defines the set of permissible values for the "quality-of-protection" property.
This class provides a set of properties that may control various aspects of the server environment.
This class defines the core of the Directory Server.
Class that prints the version of OpenDJ server to System.out.
Initialize the client DirectoryServer singleton by using a fluent interface.
This interface must be implemented by all Directory Server components that interact with JMX in any way.
This class defines the set of methods and structures that are available for use in Directory Server plugins.
This class defines a shutdown hook that will be invoked automatically when the JVM is shutting down.
This class defines a generic thread that should be the superclass for all threads created by the Directory Server.
High-level interface to the WatchService API for detecting filesystem change events.
This class provides an implementation of a Directory Server task that can be used to terminate a client connection.
A disconnect exception is thrown in order to indicate that an accepted connection has been rejected and must be disconnected immediately.
This enumeration defines the set of possible reasons for the closure of a connection between a client and the Directory Server.
This class provides an application-wide disk space monitoring service.
This interface defines the set of methods that must be implemented for a DiskSpaceMonitorHandler.
A RetentionPolicy that will retain/delete log files based off the total disk space used.
Track the sample distribution of events.
Fluent builder for distribution summaries.
The DITCacheMap class implements custom Map for structural storage of arbitrary objects in Directory Information Tree (DIT) like structure.
This class defines a DIT content rule, which defines the set of allowed, required, and prohibited attributes for entries with a given structural objectclass, and also indicates which auxiliary classes may be included in the entry.
A fluent API for incrementally constructing DIT content rule.
This class defines a DIT structure rule, which is used to indicate the types of children that entries may have.
A fluent API for incrementally constructing DIT structure rules.
This class checks a Number instance.
A distinguished name (DN) as defined in RFC 4512 section 2.3 is the concatenation of its relative distinguished name (RDN) and its immediate superior's DN.
DN property definition.
An interface for incrementally constructing DN property definitions.
This class implements the dns bind rule keyword.
Adds a hidden sub-command to write generated reference documentation for the dsconfig command.
Cursor iterating over a replication domain's replica DBs.
Identifier comprised of the domain baseDN and its replicaId within this domain.
Marker annotation during the migration.
This message is part of the replication protocol.
An abstract management connection context driver which should form the basis of driver implementations.
Driver based client management connection context.
Implementation of a MeterRegistry supporting tags using dropwizard metric types.
A CREST CollectionResourceProvider that adds queryFilter, field filtering, sorting abilities, and paging to the dropwizard json metrics data.
While Dropwizard is well suited for representing hierarchical metrics, it has no support for dimensional metrics.
A describable counter, implementing both the dropwizard's and the monitoring-api's relevant APIs.
A describable gauge, implementing both the dropwizard's and the monitoring-api's relevant APIs.
A describable histogram, implementing both the dropwizard's meter and the monitoring-api's relevant APIs.
A describable meter, implementing both the dropwizard's meter and the monitoring-api's relevant APIs.
A describable dropwizard metric.
A describable timer, implementing both the dropwizard's and the monitoring-api's relevant APIs.
dsbackup tool implementation.
This class provides a command-line tool which enables administrators to configure the Directory Server.
A server-side interface for querying DSEE Compatible Access Control Handler settings.
A client-side interface for reading and modifying DSEE Compatible Access Control Handler settings.
An interface for querying the DSEE Compatible Access Control Handler managed object definition meta information.
This class holds information about a DS connected to the topology.
Implementation of "dsrepl" command line tool that provides commands for managing replication for a server.
Represents a duration in english.
Duration property definition.
An interface for incrementally constructing duration property definitions.
This class provides a dynamic group implementation, in which membership is determined dynamically based on criteria provided in the form of one or more LDAP URLs.
Multi domain DB cursor that only returns updates for the domains which have been enabled for the external changelog.
AuditEventHandler for Elasticsearch.
A configuration for Elasticsearch audit event handler.
Configuration of connection to Elasticsearch.
Configuration of event buffering.
Configuration of index mapping.
Utilities for working with Elasticsearch.
This class defines an e-mail message that may be sent to one or more recipients via SMTP.
The MIME text subtype for the message body.
Represents an embedded directory server on which high-level operations are available (setup, upgrade, start, stop, ...).
Exception that may be thrown by an embedded directory server if a problem occurs while performing an operation on the server.
Implementation of an empty Cursor, for simulating no records to cursor on.
This program provides a utility that may be used to interact with the password storage schemes defined in the Directory Server.
Marker interface for all key types that can be used for encryption.
This class provides an implementation of a Directory Server task that can be used to place the server in lockdown mode.
This class implements a Directory Server plugin that will add an "entity tag" or "Etag" attribute to an entry whenever it is added, modified or imported.
A server-side interface for querying ETag Plugin settings.
A client-side interface for reading and modifying ETag Plugin settings.
An interface for querying the ETag Plugin managed object definition meta information.
A server-side interface for querying Entity Tag Virtual Attribute settings.
A client-side interface for reading and modifying Entity Tag Virtual Attribute settings.
An interface for querying the Entity Tag Virtual Attribute managed object definition meta information.
Defines the set of permissible values for the "checksum-algorithm" property.
This class implements a virtual attribute provider which ensures that all entries contain an "entity tag" or "Etag" as defined in section 3.11 of RFC 2616.
This class contains methods for creating and manipulating entries.
Contains server-specific methods that deal with entries.
Defines the available strategy to compute changes.
An Entry which implements the null object pattern.
Defines the available strategy to generate changes.
An entry, comprising of a distinguished name and zero or more attributes.
This class defines the set of methods that must be implemented by a Directory Server entry cache.
A server-side interface for querying Entry Cache settings.
A client-side interface for reading and modifying Entry Cache settings.
An interface for querying the Entry Cache managed object definition meta information.
This class defines a utility that will be used to manage the configuration for the Directory Server entry cache.
This class defines the entry cache dispatcher which acts as an arbiter for every entry cache implementation configured and installed within the Directory Server or acts an an empty cache if no implementation specific entry cache is configured.
This class implements the ECL cookie control.
The entry change notification response control as defined in draft-ietf-ldapext-psearch.
Storage container for LDAP entries.
A server-side interface for querying entryDN Virtual Attribute settings.
A client-side interface for reading and modifying entryDN Virtual Attribute settings.
An interface for querying the entryDN Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the entryDN operational attribute as described in draft-zeilenga-ldap-entrydn.
A template driven entry generator, as used by the makeldif tool.
This class is used to store historical information that is used to resolve modify conflicts: it is effectively the content of the ds-sync-hist attribute.
A specialized Attribute implementations that performs lazy conversion of EntryHistorical (ds-sync-hist) meta-data to its LDAP attribute representation as well as from its compact org.opends.server.backends.pluggable.ID2Entry representation.
This message is part of the replication protocol.
Thrown when the result code returned in a Result indicates that the Request failed because the target entry was not found by the Directory Server.
An interface for reading entries from a data source, typically an LDIF file.
This class implements a Directory Server plugin that will add the entryUUID attribute to an entry whenever it is added or imported as per RFC 4530.
A server-side interface for querying entryUUID Plugin settings.
A client-side interface for reading and modifying entryUUID Plugin settings.
An interface for querying the entryUUID Plugin managed object definition meta information.
A server-side interface for querying entryUUID Virtual Attribute settings.
A client-side interface for reading and modifying entryUUID Virtual Attribute settings.
An interface for querying the entryUUID Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the entryUUID operational attribute as described in RFC 4530.
An interface for writing entries to a data source, typically an LDIF file.
This class provides an enumeration of the reasons why an ACI evaluation returned a result from the AciHandler's testApplicableLists call.
This class provides an enumeration of evaluation results returned by the bind rule evaluation methods.
This class implements "enum" validation on all types of objects as defined in the paragraph 5.19 of the JSON Schema specification.
Enumeration property definition.
An interface for incrementally constructing enumeration property definitions.
This class provides an enumeration of the ACI rights.
This class provides an enumeration of the valid ACI target operators.
Provides a EnumValueOfHelper.valueOf(String) method as a replacement for the implicitly declared enum function valueOf(String), which has the advantage of not throwing exceptions when the name argument is null or cannot be found in the enum's values.
A property accessor that allows access to environment variables.
ErrorHandler is the abstract base class for Validators.
This class defines an account status notification handler that will write information about status notifications using the Directory Server's error logging facility.
A server-side interface for querying Error Log Account Status Notification Handler settings.
A client-side interface for reading and modifying Error Log Account Status Notification Handler settings.
An interface for querying the Error Log Account Status Notification Handler managed object definition meta information.
Defines the set of permissible values for the "account-status-notification-type" property.
This class defines the wrapper that will invoke all registered error loggers for each type of request received or response sent.
Logs internal server errors and runtime exceptions once the request has been processed.
This class defines the set of methods and structures that must be implemented for a Directory Server error log publisher.
A server-side interface for querying Error Log Publisher settings.
A client-side interface for reading and modifying Error Log Publisher settings.
An interface for querying the Error Log Publisher managed object definition meta information.
Defines the set of permissible values for the "default-severity" property.
This message is part of the replication protocol.
Base class for audit event handler configuration.
Encapsulates meta-data for event topics.
Builder for EventTopicsMetaData.
This class provides an implementation of a Directory Server identity mapper that looks for the exact value provided as the ID string to appear in an attribute of a user's entry.
A server-side interface for querying Exact Match Identity Mapper settings.
A client-side interface for reading and modifying Exact Match Identity Mapper settings.
An interface for querying the Exact Match Identity Mapper managed object definition meta information.
A completion handler for consuming exceptions which occur during the execution of asynchronous tasks.
Responsible for generating ExecutorService instances which are automatically wired up to shutdown when the ShutdownListener event triggers.
This enumeration defines the set of possible behaviors that should be taken when attempting to write to a file that already exists.
An exception generated by a TokenHandler on extraction when the token is expired.
This program provides a utility that may be used to export the contents of a Directory Server backend to an LDIF file.
This class provides an implementation of a Directory Server task that can be used to export the contents of a Directory Server backend to an LDIF file.
This interface defines a set of methods that may be used to notify various Directory Server components whenever an LDIF export task is about to begin or has just completed.
Exception related to decoding of expression.
Utility class to manage expressions.
Utility methods for obtaining Expression syntaxes that are based on existing syntaxes.
This class defines an extended operation, which can perform virtually any kind of task.
This class defines a utility that will be used to manage the set of extended operation handlers defined in the Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server module that implements the functionality required for one or more types of extended operations.
A server-side interface for querying Extended Operation Handler settings.
A client-side interface for reading and modifying Extended Operation Handler settings.
An interface for querying the Extended Operation Handler managed object definition meta information.
The Extended operation allows additional operations to be defined for services not already available in the protocol; for example, to implement an operation which installs transport layer security (see StartTlsExtendedRequest).
A factory interface for decoding a generic extended request as an extended request of specific type.
A Extended result indicates the status of an Extended operation and any additional information associated with the Extended operation, including the optional response name and value.
A factory interface for decoding a generic extended result as an extended result of specific type.
Added in protocol V10 to exchange additional information during handshake.
This class defines a number of constants that may be used by Directory Server extensions.
A server-side interface for querying External Access Log Publisher settings.
A client-side interface for reading and modifying External Access Log Publisher settings.
An interface for querying the External Access Log Publisher managed object definition meta information.
This class implements the request control used to browse the external changelog.
A server-side interface for querying External HTTP Access Log Publisher settings.
A client-side interface for reading and modifying External HTTP Access Log Publisher settings.
An interface for querying the External HTTP Access Log Publisher managed object definition meta information.
A service provider interface for externalizing the strategy used for wrapping individual private/secret keys.
This class provides an implementation of a SASL mechanism that relies on some form of authentication that has already been done outside the LDAP layer.
A server-side interface for querying External SASL Mechanism Handler settings.
A client-side interface for reading and modifying External SASL Mechanism Handler settings.
An interface for querying the External SASL Mechanism Handler managed object definition meta information.
Defines the set of permissible values for the "certificate-validation-policy" property.
This class represents an ACI's extop keyword rule.
Defines the standard Syslog message facilities.
A factory interface.
This enumeration defines the various ways that a task can behave if it is dependent upon another task and that earlier task is done running but did not complete successfully.
FailFastErrorHandler implements the ErrorHandler in a way it re-throws the exception at first time.
This class defines a Directory Server entry cache that uses a FIFO to keep track of the entries.
A server-side interface for querying FIFO Entry Cache settings.
A client-side interface for reading and modifying FIFO Entry Cache settings.
An interface for querying the FIFO Entry Cache managed object definition meta information.
A server-side interface for querying File Based Access Log Publisher settings.
A client-side interface for reading and modifying File Based Access Log Publisher settings.
An interface for querying the File Based Access Log Publisher managed object definition meta information.
Defines the set of permissible values for the "log-format" property.
A server-side interface for querying File Based Audit Log Publisher settings.
A client-side interface for reading and modifying File Based Audit Log Publisher settings.
An interface for querying the File Based Audit Log Publisher managed object definition meta information.
A server-side interface for querying File Based Error Log Publisher settings.
A client-side interface for reading and modifying File Based Error Log Publisher settings.
An interface for querying the File Based Error Log Publisher managed object definition meta information.
Configures time based or size based log file rotation.
Groups the file retention config parameters.
Groups the file rotation config parameters.
A server-side interface for querying File Based HTTP Access Log Publisher settings.
A client-side interface for reading and modifying File Based HTTP Access Log Publisher settings.
An interface for querying the File Based HTTP Access Log Publisher managed object definition meta information.
This class defines a key manager provider that will access keys stored in a file located on the Directory Server filesystem.
A server-side interface for querying File Based Key Manager Provider settings.
A client-side interface for reading and modifying File Based Key Manager Provider settings.
An interface for querying the File Based Key Manager Provider managed object definition meta information.
This class defines a trust manager provider that will reference certificates stored in a file located on the Directory Server filesystem.
A server-side interface for querying File Based Trust Manager Provider settings.
A client-side interface for reading and modifying File Based Trust Manager Provider settings.
An interface for querying the File Based Trust Manager Provider managed object definition meta information.
Log file implementation of the ChangelogDB interface.
Property resolver that considers only the property keys that begins with the "file:" string, and then interprets the remaining part of the key as a relative or absolute file path that must be read to return a value.
A server-side interface for querying File Count Log Retention Policy settings.
A client-side interface for reading and modifying File Count Log Retention Policy settings.
An interface for querying the File Count Log Retention Policy managed object definition meta information.
An interface to declare the names of audit log files.
This class implements a retention policy based on the number of files.
This class provides a mechanism for setting file permissions in a more abstract manner than is provided by the underlying operating system and/or filesystem.
A backup storage implementation that reads and writes files in a file system directory.
This class creates instances of BackupStorage plugged on the local file system.
A SecretStore that reads secrets from a directory with the expectation that each file contains a separate secret.
A builder for more fluently creating a FileSystemSecretStore.
Interface that represents an audit filter.
An interface for implementing request handler filters.
A search filter as defined in RFC 4511.
This enumeration defines the set of possible filter types that may be used for search filters.
Builds a Filter for a given set of FilterPolicy.
A chain of filters terminated by a target request handler.
A condition which controls whether or not a filter will be invoked or not.
Represents a FilterPolicy which contains the includeIf and excludeIf values for the filter.
This class contains methods for creating various kinds of Filter and FilterConditions.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the fingerprint of the client certificate.
A server-side interface for querying Fingerprint Certificate Mapper settings.
A client-side interface for reading and modifying Fingerprint Certificate Mapper settings.
An interface for querying the Fingerprint Certificate Mapper managed object definition meta information.
Defines the set of permissible values for the "fingerprint-algorithm" property.
A server-side interface for querying Fixed Time Log Rotation Policy settings.
A client-side interface for reading and modifying Fixed Time Log Rotation Policy settings.
An interface for querying the Fixed Time Log Rotation Policy managed object definition meta information.
Rotates audit files at fixed times throughout the day.
This class implements a rotation policy based on fixed day/time of day.
Deprecated.
This class is currently only used in conjunction with the PropertyResolverSecretStore and this pairing is deprecated.
An exception that is thrown when access to a resource is forbidden during an operation on an resource.
This class implements "format" validation on primitive types of objects as defined in the paragraph 5.23 of the JSON Schema specification.
This class implements a Directory Server plugin that is used in fractional replication to initialize a just configured fractional domain (when an online full update occurs or offline/online ldif import).
A server-side interface for querying Fractional LDIF Import Plugin settings.
A client-side interface for reading and modifying Fractional LDIF Import Plugin settings.
An interface for querying the Fractional LDIF Import Plugin managed object definition meta information.
A server-side interface for querying Free Disk Space Log Retention Policy settings.
A client-side interface for reading and modifying Free Disk Space Log Retention Policy settings.
An interface for querying the Free Disk Space Log Retention Policy managed object definition meta information.
A RetentionPolicy that will retain/delete log files given a minimum amount of disk space the file system must contain.
This class implements a retention policy based on the free disk space available expressed as a percentage.
A synchronous function which returns a result immediately.
Common Function implementations which may be used when parsing attributes.
 
Fluent builder for gauges.
An LDAP generalized time as defined in RFC 4517.
This class is used to generate bash completion scripts out of the tools.
The generation id used for a replication domain.
This class computes the generation id used for a replication domain.
A generic constraint which comprises of an underlying condition and a description.
A generic control which can be used to represent arbitrary raw request and response controls.
A generic Extended request which should be used for unsupported extended operations.
A Generic Extended result indicates the final status of an Generic Extended operation.
A Generic Intermediate response provides a mechanism for communicating unrecognized or unsupported Intermediate responses to the client.
A generic secret represented as an opaque blob of bytes, such as a password or API key.
This class implements the "Get Connection ID" extended operation that can be used to get the connection ID of the associated client connection.
A server-side interface for querying Get Connection ID Extended Operation Handler settings.
A client-side interface for reading and modifying Get Connection ID Extended Operation Handler settings.
An interface for querying the Get Connection ID Extended Operation Handler managed object definition meta information.
A partial implementation of the get effective rights request control as defined in draft-ietf-ldapext-acl-model.
This class implements the get symmetric key extended operation, an OpenDS proprietary extension used for distribution of symmetric keys amongst servers.
A server-side interface for querying Get Symmetric Key Extended Operation Handler settings.
A client-side interface for reading and modifying Get Symmetric Key Extended Operation Handler settings.
An interface for querying the Get Symmetric Key Extended Operation Handler managed object definition meta information.
A server-side interface for querying Global Access Control Policy settings.
A client-side interface for reading and modifying Global Access Control Policy settings.
An interface for querying the Global Access Control Policy managed object definition meta information.
Defines the set of permissible values for the "permission" property.
A server-side interface for querying Global Configuration settings.
A client-side interface for reading and modifying Global Configuration settings.
An interface for querying the Global Configuration managed object definition meta information.
Defines the set of permissible values for the "disabled-privilege" property.
Defines the set of permissible values for the "etime-resolution" property.
Defines the set of permissible values for the "invalid-attribute-syntax-behavior" property.
Defines the set of permissible values for the "single-structural-objectclass-behavior" property.
Defines the set of permissible values for the "unauthenticated-requests-policy" property.
Defines the set of permissible values for the "writability-mode" property.
A server-side interface for querying Governing Structure Rule Virtual Attribute settings.
A client-side interface for reading and modifying Governing Structure Rule Virtual Attribute settings.
An interface for querying the Governing Structure Rule Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the governingStructuralRule operational attribute as described in RFC 4512.
DirectoryServerPlugin responsible for pushing monitoring data to a Graphite server.
A server-side interface for querying Graphite Monitor Reporter Plugin settings.
A client-side interface for reading and modifying Graphite Monitor Reporter Plugin settings.
An interface for querying the Graphite Monitor Reporter Plugin managed object definition meta information.
This interface defines the set of methods that must be implemented by a Directory Server group.
Class holding the already visited groups.
This class provides a mechanism for interacting with all groups defined in the Directory Server.
This class implements a parser for strings which are encoded using the Generic String Encoding Rules (GSER) defined in RFC 3641.
This class provides an implementation of a SASL mechanism that authenticates clients through Kerberos v5 over GSSAPI.
A server-side interface for querying GSSAPI SASL Mechanism Handler settings.
A client-side interface for reading and modifying GSSAPI SASL Mechanism Handler settings.
An interface for querying the GSSAPI SASL Mechanism Handler managed object definition meta information.
Defines the set of permissible values for the "quality-of-protection" property.
This visitor detects if there is any token/placeholder inside the given Template.
A server-side interface for querying Has Subordinates Virtual Attribute settings.
A client-side interface for reading and modifying Has Subordinates Virtual Attribute settings.
An interface for querying the Has Subordinates Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute as described in X.501.
Lightweight REST API providing native LDAP capabilities.
A server-side interface for querying HDAP Authorization Mechanism settings.
A client-side interface for reading and modifying HDAP Authorization Mechanism settings.
An interface for querying the HDAP Authorization Mechanism managed object definition meta information.
Encapsulates configuration required to start a HDAP endpoint embedded in this LDAP server.
A server-side interface for querying Hdap Endpoint settings.
A client-side interface for reading and modifying Hdap Endpoint settings.
An interface for querying the Hdap Endpoint managed object definition meta information.
Hdap Http application.
A composite HealthStatusProvider that computes its health status based on the registered HealthStatusProvider.
A HealthChecker implementation that is safe for using with multiple threads provided that the aggregated HealthStatusProvider are thread-safe.
Represent health diagnostic information.
A MonitorProvider for monitoring the server health status.
Provides a health diagnostic for a component or the whole application.
An HTTP endpoint for exposing the server health status.
A server-side interface for querying Healthy HTTP endpoint settings.
A client-side interface for reading and modifying Healthy HTTP endpoint settings.
An interface for querying the Healthy HTTP endpoint managed object definition meta information.
This message is sent at regular intervals by the replication server when it is sending no other messages.
Publishes a HeartbeatMsg on a given protocol session if no message has been published since the last heartbeat interval period.
Routines for encoding and decoding binary data in hexadecimal format.
Enumeration used for storing type of attribute modification in the value of the replication historical information.
ForgeRock changes: - Removed @incubating annotation
 
 
Matching rule used to establish an order between historical information and index them.
Extensible matching rule to allow a range search on CSNs for a given replica.
Implements the HKDF key deriviation function to allow a single input key to be expanded into multiple component keys.
A secret key designed to be used as the master key for HKDF key generation.
Property definition associated to a Host:Port syntax.
An interface for incrementally constructing HostPortPropertyDefinition.
Property definition for a host.
An interface for incrementally constructing IP address property definitions.
A loader for the KeyStoreSecretStore that knows how to load standard PKCS#11 Hardware Security Module (HSM) providers on our supported platforms.
This class defines the wrapper that will invoke all registered HTTP access loggers for each type of request received or response sent.
This class defines the set of methods and structures that must be implemented for a Directory Server HTTP access log publisher.
A server-side interface for querying HTTP Access Log Publisher settings.
A client-side interface for reading and modifying HTTP Access Log Publisher settings.
An interface for querying the HTTP Access Log Publisher managed object definition meta information.
A server-side interface for querying HTTP Anonymous Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP Anonymous Authorization Mechanism settings.
An interface for querying the HTTP Anonymous Authorization Mechanism managed object definition meta information.
Provides foundation for http authorization mechanisms.
A server-side interface for querying HTTP Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP Authorization Mechanism settings.
An interface for querying the HTTP Authorization Mechanism managed object definition meta information.
Creates HttpAuthorizationMechanism performing the authentication/authorization of incoming Request.
A server-side interface for querying HTTP Basic Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP Basic Authorization Mechanism settings.
An interface for querying the HTTP Basic Authorization Mechanism managed object definition meta information.
An HttpClientConnectionContext is created by the HTTP connection handler at the front-end and passes the unauthenticated HttpClientConnection to the downstream HTTP authentication mechanisms via an LdapClientSocket adapter.
This class defines a connection handler that will be used for communicating with clients over HTTP.
A server-side interface for querying HTTP Connection Handler settings.
A client-side interface for reading and modifying HTTP Connection Handler settings.
An interface for querying the HTTP Connection Handler managed object definition meta information.
Defines the set of permissible values for the "ssl-client-auth-policy" property.
A Context containing information relating to the originating HTTP request.
A factory which is responsible for creating new request Contexts for each JSON request.
Endpoint attach an HttpApplication to an URI.
A server-side interface for querying HTTP Endpoint settings.
A client-side interface for reading and modifying HTTP Endpoint settings.
An interface for querying the HTTP Endpoint managed object definition meta information.
This class defines a utility that will be used to manage the set of HTTP endpoints defined in the Directory Server.
This context contains the logging informations related to the request processing.
A server-side interface for querying HTTP OAuth2 Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 Authorization Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 CTS Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 CTS Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 CTS Authorization Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 File Based Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 File Based Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 File Based Authorization Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 OpenAM Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 OpenAM Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 OpenAM Authorization Mechanism managed object definition meta information.
A server-side interface for querying HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism settings.
A client-side interface for reading and modifying HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism settings.
An interface for querying the HTTP OAuth2 Token Introspection (RFC 7662) Authorization Mechanism managed object definition meta information.
Contains the information required for logging the HTTP request.
Collects statistics for HTTP.
HTTP utility methods and constants.
QueryResourceHandler that searches for a specific identifier value.
This class defines the set of methods and structures that must be implemented by a Directory Server identity mapper.
A server-side interface for querying Identity Mapper settings.
A client-side interface for reading and modifying Identity Mapper settings.
An interface for querying the Identity Mapper managed object definition meta information.
This class defines a utility that will be used to manage the set of identity mappers defined in the Directory Server.
Defines the contract to generate global unique identifiers.
Default implementation of the IdGenerator that will output some ids based on the following pattern : <uuid> + '-' + an incrementing sequence.
This class defines a thread that will be used to terminate client connections if they have been idle for too long.
Thrown when an attempt is made to create a new managed object with an illegal name.
 
Allows to run an import.
Parameters for import / export tasks.
This program provides a utility that may be used to import the contents of an LDIF file into a Directory Server backend.
Parameters to import LDIF data to a directory server.
This class provides an implementation of a Directory Server task that can be used to import data from an LDIF file into a backend.
This interface defines a set of methods that may be used to notify various Directory Server components whenever an LDIF import task is about to begin or has just completed.
Interface of an object that can be indexed with a unique key.
Utility class that checks whether attributes indexed.
This class is registered with a Backend and it provides callbacks for indexing attribute values.
Contains options indicating how indexing must be performed.
A factory for creating arbitrarily complex index queries.
This class implements an enumeration that may be used to define the ways in which an attribute may be indexed within the server.
This class defines an exception that may be thrown if a problem occurs while trying to initialize a Directory Server component.
This is an abstract class of messages of the replication protocol for message that needs to contain information about the server that send them and the destination servers to which they should be sent.
This message is used by Replicas to update the send window of the peer replica.
This message is part of the replication protocol.
This message is part of the replication protocol.
This class provides an implementation of a Directory Server task that can be used to initialize another server by exporting data over the replication protocol.
This class provides an implementation of a Directory Server task that can be used to import data over the replication protocol from another server hosting the same replication domain.
A property mapper which provides a mapping from a DN (or DN and JSON) LDAP attribute to a JSON object.
This class defines a set of methods that are available for use by plugins for operations that are currently in the middle of their "core" processing (e.g., for examining search result entries or references before they are sent to the client).
This class defines a set of methods that are available for use by in progress search plugins.
Class to be used by client tools to retrieve install and instance paths.
A managed object composite relationship definition which represents a composition of zero or more managed objects.
An interface for incrementally constructing instantiable relation definitions.
Integer property definition.
An interface for incrementally constructing integer property definitions.
IntegerTypeValidator applies all the constraints of a integer type.
An Intermediate response provides a general mechanism for defining single-request/multiple-response operations.
A completion handler for consuming intermediate responses returned from extended operations, or other operations for which an appropriate control was sent.
An internal directory server plugin which can be registered with the server without requiring any associated configuration.
A control providing additional modifications to a request.
An exception that is thrown during an operation on a resource when the server encountered an unexpected condition which prevented it from fulfilling the request.
Represents a request which has been received and decoded but is invalid according to the LDAP standard because of an invalid DN syntax or an invalid attribute syntax.
An exception generated by a TokenHandler on validation or extraction when the token is invalid.
This class represents a single ACI's IP bind rule expression.
IP address mask property definition.
An interface for incrementally constructing IP address mask property definitions.
A server-side interface for querying Is Member Of Virtual Attribute settings.
A client-side interface for reading and modifying Is Member Of Virtual Attribute settings.
An interface for querying the Is Member Of Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the isMemberOf operational attribute.
A condition which evaluates to true if and only if a particular property has any values specified.
Default implementation of a Keystore handler.
Class defined in the configuration for this backend type.
A server-side interface for querying JE Backend settings.
A client-side interface for reading and modifying JE Backend settings.
An interface for querying the JE Backend managed object definition meta information.
Defines the set of permissible values for the "db-cache-mode" property.
Defines the set of permissible values for the "db-durability" property.
Berkeley DB Java Edition (JE for short) database implementation of the Storage engine.
Publishes Audit events on a JMS Topic.
Configuration object for the JmsAuditEventHandler.
This class holds the configuration properties that are used by the {#link BatchPublisher} to control the batch queue and worker threads that process the items in the queue.
Stores the JNDI context properties and lookup names.
Interface for retrieving a JMS topic and a JMS connection factory.
This class provides an implementation of a Directory Server alert handler that will send alerts using JMX notifications.
A server-side interface for querying JMX Alert Handler settings.
A client-side interface for reading and modifying JMX Alert Handler settings.
An interface for querying the JMX Alert Handler managed object definition meta information.
This class defines the set of methods and structures that must be implemented by a Directory Server client connection.
This class defines a connection handler that will be used for communicating with administrative clients over JMX.
A server-side interface for querying JMX Connection Handler settings.
A client-side interface for reading and modifying JMX Connection Handler settings.
An interface for querying the JMX Connection Handler managed object definition meta information.
This class defines a JMX MBean that can be registered with the Directory Server to provide monitoring and statistical information, provide read and/or read-write access to the monitoring, and provide notifications and alerts if a significant event or severe/fatal error occurs.
AuditEventHandler for persisting raw JSON events to a file.
Configuration for JsonAuditEventHandler.
Configuration of event buffering.
A server-side interface for querying JSON Equality Matching Rule settings.
A client-side interface for reading and modifying JSON Equality Matching Rule settings.
An interface for querying the JSON Equality Matching Rule managed object definition meta information.
Allows users to configure JSON matching rules.
An exception that is thrown during JSON operations.
A server-side interface for querying JSON File Based Access Log Publisher settings.
A client-side interface for reading and modifying JSON File Based Access Log Publisher settings.
An interface for querying the JSON File Based Access Log Publisher managed object definition meta information.
A server-side interface for querying JSON File Based HTTP Access Log Publisher settings.
A client-side interface for reading and modifying JSON File Based HTTP Access Log Publisher settings.
An interface for querying the JSON File Based HTTP Access Log Publisher managed object definition meta information.
This class contains methods for creating and manipulating connection factories and connections.
A server-side interface for querying JSON Ordering Matching Rule settings.
A client-side interface for reading and modifying JSON Ordering Matching Rule settings.
An interface for querying the JSON Ordering Matching Rule managed object definition meta information.
Allows users to configure JSON matching rules.
Processes partial modifications to JSON values.
RFC6902 expects the patch value to be a predetermined, static value to be used in the patch operation's execution.
Identifies a specific value within a JSON structure.
A property mapper which provides a mapping from a JSON value to an LDAP attribute having the JSON syntax.
A server-side interface for querying JSON Query Equality Matching Rule settings.
A client-side interface for reading and modifying JSON Query Equality Matching Rule settings.
An interface for querying the JSON Query Equality Matching Rule managed object definition meta information.
Allows users to configure custom JSON matching rules and indexing.
Utility methods for obtaining JSON syntaxes and matching rules.
JSON value validation policies.
Contains Utility methods for dealing with JsonSchema data.
AuditEventHandler for persisting raw JSON events to stdout.
Configuration for JsonStdoutAuditEventHandler.
This class contains methods for creating and manipulating connection factories and connections.
Represents a value in a JSON object model structure.
An exception that is thrown during JSON value operations.
A QueryFilterVisitor that returns true if the provide JsonValue meets the criteria of the QueryFilter assertions and false if it does not.
This class contains the utility functions to convert a JsonValue to another type.
This class contains the utility functions to convert a JsonValue to CREST (json-resource) types.
A utility that traverses a JsonValue and does property substitution as well as type coercion.
The specification for a coercion function.
A configuration property resolver that uses a JsonValue to resolve properties.
An implementation of Function that recursively traverses the JsonValue and applies some transformation if needed.
Contains some JsonValue Utility methods.
Represents a KeyManagerProvider which use the JVM keystore.
This class defines a monitor provider that reports information about the JVM it is running into.
Represents a TrustManagerProvider which use the JVM truststore.
Decodes a JSON Web Key (JWK) as a secret.
Factory class for various Jwt classes.
A SecretsProvider whose clock is accessible.
A class used to verify whether a given SignedJwt is valid.
A factory class to generate SignedJwt.
Factory methods to build Filters that handle the JWT mechanism.
A context containing a JwtFactories.SignedJwtFactory to sign authentication requests with a JWT.
A key that is used in a key-agreement protocol (such as Diffie-Hellman) to agree another key.
A key that is used to decrypt (or "unwrap") other keys that have been encrypted with a KeyEncryptionKey.
A key that is used to encrypt ("wrap") other keys.
A format that can be used for exporting key material.
Exports a key in the PEM (Privacy Enhanced Mail) format.
Exports the raw key.
This class defines an API that may be used to obtain a set of javax.net.ssl.KeyManager objects for use when performing SSL communication.
This class implements a monitor provider that will report alias name and expiry date for each X509 certificate associated to a key manager provider.
A server-side interface for querying Key Manager Provider settings.
A client-side interface for reading and modifying Key Manager Provider settings.
An interface for querying the Key Manager Provider managed object definition meta information.
This class defines a utility that will be used to manage the set of key manager providers defined in the Directory Server.
This class contains methods for creating common types of key manager.
Builder class for loading key stores.
Handles the access to a KeyStore.
Decorate a KeyStoreHandler in order to add some commons utility methods to read or write keystore's entries.
Strategy for obtaining a keystore handler.
A class that manages a Java Key Store and has methods for extracting out public/private keys and certificates.
Represents an exception from an operation using the KeyStoreManager class.
A service provider interface for implementing key store caches.
The parameters which configure how the LDAP key store will be accessed.
A secret store for cryptographic keys based on a standard Java KeyStore.
Specifies an alias with its validity for use in the store.
Permits to retrieve the list of usable AliasSpecs of a specific KeyStore.
Aggregates multiple AliasSpecProviders results to serve the list of AliasSpec for a KeyStore.
Serves a matching subset of the aliases present in a KeyStore based on a predicate.
An interface to allow the consuming application to provide the stable ID for the secret.
Serves a static list of AliasSpecs, without looking at the real content of a KeyStore.
Implementation of a secure storage using a keystore.
Indicates the type of key.
Indicates the allowed usages for a particular key.
This interface represents a keyword bind rule class that can evaluate an evaluation context.
Utility methods for interacting with lambdas that throw exceptions.
This class implements a Directory Server plugin that will add the creatorsName and createTimestamp attributes to an entry whenever it is added to the server, and will add the modifiersName and modifyTimestamp attributes whenever the entry is modified or renamed.
A server-side interface for querying Last Mod Plugin settings.
A client-side interface for reading and modifying Last Mod Plugin settings.
An interface for querying the Last Mod Plugin managed object definition meta information.
A list with lazy initialization.
A map with lazy initialization.
A Supplier that lazily computes a value the first time it is accessed and then caches the result to return on subsequent requests.
This class contains various static utility methods encoding and decoding LDAP protocol elements.
This pre-parse plugin modifies the operation to allow an object class identifier to be specified in attributes lists, such as in Search requests, to request the return all attributes belonging to an object class as per the specification in RFC 4529.
A server-side interface for querying LDAP Attribute Description List Plugin settings.
A client-side interface for reading and modifying LDAP Attribute Description List Plugin settings.
An interface for querying the LDAP Attribute Description List Plugin managed object definition meta information.
An LDAP client provides an interface for obtaining a connection to a Directory Server.
A Context containing an LdapClient, which will be used for reading the LDAP schema from the server, and an LdapClientSocket which will be used for performing LDAP requests on behalf of the authenticated user.
This class contains methods for creating and manipulating LDAP clients and connections.
A connection with a Directory Server over which read and update operations may be performed.
A factory class which can be used to obtain connections to an LDAP Directory Server.
This class defines a connection handler that will be used for communicating with clients over LDAP.
A server-side interface for querying LDAP Connection Handler settings.
A client-side interface for reading and modifying LDAP Connection Handler settings.
An interface for querying the LDAP Connection Handler managed object definition meta information.
Defines the set of permissible values for the "ssl-client-auth-policy" property.
Thrown when the result code returned in a Result indicates that the Request was unsuccessful.
This class defines a key manager provider that will access keys stored in an LDAP backend.
A server-side interface for querying LDAP Key Manager Provider settings.
A client-side interface for reading and modifying LDAP Key Manager Provider settings.
An interface for querying the LDAP Key Manager Provider managed object definition meta information.
An LDAP management connection context.
An LDAP management context factory for the DSConfig tool.
Encapsulates a ProtocolOp with LDAP specific message information.
A server-side interface for querying LDAP Pass Through Authentication Policy settings.
A client-side interface for reading and modifying LDAP Pass Through Authentication Policy settings.
An interface for querying the LDAP Pass Through Authentication Policy managed object definition meta information.
Defines the set of permissible values for the "mapping-policy" property.
LDAP pass through authentication policy implementation.
This class is used to map configuration elements to their LDAP schema names.
LDAP profile wrappers can be used to provide temporary LDAP profile information for components which do not have LDAP profile property files.
A handle which can be used to retrieve the Result of an asynchronous Request.
Reads LDAP messages from an underlying ASN.1 reader.
This class implements the bulk part of the Directory Server side of the replication code.
A completion handler for consuming the result of an asynchronous operation or connection attempts.
An LDAP server connection listener which waits for LDAP connection requests to come in over the network and binds them to a server connection created using the provided server connection factory.
Server side representation of a connected LDAP client.
A reactive socket implementation representing a stream of LDAP messages.
This class defines a data structure that will be used to keep track of various metrics related to LDAP communication that the server has conducted.
This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
A server-side interface for querying LDAP Trust Manager Provider settings.
A client-side interface for reading and modifying LDAP Trust Manager Provider settings.
An interface for querying the LDAP Trust Manager Provider managed object definition meta information.
Abstract class that must be extended to define a message used for sending Updates between servers.
An LDAP URL as defined in RFC 4516.
This class defines a data structure that represents the components of an LDAP URL, including the scheme, host, port, base DN, attributes, scope, filter, and extensions.
Writes LDAP messages to an underlying ASN.1 writer.
This class contains common utility methods for creating and manipulating readers and writers.
This class provides a backend implementation that stores the underlying data in an LDIF file.
A server-side interface for querying LDIF Backend settings.
A client-side interface for reading and modifying LDIF Backend settings.
An interface for querying the LDIF Backend managed object definition meta information.
An LDIF change record reader reads change records using the LDAP Data Interchange Format (LDIF) from a user defined source.
An LDIF change record writer writes change records using the LDAP Data Interchange Format (LDIF) to a user defined destination.
This class defines an LDIF connection handler, which can be used to watch for new LDIF files to be placed in a specified directory.
A server-side interface for querying LDIF Connection Handler settings.
A client-side interface for reading and modifying LDIF Connection Handler settings.
An interface for querying the LDIF Connection Handler managed object definition meta information.
An LDIF entry reader reads attribute value records (entries) using the LDAP Data Interchange Format (LDIF) from a user defined source.
An LDIF entry writer writes attribute value records (entries) using the LDAP Data Interchange Format (LDIF) to a user defined destination.
This class defines an exception that may be thrown while attempting to parse LDIF content.
This class defines a data structure for holding configuration information to use when performing an LDIF export.
This class defines a data structure for holding configuration information to use when performing an LDIF import.
This class provides the ability to read information from an LDIF file.
This class provides an implementation of a Directory Server task that can be used bring the server out of lockdown mode.
This class provides a password validator that can ensure that the provided password meets minimum and/or maximum length requirements.
A server-side interface for querying Length Based Password Validator settings.
A client-side interface for reading and modifying Length Based Password Validator settings.
An interface for querying the Length Based Password Validator managed object definition meta information.
This class provides an implementation of the Levenshtein distance algorithm, which may be used to determine the minimum number of changes required to transform one string into another.
Represents information about the license file.
An implementation of the Attribute interface with predictable iteration order.
An implementation of the Entry interface which uses a LinkedHashMap for storing attributes.
Wraps another map.
An object that registers to be notified when an LDAP client associated with a load-balancer changes state from offline to online or vice-versa.
Provides methods for dynamically loading classes.
This class defines the set of methods and structures that must be implemented for a Directory Server backend.
Enumeration of optional backend operations.
Provides information about the state of a completed LDIF import, including the total number of entries read, skipped, and rejected.
A server-side interface for querying Local Backend settings.
A client-side interface for reading and modifying Local Backend settings.
An interface for querying the Local Backend managed object definition meta information.
Defines the set of permissible values for the "writability-mode" property.
This interface defines a set of methods that may be used by server components to perform any processing that they might find necessary whenever a local backend is initialized and/or finalized.
This class implements a monitor provider that will report generic information for an enabled Directory Server backend, including its backend ID, base DNs, writability mode, and the number of entries it contains.
Stores metric data local backends.
Strategy for obtaining the server's local hostname.
A mix-in interface which can be used to identify exceptions which support localization.
A localizable message whose String representation can be retrieved in one or more locales.
A mutable sequence of localizable messages and their parameters.
An opaque handle to a localizable message.
Subclass for creating messages with no arguments.
Subclass for creating messages with one argument.
Subclass for creating messages with two arguments.
Subclass for creating messages with three arguments.
Subclass for creating messages with four arguments.
Subclass for creating messages with five arguments.
Subclass for creating messages with six arguments.
Subclass for creating messages with seven arguments.
Subclass for creating messages with eight arguments.
Subclass for creating messages with nine arguments.
Subclass for creating messages with an any number of arguments.
Represents a String which could be localizable.
Thrown to indicate that an HttpApplication was unable to start.
Thrown to indicate that a method has been passed an illegal or inappropriate argument.
A localized KeyStoreException.
A logger implementation which formats and localizes messages before forwarding them to an underlying SLF4J Logger.
An implementation of SLF4J marker that contains a LocalizableMessage and does not allow to manage references to other markers.
This class provides a mechanism for allowing the Directory Server to utilize file locks as provided by the underlying OS.
A lock manager coordinates directory update operations so that the DIT structure remains in a consistent state, as well as providing repeatable read isolation.
A simple log aggregator to prevent a burst of regularly repeated messages from flooding the logs.
Defines whether and how to encrypt replication changelog files.
This class defines a utility that will be used to manage the set of loggers used in the Directory Server.
Defines the logging categories and their associated logger.
This class defines the set of methods and structures that must be implemented for a Directory Server log publisher.
A server-side interface for querying Log Publisher settings.
A client-side interface for reading and modifying Log Publisher settings.
An interface for querying the Log Publisher managed object definition meta information.
A server-side interface for querying Log Retention Policy settings.
A client-side interface for reading and modifying Log Retention Policy settings.
An interface for querying the Log Retention Policy managed object definition meta information.
This class defines a utility that will be used to manage the set of log retention policies used in the Directory Server.
A server-side interface for querying Log Rotation Policy settings.
A client-side interface for reading and modifying Log Rotation Policy settings.
An interface for querying the Log Rotation Policy managed object definition meta information.
This class defines a utility that will be used to manage the set of log rotation policies used in the Directory Server.
Helper class for logging securely sensitive values.
A server-side interface for querying Mail Server settings.
A client-side interface for reading and modifying Mail Server settings.
An interface for querying the Mail Server managed object definition meta information.
This class manages the set of (zero or more) configurations for connecting to the mail servers defined in the Directory Server.
A generic interface for accessing client-side managed objects.
A managed object could not be created because there is an existing managed object with the same name.
The requested managed object was found but one or more of its properties could not be decoded successfully.
Defines the structure of a managed object which can be instantiated.
A class for retrieving internationalized resource properties associated with a managed object definition.
A class for retrieving non-internationalized resource properties associated with a managed object definition.
The requested managed object could not be located.
This enumeration contains various options that can be associated with managed object definitions.
A path which can be used to determine the location of a managed object instance.
A strategy for serializing managed object paths.
The ManageDsaIT request control as defined in RFC 3296.
Client management connection context.
A management context factory for the dsconfig tool.
Tool for getting information and managing tasks in the Directory Server.
Annotation for property getters and setters for which a value is mandatory.
Wraps another map.
A QueryFilterVisitor that produces a Map representation of the filter tree.
Configures a keystore based on a key/value map.
The matched values request control as defined in RFC 3876.
A compiled search Filter which may be used for matching against entries.
The types of compiled matcher.
This class defines a data structure for storing and interacting with matching rules, which are used by servers to compare attribute values against assertion values when performing Search and Compare operations.
A fluent API for incrementally constructing matching rules.
Represents the types of matching rules, according to RFC 4517 section 4.1.
This interface defines the set of methods that must be implemented to define a new matching rule.
This class defines a data structure for storing and interacting with a matching rule use definition, which may be used to restrict the set of attribute types that may be used for a given matching rule.
A fluent API for incrementally constructing matching rule uses.
Helper compares two Numbers to check the maximum constraint.
This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
A server-side interface for querying MD5 Password Storage Scheme settings.
A client-side interface for reading and modifying MD5 Password Storage Scheme settings.
An interface for querying the MD5 Password Storage Scheme managed object definition meta information.
Store SLF4J Mapped Diagnosed Context (aka MDC) when tasks are submitted, and re-inject it when tasks are executed.
Store SLF4J Mapped Diagnosed Context (aka MDC) when tasks are submitted, and re-inject it when tasks are executed.
A measurement sampled from a meter.
A server-side interface for querying Member Virtual Attribute settings.
A client-side interface for reading and modifying Member Virtual Attribute settings.
An interface for querying the Member Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that works in conjunction with virtual static groups to generate the values for the member or uniqueMember attribute.
A simple in-memory collection resource provider which uses a Map to store resources.
A simple in-memory back-end which can be used for testing.
This class defines a very simple backend that stores its information in memory.
A server-side interface for querying Memory Backend settings.
A client-side interface for reading and modifying Memory Backend settings.
An interface for querying the Memory Backend managed object definition meta information.
Estimates the amount of memory in the running JVM for use of long term caches by looking at the Old Generation, where implemented, or at the Runtime information as fallback.
A counter, gauge, timer, or distribution summary that results collects one or more metrics.
Fluent builder for custom meters.
A meter is uniquely identified by its combination of name and tags.
Custom meters may emit metrics like one of these types without implementing the corresponding interface.
Binders register one or more metrics to provide information about the state of some aspect of the application or its container.
A metered stream is a subclass of OutputStream that (a) forwards all its output to a target stream (b) keeps track of how many bytes have been written.
A metered stream is a subclass of OutputStream that (a) forwards all its output to a target stream (b) keeps track of how many bytes have been written.
As requests are made of a MeterRegistry to create new metrics, allow for filtering out the metric altogether, transforming its ID (name or tags) in some way, and transforming its configuration.
 
 
Creates and manages your application's set of meters.
Access to configuration options for this registry.
Additional, less commonly used meter types.
Decorator for a meter registry.
Decorator for a meter registry.
Helper compares two Numbers to check the minimum constraint.
This exception is thrown when an attempt is made to add or modify a managed object when one or more of its mandatory properties are undefined.
A modification to be performed on an entry during a Modify operation.
A Modify operation change type as defined in RFC 4511 section 4.6 is used to specify the type of modification being performed on an attribute.
Contains equivalent values for the ModificationType values.
This class holds every common code for the modify messages (mod, moddn).
This class describe the replication context that is attached to Modify operation.
This class describe the replication context that is attached to ModifyDN operation.
Message used to send Modify DN information.
This class defines an operation used to move an entry (alter the DN of an entry) in the Directory Server.
The Modify DN operation allows a client to change the Relative Distinguished Name (RDN) of an entry in the Directory and/or to move a subtree of entries to a new location in the Directory.
Message used to send Modify information.
This class defines an operation that may be used to modify an entry in the Directory Server.
The Modify operation allows a client to request that a modification of an entry be performed on its behalf by a server.
This class defines a backend to hold Directory Server monitor entries.
A server-side interface for querying Monitor Backend settings.
A client-side interface for reading and modifying Monitor Backend settings.
An interface for querying the Monitor Backend managed object definition meta information.
This class is used to hold monitoring data, i.e.
This thread regularly publishes monitoring information: it sends monitoring messages regarding the direct topology (directly connected DSs and RSs) to the connected RSs it sends monitoring messages regarding the whole topology (also includes the local RS) to the connected DSs Note: as of today, monitoring messages mainly contains the server state of the entities.
The monitor message is sent by a RS to either a DS or a RS.
This class defines the set of methods and structures that must be implemented by a Directory Server module that can provide usage, performance, availability, or other kinds of monitor information to clients.
This message is part of the replication protocol.
Cursor iterating over all the replication domains known to the changelog DB.
This object is used to store a list of ServerState object, one by replication domain.
This class is used to load the Replication code inside the JVM and to trigger initialization of the replication.
If replication is configured and then unconfigured, we need to remove replication metadata from entries being updated to avoid OPENDJ-6235.
Keeps information on temporarily unreachable replication unreachableServers.
This class defines a simple OutputStream object that can be used to write all messages to multiple targets at the same time, much like the UNIX "tee" command.
Thrown when the result code returned in a Result indicates that the requested single entry search operation or read operation failed because the Directory Server returned multiple matching entries (or search references) when only a single matching entry was expected.
A server-side interface for querying Name And JSON Query Equality Matching Rule settings.
A client-side interface for reading and modifying Name And JSON Query Equality Matching Rule settings.
An interface for querying the Name And JSON Query Equality Matching Rule managed object definition meta information.
Allows users to configure custom a Name and JSON matching rule by declaring custom indexes for the JSON fields of a Name and JSON attribute.
This class provides a data structure that makes it possible to associate a name with a given set of characters.
This class defines a data structure for storing and interacting with a name form, which defines the attribute type(s) that must and/or may be used in the RDN of an entry with a given structural objectclass.
A fluent API for incrementally constructing name forms.
Monitoring systems make different recommendations regarding naming convention.
The NeverThrowsException class is an uninstantiable placeholder exception which should be used for indicating that a Function or AsyncFunction never throws an exception (i.e.
Allows the Caching of an object.
An event handler that does nothing.
Indicates that no secret was configured for the given purpose, or the named secret is not available.
A condition which evaluates to true if the sub-condition is false, or false if the sub-condition is true.
An exception that is thrown when a specified resource cannot be found.
This class implements a notification message template element that will generate a value that is the message for the account status notification.
This class defines the base class for elements that may be used to generate an account status notification message.
This class implements a notification message template element that will generate a value that is the name of the account status notification type.
An exception that is thrown during an operation on a resource when the resource does not implement/support the feature to fulfill the request.
This exception should be raised by the un-serialization code of a PDU (typically the constructor code with a byte[] parameter), when the detected PDU type (deduced from the first received byte of the message) is a PDU used in an older version of the replication protocol than the current one, and we do not support translation from this old version PDU to his matching PDU in the current protocol version (if it exists).
A common annotation to declare that annotated elements can be null under some circumstance.
This class implements /dev/null like backend for development and testing.
A server-side interface for querying Null Backend settings.
A client-side interface for reading and modifying Null Backend settings.
An interface for querying the Null Backend managed object definition meta information.
null Value MUST be null.
NumberTypeValidator applies all the constraints of a number type.
A server-side interface for querying Num Subordinates Virtual Attribute settings.
A client-side interface for reading and modifying Num Subordinates Virtual Attribute settings.
An interface for querying the Num Subordinates Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute as described in draft-ietf-boreham-numsubordinates.
This class defines a data structure for storing and interacting with an objectclass, which contains a collection of attributes that must and/or may be present in an entry with that objectclass.
A fluent API for incrementally constructing object classes.
This enumeration defines the set of possible objectclass types that may be used, as defined in RFC 2252.
An property mapper which maps JSON objects to LDAP attributes.
Common utility methods for Objects.
ObjectTypeValidator applies all the constraints of a object type.
The ObjectValidator is a sample implementation of how to use the validator.
ObjectValidatorFactory initialises the validator instances for given schemas.
Factory to retrieve an openDJ implementation of SLF4J Logger.
The OpenDJ LDAP security provider which exposes an LDAP/LDIF based KeyStore service, as well as providing utility methods facilitating construction of LDAP/LDIF based key stores.
Utility methods for accessing the LDAP schema elements required in order to support the OpenDJ security provider.
This class defines a base exception for OpenDS exceptions.
This class defines a generic operation that may be processed by the Directory Server.
This class describe the replication context that is attached to each Operation using the SYNCHROCONTEXT key.
This exception is thrown when the client or server refuses to create, delete, or modify a managed object due to one or more constraints that cannot be satisfied.
The type of operation that caused this exception.
Exceptions thrown as a result of errors that occurred when reading, listing, and modifying managed objects.
A configuration option whose value can be stored in a set of Options.
A managed object composite relationship definition which represents a composition of an optional single managed object (i.e.
An interface for incrementally constructing optional relation definitions.
A set of options which can be used for customizing the behavior of HTTP clients and servers.
A condition which evaluates to false if and only if all of its sub-conditions are false.
A StableIdResolver that uses a version suffix and a subsequent number to determine the stableId of a Secret.
Ordered pair of arbitrary objects.
Named set of servers defining a distributed service.
Named set of servers defining a distributed service.
A server from a partition.
A server from a partition.
An encoded password.
A server-side interface for querying Password Expiration Time Virtual Attribute settings.
A client-side interface for reading and modifying Password Expiration Time Virtual Attribute settings.
An interface for querying the Password Expiration Time Virtual Attribute managed object definition meta information.
Provider for the password expiration time virtual attribute.
The Netscape password expired response control as defined in draft-vchu-ldap-pwd-policy.
The Netscape password expiring response control as defined in draft-vchu-ldap-pwd-policy.
This class defines a set of methods and structures that must be implemented by a Directory Server module that may be used to generate user passwords.
A server-side interface for querying Password Generator settings.
A client-side interface for reading and modifying Password Generator settings.
An interface for querying the Password Generator managed object definition meta information.
This class defines a utility that will be used to manage the set of password generators defined in the Directory Server.
This class implements the password modify extended operation defined in RFC 3062.
A server-side interface for querying Password Modify Extended Operation Handler settings.
A client-side interface for reading and modifying Password Modify Extended Operation Handler settings.
An interface for querying the Password Modify Extended Operation Handler managed object definition meta information.
The password modify extended request as defined in RFC 3062.
The password modify extended result as defined in RFC 3062.
This class defines a data structure that holds information about a Directory Server password policy.
A server-side interface for querying Password Policy settings.
A client-side interface for reading and modifying Password Policy settings.
An interface for querying the Password Policy managed object definition meta information.
Defines the set of permissible values for the "state-update-failure-policy" property.
A password policy error type as defined in draft-behera-ldap-password-policy is used to indicate problems concerning a user's account or password.
This class is the interface between the password policy configurable component and a password policy state object.
This class implements a Directory Server plugin that performs various password policy processing during an LDIF import.
A server-side interface for querying Password Policy Import Plugin settings.
A client-side interface for reading and modifying Password Policy Import Plugin settings.
An interface for querying the Password Policy Import Plugin managed object definition meta information.
The password policy request control as defined in draft-behera-ldap-password-policy.
The password policy response control as defined in draft-behera-ldap-password-policy.
This class provides a data structure for holding password policy state information for a user account.
This class implements an LDAP extended operation that can be used to query and update elements of the Directory Server password policy state for a given user.
A server-side interface for querying Password Policy State Extended Operation Handler settings.
A client-side interface for reading and modifying Password Policy State Extended Operation Handler settings.
An interface for querying the Password Policy State Extended Operation Handler managed object definition meta information.
A server-side interface for querying Password Policy Subentry Virtual Attribute settings.
A client-side interface for reading and modifying Password Policy Subentry Virtual Attribute settings.
An interface for querying the Password Policy Subentry Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider to serve the pwdPolicySubentry operational attribute as described in Password Policy for LDAP Directories Internet-Draft.
A password policy warning type as defined in draft-behera-ldap-password-policy is used to indicate the current state of a user's password.
This class defines the set of methods and structures that must be implemented by a Directory Server module that implements a password storage scheme.
A server-side interface for querying Password Storage Scheme settings.
A client-side interface for reading and modifying Password Storage Scheme settings.
An interface for querying the Password Storage Scheme managed object definition meta information.
This class defines a utility that will be used to manage the set of password storage schemes defined in the Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server module that may be used to determine whether a proposed password is acceptable for a user.
A server-side interface for querying Password Validator settings.
A client-side interface for reading and modifying Password Validator settings.
An interface for querying the Password Validator managed object definition meta information.
This class defines a utility that will be used to manage the set of password validators defined in the Directory Server.
Verifies password against user / authentication PasswordStorageSchemes.
An individual patch operation which is to be performed against a field within a resource.
A request to update a JSON resource by applying a set of changes to its existing content.
This class is used to encapsulate DN pattern matching using wildcards.
A class representing a single IP address parsed from a IP bind rule expression.
This class is used to match RDN patterns containing wildcards in either the attribute types or the attribute values.
 
This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898, using HMAC-SHA256 pseudorandom function.
A server-side interface for querying PBKDF2-HMAC-SHA256 Password Storage Scheme settings.
A client-side interface for reading and modifying PBKDF2-HMAC-SHA256 Password Storage Scheme settings.
An interface for querying the PBKDF2-HMAC-SHA256 Password Storage Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898, using HMAC-SHA512 pseudorandom function.
A server-side interface for querying PBKDF2-HMAC-SHA512 Password Storage Scheme settings.
A client-side interface for reading and modifying PBKDF2-HMAC-SHA512 Password Storage Scheme settings.
An interface for querying the PBKDF2-HMAC-SHA512 Password Storage Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898.
A server-side interface for querying PBKDF2 Password Storage Scheme settings.
A client-side interface for reading and modifying PBKDF2 Password Storage Scheme settings.
An interface for querying the PBKDF2 Password Storage Scheme managed object definition meta information.
Defines the set of permissible values for the "rehash-policy" property.
A KeyManagerProvider that reads keys from PEM files in a configured file system directory and automatically reacts to file modification, deletion or addition.
A server-side interface for querying Pem Key Manager Provider settings.
A client-side interface for reading and modifying Pem Key Manager Provider settings.
An interface for querying the Pem Key Manager Provider managed object definition meta information.
Supports decoding keys and certificates in PEM format.
A TrustManagerProvider that reads trusted certificates from PEM files in a configured file system directory and automatically reacts to file modification, deletion or addition.
A server-side interface for querying Pem Trust Manager Provider settings.
A client-side interface for reading and modifying Pem Trust Manager Provider settings.
An interface for querying the Pem Trust Manager Provider managed object definition meta information.
Generator for a set of histogram buckets intended for use by a monitoring system that supports aggregable percentile approximations such as Prometheus' histogram_quantiles or Atlas' :percentiles.
PerItemEvictionStrategyCache is a thread-safe write-through cache.
An exception that indicates that a failure is permanent, i.e.
A class representing a permission-bind rule pair.
A class representing the permissions of an bind rule.
The Microsoft defined permissive modify request control.
This class defines a data structure that will be used to hold the information necessary for processing a persistent search.
A persistent search change type as defined in draft-ietf-ldapext-psearch is used to indicate the type of update operation that caused an entry change notification to occur.
The persistent search request control as defined in draft-ietf-ldapext-psearch.
This class defines a key manager provider that will access keys stored on a PKCS#11 device.
A server-side interface for querying PKCS#11 Key Manager Provider settings.
A client-side interface for reading and modifying PKCS#11 Key Manager Provider settings.
An interface for querying the PKCS#11 Key Manager Provider managed object definition meta information.
Define a trust manager provider that will access certificates stored on a PKCS#11 device.
A server-side interface for querying PKCS#11 Trust Manager Provider settings.
A client-side interface for reading and modifying PKCS#11 Trust Manager Provider settings.
An interface for querying the PKCS#11 Trust Manager Provider managed object definition meta information.
This class defines a Directory Server password storage scheme based on the Atlassian PBKDF2-base hash algorithm.
A server-side interface for querying PKCS#5 V2.0 Scheme 2 Password Storage Scheme settings.
A client-side interface for reading and modifying PKCS#5 V2.0 Scheme 2 Password Storage Scheme settings.
An interface for querying the PKCS#5 V2.0 Scheme 2 Password Storage Scheme managed object definition meta information.
This class provides an implementation of a SASL mechanism that uses plain-text authentication.
A server-side interface for querying Plain SASL Mechanism Handler settings.
A client-side interface for reading and modifying Plain SASL Mechanism Handler settings.
An interface for querying the Plain SASL Mechanism Handler managed object definition meta information.
Utility class for getting the default number of worker threads.
An AutoCloseable which must be closed in order to reset the thread name back to its previous value.
A server-side interface for querying Pluggable Backend settings.
A client-side interface for reading and modifying Pluggable Backend settings.
An interface for querying the Pluggable Backend managed object definition meta information.
A monitor provider for high level backend statistics, such as filter stats and search counters.
A server-side interface for querying Plugin settings.
A client-side interface for reading and modifying Plugin settings.
An interface for querying the Plugin managed object definition meta information.
Defines the set of permissible values for the "plugin-type" property.
This class defines a utility that will be used to manage the configuration for the set of plugins defined in the Directory Server.
This class defines a set of methods that are available for use by all types of plugins involved in operation processing (pre-parse, pre-operation, post-operation, post-response, search result entry, search result reference, and intermediate response).
This class defines a data structure that holds information about the result of processing by a plugin.
Defines a LDIF plugin result for import from LDIF processing consisting of either continue, skip further plugins, or stop processing with an error message.
Defines an intermediate response plugin result for core server operation processing consisting of either continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Contract for operation results.
Defines a post connect plugin result for client connection processing consisting of either continue, skip further plugins, or stop.
Defines a post disconnect plugin result for client connection processing consisting of either continue or skip further plugins.
Defines a post operation plugin result for core server operation processing consisting of either continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a post response plugin result for core server operation processing consisting of either continue or skip further plugins.
Defines a pre operation plugin result for core server operation processing consisting of either continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a pre parse plugin result for core server operation processing consisting of either continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a startup plugin result consisting of either continue skip further plugins, or stop startup with an error message.
Defines a subordinate delete plugin result for core server operation processing consisting of either continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
Defines a subordinate modify DN plugin result for core server operation processing consisting of either continue, skip further plugins, or stop operation processing with a result code, matched DN, referral URLs, and error message.
A server-side interface for querying Plugin Root settings.
A client-side interface for reading and modifying Plugin Root settings.
An interface for querying the Plugin Root managed object definition meta information.
This class defines an enumeration containing the types of plugins that are supported for use in the Directory Server.
Provides coarse grained access control for all operations, regardless of whether they are destined for local or proxy backends.
A server-side interface for querying Policy Based Access Control Handler settings.
A client-side interface for reading and modifying Policy Based Access Control Handler settings.
An interface for querying the Policy Based Access Control Handler managed object definition meta information.
This class defines a set of methods that are available for use by post-commit plugins for add operations.
This class defines a set of methods that are available for use by post-commit plugins for delete operations.
This class defines a set of methods that are available for use by post-commit plugins for modify DN operations.
This class defines a set of methods that are available for use by post-commit plugins for modify operations.
This class defines a set of methods that are available for use by post-commit plugins for all types of operations.
This class defines a set of methods that are available for use by post-operation plugins for abandon operations.
This class defines a set of methods that are available for use by post-operation plugins for add operations.
This class defines a set of methods that are available for use by post-operation plugins for bind operations.
This class defines a set of methods that are available for use by post-operation plugins for compare operations.
This class defines a set of methods that are available for use by post-operation plugins for delete operations.
This class defines a set of methods that are available for use by post-operation plugins for extended operations.
This class defines a set of methods that are available for use by post-operation plugins for modify DN operations.
This class defines a set of methods that are available for use by post-operation plugins for modify operations.
This class defines a set of methods that are available for use by post-operation plugins for all types of operations.
This class defines a set of methods that are available for use by post-operation plugins for search operations.
This class defines a set of methods that are available for use by post-operation plugins for unbind operations.
The post-read request control as defined in RFC 4527.
The post-read response control as defined in RFC 4527.
This class defines a set of methods that are available for use by post-response plugins for add operations.
This class defines a set of methods that are available for use by post-response plugins for bind operations.
This class defines a set of methods that are available for use by post-response plugins for compare operations.
This class defines a set of methods that are available for use by post-response plugins for delete operations.
This class defines a set of methods that are available for use by post-response plugins for extended operations.
This class defines a set of methods that are available for use by post-response plugins for modify DN operations.
This class defines a set of methods that are available for use by post-response plugins for modify operations.
This class defines a set of methods that are available for use by post-response plugins for all types of operations.
This class defines a set of methods that are available for use by post-response plugins for search operations.
This class defines a set of methods that are available for use by post-synchronization plugins for add operations.
This class defines a set of methods that are available for use by post-synchronization plugins for delete operations.
This class defines a set of methods that are available for use by post-synchronization plugins for modify DN operations.
This class defines a set of methods that are available for use by post-synchronization plugins for modify operations.
This class defines a set of methods that are available for use by post-synchronization plugins for all types of operations.
An exception that is thrown to indicate that a resource's current version does not match the version provided.
An exception that is thrown to indicate that a resource requires a version, but no version was supplied in the request.
A Predicate functional interface which can thrown a checked Exception.
This class encapsulates an ordered list of preferred locales, and the logic to use those to retrieve i18n ResourceBundles.
This class defines a set of methods that are available for use by pre-operation plugins for add operations.
This class defines a set of methods that are available for use by pre-operation plugins for bind operations.
This class defines a set of methods that are available for use by pre-operation plugins for compare operations.
This class defines a set of methods that are available for use by pre-operation plugins for delete operations.
This class defines a set of methods that are available for use by pre-operation plugins for extended operations.
This class defines a set of methods that are available for use by pre-operation plugins for modify DN operations.
This class defines a set of methods that are available for use by pre-operation plugins for modify operations.
This class defines a set of methods that are available for use by pre-operation plugins for all types of operations.
This class defines a set of methods that are available for use by pre-operation plugins for search operations.
This class defines a set of methods that are available for use by pre-parse plugins for abandon operations.
This class defines a set of methods that are available for use by pre-parse plugins for add operations.
This class defines a set of methods that are available for use by pre-parse plugins for bind operations.
This class defines a set of methods that are available for use by pre-parse plugins for compare operations.
This class defines a set of methods that are available for use by pre-parse plugins for delete operations.
This class defines a set of methods that are available for use by pre-parse plugins for extended operations.
This class defines a set of methods that are available for use by pre-parse plugins for modify DN operations.
This class defines a set of methods that are available for use by pre-parse plugins for modify operations.
This class defines a set of methods that are available for use by pre-parse plugins for all types of operations.
This class defines a set of methods that are available for use by pre-parse plugins for search operations.
This class defines a set of methods that are available for use by pre-parse plugins for unbind operations.
The pre-read request control as defined in RFC 4527.
The pre-read response control as defined in RFC 4527.
Container for a principal and secret.
This class implements an enumeration that defines the set of privileges available in the Directory Server.
Represents a process ID which allows differentiating DS and RS instances running in the same JVM.
Strategy for obtaining the information relating to the product in which the AuditService is deployed.
OpenDJ product information, including version number, build information, and references to documentation.
A property accessor for product paths.
Represents a setup profile.
Represents a constant defined in an enumeration parameter.
Represents when a profile runs.
Profile.ParameterValuesProvider base implementation which can be used to pass profile parameter values.
Interface used by the setup model to retrieve profile parameter values.
A visitor of parameters, in the style of the visitor design pattern.
Represents the configuration of the setup associated to this profile.
A progress notification callback.
Represents an HTTP endpoint exposing OpenDJ metrics using Prometheus text format.
A server-side interface for querying Prometheus HTTP Endpoint settings.
A client-side interface for reading and modifying Prometheus HTTP Endpoint settings.
An interface for querying the Prometheus HTTP Endpoint managed object definition meta information.
An HTTP Handler from which Prometheus and OpenTelemetry Collector can scrape monitoring information.
Promise<V,E extends Exception>
A Promise represents the result of an asynchronous task.
An implementation of Promise which can be used as is, or as the basis for more complex asynchronous behavior.
Utility methods for creating and composing Promises.
Ordered list of joined asynchronous results.
Given a file path this will load the properties within the file as a PropertyResolver.
A managed object property comprising of the property's definition and its set of values.
An interface for querying generic property definition features.
An interface for incrementally constructing property definitions.
A property definition visitor which can be used to generate syntax usage information.
A visitor of property definitions, in the style of the visitor design pattern.
Exceptions thrown as a result of errors that occurred when decoding and modifying property values.
Decodes secrets in raw base64 format.
A property mapper is responsible for converting JSON values to and from LDAP attributes.
Thrown when an attempt is made to retrieve a property using its name but the name was not recognized.
This enumeration contains various options that can be associated with property definitions.
An interface which can be used to initialize the contents of a managed object.
A property resolver attempt to get the value of a given config property.
A utility class that gives access to the default property resolvers for a product.
A SecretStore implementation that resolves secrets as base64-encoded strings from an underlying PropertyResolver.
A set of properties.
A visitor of property values, in the style of the visitor design pattern.
The base class of all requests and responses provides methods for querying and manipulating the set of Controls.
The version utility class for the replication protocol.
The proxy authorization v1 request control as defined in draft-weltman-ldapv3-proxy-04.
The proxy authorization v2 request control as defined in RFC 4370.
Helper for using proxy auth controls.
Implements the proxy backend, i.e.
A server-side interface for querying Proxy Backend settings.
A client-side interface for reading and modifying Proxy Backend settings.
An interface for querying the Proxy Backend managed object definition meta information.
Defines the set of permissible values for the "hash-function" property.
This class defines the proxy protocol header as it is described in the proxy protocol documentation.
Exposes the content of the "pp2_tlv_ssl" structure present in the ProxyProtocolHeader.PP2_TYPE_SSL TLV header.
Represents the possible values for the client property of the "pp2_tlv_ssl" structure.
Represents the possible types of the "sub_tlv" contained in the "pp2_tlv_ssl" structure present in the ProxyProtocolHeader.PP2_TYPE_SSL TLV header.
Utility class to check arguments validity and conflicts for the purge command or task.
This class provides an implementation of a Directory Server task that can be used to purge the replication historical informations stored in the user entries to solve conflicts.
This exception is thrown when a replica DB is fully purged by deleting all log files, invalidating all open cursors on them.
This class implements the business logic for the dsbackup purge sub-command, whether offline or online.
Purpose<T extends Secret>
A purpose encapsulates both a name for a function that requires access to secrets, together with a hint as to the intended usage of those secrets.
A filter which can be used to select resources, which is compatible with the CREST query filters.
QueryFilter constants.
A query string has the following string representation:
Convenience methods to create QueryFilter that specify fields in terms of JsonPointer instances.
A visitor of QueryFilters, in the style of the visitor design pattern.
A request to search for all JSON resources matching a user specified set of criteria.
A completion handler for consuming the results of a query request.
The final result of a query request returned after all resources matching the request have been returned.
This class provides an implementation of a Directory Server password generator that will create random passwords based on fixed-length strings built from one or more character sets.
A server-side interface for querying Random Password Generator settings.
A client-side interface for reading and modifying Random Password Generator settings.
An interface for querying the Random Password Generator managed object definition meta information.
Range<T extends Comparable<T>>
Represents a range of objects, where the bounds are always inclusive and may be null.
Exposes a range of integer values as a set.
This class defines a Directory Server password storage scheme that will encode values using the RC4 reversible encryption algorithm.
A server-side interface for querying RC4 Password Storage Scheme settings.
A client-side interface for reading and modifying RC4 Password Storage Scheme settings.
An interface for querying the RC4 Password Storage Scheme managed object definition meta information.
A relative distinguished name (RDN) as defined in RFC 4512 section 2.3 is the name of an entry relative to its immediate superior.
Utility class for reactive handlers.
Represents a readable transaction on a storage engine.
Thrown when the server or a tool attempts to access the storage while it is read-only.
The policy which should be used in order to read an entry before it is deleted, or after it is added or modified.
Function performing a read operation.
A request to read a single identified JSON resource.
Configuration for the indexType rebuild process.
Identifies how indexes will be selected for rebuild.
This program provides a utility to rebuild the contents of the indexes of a Directory Server backend.
Parameters to rebuild the indexes of a directory server.
This class provides an implementation of a Directory Server task that can be used to rebuild indexes in a backend.
This class defines a information about a recurring task, which will be used to repeatedly schedule tasks for processing.
A reference to another managed object.
ReferenceTypeValidator holds a reference to another validator.
This class implements a Directory Server post operation plugin that performs Referential Integrity processing on successful delete and modify DN operations.
A server-side interface for querying Referential Integrity Plugin settings.
A client-side interface for reading and modifying Referential Integrity Plugin settings.
An interface for querying the Referential Integrity Plugin managed object definition meta information.
Defines the set of permissible values for the "check-references-scope-criteria" property.
Thrown when the result code returned in a Result indicates that the Request could not be processed by the Directory Server because the target entry is located on another server.
This class provides an implementation of a Directory Server identity mapper that uses a regular expression to process the provided ID string, and then looks for that processed value to appear in an attribute of a user's entry.
A server-side interface for querying Regular Expression Identity Mapper settings.
A client-side interface for reading and modifying Regular Expression Identity Mapper settings.
An interface for querying the Regular Expression Identity Mapper managed object definition meta information.
A input parameter-validating utility class using fluent invocation:
A listener interface which is notified whenever a change record cannot be applied to an entry.
A listener interface which is notified whenever LDIF records are skipped, malformed, or fail schema validation.
Relation definitions define relationships between types of managed objects.
An interface for incrementally constructing relation definitions.
Opaque structure containing fields common to all relation definition types.
A visitor of relation definitions, in the style of the visitor design pattern.
This enumeration contains various options that can be associated with relation definitions.
A default behavior provider which retrieves default values from a parent managed object.
The internet-draft defined Relax Rules control.
Contains CSNs identifying the last state for all replicas removed from the changelog for a domain.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not allowed to have the same character appear several times consecutively.
A server-side interface for querying Repeated Characters Password Validator settings.
A client-side interface for reading and modifying Repeated Characters Password Validator settings.
An interface for querying the Repeated Characters Password Validator managed object definition meta information.
Represents the server ID for a replica, called a replica ID.
Class that define messages sent by a replica (DS) to the replication server (RS) to let the RS know the date at which a replica went offline.
Control that provides some replication context to requests.
The broker for Multi-master Replication.
This class should be used as a base for Replication implementations.
This class contains the context related to an import or export launched on the domain.
A server-side interface for querying Replication Domain settings.
A client-side interface for reading and modifying Replication Domain settings.
An interface for querying the Replication Domain managed object definition meta information.
This interface allows to query or control the replication domain database(s) (composed of one or more ReplicaDBs) and query/update each ReplicaDB.
Describes the content of a Replica DB.
Describes the content of a Replica DB file.
Represents the replication environment, which allows to manage the lifecycle of the replication changelog.
This record represents the content of the domains state file.
Abstract class that must be used when defining messages that can be sent for replication purpose between servers.
This class implements the Sun-defined replication repair control.
ReplicationServer Listener.
A server-side interface for querying Replication Server settings.
A client-side interface for reading and modifying Replication Server settings.
An interface for querying the Replication Server managed object definition meta information.
Defines the set of permissible values for the "allow-updates-policy" property.
Defines the set of permissible values for the "changelog-enabled" property.
This class define an in-memory cache that will be used to store the messages that have been received from an LDAP server or from another replication server and that should be forwarded to other servers.
Represents the server ID for a replication server, called a Replication Server ID.
Service Discovery Mechanism retrieving information from a replication topology.
Service Discovery Mechanism retrieving information from a replication topology.
A server-side interface for querying Replication Service Discovery Mechanism settings.
A client-side interface for reading and modifying Replication Service Discovery Mechanism settings.
An interface for querying the Replication Service Discovery Mechanism managed object definition meta information.
A server-side interface for querying Replication Synchronization Provider settings.
A client-side interface for reading and modifying Replication Synchronization Provider settings.
An interface for querying the Replication Synchronization Provider managed object definition meta information.
Defines the set of permissible values for the "isolation-policy" property.
Message sent by a replication server to a directory server in reply to the ServerStartMsg.
Message sent by a replication server to another replication server at Startup.
This class represents the security configuration for replication protocol sessions.
Common attributes of all JSON resource requests.
The base class of all Requests provides methods for querying and manipulating the set of Controls included with a Request.
The type of this request.
Maintains the cancellation state of an active request, acting as a mediator between frontend, ClientConnection request tracking and backend processing of the request.
Contextual state associated with the backend processing of a request.
Distinguishes operations from server components, not directly from LDAP clients.
Provides the ability to terminate an asynchronous LDAP request.
Represents the contract with a set of resources.
A utility class containing various factory methods for creating and manipulating requests.
This class contains various methods for creating and manipulating requests.
An enumeration whose values represent the different types of request.
A visitor of Requests, in the style of the visitor design pattern.
A visitor of Requests, in the style of the visitor design pattern.
Search that requires the search terms are satisfiable, or an MeterNotFoundException is thrown.
This class provides an implementation of a Directory Server task that can be used to rebuild the change number index with a given change number and a change represented by its CSN.
This message is used by an LDAP server to communicate to the topology that the generation must be reset for the domain.
Defines the characteristics of a resource, including its properties, inheritance, and sub-resources.
API Version routing filter which creates a ApiVersionRouterContext which contains the default routing behaviour when the Accept-API-Version header is set on the request.
A Filter supporting the specification of resource API version configuration to be used when a request on a specific endpoint does not contain an Accept-API-Version header.
Handler allowing products to extend behaviour when a request has no resource API version supplied.
Class representing a mapping between a ResourcePath and a Version.
ResourceApiVersionSpecificationFilter.VersionSpecification supporting specification of a request's resource version based on its resource path.
Mechanism supporting specification of a version on the request.
An exception that is thrown during the processing of a JSON resource request.
Utility class to use on ResourceExceptions.
All resource limits for a user.
A relative path, or URL, to a resource.
A resource, comprising of a resource ID, a revision (etag), and its JSON content.
This class contains methods for creating and manipulating connection factories and connections.
Common response object of all resource responses.
The base class of all Responses provides methods for querying and manipulating the set of Controls included with a Response.
Indicates whether a response can be cached and under what conditions.
A utility class containing various factory methods for creating and manipulating responses.
This class contains various methods for creating and manipulating responses.
A stream of LDAP response messages.
Provides methods for constructing Rest2Ldap protocol gateways.
Encapsulates configuration required to start a REST2LDAP application embedded in this LDAP server.
A server-side interface for querying Rest2LDAP Endpoint settings.
A client-side interface for reading and modifying Rest2LDAP Endpoint settings.
An interface for querying the Rest2LDAP Endpoint managed object definition meta information.
Rest2ldap HTTP application.
Provides core factory methods and builders for constructing Rest2Ldap endpoints from JSON configuration.
This file contains localizable message descriptors having the resource name org.forgerock.opendj.rest2ldap.rest2ldap.
Defines the logging categories for this module.
This class implements all the business logic for the dsbackup restore sub-command, whether offline or online.
This class provides an implementation of a Directory Server task that can be used to restore a binary backup of a Directory Server backend.
This interface defines a set of methods that may be used to notify various Directory Server components whenever a backend restore task is about to begin or has just completed.
A Result is used to indicate the status of an operation performed by the server.
An operation result code as defined in RFC 4511 section 4.1.9 is used to indicate the final status of an operation.
Contains equivalent values for the ResultCode values.
A completion handler for consuming the results of asynchronous tasks.
Hook into the retention checking operations for a file.
RetentionHooks that do nothing.
Defines the retention conditions and the files that need to be deleted.
This interface describes the retention policy that should be used for the logger.
An exception that indicates that a failure may be temporary, and that retrying the same request may be able to succeed in the future.
A server-side interface for querying Root settings.
A client-side interface for reading and modifying Root settings.
An interface for querying the Root managed object definition meta information.
Wrapper class for a backend "container".
The root DSE is a DSA-specific Entry (DSE) and not part of any naming context (or any subtree), and which is uniquely identified by the empty DN.
This class defines a backend to hold the Directory Server root DSE.
A server-side interface for querying Root DSE Backend settings.
A client-side interface for reading and modifying Root DSE Backend settings.
An interface for querying the Root DSE Backend managed object definition meta information.
Represents a file that can be rotated based on size or on time.
Interface defining methods a rotatable file needs.
Supports file rotation and retention.
Callback hooks to allow custom action to be taken before and after the checks for rotation and retention is performed.
This class holds some information while a file is being rotated.
Callback hooks to allow custom action to be taken before and after file rotation occurs.
RotationHooks that do nothing.
Interface to decide if a file should be rotated or not.
This interface describes the rotation policy that should be used for the logger.
A utility class that contains methods for creating route matchers.
A router which routes requests based on route predicates.
Provides routing on LDAP requests based on Dns.
Represents a URI template string that will be used to match and route incoming requests.
This class holds information about an RS connected to the topology.
A completion handler for consuming runtime exceptions which occur during the execution of asynchronous tasks.
This class is used to gather and display information from the runtime environment.
Utility class for creating reactive transports and sockets.
A reactive server socket listens for incoming connections and binds them to a RxSocket.
A transport agnostic reactive socket abstraction.
Factory interface for creating reactive client and server sockets.
This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
A server-side interface for querying Salted MD5 Password Storage Scheme settings.
A client-side interface for reading and modifying Salted MD5 Password Storage Scheme settings.
An interface for querying the Salted MD5 Password Storage Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
A server-side interface for querying Salted SHA-1 Password Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-1 Password Storage Scheme settings.
An interface for querying the Salted SHA-1 Password Storage Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the 256-bit SHA-2 algorithm defined in FIPS 180-2.
A server-side interface for querying Salted SHA-256 Password Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-256 Password Storage Scheme settings.
An interface for querying the Salted SHA-256 Password Storage Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the 384-bit SHA-2 algorithm defined in FIPS 180-2.
A server-side interface for querying Salted SHA-384 Password Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-384 Password Storage Scheme settings.
An interface for querying the Salted SHA-384 Password Storage Scheme managed object definition meta information.
This class defines a Directory Server password storage scheme based on the 512-bit SHA-2 algorithm defined in FIPS 180-2.
A server-side interface for querying Salted SHA-512 Password Storage Scheme settings.
A client-side interface for reading and modifying Salted SHA-512 Password Storage Scheme settings.
An interface for querying the Salted SHA-512 Password Storage Scheme managed object definition meta information.
The Samba password synchronization plugin implementation class.
A server-side interface for querying Samba Password Plugin settings.
A client-side interface for reading and modifying Samba Password Plugin settings.
An interface for querying the Samba Password Plugin managed object definition meta information.
Defines the set of permissible values for the "pwd-sync-policy" property.
This class defines a utility that will be used to manage the set of SASL mechanism handlers defined in the Directory Server.
This class defines the SASL context needed to process SASL bind requests that use a SaslServer.
This class defines the set of methods and structures that must be implemented by a Directory Server module that implements the functionality required for one or more SASL mechanisms.
A server-side interface for querying SASL Mechanism Handler settings.
A client-side interface for reading and modifying SASL Mechanism Handler settings.
An interface for querying the SASL Mechanism Handler managed object definition meta information.
A reactive socket which adds SASL QOP to an underlying reactive socket..
This class defines a data structure that holds information about the components of the LDAP schema.
This class defines a backend to hold the Directory Server schema information.
A server-side interface for querying Schema Backend settings.
A client-side interface for reading and modifying Schema Backend settings.
An interface for querying the Schema Backend managed object definition meta information.
Schema builders should be used for incremental construction of new schemas.
Allows to perform modifications on element's builders before adding the result to this schema builder.
This class defines a number of constants used by Directory Server schema elements, like matching rules, syntaxes, attribute types, and objectclasses.
Interface for schema elements.
Encapsulate a general JSON validator error.
Responsible for access to the server's schema.
Interface to update a schema provided a schema builder.
Common options for LDAP schemas.
Provides some schema elements to load at startup.
A server-side interface for querying Schema Provider settings.
A client-side interface for reading and modifying Schema Provider settings.
An interface for querying the Schema Provider managed object definition meta information.
Schema resolvers are included with a set of DecodeOptions in order to allow application to control how Schema instances are selected when decoding requests and responses.
Utility methods related to schema.
Represents a password type, including a "not a password" value.
This class provides various schema validation policy options for controlling how entries should be validated against the directory schema.
An enumeration of the possible actions which can be performed when a schema validation failure is encountered.
The SCRAM credential data persisted in the server using the representation described in RFC 5803 which is a specialization of RFC 3112.
Server-side callback for obtaining the stored SCRAM credential for a given user and mechanism.
SASL/SCRAM client and server implementations as specified in RFC 5802.
This class defines a Directory Server password storage scheme based on the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-256 Password Storage Scheme settings.
A client-side interface for reading and modifying SCRAM-SHA-256 Password Storage Scheme settings.
An interface for querying the SCRAM-SHA-256 Password Storage Scheme managed object definition meta information.
This class defines the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-256 SASL Mechanism Handler settings.
A client-side interface for reading and modifying SCRAM-SHA-256 SASL Mechanism Handler settings.
An interface for querying the SCRAM-SHA-256 SASL Mechanism Handler managed object definition meta information.
This class defines a Directory Server password storage scheme based on the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-512 Password Storage Scheme settings.
A client-side interface for reading and modifying SCRAM-SHA-512 Password Storage Scheme settings.
An interface for querying the SCRAM-SHA-512 Password Storage Scheme managed object definition meta information.
This class defines the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
A server-side interface for querying SCRAM-SHA-512 SASL Mechanism Handler settings.
A client-side interface for reading and modifying SCRAM-SHA-512 SASL Mechanism Handler settings.
An interface for querying the SCRAM-SHA-512 SASL Mechanism Handler managed object definition meta information.
ForgeRock changes: - Removed support for FunctionCounter, FunctionCounter, TimeGauge, LongTaskTimer
Tell the operation router to not run a search into subordinate backends.
This class defines an operation used to search for entries in the Directory Server.
The Search operation is used to request a server to return, subject to access controls and other restrictions, a set of entries matching a complex search criterion.
A Search Result Entry represents an entry found during a Search operation.
A completion handler for consuming the results of a Search operation.
A Search Result Reference represents an area not yet explored during a Search operation.
Thrown when an iteration over a set of search results using a ConnectionEntryReader encounters a SearchResultReference.
A Search operation search scope as defined in RFC 4511 section 4.5.1.2 is used to specify the scope of a Search operation.
Contains equivalent values for the SearchScope values.
A secret is any piece of data that should be kept confidential.
Provides a uniform way for secrets providers to construct secrets and keys.
Interface for constraints on a secret that must be satisfied for a given Purpose.
Specifies how data retrieved from a SecretStore should be decoded into a secret object.
Wraps a property format that decodes raw bytes and converts it into a property format for extracting secret keys using some algorithm.
Defines the format of secrets loaded from configuration properties.
A long-lived reference to an active or named secret.
The secret resource used for creating a Secret.
An X509ExtendedKeyManager implementation that gets keys and certificates from a SecretsProvider.
A Java security provider that exposes a KeyStore view of a secret store.
Class used to initialise the keystore when it is initialised via the standard Java interfaces.
The secrets provider is used to get hold of active, named or valid secret objects.
A backend storage mechanism for certain kinds of secrets.
This class holds various methods and classes to manage some SecretStores.
Interface for SecretKey generators.
This SecretStore uses a SecretStores.SecretKeyGenerator to produce secrets based on the secret key generated by the SecretKeyGenerator.
Provides an implementation of a standard Java TLS X509ExtendedTrustManager that will retrieve trusted certificates from the Secrets API.
Represents a storage for secure keys, to be used for signing files.
Exception that can be thrown by a SecureStorage implementation.
Strategy for obtaining a secure storage, used by handlers providing tamper-evident feature.
Utility class to create secure peer to peer communications settings in a newly set up OpenDJ instance.
Abstract class which represents an existing keystore to use to setup a server instance.
Represents keystore data which will be used to secure the server instance to setup.
Represents a strategy to retrieve an existing password.
Represents a truststore to trust remote server certificates.
Deprecated.
This class will be removed once CAF has been migrated fully to CHF, at which point components should create SecurityContexts directly rather than via request attributes.
Cursor extended with navigation methods.
This class defines a set of constants that may be referenced throughout the Directory Server source.
An interface for performing server-side constraint validation.
Context for the server, giving access to global properties of the server.
ServerId<T extends ServerId<T>>
Represents a server ID, which can identify either a directory server or a replication server.
Defines the logging categories for the server and their associated logger.
A server-side managed object.
This interface defines the methods that a Directory Server configurable component should implement if it wishes to be able to receive notifications when a new server managed object is added.
This interface defines the methods that a Directory Server configurable component should implement if it wishes to be able to receive notifications when a its associated server managed object is changed.
The requested server managed object was found but one or more of its properties could not be decoded successfully.
This interface defines the methods that a Directory Server configurable component should implement if it wishes to be able to receive notifications when an existing server managed object is deleted.
Server management connection context.
This file contains localizable message descriptors having the resource name org.opends.messages.server.
This interface defines a method that may be used to notify various Directory Server components that the server is shutting down.
The server-side sort request control as defined in RFC 2891.
The server-side sort response control as defined in RFC 2891.
This message is used by LDAP server when they first connect.
This class is used to associate ReplicaIds with CSNs.
The various status a DS can take.
This interface defines the methods that a Service Discovery consumer should implement if it wishes to be notified of changes in the service.
This interface defines the methods that a Service Discovery consumer should implement if it wishes to be notified of changes in the service.
Maintains a set of Partitions keeping it up to date according to a specific discovery mechanism.
Maintains a set of Partitions keeping it up to date according to a specific discovery mechanism.
A server-side interface for querying Service Discovery Mechanism settings.
A client-side interface for reading and modifying Service Discovery Mechanism settings.
An interface for querying the Service Discovery Mechanism managed object definition meta information.
Manages configuration additions and deletions of service discovery mechanisms in the server configuration.
An exception that is thrown during an operation on a resource when the server is temporarily unable to handle the request.
Defines a replication session using TLS.
Configuration wrapper for JMS Session.getAcknowledgeMode() SessionMode setting.
This class provides an implementation of a Directory Server task that can be used to import data over the replication protocol from another server hosting the same replication domain.
A managed object composite relationship definition which represents a composition of zero or more managed objects each of which must have a different type.
An interface for incrementally constructing set relation definitions.
Class used to install a new OpenDJ server instance.
OpenDJ Setup command line tool main class.
Utility class which contains all setup command line Argument.
Can be used to consume messages issued by Setup process.
Class which defines constants used to setup and opendj server instance.
Exception which may be thrown by the Setup model.
Interactively collect and validate setup parameters.
setup-profile command line tool main class.
Utility methods used by the Setup class.
This class implements a Directory Server plugin that can be used to ensure that the values for a specified set of attributes (optionally, below a specified set of base DNs) are 7-bit clean (i.e., contain only ASCII characters).
A server-side interface for querying Seven Bit Clean Plugin settings.
A client-side interface for reading and modifying Seven Bit Clean Plugin settings.
An interface for querying the Seven Bit Clean Plugin managed object definition meta information.
Defines the standard Syslog message severities.
Defines values for message severity.
This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
A server-side interface for querying SHA-1 Password Storage Scheme settings.
A client-side interface for reading and modifying SHA-1 Password Storage Scheme settings.
An interface for querying the SHA-1 Password Storage Scheme managed object definition meta information.
Any component which needs to be shut down should implement this interface and use the function to shut down the component.
Interface used by shutdown managers to allow for thread safe adding and removing of shutdown listeners.
This class defines the shutdown priorities that are consumed by com.sun.identity.common.ShutdownManager.
Synchronizes the shutdown of DS and RS ensuring that the offline message triggered by the DS is forwarded to all remote RS.
This class provides an implementation of a Directory Server task that can be used to stop the server.
Utility class for signing and verifying signatures.
A key that is used for signing digital signatures.
This class provides a password validator that can ensure that the provided password meets minimum similarity requirements.
A server-side interface for querying Similarity Based Password Validator settings.
A client-side interface for reading and modifying Similarity Based Password Validator settings.
An interface for querying the Similarity Based Password Validator managed object definition meta information.
The simple paged results request and response control as defined in RFC 2696.
An property mapper which provides a simple mapping from a JSON value to a single LDAP attribute.
SimpleValidator is a base interface for all validator implementation.
A managed object composite relationship definition which represents a composition of a single managed object (i.e.
An interface for incrementally constructing singleton relation definitions.
An implementation interface for resource providers which exposes a single permanent resource instance.
A StableIdResolver that matches a stableId exactly to the purpose for returning only one Secret.
Represents a one-to-one relationship between a parent resource and a child sub-resource.
Created a size based file retention policy.
This class implements a retention policy based on the amount of space taken by the log files.
Creates a file size based rotation policy.
This class implements a rotation policy based on the size of the file.
An entry with its encoded size.
A server-side interface for querying Size Limit Log Retention Policy settings.
A client-side interface for reading and modifying Size Limit Log Retention Policy settings.
An interface for querying the Size Limit Log Retention Policy managed object definition meta information.
A server-side interface for querying Size Limit Log Rotation Policy settings.
A client-side interface for reading and modifying Size Limit Log Rotation Policy settings.
An interface for querying the Size Limit Log Rotation Policy managed object definition meta information.
Memory size property definition.
An interface for incrementally constructing memory size property definitions.
This enumeration defines various memory size units.
This class provides an implementation of an account status notification handler that can send e-mail messages via SMTP to end users and/or administrators whenever an account status notification occurs.
A server-side interface for querying SMTP Account Status Notification Handler settings.
A client-side interface for reading and modifying SMTP Account Status Notification Handler settings.
An interface for querying the SMTP Account Status Notification Handler managed object definition meta information.
This class implements a Directory Server alert handler that may be used to send administrative alerts via SMTP.
A server-side interface for querying SMTP Alert Handler settings.
A client-side interface for reading and modifying SMTP Alert Handler settings.
An interface for querying the SMTP Alert Handler managed object definition meta information.
This class defines a Directory Server entry cache that uses soft references to manage objects in a way that will allow them to be freed if the JVM is running low on memory.
A server-side interface for querying Soft Reference Entry Cache settings.
A client-side interface for reading and modifying Soft Reference Entry Cache settings.
An interface for querying the Soft Reference Entry Cache managed object definition meta information.
A sort key which can be used to specify the order in which JSON resources should be included in the results of a query request.
A search result sort key as defined in RFC 2891 is used to specify how search result entries should be ordered.
Comparator derived from a sort key which can be used to compare entries.
This comparator iterates through the provided sortKeys and finds the first comparative difference between the left and right side JsonValues.
Defines possible positions for JsonValue that wraps a null object.
Audit event handler that writes out to Splunk's HTTP event collector RAW endpoint.
Configuration for the splunk audit event handler.
Configuration of event buffering.
Configuration of connection to Splunk.
The class represents the ssf keyword in a bind rule.SSF stands for security strength factor.
Encapsulates options for configuring SSL based security as well as providing methods for building SSLEngines.
Represents the client authentication policy option.
A reactive socket implementation which adds SSL to an underlying reactive socket.
Utility class for common SSL related setup.
Interface for resolving stable ids in a SecretStore.
This class defines a tool which starts up the server.
This abstract message class is the superclass for start messages used by LDAP servers and Replication servers to initiate their communications.
This message is used by DS to confirm a RS he wants to connect to him (open a session).
This class provides an implementation of the StartTLS extended operation as defined in RFC 2830.
A server-side interface for querying StartTLS Extended Operation Handler settings.
A client-side interface for reading and modifying StartTLS Extended Operation Handler settings.
An interface for querying the StartTLS Extended Operation Handler managed object definition meta information.
The start TLS extended request as defined in RFC 4511.
The start tls extended result as defined in RFC 4511.
A static group implementation, in which the DNs of all members are explicitly listed.
Binds LoggerFactory class with an instance of ILoggerFactory.
Binds MarkerFactory class with an instance of IMarkerFactory.
Binds MarkerFactory class with an instance of IMarkerFactory.
This mechanism only returns the list of servers in its configuration, without checking for availability.
This mechanism only returns the list of servers in its configuration, without checking for availability.
A server-side interface for querying Static Service Discovery Mechanism settings.
A client-side interface for reading and modifying Static Service Discovery Mechanism settings.
An interface for querying the Static Service Discovery Mechanism managed object definition meta information.
This class defines a number of static utility methods that may be used throughout the server.
A description of the value contained in a measurement.
A tool which displays a server status.
This class provides a tool that can send a request to the Directory Server that will cause it to shut down.
Internal message to signal the stop of encryption.
This message is part of the replication protocol.
The reason why the connection might be terminated.
This interface abstracts the underlying storage engine, isolating the pluggable backend generic code from a particular storage engine implementation.
Runtime exception for problems happening in the storage engine.
Represents the current status of a storage with respect to its resources.
Utility class for implementations of Storage.
Utility methods for operating on IO streams.
String property definition.
An interface for incrementally constructing string property definitions.
Common utility methods for Strings.
StringTypeValidator applies all the constraints of a string type.
A server-side interface for querying Structural Object Class Virtual Attribute settings.
A client-side interface for reading and modifying Structural Object Class Virtual Attribute settings.
An interface for querying the Structural Object Class Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the structuralObjectClass operational attribute as described in RFC 4512.
The sub-entries request control as defined in RFC 3672.
This class represents RFC 3672 subentries and RFC 3671 collective attribute subentries objects.
This interface defines a mechanism that Directory Server components may use if they need to be notified of changes that are being made to subentries in the Directory Server.
This class provides a mechanism for interacting with subentries defined in the Directory Server.
This class represents subentry password policies either based on the Password Policy for LDAP Directories Internet-Draft, or OpenDJ extended password policies.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user based on attributes contained in both the certificate subject and the user's entry.
A server-side interface for querying Subject Attribute To User Attribute Certificate Mapper settings.
A client-side interface for reading and modifying Subject Attribute To User Attribute Certificate Mapper settings.
An interface for querying the Subject Attribute To User Attribute Certificate Mapper managed object definition meta information.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the subject of the client certificate.
A server-side interface for querying Subject DN To User Attribute Certificate Mapper settings.
A client-side interface for reading and modifying Subject DN To User Attribute Certificate Mapper settings.
An interface for querying the Subject DN To User Attribute Certificate Mapper managed object definition meta information.
This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if the subject of the peer certificate exactly matches the DN of a user in the Directory Server.
A server-side interface for querying Subject Equals DN Certificate Mapper settings.
A client-side interface for reading and modifying Subject Equals DN Certificate Mapper settings.
An interface for querying the Subject Equals DN Certificate Mapper managed object definition meta information.
This class defines a set of methods that are available for use by subordinate modify DN operation plugins.
A SubResource defines how to reach a resource relative to its parent resource.
A server-side interface for querying Subschema Subentry Virtual Attribute settings.
A client-side interface for reading and modifying Subschema Subentry Virtual Attribute settings.
An interface for querying the Subschema Subentry Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that is meant to serve the subschemaSubentry operational attribute as described in RFC 4512.
A SubstitutionContext holds both runtime and config time values for the substitution process.
Exception thrown during substitution process.
Substitute tokens in the source String with their resolved value.
This visitor evaluates Templates with the help of a PropertyResolver.
The tree delete request control as defined in draft-armijo-ldap-treedelete.
An RFC 3672 subtree specification.
A refinement which uses a search filter.
Abstract interface for RFC3672 specification filter refinements.
Container for a whole suffix environment which stores all entries from the subtree of the suffix' baseDN.
A Supplier functional interface which can throw a checked Exception.
A tool that generates an archive with various server information, the archive can be sent to support for troubleshooting.
A reactive socket implementation which delegates to a replaceable delegate reactive socket.
This class defines the set of methods and structures that are available for use in a Directory Server synchronization provider.
A server-side interface for querying Synchronization Provider settings.
A client-side interface for reading and modifying Synchronization Provider settings.
An interface for querying the Synchronization Provider managed object definition meta information.
This class defines a utility that will be used to manage the configuration for the set of synchronization providers configured in the Directory Server.
This class defines a data structure that holds information about the result of processing by a synchronization provider.
Defines a continue processing synchronization provider result.
Defines a stop processing synchronization provider result.
An interface for implementing synchronous RequestHandlers.
This class defines a data structure for storing and interacting with an LDAP syntaxes, which constrain the structure of attribute values stored in an LDAP directory, and determine the representation of attribute and assertion values transferred in the LDAP protocol.
A fluent API for incrementally constructing syntaxes.
This interface defines the set of methods and structures that must be implemented to define a new attribute syntax.
The handler publishes audit events formatted using SyslogFormatter to a syslog daemon using the configured SyslogPublisher.
Configuration object for the SyslogAuditEventHandler.
Configuration of event buffering.
Encapsulates configuration for mapping audit event field values to Syslog severity values.
A SystemPropertyResolver resolves a config token using system properties.
Key/value pair representing a dimension of a meter used to classify and drill into measurements.
An interface for querying the properties of a tag.
An immutable collection of Tags.
The TargAttrFilters class represents a targattrfilters rule of an ACI.
A class representing an ACI target keyword.
This class represents an ACI's targetcontrol keyword.
This class represents a targetfilter keyword of an aci.
This class defines a task that may be executed by the task backend within the Directory Server.
Data holder for work counters.
This class provides an implementation of a Directory Server backend that may be used to execute various kinds of administrative tasks on a one-time or recurring basis.
A server-side interface for querying Task Backend settings.
A client-side interface for reading and modifying Task Backend settings.
An interface for querying the Task Backend managed object definition meta information.
Helper class for interacting with the task backend on behalf of utilities that are capable of being scheduled.
Exception for problems related to interacting with the task backend.
This interface must be implemented by tool commands or sub-commands that offer the possibility to run in offline mode or via a Directory Server task.
Processes information from a task entry from the directory and provides accessors for attribute information.
A class that contains all the arguments related to the task scheduling.
Interface for tools that are capable of scheduling a task remotely through the task backend.
This class defines a task scheduler for the Directory Server that will control the execution of scheduled tasks and other administrative functions that need to occur on a regular basis.
A generic data structure that contains the data that the user provided to schedule a task.
This enumeration defines the various states that a task can have during its lifetime.
A helper class for adding online capabilities to an offline tool.
Represents a templated string.
A template parser receives a string input source, tokenize it (honoring escaping settings) and build a Template that can be processed later on.
A TemplateVisitor represents an operation applied to a Template.
This class represents a temporary log file which should be usually deleted if linked operation succeeded.
This class provides the implementation of the access logger used by the directory server.
This class provides the implementation of the audit logger used by the directory server.
This class provides an implementation of an error log publisher.
This class provides the implementation of the HTTP access logger used by the directory server.
This class implements a notification message template element that will generate a value using static text.
A TextWriter provides a character-based stream which can be queried for number of bytes written.
A TextWriter provides a character-based stream used by a Text Publishers as a target for outputting log records.
A TextWriter implementation which writes to a given output stream.
Wraps a TextWriter in a Writer.
A secret store that wraps another secret store and performs all query operations in a background thread using a thread pool.
Common utility methods for Threads.
 
 
 
Fluent builder for time gauges.
A server-side interface for querying Time Limit Log Rotation Policy settings.
A client-side interface for reading and modifying Time Limit Log Rotation Policy settings.
An interface for querying the Time Limit Log Rotation Policy managed object definition meta information.
Creates a rotation policy based on a time duration.
This class implements a fixed time based rotation policy.
This class represents the timeofday keyword in a bind rule.
Thrown when the result code returned in a Result indicates that the Request was aborted because it did not complete in the required time out period.
Invokes TimeoutScheduler.TimeoutEventListener at a regular interval.
Listener on timeout events.
Timer intended to track of a large number of short running events.
Fluent builder for timers.
 
A FilenameFilter that matches historical log files.
Creates a time stamp based file naming policy.
A file name policy that names files suffixed by the time it was created.
This class provides an application-wide timing service.
Modification on TimeUnit.convert(long, TimeUnit) that accepts and preserves precision from a double argument.
Responsible for the validation, generation and parsing of tokens used for keying a JsonValue representative of some state.
An exception generated by a TokenHandler on either creation, validation, or state extraction.
Configuration definition TopCfgDefn is the root of the configuration definition hierarchy.
Represents the topology of servers this local server is participating in.
This class defines a message that is sent: By a RS to the other RSs in the topology, containing: every DSs directly connected to the RS in the DS infos every connected RSs (including the sending RS) in the RS infos By a RS to his connected DSs, containing.
This class defines a data structure for storing and interacting with the Directory Server work queue.
A server-side interface for querying Traditional Work Queue settings.
A client-side interface for reading and modifying Traditional Work Queue settings.
An interface for querying the Traditional Work Queue managed object definition meta information.
A reactive socket which wraps an underlying downstream reactive socket, providing opportunities to transform transferred data or provide additional functionality.
Transport protocol over which Syslog messages should be published.
An implementation of the Entry interface which uses a TreeMap for storing attributes.
Represents the name of a tree (key-value store) in a database.
This class defines a Directory Server password storage scheme that will encode values using the triple-DES (DES/EDE) reversible encryption algorithm.
A server-side interface for querying Triple-DES Password Storage Scheme settings.
A client-side interface for reading and modifying Triple-DES Password Storage Scheme settings.
An interface for querying the Triple-DES Password Storage Scheme managed object definition meta information.
This class defines an API that may be used to obtain a set of javax.net.ssl.TrustManager objects for use when performing SSL/StartTLS negotiation.
A server-side interface for querying Trust Manager Provider settings.
A client-side interface for reading and modifying Trust Manager Provider settings.
An interface for querying the Trust Manager Provider managed object definition meta information.
This class defines a utility that will be used to manage the set of trust manager providers defined in the Directory Server.
This class contains methods for creating common types of trust manager.
This class defines an operation that may be used to close the connection between the client and the Directory Server.
The Unbind operation allows a client to terminate an LDAP session.
An exception that indicates that a failure is not directly known to the system, and hence requires out-of-band knowledge or enhancements to determine if a failure should be categorized as temporary or permanent.
A default behavior provider which indicates undefined behavior.
Union Types An array of two or more simple validators definitions.
This class implements a Directory Server plugin that can be used to ensure that all values for a given attribute or set of attributes are unique within the server (or optionally, below a specified set of base DNs).
A server-side interface for querying Unique Attribute Plugin settings.
A client-side interface for reading and modifying Unique Attribute Plugin settings.
An interface for querying the Unique Attribute Plugin managed object definition meta information.
This class provides an OpenDS password validator that may be used to ensure that proposed passwords contain at least a specified number of different characters.
A server-side interface for querying Unique Characters Password Validator settings.
A client-side interface for reading and modifying Unique Characters Password Validator settings.
An interface for querying the Unique Characters Password Validator managed object definition meta information.
Wraps a message that the LdapServer was unable to decode because it did not recognize it.
Exception thrown when a transport implementation can't be found.
Thrown when a schema query fails because the requested schema element could not be found or is ambiguous.
Indicates a 415 Unsupported Media Type response that the Content-Type of the request was not acceptable.
Function that computes the new value of a record for a Read-Modify-Write operation inside a transaction.
Abstract class that must be extended to define a message used for sending Updates between servers.
A visitor of UpdateMsgs, in the style of the visitor design pattern.
Represents an update message with the base DN of the replication domain it belongs to, with support for easy retrieval of the CSN and the replica ID corresponding to the message.
A request to update a JSON resource by replacing its existing content with new content.
This class contains the table of upgrade tasks that need performing when upgrading from one version to another.
This class provides the CLI used for upgrading the OpenDJ product.
Parameters to upgrade a Directory Server.
Represents the version used for determining if the upgrade tool must be run and whether an upgrade task must run during the upgrade process.
This class implements the userattr bind rule keyword.
A server-side interface for querying User Defined Virtual Attribute settings.
A client-side interface for reading and modifying User Defined Virtual Attribute settings.
An interface for querying the User Defined Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that allows administrators to define their own values that will be inserted into any entry that matches the criteria defined in the virtual attribute rule.
This class represents the userdn keyword in a bind rule.
This class implements a notification message template element that will generate a value that is the string representation of the target user's DN.
An encoded user password that contains a storage scheme and an encoded vaulue.
A server-side interface for querying User Template Virtual Attribute settings.
A client-side interface for reading and modifying User Template Virtual Attribute settings.
An interface for querying the User Template Virtual Attribute managed object definition meta information.
This class implements a virtual attribute provider that allows administrators to define their own virtual attribute with template that will be evaluated by taking the data from the attributes only for the entry that matches the criteria defined in the virtual attribute rule.
This class provides utility functions.
Internal utility methods.
Deprecated.
Use Strings, Closeables, Objects or Threads instead.
Encapsulate a JSON validator error.
Validator is the abstract base class of all typed validator.
A long-lived reference to a number of secrets.
A precomputed percentile of a distribution.
Wraps either a value of a given type or an expression string containing at least one token.
A key used for verifying digital signatures.
This class represents the configuration of a JE backend verification process.
This program provides a utility to verify the contents of the indexes of a Directory Server backend.
A server-side interface for querying Virtual Attribute settings.
A client-side interface for reading and modifying Virtual Attribute settings.
An interface for querying the Virtual Attribute managed object definition meta information.
Defines the set of permissible values for the "conflict-behavior" property.
Defines the set of permissible values for the "scope" property.
This class defines a utility that will be used to manage the set of virtual attribute providers defined in the Directory Server.
This class defines the set of methods and structures that must be implemented by a Directory Server module that implements the functionality required for one or more virtual attributes.
This class defines a virtual attribute rule, which associates a virtual attribute provider with its associated configuration, including the attribute type for which the values should be generated; the base DN(s), group DN(s), and search filter(s) that should be used to identify which entries should have the virtual attribute, and how conflicts between real and virtual values should be handled.
The virtual list view request control as defined in draft-ietf-ldapext-ldapv3-vlv.
The virtual list view response control as defined in draft-ietf-ldapext-ldapv3-vlv.
This class provides a virtual static group implementation, in which membership is based on membership of another group.
This annotation doesn't actually do anything, other than provide documentation of the fact that a function has either been marked public, or package private in order for a test (somewhere physically distant in the system) to compile.
This program provides a simple tool that will wait for a specified file to be deleted before exiting.
This class implements the "Who Am I?" extended operation defined in RFC 4532.
A server-side interface for querying Who Am I Extended Operation Handler settings.
A client-side interface for reading and modifying Who Am I Extended Operation Handler settings.
An interface for querying the Who Am I Extended Operation Handler managed object definition meta information.
The who am I extended request as defined in RFC 4532.
The who am I extended result as defined in RFC 4532.
This message is used by LDAP server or by Replication Servers to update the send window of the remote entities.
This message is used by LDAP or Replication Server that have been out of credit for a while and want to check if the remote servers is able to accept more messages.
This class defines the structure and methods that must be implemented by a Directory Server work queue.
A server-side interface for querying Work Queue settings.
A client-side interface for reading and modifying Work Queue settings.
An interface for querying the Work Queue managed object definition meta information.
This class defines a utility that will be used to manage the Directory Server work queue.
This class implements an enumeration that may be used to control the writability mode for the entire server or for a specific backend.
The writability policy determines whether an attribute supports updates.
Represents a writeable transaction on a storage engine.
Options applicable to a WriteableTransaction.
Function performing a write operation.
A class for building X509 certificates as described in RFC 5280.
An enumeration of extended key usages.
An enumeration of key usages.
This is a custom XML handler to load the dtds from the classpath This should be used by all the xml parsing document builders to set the default entity resolvers.
Utility classes for handling XML.