Package org.opends.server.extensions


package org.opends.server.extensions
Contains various implementations of Directory Server APIs that are not appropriate for other packages. This includes components like:
  • Password Storage Schemes
  • SASL Mechanism Handlers
  • Extended Operation Handlers
  • Key Manager Providers
  • Trust Manager Providers
  • Entry Caches
  • Alert Handlers
  • Connection Security Providers
  • Class
    Description
    This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
    This class defines a Directory Server password storage scheme that will encode values using the AES reversible encryption algorithm.
    This class provides an implementation of a SASL mechanism, as defined in RFC 4505, that does not perform any authentication.
    This class defines a Directory Server password storage scheme that will encode values using the Argon2 encryption algorithm.
    This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained in another attribute in the user's entry.
    This class defines a Directory Server password storage scheme that will store the values in base64-encoded form.
    BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.
    This class defines a Directory Server password storage scheme that will encode values using the BCrypt encryption algorithm.
    This class provides an implementation of a trust manager provider that will indicate that any certificate presented should be blindly trusted by the Directory Server.
    This class defines a Directory Server password storage scheme that will encode values using the Blowfish reversible encryption algorithm.
    This class implements the LDAP cancel extended operation defined in RFC 3909.
    This class implements an enumeration that may be used to indicate if/how a client's certificate should be validated against the corresponding user entry in the Directory Server.
    This class provides an OpenDJ password validator that may be used to ensure that proposed passwords contain at least a specified number of characters from one or more user-defined character sets.
    This class defines a Directory Server password storage scheme that will store the values in clear-text with no encoding at all.
    This class implements a virtual attribute provider to serve the collectiveAttributeSubentries operational attribute as described in RFC 3671.
    This class provides an implementation of a SASL mechanism that authenticates clients through CRAM-MD5.
    This class defines a Directory Server password storage scheme based on the UNIX Crypt algorithm.
    This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not contained in a specified dictionary.
    This class provides an implementation of a SASL mechanism that authenticates clients through DIGEST-MD5.
    This class provides an application-wide disk space monitoring service.
    This class provides a dynamic group implementation, in which membership is determined dynamically based on criteria provided in the form of one or more LDAP URLs.
    This class implements a virtual attribute provider which ensures that all entries contain an "entity tag" or "Etag" as defined in section 3.11 of RFC 2616.
    This class implements a virtual attribute provider that is meant to serve the entryDN operational attribute as described in draft-zeilenga-ldap-entrydn.
    This class implements a virtual attribute provider that is meant to serve the entryUUID operational attribute as described in RFC 4530.
    This class defines an account status notification handler that will write information about status notifications using the Directory Server's error logging facility.
    This class provides an implementation of a Directory Server identity mapper that looks for the exact value provided as the ID string to appear in an attribute of a user's entry.
    This class defines a number of constants that may be used by Directory Server extensions.
    This class provides an implementation of a SASL mechanism that relies on some form of authentication that has already been done outside the LDAP layer.
    This class defines a Directory Server entry cache that uses a FIFO to keep track of the entries.
    This class defines a key manager provider that will access keys stored in a file located on the Directory Server filesystem.
    This class defines a trust manager provider that will reference certificates stored in a file located on the Directory Server filesystem.
    This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the fingerprint of the client certificate.
    This class implements the "Get Connection ID" extended operation that can be used to get the connection ID of the associated client connection.
    This class implements a virtual attribute provider that is meant to serve the governingStructuralRule operational attribute as described in RFC 4512.
    This class provides an implementation of a SASL mechanism that authenticates clients through Kerberos v5 over GSSAPI.
    This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute as described in X.501.
    Utility class that checks whether attributes indexed.
    This class implements a virtual attribute provider that is meant to serve the isMemberOf operational attribute.
    This class provides an implementation of a Directory Server alert handler that will send alerts using JMX notifications.
    Represents a KeyManagerProvider which use the JVM keystore.
    Represents a TrustManagerProvider which use the JVM truststore.
    This class defines a key manager provider that will access keys stored in an LDAP backend.
    LDAP pass through authentication policy implementation.
    This class defines a trust manager provider that will reference certificates stored in an LDAP backend.
    This class provides a password validator that can ensure that the provided password meets minimum and/or maximum length requirements.
    This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
    This class implements a virtual attribute provider that works in conjunction with virtual static groups to generate the values for the member or uniqueMember attribute.
    This class implements a notification message template element that will generate a value that is the message for the account status notification.
    This class defines the base class for elements that may be used to generate an account status notification message.
    This class implements a notification message template element that will generate a value that is the name of the account status notification type.
    This class implements a virtual attribute provider that is meant to serve the hasSubordinates operational attribute as described in draft-ietf-boreham-numsubordinates.
    Provider for the password expiration time virtual attribute.
    This class implements the password modify extended operation defined in RFC 3062.
    This class implements an LDAP extended operation that can be used to query and update elements of the Directory Server password policy state for a given user.
    This class implements a virtual attribute provider to serve the pwdPolicySubentry operational attribute as described in Password Policy for LDAP Directories Internet-Draft.
    This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898, using HMAC-SHA256 pseudorandom function.
    This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898, using HMAC-SHA512 pseudorandom function.
    This class defines a Directory Server password storage scheme based on the PBKDF2 algorithm defined in RFC 2898.
    A KeyManagerProvider that reads keys from PEM files in a configured file system directory and automatically reacts to file modification, deletion or addition.
    A TrustManagerProvider that reads trusted certificates from PEM files in a configured file system directory and automatically reacts to file modification, deletion or addition.
    This class defines a key manager provider that will access keys stored on a PKCS#11 device.
    Define a trust manager provider that will access certificates stored on a PKCS#11 device.
    This class defines a Directory Server password storage scheme based on the Atlassian PBKDF2-base hash algorithm.
    This class provides an implementation of a SASL mechanism that uses plain-text authentication.
    This class provides an implementation of a Directory Server password generator that will create random passwords based on fixed-length strings built from one or more character sets.
    This class defines a Directory Server password storage scheme that will encode values using the RC4 reversible encryption algorithm.
    This class provides an implementation of a Directory Server identity mapper that uses a regular expression to process the provided ID string, and then looks for that processed value to appear in an attribute of a user's entry.
    This class provides an OpenDS password validator that may be used to ensure that proposed passwords are not allowed to have the same character appear several times consecutively.
    This class defines a Directory Server password storage scheme based on the MD5 algorithm defined in RFC 1321.
    This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
    This class defines a Directory Server password storage scheme based on the 256-bit SHA-2 algorithm defined in FIPS 180-2.
    This class defines a Directory Server password storage scheme based on the 384-bit SHA-2 algorithm defined in FIPS 180-2.
    This class defines a Directory Server password storage scheme based on the 512-bit SHA-2 algorithm defined in FIPS 180-2.
    This class defines the SASL context needed to process SASL bind requests that use a SaslServer.
    This class defines a Directory Server password storage scheme based on the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
    This class defines the SCRAM-SHA-256 SASL mechanism defined in RFCs 5802, 5803 and 7677.
    This class defines a Directory Server password storage scheme based on the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
    This class defines the SCRAM-SHA-512 SASL mechanism defined in RFCs 5802, 5803 and 7677.
    This class defines a Directory Server password storage scheme based on the SHA-1 algorithm defined in FIPS 180-1.
    This class provides a password validator that can ensure that the provided password meets minimum similarity requirements.
    This class provides an implementation of an account status notification handler that can send e-mail messages via SMTP to end users and/or administrators whenever an account status notification occurs.
    This class implements a Directory Server alert handler that may be used to send administrative alerts via SMTP.
    This class defines a Directory Server entry cache that uses soft references to manage objects in a way that will allow them to be freed if the JVM is running low on memory.
    This class provides an implementation of the StartTLS extended operation as defined in RFC 2830.
    A static group implementation, in which the DNs of all members are explicitly listed.
    This class implements a virtual attribute provider that is meant to serve the structuralObjectClass operational attribute as described in RFC 4512.
    This class implements a very simple Directory Server certificate mapper that will map a certificate to a user based on attributes contained in both the certificate subject and the user's entry.
    This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if that user's entry contains an attribute with the subject of the client certificate.
    This class implements a very simple Directory Server certificate mapper that will map a certificate to a user only if the subject of the peer certificate exactly matches the DN of a user in the Directory Server.
    This class implements a virtual attribute provider that is meant to serve the subschemaSubentry operational attribute as described in RFC 4512.
    This class implements a notification message template element that will generate a value using static text.
    This class defines a data structure for storing and interacting with the Directory Server work queue.
    This class defines a Directory Server password storage scheme that will encode values using the triple-DES (DES/EDE) reversible encryption algorithm.
    This class provides an OpenDS password validator that may be used to ensure that proposed passwords contain at least a specified number of different characters.
    This class implements a virtual attribute provider that allows administrators to define their own values that will be inserted into any entry that matches the criteria defined in the virtual attribute rule.
    This class implements a notification message template element that will generate a value that is the string representation of the target user's DN.
    This class implements a virtual attribute provider that allows administrators to define their own virtual attribute with template that will be evaluated by taking the data from the attributes only for the entry that matches the criteria defined in the virtual attribute rule.
    This class provides a virtual static group implementation, in which membership is based on membership of another group.
    This class implements the "Who Am I?" extended operation defined in RFC 4532.