org.apache.directory.server.core
Interface CoreSession

All Known Implementing Classes:
DefaultCoreSession

public interface CoreSession

An interface representing a session with the core DirectoryService. These sessions may either be real representing LDAP sessions associated with an actual LDAP network client, or may be virtual in which case there is no real LDAP client associated with the session. This interface is used by the DirectoryService core to track session specific parameters used to make various decisions during the course of operation handling.

Version:
$Rev$, $Date$
Author:
Apache Directory Project

Method Summary
 void add(org.apache.directory.shared.ldap.message.AddRequest addRequest)
           
 void add(ServerEntry entry)
          Adds an entry into the DirectoryService associated with this CoreSession.
 boolean compare(org.apache.directory.shared.ldap.message.CompareRequest compareRequest)
           
 void compare(org.apache.directory.shared.ldap.name.LdapDN dn, java.lang.String oid, java.lang.Object value)
          Checks to see if an attribute in an entry contains a value.
 void delete(org.apache.directory.shared.ldap.message.DeleteRequest deleteRequest)
           
 void delete(org.apache.directory.shared.ldap.name.LdapDN dn)
          Deletes an entry in the server.
 boolean exists(org.apache.directory.shared.ldap.name.LdapDN dn)
          Checks to see if an entry exists.
 LdapPrincipal getAuthenticatedPrincipal()
          Gets the LDAP principal used to authenticate.
 org.apache.directory.shared.ldap.constants.AuthenticationLevel getAuthenticationLevel()
          Gets the authentication level associated with this session.
 java.net.SocketAddress getClientAddress()
          Gets the socket address of the LDAP client or null if there is no LDAP client associated with the session.
 java.util.Set<javax.naming.ldap.Control> getControls()
          Gets the controls enabled for this session.
 DirectoryService getDirectoryService()
          Gets the DirectoryService this session is bound to.
 LdapPrincipal getEffectivePrincipal()
          Gets the LDAP principal used for the effective identity associated with this session which may not be the same as the authenticated principal.
 java.util.Set<OperationContext> getOutstandingOperations()
          Gets all outstanding operations currently being performed that have yet to be completed.
 java.net.SocketAddress getServiceAddress()
          Gets the socket address of the LDAP server or null if there is no LDAP service associated with the session.
 boolean isAdministrator()
          Returns true if the effective principal associated with this session is the administrator.
 boolean isAnAdministrator()
          Returns true if the effective principal associated with this session is the administrator or is within the administrators group.
 boolean isAnonymous()
          Gets whether or not this user is anonymous.
 boolean isConfidential()
          Gets whether or not confidentiality is enabled for this session.
 boolean isVirtual()
          Gets whether or not this session is virtual.
 EntryFilteringCursor list(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode, java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes)
          An optimized search operation using one level search scope which returns all the children of an entry specified by distinguished name.
 EntryFilteringCursor list(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode, java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes, int sizeLimit, int timeLimit)
          An optimized search operation using one level search scope which applies size and time limit constraints and returns all the children of an entry specified by distinguished name if thes limits are not violated.
 ClonedServerEntry lookup(org.apache.directory.shared.ldap.name.LdapDN dn)
          Looks up an entry in the server returning all attributes: both user and operational attributes.
 ClonedServerEntry lookup(org.apache.directory.shared.ldap.name.LdapDN dn, javax.naming.ldap.Control[] requestControls, ReferralHandlingMode refMode, org.apache.directory.shared.ldap.name.LdapDN authorized)
           
 ClonedServerEntry lookup(org.apache.directory.shared.ldap.name.LdapDN dn, java.lang.String[] atIds)
           
 void modify(org.apache.directory.shared.ldap.name.LdapDN dn, java.util.List<org.apache.directory.shared.ldap.entry.Modification> mods)
          Modifies an entry within the server by applying a list of modifications to the entry.
 void modify(org.apache.directory.shared.ldap.message.ModifyRequest modifyRequest)
           
 void move(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.name.LdapDN newParent)
          Moves an entry or a branch of entries at a specified distinguished name to a position under a new parent.
 void move(org.apache.directory.shared.ldap.message.ModifyDnRequest modifyDnRequest)
           
 void moveAndRename(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.name.LdapDN newParent, org.apache.directory.shared.ldap.name.Rdn newRdn, boolean deleteOldRdn)
          Moves and renames (the relative distinguished name of) an entry (or a branch if the entry has children) at a specified distinguished name to a position under a new parent.
 void moveAndRename(org.apache.directory.shared.ldap.message.ModifyDnRequest modifyDnRequest)
           
 void rename(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.name.Rdn newRdn, boolean deleteOldRdn)
          Renames an entry by changing it's relative distinguished name.
 void rename(org.apache.directory.shared.ldap.message.ModifyDnRequest modifyDnRequest)
           
 EntryFilteringCursor search(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.filter.SearchScope scope, org.apache.directory.shared.ldap.filter.ExprNode filter, org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode, java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes)
          Searches the directory using a specified search scope and filter.
 EntryFilteringCursor search(org.apache.directory.shared.ldap.name.LdapDN dn, org.apache.directory.shared.ldap.filter.SearchScope scope, org.apache.directory.shared.ldap.filter.ExprNode filter, org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode, java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes, int sizeLimit, int timeLimit)
          Searches the directory using a specified search scope and filter.
 EntryFilteringCursor search(org.apache.directory.shared.ldap.message.SearchRequest searchRequest)
           
 void unbind()
           
 void unbind(org.apache.directory.shared.ldap.message.UnbindRequest unbindRequest)
           
 

Method Detail

getDirectoryService

DirectoryService getDirectoryService()
Gets the DirectoryService this session is bound to.

Returns:
the DirectoryService associated with this session

getAuthenticatedPrincipal

LdapPrincipal getAuthenticatedPrincipal()
Gets the LDAP principal used to authenticate. This is the identity used to establish this session on authentication.

Returns:
the LdapPrincipal used to authenticate.

getEffectivePrincipal

LdapPrincipal getEffectivePrincipal()
Gets the LDAP principal used for the effective identity associated with this session which may not be the same as the authenticated principal. This principal is often the same as the authenticated principal. Sometimes however, a user authenticating as one principal, may request to have all operations performed in the session as if they were another principal. The SASL mechanism allows setting an authorized principal which is in effect for the duration of the session. In this case all operations are performed as if they are being performed by this principal. This method will then return the authorized principal which will be different from the authenticated principal. Implementations of this interface may have a means to set the authorized principal which may or may not be the same as the authenticated principal. Implementations should default to return the authenticated principal when an authorized principal is not provided.

Returns:
the LdapPrincipal to use as the effective principal

isConfidential

boolean isConfidential()
Gets whether or not confidentiality is enabled for this session.

Returns:
true if confidentiality is enabled, false otherwise

isAnonymous

boolean isAnonymous()
Gets whether or not this user is anonymous.

Returns:
true if the identity is anonymous false otherwise

isAdministrator

boolean isAdministrator()
Returns true if the effective principal associated with this session is the administrator.

Returns:
true if authorized as the administrator, false otherwise
See Also:
ServerDNConstants#ADMIN_SYSTEM_DN}

isAnAdministrator

boolean isAnAdministrator()
Returns true if the effective principal associated with this session is the administrator or is within the administrators group.

Returns:
true if authorized as an administrator, false otherwise
See Also:
ServerDNConstants#ADMIN_SYSTEM_DN}, ServerDNConstants#ADMINISTRATORS_GROUP_DN}

getAuthenticationLevel

org.apache.directory.shared.ldap.constants.AuthenticationLevel getAuthenticationLevel()
Gets the authentication level associated with this session.

Returns:
the authentication level associated with the session

getControls

java.util.Set<javax.naming.ldap.Control> getControls()
Gets the controls enabled for this session.

Returns:
the session controls as a Set

getOutstandingOperations

java.util.Set<OperationContext> getOutstandingOperations()
Gets all outstanding operations currently being performed that have yet to be completed.

Returns:
the set of outstanding operations

isVirtual

boolean isVirtual()
Gets whether or not this session is virtual. Virtual sessions verses real sessions represent logical sessions established by non-LDAP services or embedding applications which do not expose the LDAP access.

Returns:
true if the session is virtual, false otherwise

getClientAddress

java.net.SocketAddress getClientAddress()
Gets the socket address of the LDAP client or null if there is no LDAP client associated with the session. Some calls to the core can be made by embedding applications or by non-LDAP services using a programmatic (virtual) session. In these cases no client address is available.

Returns:
null if the session is virtual, non-null when the session is associated with a real LDAP client

getServiceAddress

java.net.SocketAddress getServiceAddress()
Gets the socket address of the LDAP server or null if there is no LDAP service associated with the session. Some calls to the core can be made by embedding applications or by non-LDAP services using a programmatic (virtual) session. In these cases no service address is available.

Returns:
null if the session is virtual, non-null when the session is associated with a real LDAP service

add

void add(ServerEntry entry)
         throws java.lang.Exception
Adds an entry into the DirectoryService associated with this CoreSession.

Parameters:
entry - the entry to add
Throws:
java.lang.Exception - on failures to add the entry

add

void add(org.apache.directory.shared.ldap.message.AddRequest addRequest)
         throws java.lang.Exception
Throws:
java.lang.Exception

compare

void compare(org.apache.directory.shared.ldap.name.LdapDN dn,
             java.lang.String oid,
             java.lang.Object value)
             throws java.lang.Exception
Checks to see if an attribute in an entry contains a value.

Parameters:
dn - the distinguished name of the entry to check
oid - the OID of the attribute to check for the value
value - the value to check for
Throws:
java.lang.Exception - if there are failures while comparing

compare

boolean compare(org.apache.directory.shared.ldap.message.CompareRequest compareRequest)
                throws java.lang.Exception
Throws:
java.lang.Exception

delete

void delete(org.apache.directory.shared.ldap.name.LdapDN dn)
            throws java.lang.Exception
Deletes an entry in the server.

Parameters:
dn - the distinguished name of the entry to delete
Throws:
java.lang.Exception - if there are failures while deleting the entry

delete

void delete(org.apache.directory.shared.ldap.message.DeleteRequest deleteRequest)
            throws java.lang.Exception
Throws:
java.lang.Exception

exists

boolean exists(org.apache.directory.shared.ldap.name.LdapDN dn)
               throws java.lang.Exception
Checks to see if an entry exists.

Throws:
java.lang.Exception

lookup

ClonedServerEntry lookup(org.apache.directory.shared.ldap.name.LdapDN dn)
                         throws java.lang.Exception
Looks up an entry in the server returning all attributes: both user and operational attributes.

Parameters:
dn - the name of the entry to lookup
Throws:
java.lang.Exception - if there are failures while looking up the entry

lookup

ClonedServerEntry lookup(org.apache.directory.shared.ldap.name.LdapDN dn,
                         java.lang.String[] atIds)
                         throws java.lang.Exception
Throws:
java.lang.Exception

lookup

ClonedServerEntry lookup(org.apache.directory.shared.ldap.name.LdapDN dn,
                         javax.naming.ldap.Control[] requestControls,
                         ReferralHandlingMode refMode,
                         org.apache.directory.shared.ldap.name.LdapDN authorized)
                         throws java.lang.Exception
Throws:
java.lang.Exception

modify

void modify(org.apache.directory.shared.ldap.name.LdapDN dn,
            java.util.List<org.apache.directory.shared.ldap.entry.Modification> mods)
            throws java.lang.Exception
Modifies an entry within the server by applying a list of modifications to the entry.

Parameters:
dn - the distinguished name of the entry to modify
mods - the list of modifications to apply
Throws:
java.lang.Exception - if there are failures while modifying the entry

modify

void modify(org.apache.directory.shared.ldap.message.ModifyRequest modifyRequest)
            throws java.lang.Exception
Throws:
java.lang.Exception

move

void move(org.apache.directory.shared.ldap.name.LdapDN dn,
          org.apache.directory.shared.ldap.name.LdapDN newParent)
          throws java.lang.Exception
Moves an entry or a branch of entries at a specified distinguished name to a position under a new parent.

Parameters:
dn - the distinguished name of the entry/branch to move
newParent - the new parent under which the entry/branch is moved
Throws:
if - there are failures while moving the entry/branch
java.lang.Exception

move

void move(org.apache.directory.shared.ldap.message.ModifyDnRequest modifyDnRequest)
          throws java.lang.Exception
Throws:
java.lang.Exception

moveAndRename

void moveAndRename(org.apache.directory.shared.ldap.name.LdapDN dn,
                   org.apache.directory.shared.ldap.name.LdapDN newParent,
                   org.apache.directory.shared.ldap.name.Rdn newRdn,
                   boolean deleteOldRdn)
                   throws java.lang.Exception
Moves and renames (the relative distinguished name of) an entry (or a branch if the entry has children) at a specified distinguished name to a position under a new parent.

Parameters:
dn - the distinguished name of the entry/branch to move
newParent - the new parent under which the entry/branch is moved
newRdn - the new relative distinguished name of the entry at the root of the branch
Throws:
if - there are failures while moving and renaming the entry or branch
java.lang.Exception

moveAndRename

void moveAndRename(org.apache.directory.shared.ldap.message.ModifyDnRequest modifyDnRequest)
                   throws java.lang.Exception
Throws:
java.lang.Exception

rename

void rename(org.apache.directory.shared.ldap.name.LdapDN dn,
            org.apache.directory.shared.ldap.name.Rdn newRdn,
            boolean deleteOldRdn)
            throws java.lang.Exception
Renames an entry by changing it's relative distinguished name. This has the side effect of changing the distinguished name of all entries directly or indirectly subordinate to the named entry if it has descendants.

Parameters:
dn - the distinguished name of the entry to rename
newRdn - the new relative distinguished name for the entry
deleteOldRdn - whether or not the old value for the relative distinguished name is to be deleted from the entry
Throws:
java.lang.Exception - if there are failures while renaming the entry

rename

void rename(org.apache.directory.shared.ldap.message.ModifyDnRequest modifyDnRequest)
            throws java.lang.Exception
Throws:
java.lang.Exception

list

EntryFilteringCursor list(org.apache.directory.shared.ldap.name.LdapDN dn,
                          org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode,
                          java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes)
                          throws java.lang.Exception
An optimized search operation using one level search scope which returns all the children of an entry specified by distinguished name. This is equivalent to a search operation with one level scope using the (objectClass=*) filter.

Parameters:
dn - the distinguished name of the entry to list the children of
aliasDerefMode - the alias dereferencing mode used
returningAttributes - the attributes to return
Throws:
java.lang.Exception - if there are failures while listing children

list

EntryFilteringCursor list(org.apache.directory.shared.ldap.name.LdapDN dn,
                          org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode,
                          java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes,
                          int sizeLimit,
                          int timeLimit)
                          throws java.lang.Exception
An optimized search operation using one level search scope which applies size and time limit constraints and returns all the children of an entry specified by distinguished name if thes limits are not violated. This is equivalent to a search operation with one level scope using the (objectClass=*) filter.

Parameters:
dn - the distinguished name of the entry to list the children of
aliasDerefMode - the alias dereferencing mode used
returningAttributes - the attributes to return
sizeLimit - the upper bound to the number of entries to return
timeLimit - the upper bound to the amount of time before terminating the search
Throws:
java.lang.Exception - if there are failures while listing children

search

EntryFilteringCursor search(org.apache.directory.shared.ldap.name.LdapDN dn,
                            org.apache.directory.shared.ldap.filter.SearchScope scope,
                            org.apache.directory.shared.ldap.filter.ExprNode filter,
                            org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode,
                            java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes)
                            throws java.lang.Exception
Searches the directory using a specified search scope and filter.

Parameters:
dn - the distinguished name of the entry to list the children of
scope - the search scope to apply
aliasDerefMode - the alias dereferencing mode used
returningAttributes - the attributes to return
Throws:
java.lang.Exception - if there are failures while listing children

search

EntryFilteringCursor search(org.apache.directory.shared.ldap.name.LdapDN dn,
                            org.apache.directory.shared.ldap.filter.SearchScope scope,
                            org.apache.directory.shared.ldap.filter.ExprNode filter,
                            org.apache.directory.shared.ldap.message.AliasDerefMode aliasDerefMode,
                            java.util.Set<org.apache.directory.shared.ldap.schema.AttributeTypeOptions> returningAttributes,
                            int sizeLimit,
                            int timeLimit)
                            throws java.lang.Exception
Searches the directory using a specified search scope and filter.

Parameters:
dn - the distinguished name of the entry to list the children of
aliasDerefMode - the alias dereferencing mode used
returningAttributes - the attributes to return
sizeLimit - the upper bound to the number of entries to return
timeLimit - the upper bound to the amount of time before terminating the search
Throws:
java.lang.Exception - if there are failures while listing children

search

EntryFilteringCursor search(org.apache.directory.shared.ldap.message.SearchRequest searchRequest)
                            throws java.lang.Exception
Throws:
java.lang.Exception

unbind

void unbind()
            throws java.lang.Exception
Throws:
java.lang.Exception

unbind

void unbind(org.apache.directory.shared.ldap.message.UnbindRequest unbindRequest)
            throws java.lang.Exception
Throws:
java.lang.Exception


Copyright © 2003-2009 Apache Software Foundation. All Rights Reserved.