org.opends.server.api
Class ClientConnection

java.lang.Object
  extended by org.opends.server.api.ClientConnection
Direct Known Subclasses:
InternalClientConnection, JmxClientConnection, LDAPClientConnection

@PublicAPI(stability=VOLATILE,
           mayInstantiate=true,
           mayExtend=true,
           mayInvoke=true)
public abstract class ClientConnection
extends java.lang.Object

This class defines the set of methods and structures that must be implemented by a Directory Server client connection.


Constructor Summary
protected ClientConnection()
          Performs the appropriate initialization generic to all client connections.
 
Method Summary
 boolean bindInProgress()
          Indicates whether a bind operation is in progress on this client connection.
abstract  void cancelAllOperations(CancelRequest cancelRequest)
          Attempts to cancel all operations in progress on this connection.
abstract  void cancelAllOperationsExcept(CancelRequest cancelRequest, int messageID)
          Attempts to cancel all operations in progress on this connection except the operation with the specified message ID.
abstract  CancelResult cancelOperation(int messageID, CancelRequest cancelRequest)
          Attempts to cancel the specified operation.
 void deregisterPersistentSearch(PersistentSearch persistentSearch)
          Deregisters the provided persistent search for this client.
abstract  void disconnect(DisconnectReason disconnectReason, boolean sendNotification, Message message)
          Closes the connection to the client, optionally sending it a message indicating the reason for the closure.
protected  void finalize()
          Performs any work that may be needed before the JVM invokes garbage collection for this object.
protected  void finalizeClientConnection()
          Performs any cleanup work that may be necessary when this client connection is terminated.
protected  void finalizeConnectionInternal()
          Performs any internal cleanup that may be necessary when this client connection is disconnected, or if not on disconnec, then ultimately whenever it is reaped by the garbage collector.
 AuthenticationInfo getAuthenticationInfo()
          Retrieves information about the authentication that has been performed for this connection.
 java.lang.String getCertificateAlias()
          Retrieves the alias of the server certificate that should be used for operations requiring a server certificate.
abstract  java.lang.String getClientAddress()
          Retrieves a string representation of the address of the client.
abstract  ConnectionHandler getConnectionHandler()
          Retrieves the connection handler that accepted this client connection.
abstract  long getConnectionID()
          Retrieves the unique identifier that has been assigned to this connection.
abstract  ConnectionSecurityProvider getConnectionSecurityProvider()
          Retrieves the connection security provider for this client connection.
 long getConnectTime()
          Retrieves the time that this connection was established, measured in the number of milliseconds since January 1, 1970 UTC.
 java.lang.String getConnectTimeString()
          Retrieves a string representation of the time that this connection was established.
 java.util.Set<Group> getGroups(Operation operation)
          Retrieves the set of groups in which the user associated with this client connection may be considered to be a member.
 long getIdleTime()
          Retrieves the length of time in milliseconds that this client connection has been idle.
 long getIdleTimeLimit()
          Retrieves the maximum length of time in milliseconds that this client connection will be allowed to remain idle before it should be disconnected.
 DN getKeyManagerProviderDN()
          Retrieves the DN of the key manager provider that should be used for operations requiring access to a key manager.
abstract  java.net.InetAddress getLocalAddress()
          Retrieves the java.net.InetAddress for the Directory Server system to which the client has established the connection.
 int getLookthroughLimit()
          Retrieves the default maximum number of entries that should checked for matches during a search.
 long getMaxBlockedWriteTimeLimit()
          Retrieves the maximum length of time in milliseconds that attempts to write data to the client should be allowed to block.
abstract  java.lang.String getMonitorSummary()
          Retrieves a one-line summary of this client connection in a form that is suitable for including in the monitor entry for the associated connection handler.
 NetworkGroup getNetworkGroup()
          Returns the network group to which the connection belongs.
abstract  AbstractOperation getOperationInProgress(int messageID)
          Retrieves the operation in progress with the specified message ID.
abstract  java.util.Collection<AbstractOperation> getOperationsInProgress()
          Retrieves the set of operations in progress for this client connection.
 java.util.concurrent.CopyOnWriteArrayList<PersistentSearch> getPersistentSearches()
          Retrieves the set of persistent searches registered for this client.
abstract  java.lang.String getProtocol()
          Retrieves the protocol that the client is using to communicate with the Directory Server.
abstract  java.net.InetAddress getRemoteAddress()
          Retrieves the java.net.InetAddress associated with the remote client system.
 java.lang.Object getSASLAuthStateInfo()
          Retrieves an opaque set of information that may be used for processing multi-stage SASL binds.
abstract  java.lang.String getSecurityMechanism()
          Retrieves the human-readable name of the security mechanism that is used to protect communication with this client.
abstract  java.lang.String getServerAddress()
          Retrieves a string representation of the address on the server to which the client connected.
 int getSizeLimit()
          Retrieves the size limit that will be enforced for searches performed using this client connection.
 int getTimeLimit()
          Retrieves the time limit that will be enforced for searches performed using this client connection.
 DN getTrustManagerProviderDN()
          Retrieves the DN of the trust manager provider that should be used for operations requiring access to a trust manager.
 java.nio.channels.Selector getWriteSelector()
          Retrieves a Selector that may be used to ensure that write operations complete in a timely manner, or terminate the connection in the event that they fail to do so.
 boolean hasAllPrivileges(Privilege[] privileges, Operation operation)
          Indicates whether the authenticate client has all of the specified privileges.
 boolean hasPrivilege(Privilege privilege, Operation operation)
          Indicates whether the authenticated client has the specified privilege.
 boolean isMemberOf(Group group, Operation operation)
          Indicates whether the user associated with this client connection should be considered a member of the specified group, optionally evaluated within the context of the provided operation.
abstract  boolean isSecure()
          Indicates whether this client connection is currently using a secure mechanism to communicate with the server.
 boolean mustChangePassword()
          Indicates whether the user associated with this client connection must change their password before they will be allowed to do anything else.
abstract  boolean processDataRead(java.nio.ByteBuffer buffer)
          Indicates that the data in the provided buffer has been read from the client and should be processed.
 void registerPersistentSearch(PersistentSearch persistentSearch)
          Registers the provided persistent search for this client.
abstract  boolean removeOperationInProgress(int messageID)
          Removes the provided operation from the set of operations in progress for this client connection.
 boolean sendIntermediateResponse(IntermediateResponse intermediateResponse)
          Invokes the intermediate response plugins on the provided response message and sends it to the client.
protected abstract  boolean sendIntermediateResponseMessage(IntermediateResponse intermediateResponse)
          Sends the provided intermediate response message to the client.
abstract  void sendResponse(Operation operation)
          Sends a response to the client based on the information in the provided operation.
abstract  void sendSearchEntry(SearchOperation searchOperation, SearchResultEntry searchEntry)
          Sends the provided search result entry to the client.
abstract  boolean sendSearchReference(SearchOperation searchOperation, SearchResultReference searchReference)
          Sends the provided search result reference to the client.
 void setAuthenticationInfo(AuthenticationInfo authenticationInfo)
          Specifies information about the authentication that has been performed for this connection.
 void setBindInProgress(boolean bindInProgress)
          Specifies whether a bind operation is in progress on this client connection.
abstract  void setConnectionSecurityProvider(ConnectionSecurityProvider securityProvider)
          Specifies the connection security provider for this client connection.
 void setIdleTimeLimit(long idleTimeLimit)
          Specifies the maximum length of time in milliseconds that this client connection will be allowed to remain idle before it should be disconnected.
 void setLookthroughLimit(int lookthroughLimit)
          Specifies the default maximum number of entries that should be checked for matches during a search.
 void setMustChangePassword(boolean mustChangePassword)
          Specifies whether the user associated with this client connection must change their password before they will be allowed to do anything else.
 void setNetworkGroup(NetworkGroup networkGroup)
          Sets the network group to which the connection belongs.
 void setSASLAuthStateInfo(java.lang.Object saslAuthState)
          Specifies an opaque set of information that may be used for processing multi-stage SASL binds.
 void setSizeLimit(int sizeLimit)
          Specifies the size limit that will be enforced for searches performed using this client connection.
 void setTimeLimit(int timeLimit)
          Specifies the time limit that will be enforced for searches performed using this client connection.
 void setUnauthenticated()
          Sets properties in this client connection to indicate that the client is unauthenticated.
 java.lang.String toString()
          Retrieves a string representation of this client connection.
abstract  void toString(java.lang.StringBuilder buffer)
          Appends a string representation of this client connection to the provided buffer.
 void updateAuthenticationInfo(Entry oldEntry, Entry newEntry)
          Updates the cached entry associated with either the authentication and/or authorization identity with the provided version.
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ClientConnection

protected ClientConnection()
Performs the appropriate initialization generic to all client connections.

Method Detail

finalizeConnectionInternal

@PublicAPI(stability=PRIVATE,
           mayInstantiate=false,
           mayExtend=false,
           mayInvoke=true,
           notes="This method should only be invoked by connection handlers.")
protected final void finalizeConnectionInternal()
Performs any internal cleanup that may be necessary when this client connection is disconnected, or if not on disconnec, then ultimately whenever it is reaped by the garbage collector. In this case, it will be used to ensure that the connection is deregistered with the AuthenticatedUsers manager, and will then invoke the finalizeClientConnection method.


finalizeClientConnection

@PublicAPI(stability=VOLATILE,
           mayInstantiate=false,
           mayExtend=true,
           mayInvoke=false)
protected void finalizeClientConnection()
Performs any cleanup work that may be necessary when this client connection is terminated. By default, no action is taken.

If possible, this method will be invoked when the client connection is disconnected. If it isn't invoked at that time, then it will be called when the client connection object is finalized by the garbage collector.


getConnectTime

public final long getConnectTime()
Retrieves the time that this connection was established, measured in the number of milliseconds since January 1, 1970 UTC.

Returns:
The time that this connection was established, measured in the number of milliseconds since January 1, 1970 UTC.

getConnectTimeString

public final java.lang.String getConnectTimeString()
Retrieves a string representation of the time that this connection was established.

Returns:
A string representation of the time that this connection was established.

getConnectionID

public abstract long getConnectionID()
Retrieves the unique identifier that has been assigned to this connection.

Returns:
The unique identifier that has been assigned to this connection.

getConnectionHandler

public abstract ConnectionHandler getConnectionHandler()
Retrieves the connection handler that accepted this client connection.

Returns:
The connection handler that accepted this client connection.

getProtocol

public abstract java.lang.String getProtocol()
Retrieves the protocol that the client is using to communicate with the Directory Server.

Returns:
The protocol that the client is using to communicate with the Directory Server.

getClientAddress

public abstract java.lang.String getClientAddress()
Retrieves a string representation of the address of the client.

Returns:
A string representation of the address of the client.

getServerAddress

public abstract java.lang.String getServerAddress()
Retrieves a string representation of the address on the server to which the client connected.

Returns:
A string representation of the address on the server to which the client connected.

getRemoteAddress

public abstract java.net.InetAddress getRemoteAddress()
Retrieves the java.net.InetAddress associated with the remote client system.

Returns:
The java.net.InetAddress associated with the remote client system. It may be null if the client is not connected over an IP-based connection.

getLocalAddress

public abstract java.net.InetAddress getLocalAddress()
Retrieves the java.net.InetAddress for the Directory Server system to which the client has established the connection.

Returns:
The java.net.InetAddress for the Directory Server system to which the client has established the connection. It may be null if the client is not connected over an IP-based connection.

isSecure

public abstract boolean isSecure()
Indicates whether this client connection is currently using a secure mechanism to communicate with the server. Note that this may change over time based on operations performed by the client or server (e.g., it may go from false to true if if the client uses the StartTLS extended operation).

Returns:
true if the client connection is currently using a secure mechanism to communicate with the server, or false if not.

getConnectionSecurityProvider

public abstract ConnectionSecurityProvider getConnectionSecurityProvider()
Retrieves the connection security provider for this client connection.

Returns:
The connection security provider for this client connection.

setConnectionSecurityProvider

public abstract void setConnectionSecurityProvider(ConnectionSecurityProvider securityProvider)
Specifies the connection security provider for this client connection.

Parameters:
securityProvider - The connection security provider to use for communication on this client connection.

getSecurityMechanism

public abstract java.lang.String getSecurityMechanism()
Retrieves the human-readable name of the security mechanism that is used to protect communication with this client.

Returns:
The human-readable name of the security mechanism that is used to protect communication with this client, or null if no security is in place.

getWriteSelector

public java.nio.channels.Selector getWriteSelector()
Retrieves a Selector that may be used to ensure that write operations complete in a timely manner, or terminate the connection in the event that they fail to do so. This is an optional method for client connections, and the default implementation returns null to indicate that the maximum blocked write time limit is not supported for this connection. Subclasses that do wish to support this functionality should return a valid Selector object.

Returns:
The Selector that may be used to ensure that write operations complete in a timely manner, or null if this client connection does not support maximum blocked write time limit functionality.

getMaxBlockedWriteTimeLimit

public long getMaxBlockedWriteTimeLimit()
Retrieves the maximum length of time in milliseconds that attempts to write data to the client should be allowed to block. A value of zero indicates there should be no limit.

Returns:
The maximum length of time in milliseconds that attempts to write data to the client should be allowed to block, or zero if there should be no limit.

processDataRead

public abstract boolean processDataRead(java.nio.ByteBuffer buffer)
Indicates that the data in the provided buffer has been read from the client and should be processed. The contents of the provided buffer will be in clear-text (the data may have been passed through a connection security provider to obtain the clear-text version), and may contain part or all of one or more client requests.

Parameters:
buffer - The byte buffer containing the data available for reading.
Returns:
true if all the data in the provided buffer was processed and the client connection can remain established, or false if a decoding error occurred and requests from this client should no longer be processed. Note that if this method does return false, then it must have already disconnected the client.

sendResponse

public abstract void sendResponse(Operation operation)
Sends a response to the client based on the information in the provided operation.

Parameters:
operation - The operation for which to send the response.

sendSearchEntry

public abstract void sendSearchEntry(SearchOperation searchOperation,
                                     SearchResultEntry searchEntry)
                              throws DirectoryException
Sends the provided search result entry to the client.

Parameters:
searchOperation - The search operation with which the entry is associated.
searchEntry - The search result entry to be sent to the client.
Throws:
DirectoryException - If a problem occurs while attempting to send the entry to the client and the search should be terminated.

sendSearchReference

public abstract boolean sendSearchReference(SearchOperation searchOperation,
                                            SearchResultReference searchReference)
                                     throws DirectoryException
Sends the provided search result reference to the client.

Parameters:
searchOperation - The search operation with which the reference is associated.
searchReference - The search result reference to be sent to the client.
Returns:
true if the client is able to accept referrals, or false if the client cannot handle referrals and no more attempts should be made to send them for the associated search operation.
Throws:
DirectoryException - If a problem occurs while attempting to send the reference to the client and the search should be terminated.

sendIntermediateResponse

public final boolean sendIntermediateResponse(IntermediateResponse intermediateResponse)
Invokes the intermediate response plugins on the provided response message and sends it to the client.

Parameters:
intermediateResponse - The intermediate response message to be sent.
Returns:
true if processing on the associated operation should continue, or false if not.

sendIntermediateResponseMessage

protected abstract boolean sendIntermediateResponseMessage(IntermediateResponse intermediateResponse)
Sends the provided intermediate response message to the client.

Parameters:
intermediateResponse - The intermediate response message to be sent.
Returns:
true if processing on the associated operation should continue, or false if not.

disconnect

public abstract void disconnect(DisconnectReason disconnectReason,
                                boolean sendNotification,
                                Message message)
Closes the connection to the client, optionally sending it a message indicating the reason for the closure. Note that the ability to send a notice of disconnection may not be available for all protocols or under all circumstances. Also note that when attempting to disconnect a client connection as a part of operation processing (e.g., within a plugin or other extension), the disconnectClient method within that operation should be called rather than invoking this method directly.

All subclasses must invoke the finalizeConnectionInternal method during the course of processing this method.

Parameters:
disconnectReason - The disconnect reason that provides the generic cause for the disconnect.
sendNotification - Indicates whether to try to provide notification to the client that the connection will be closed.
message - The message to send to the client. It may be null if no notification is to be sent.

bindInProgress

public boolean bindInProgress()
Indicates whether a bind operation is in progress on this client connection. If so, then no new operations should be allowed until the bind has completed.

Returns:
true if a bind operation is in progress on this connection, or false if not.

setBindInProgress

public void setBindInProgress(boolean bindInProgress)
Specifies whether a bind operation is in progress on this client connection. If so, then no new operations should be allowed until the bind has completed.

Parameters:
bindInProgress - Specifies whether a bind operation is in progress on this client connection.

mustChangePassword

public final boolean mustChangePassword()
Indicates whether the user associated with this client connection must change their password before they will be allowed to do anything else.

Returns:
true if the user associated with this client connection must change their password before they will be allowed to do anything else, or false if not.

setMustChangePassword

public final void setMustChangePassword(boolean mustChangePassword)
Specifies whether the user associated with this client connection must change their password before they will be allowed to do anything else.

Parameters:
mustChangePassword - Specifies whether the user associated with this client connection must change their password before they will be allowed to do anything else.

getOperationsInProgress

public abstract java.util.Collection<AbstractOperation> getOperationsInProgress()
Retrieves the set of operations in progress for this client connection. This list must not be altered by any caller.

Returns:
The set of operations in progress for this client connection.

getOperationInProgress

public abstract AbstractOperation getOperationInProgress(int messageID)
Retrieves the operation in progress with the specified message ID.

Parameters:
messageID - The message ID of the operation to retrieve.
Returns:
The operation in progress with the specified message ID, or null if no such operation could be found.

removeOperationInProgress

public abstract boolean removeOperationInProgress(int messageID)
Removes the provided operation from the set of operations in progress for this client connection. Note that this does not make any attempt to cancel any processing that may already be in progress for the operation.

Parameters:
messageID - The message ID of the operation to remove from the set of operations in progress.
Returns:
true if the operation was found and removed from the set of operations in progress, or false if not.

getPersistentSearches

public final java.util.concurrent.CopyOnWriteArrayList<PersistentSearch> getPersistentSearches()
Retrieves the set of persistent searches registered for this client.

Returns:
The set of persistent searches registered for this client.

registerPersistentSearch

@PublicAPI(stability=PRIVATE,
           mayInstantiate=false,
           mayExtend=false,
           mayInvoke=false)
public final void registerPersistentSearch(PersistentSearch persistentSearch)
Registers the provided persistent search for this client. Note that this should only be called by DirectoryServer.registerPersistentSearch and not through any other means.

Parameters:
persistentSearch - The persistent search to register for this client.

deregisterPersistentSearch

@PublicAPI(stability=PRIVATE,
           mayInstantiate=false,
           mayExtend=false,
           mayInvoke=false)
public final void deregisterPersistentSearch(PersistentSearch persistentSearch)
Deregisters the provided persistent search for this client. Note that this should only be called by DirectoryServer.deregisterPersistentSearch and not through any other means.

Parameters:
persistentSearch - The persistent search to deregister for this client.

cancelOperation

public abstract CancelResult cancelOperation(int messageID,
                                             CancelRequest cancelRequest)
Attempts to cancel the specified operation.

Parameters:
messageID - The message ID of the operation to cancel.
cancelRequest - An object providing additional information about how the cancel should be processed.
Returns:
A cancel result that either indicates that the cancel was successful or provides a reason that it was not.

cancelAllOperations

public abstract void cancelAllOperations(CancelRequest cancelRequest)
Attempts to cancel all operations in progress on this connection.

Parameters:
cancelRequest - An object providing additional information about how the cancel should be processed.

cancelAllOperationsExcept

public abstract void cancelAllOperationsExcept(CancelRequest cancelRequest,
                                               int messageID)
Attempts to cancel all operations in progress on this connection except the operation with the specified message ID.

Parameters:
cancelRequest - An object providing additional information about how the cancel should be processed.
messageID - The message ID of the operation that should not be canceled.

getAuthenticationInfo

public AuthenticationInfo getAuthenticationInfo()
Retrieves information about the authentication that has been performed for this connection.

Returns:
Information about the user that is currently authenticated on this connection.

setAuthenticationInfo

public void setAuthenticationInfo(AuthenticationInfo authenticationInfo)
Specifies information about the authentication that has been performed for this connection.

Parameters:
authenticationInfo - Information about the authentication that has been performed for this connection. It should not be null.

updateAuthenticationInfo

public final void updateAuthenticationInfo(Entry oldEntry,
                                           Entry newEntry)
Updates the cached entry associated with either the authentication and/or authorization identity with the provided version.

Parameters:
oldEntry - The user entry currently serving as the authentication and/or authorization identity.
newEntry - The updated entry that should replace the existing entry. It may optionally have a different DN than the old entry.

setUnauthenticated

public void setUnauthenticated()
Sets properties in this client connection to indicate that the client is unauthenticated. This includes setting the authentication info structure to an empty default, as well as setting the size and time limit values to their defaults.


hasPrivilege

public boolean hasPrivilege(Privilege privilege,
                            Operation operation)
Indicates whether the authenticated client has the specified privilege.

Parameters:
privilege - The privilege for which to make the determination.
operation - The operation being processed which needs to make the privilege determination, or null if there is no associated operation.
Returns:
true if the authenticated client has the specified privilege, or false if not.

hasAllPrivileges

public boolean hasAllPrivileges(Privilege[] privileges,
                                Operation operation)
Indicates whether the authenticate client has all of the specified privileges.

Parameters:
privileges - The array of privileges for which to make the determination.
operation - The operation being processed which needs to make the privilege determination, or null if there is no associated operation.
Returns:
true if the authenticated client has all of the specified privileges, or false if not.

getSASLAuthStateInfo

public final java.lang.Object getSASLAuthStateInfo()
Retrieves an opaque set of information that may be used for processing multi-stage SASL binds.

Returns:
An opaque set of information that may be used for processing multi-stage SASL binds.

setSASLAuthStateInfo

public final void setSASLAuthStateInfo(java.lang.Object saslAuthState)
Specifies an opaque set of information that may be used for processing multi-stage SASL binds.

Parameters:
saslAuthState - An opaque set of information that may be used for processing multi-stage SASL binds.

getSizeLimit

public final int getSizeLimit()
Retrieves the size limit that will be enforced for searches performed using this client connection.

Returns:
The size limit that will be enforced for searches performed using this client connection.

setSizeLimit

public void setSizeLimit(int sizeLimit)
Specifies the size limit that will be enforced for searches performed using this client connection.

Parameters:
sizeLimit - The size limit that will be enforced for searches performed using this client connection.

getIdleTimeLimit

public final long getIdleTimeLimit()
Retrieves the maximum length of time in milliseconds that this client connection will be allowed to remain idle before it should be disconnected.

Returns:
The maximum length of time in milliseconds that this client connection will be allowed to remain idle before it should be disconnected.

setIdleTimeLimit

public void setIdleTimeLimit(long idleTimeLimit)
Specifies the maximum length of time in milliseconds that this client connection will be allowed to remain idle before it should be disconnected.

Parameters:
idleTimeLimit - The maximum length of time in milliseconds that this client connection will be allowed to remain idle before it should be disconnected.

getLookthroughLimit

public final int getLookthroughLimit()
Retrieves the default maximum number of entries that should checked for matches during a search.

Returns:
The default maximum number of entries that should checked for matches during a search.

setLookthroughLimit

public void setLookthroughLimit(int lookthroughLimit)
Specifies the default maximum number of entries that should be checked for matches during a search.

Parameters:
lookthroughLimit - The default maximum number of entries that should be check for matches during a search.

getTimeLimit

public final int getTimeLimit()
Retrieves the time limit that will be enforced for searches performed using this client connection.

Returns:
The time limit that will be enforced for searches performed using this client connection.

setTimeLimit

public void setTimeLimit(int timeLimit)
Specifies the time limit that will be enforced for searches performed using this client connection.

Parameters:
timeLimit - The time limit that will be enforced for searches performed using this client connection.

getMonitorSummary

public abstract java.lang.String getMonitorSummary()
Retrieves a one-line summary of this client connection in a form that is suitable for including in the monitor entry for the associated connection handler. It should be in a format that is both humand readable and machine parseable (e.g., a space-delimited name-value list, with quotes around the values).

Returns:
A one-line summary of this client connection in a form that is suitable for including in the monitor entry for the associated connection handler.

isMemberOf

public boolean isMemberOf(Group group,
                          Operation operation)
                   throws DirectoryException
Indicates whether the user associated with this client connection should be considered a member of the specified group, optionally evaluated within the context of the provided operation. If an operation is given, then the determination should be made based on the authorization identity for that operation. If the operation is null, then the determination should be made based on the authorization identity for this client connection. Note that this is a point-in-time determination and the caller must not cache the result.

Parameters:
group - The group for which to make the determination.
operation - The operation to use to obtain the authorization identity for which to make the determination, or null if the authorization identity should be obtained from this client connection.
Returns:
true if the target user is currently a member of the specified group, or false if not.
Throws:
DirectoryException - If a problem occurs while attempting to make the determination.

getGroups

public java.util.Set<Group> getGroups(Operation operation)
                               throws DirectoryException
Retrieves the set of groups in which the user associated with this client connection may be considered to be a member. If an operation is provided, then the determination should be made based on the authorization identity for that operation. If the operation is null, then it should be made based on the authorization identity for this client connection. Note that this is a point-in-time determination and the caller must not cache the result.

Parameters:
operation - The operation to use to obtain the authorization identity for which to retrieve the associated groups, or null if the authorization identity should be obtained from this client connection.
Returns:
The set of groups in which the target user is currently a member.
Throws:
DirectoryException - If a problem occurs while attempting to make the determination.

getKeyManagerProviderDN

public DN getKeyManagerProviderDN()
Retrieves the DN of the key manager provider that should be used for operations requiring access to a key manager. The default implementation returns null to indicate that no key manager provider is avaialble, but subclasses should override this method to return a valid DN if they perform operations which may need access to a key manager.

Returns:
The DN of the key manager provider that should be used for operations requiring access to a key manager, or null if there is no key manager provider configured for this client connection.

getTrustManagerProviderDN

public DN getTrustManagerProviderDN()
Retrieves the DN of the trust manager provider that should be used for operations requiring access to a trust manager. The default implementation returns null to indicate that no trust manager provider is avaialble, but subclasses should override this method to return a valid DN if they perform operations which may need access to a trust manager.

Returns:
The DN of the trust manager provider that should be used for operations requiring access to a trust manager, or null if there is no trust manager provider configured for this client connection.

getCertificateAlias

public java.lang.String getCertificateAlias()
Retrieves the alias of the server certificate that should be used for operations requiring a server certificate. The default implementation returns null to indicate that any alias is acceptable.

Returns:
The alias of the server certificate that should be used for operations requring a server certificate, or null if any alias is acceptable.

toString

public final java.lang.String toString()
Retrieves a string representation of this client connection.

Overrides:
toString in class java.lang.Object
Returns:
A string representation of this client connection.

toString

public abstract void toString(java.lang.StringBuilder buffer)
Appends a string representation of this client connection to the provided buffer.

Parameters:
buffer - The buffer to which the information should be appended.

finalize

protected void finalize()
Performs any work that may be needed before the JVM invokes garbage collection for this object. In this case, it makes sure to deregister with the Directory Server as a change notification listener. If a subclass wishes to perform custom finalization processing, then it should override this method and make sure to invoke super.finalize as its first call.

Overrides:
finalize in class java.lang.Object

getNetworkGroup

public final NetworkGroup getNetworkGroup()
Returns the network group to which the connection belongs.

Returns:
the network group attached to the connection

setNetworkGroup

public final void setNetworkGroup(NetworkGroup networkGroup)
Sets the network group to which the connection belongs.

Parameters:
networkGroup - the network group to which the connections belongs to

getIdleTime

public long getIdleTime()
Retrieves the length of time in milliseconds that this client connection has been idle.

Note that the default implementation will always return zero. Subclasses associated with connection handlers should override this method if they wish to provided idle time limit functionality.

Returns:
The length of time in milliseconds that this client connection has been idle.