org.opends.server.admin.std.server
Interface LDAPConnectionHandlerCfg

All Superinterfaces:
Configuration, ConnectionHandlerCfg

public interface LDAPConnectionHandlerCfg
extends ConnectionHandlerCfg

A server-side interface for querying LDAP Connection Handler settings.

The LDAP Connection Handler is used to interact with clients using LDAP.


Method Summary
 void addLDAPChangeListener(ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener)
          Register to be notified when this LDAP Connection Handler is changed.
 java.lang.Class<? extends LDAPConnectionHandlerCfg> configurationClass()
          Gets the configuration class associated with this LDAP Connection Handler.
 int getAcceptBacklog()
          Gets the "accept-backlog" property.
 java.lang.String getJavaClass()
          Gets the "java-class" property.
 java.lang.String getKeyManagerProvider()
          Gets the "key-manager-provider" property.
 DN getKeyManagerProviderDN()
          Gets the "key-manager-provider" property as a DN.
 java.util.SortedSet<java.net.InetAddress> getListenAddress()
          Gets the "listen-address" property.
 int getListenPort()
          Gets the "listen-port" property.
 long getMaxBlockedWriteTimeLimit()
          Gets the "max-blocked-write-time-limit" property.
 long getMaxRequestSize()
          Gets the "max-request-size" property.
 int getNumRequestHandlers()
          Gets the "num-request-handlers" property.
 java.lang.String getSSLCertNickname()
          Gets the "ssl-cert-nickname" property.
 java.util.SortedSet<java.lang.String> getSSLCipherSuite()
          Gets the "ssl-cipher-suite" property.
 LDAPConnectionHandlerCfgDefn.SSLClientAuthPolicy getSSLClientAuthPolicy()
          Gets the "ssl-client-auth-policy" property.
 java.util.SortedSet<java.lang.String> getSSLProtocol()
          Gets the "ssl-protocol" property.
 java.lang.String getTrustManagerProvider()
          Gets the "trust-manager-provider" property.
 DN getTrustManagerProviderDN()
          Gets the "trust-manager-provider" property as a DN.
 boolean isAllowLDAPV2()
          Gets the "allow-ldap-v2" property.
 boolean isAllowStartTLS()
          Gets the "allow-start-tls" property.
 boolean isAllowTCPReuseAddress()
          Gets the "allow-tcp-reuse-address" property.
 boolean isKeepStats()
          Gets the "keep-stats" property.
 boolean isSendRejectionNotice()
          Gets the "send-rejection-notice" property.
 boolean isUseSSL()
          Gets the "use-ssl" property.
 boolean isUseTCPKeepAlive()
          Gets the "use-tcp-keep-alive" property.
 boolean isUseTCPNoDelay()
          Gets the "use-tcp-no-delay" property.
 void removeLDAPChangeListener(ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener)
          Deregister an existing LDAP Connection Handler configuration change listener.
 
Methods inherited from interface org.opends.server.admin.std.server.ConnectionHandlerCfg
addChangeListener, getAllowedClient, getDeniedClient, isEnabled, removeChangeListener
 
Methods inherited from interface org.opends.server.admin.Configuration
dn
 

Method Detail

configurationClass

java.lang.Class<? extends LDAPConnectionHandlerCfg> configurationClass()
Gets the configuration class associated with this LDAP Connection Handler.

Specified by:
configurationClass in interface Configuration
Specified by:
configurationClass in interface ConnectionHandlerCfg
Returns:
Returns the configuration class associated with this LDAP Connection Handler.

addLDAPChangeListener

void addLDAPChangeListener(ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener)
Register to be notified when this LDAP Connection Handler is changed.

Parameters:
listener - The LDAP Connection Handler configuration change listener.

removeLDAPChangeListener

void removeLDAPChangeListener(ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener)
Deregister an existing LDAP Connection Handler configuration change listener.

Parameters:
listener - The LDAP Connection Handler configuration change listener.

getAcceptBacklog

int getAcceptBacklog()
Gets the "accept-backlog" property.

Specifies the maximum number of pending connection attempts that are allowed to queue up in the accept backlog before the server starts rejecting new connection attempts.

This is primarily an issue for cases in which a large number of connections are established to the server in a very short period of time (for example, a benchmark utility that creates a large number of client threads that each have their own connection to the server) and the connection handler is unable to keep up with the rate at which the new connections are established.

Returns:
Returns the value of the "accept-backlog" property.

isAllowLDAPV2

boolean isAllowLDAPV2()
Gets the "allow-ldap-v2" property.

Indicates whether connections from LDAPv2 clients are allowed.

If LDAPv2 clients are allowed, then only a minimal degree of special support are provided for them to ensure that LDAPv3-specific protocol elements (for example, Configuration Guide 25 controls, extended response messages, intermediate response messages, referrals) are not sent to an LDAPv2 client.

Returns:
Returns the value of the "allow-ldap-v2" property.

isAllowStartTLS

boolean isAllowStartTLS()
Gets the "allow-start-tls" property.

Indicates whether clients are allowed to use StartTLS.

If enabled, the LDAP Connection Handler allows clients to use the StartTLS extended operation to initiate secure communication over an otherwise insecure channel. Note that this is only allowed if the LDAP Connection Handler is not configured to use SSL, and if the server is configured with a valid key manager provider and a valid trust manager provider.

Returns:
Returns the value of the "allow-start-tls" property.

isAllowTCPReuseAddress

boolean isAllowTCPReuseAddress()
Gets the "allow-tcp-reuse-address" property.

Indicates whether the LDAP Connection Handler should reuse socket descriptors.

If enabled, the SO_REUSEADDR socket option is used on the server listen socket to potentially allow the reuse of socket descriptors for clients in a TIME_WAIT state. This may help the server avoid temporarily running out of socket descriptors in cases in which a very large number of short-lived connections have been established from the same client system.

Returns:
Returns the value of the "allow-tcp-reuse-address" property.

getJavaClass

java.lang.String getJavaClass()
Gets the "java-class" property.

Specifies the fully-qualified name of the Java class that provides the LDAP Connection Handler implementation.

Specified by:
getJavaClass in interface ConnectionHandlerCfg
Returns:
Returns the value of the "java-class" property.

isKeepStats

boolean isKeepStats()
Gets the "keep-stats" property.

Indicates whether the LDAP Connection Handler should keep statistics.

If enabled, the LDAP Connection Handler maintains statistics about the number and types of operations requested over LDAP and the amount of data sent and received.

Returns:
Returns the value of the "keep-stats" property.

getKeyManagerProvider

java.lang.String getKeyManagerProvider()
Gets the "key-manager-provider" property.

Specifies the name of the key manager that should be used with this LDAP Connection Handler .

Returns:
Returns the value of the "key-manager-provider" property.

getKeyManagerProviderDN

DN getKeyManagerProviderDN()
Gets the "key-manager-provider" property as a DN.

Specifies the name of the key manager that should be used with this LDAP Connection Handler .

Returns:
Returns the DN value of the "key-manager-provider" property.

getListenAddress

java.util.SortedSet<java.net.InetAddress> getListenAddress()
Gets the "listen-address" property.

Specifies the address or set of addresses on which this LDAP Connection Handler should listen for connections from LDAP clients.

Multiple addresses may be provided as separate values for this attribute. If no values are provided, then the LDAP Connection Handler listens on all interfaces.

Returns:
Returns an unmodifiable set containing the values of the "listen-address" property.

getListenPort

int getListenPort()
Gets the "listen-port" property.

Specifies the port number on which the LDAP Connection Handler will listen for connections from clients.

Only a single port number may be provided.

Returns:
Returns the value of the "listen-port" property.

getMaxBlockedWriteTimeLimit

long getMaxBlockedWriteTimeLimit()
Gets the "max-blocked-write-time-limit" property.

Specifies the maximum length of time that attempts to write data to LDAP clients should be allowed to block.

If an attempt to write data to a client takes longer than this length of time, then the client connection is terminated.

Returns:
Returns the value of the "max-blocked-write-time-limit" property.

getMaxRequestSize

long getMaxRequestSize()
Gets the "max-request-size" property.

Specifies the size of the largest LDAP request message that will be allowed by this LDAP Connection handler.

This property is analogous to the maxBERSize configuration attribute of the Sun Java System Directory Server. This can help prevent denial-of-service attacks by clients that indicate they send extremely large requests to the server causing it to attempt to allocate large amounts of memory.

Returns:
Returns the value of the "max-request-size" property.

getNumRequestHandlers

int getNumRequestHandlers()
Gets the "num-request-handlers" property.

Specifies the number of request handlers that are used to read requests from clients.

The LDAP Connection Handler uses one thread to accept new connections from clients, but uses one or more additional threads to read requests from existing client connections. This ensures that new requests are read efficiently and that the connection handler itself does not become a bottleneck when the server is under heavy load from many clients at the same time.

Returns:
Returns the value of the "num-request-handlers" property.

isSendRejectionNotice

boolean isSendRejectionNotice()
Gets the "send-rejection-notice" property.

Indicates whether the LDAP Connection Handler should send a notice of disconnection extended response message to the client if a new connection is rejected for some reason.

The extended response message may provide an explanation indicating the reason that the connection was rejected.

Returns:
Returns the value of the "send-rejection-notice" property.

getSSLCertNickname

java.lang.String getSSLCertNickname()
Gets the "ssl-cert-nickname" property.

Specifies the nickname (also called the alias) of the certificate that the LDAP Connection Handler should use when performing SSL communication.

This is only applicable when the LDAP Connection Handler is configured to use SSL.

Returns:
Returns the value of the "ssl-cert-nickname" property.

getSSLCipherSuite

java.util.SortedSet<java.lang.String> getSSLCipherSuite()
Gets the "ssl-cipher-suite" property.

Specifies the names of the SSL cipher suites that are allowed for use in SSL or StartTLS communication.

Returns:
Returns an unmodifiable set containing the values of the "ssl-cipher-suite" property.

getSSLClientAuthPolicy

LDAPConnectionHandlerCfgDefn.SSLClientAuthPolicy getSSLClientAuthPolicy()
Gets the "ssl-client-auth-policy" property.

Specifies the policy that the LDAP Connection Handler should use regarding client SSL certificates.

This is only applicable if clients are allowed to use SSL.

Returns:
Returns the value of the "ssl-client-auth-policy" property.

getSSLProtocol

java.util.SortedSet<java.lang.String> getSSLProtocol()
Gets the "ssl-protocol" property.

Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.

Returns:
Returns an unmodifiable set containing the values of the "ssl-protocol" property.

getTrustManagerProvider

java.lang.String getTrustManagerProvider()
Gets the "trust-manager-provider" property.

Specifies the name of the trust manager that should be used with the LDAP Connection Handler .

Returns:
Returns the value of the "trust-manager-provider" property.

getTrustManagerProviderDN

DN getTrustManagerProviderDN()
Gets the "trust-manager-provider" property as a DN.

Specifies the name of the trust manager that should be used with the LDAP Connection Handler .

Returns:
Returns the DN value of the "trust-manager-provider" property.

isUseSSL

boolean isUseSSL()
Gets the "use-ssl" property.

Indicates whether the LDAP Connection Handler should use SSL.

If enabled, the LDAP Connection Handler will use SSL to encrypt communication with the clients.

Returns:
Returns the value of the "use-ssl" property.

isUseTCPKeepAlive

boolean isUseTCPKeepAlive()
Gets the "use-tcp-keep-alive" property.

Indicates whether the LDAP Connection Handler should use TCP keep-alive.

If enabled, the SO_KEEPALIVE socket option is used to indicate that TCP keepalive messages should periodically be sent to the client to verify that the associated connection is still valid. This may also help prevent cases in which intermediate network hardware could silently drop an otherwise idle client connection, provided that the keepalive interval configured in the underlying operating system is smaller than the timeout enforced by the network hardware.

Returns:
Returns the value of the "use-tcp-keep-alive" property.

isUseTCPNoDelay

boolean isUseTCPNoDelay()
Gets the "use-tcp-no-delay" property.

Indicates whether the LDAP Connection Handler should use TCP no-delay.

If enabled, the TCP_NODELAY socket option is used to ensure that response messages to the client are sent immediately rather than potentially waiting to determine whether additional response messages can be sent in the same packet. In most cases, using the TCP_NODELAY socket option provides better performance and lower response times, but disabling it may help for some cases in which the server sends a large number of entries to a client in response to a search request.

Returns:
Returns the value of the "use-tcp-no-delay" property.