Element Summary

ElementDescriptionClass
aciAuthorizationInterceptorAn ACI based authorization service.org.apache.directory.server.core.authz.AciAuthorizationInterceptor
apacheDSApache Directory Server top level.org.apache.directory.server.configuration.ApacheDS
authenticationInterceptorAn {@link Interceptor} that authenticates users.org.apache.directory.server.core.authn.AuthenticationInterceptor
certGenerationRequestHandlerAn extended handler for digital certificate generationorg.apache.directory.server.ldap.handlers.extended.CertGenerationRequestHandler
changeLogInterceptorAn interceptor which intercepts write operations to the directory and logs them with the server's ChangeLog service. Note: Adding/deleting a tag is not recorded as a changeorg.apache.directory.server.core.changelog.ChangeLogInterceptor
changePasswordServerContains the configuration parameters for the Change Password protocol provider.org.apache.directory.server.changepw.ChangePasswordServer
collectiveAttributeInterceptorAn interceptor based service dealing with collective attribute management. This service intercepts read operations on entries to inject collective attribute value pairs into the response based on the entires inclusion within collectiveAttributeSpecificAreas and collectiveAttributeInnerAreas.org.apache.directory.server.core.collective.CollectiveAttributeInterceptor
cramMd5MechanismHandlerThe CRAM-MD Sasl mechanism handler.org.apache.directory.server.ldap.handlers.bind.cramMD5.CramMd5MechanismHandler
defaultAuthorizationInterceptorAn {@link Interceptor} that controls access to {@link DefaultPartitionNexus}. If a user tries to perform any operations that requires permission he or she doesn't have, {@link NoPermissionException} will be thrown and therefore the current invocation chain will terminate.org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor
defaultDirectoryServiceDefault implementation of {@link DirectoryService}.org.apache.directory.server.core.DefaultDirectoryService
defaultJournalStoreorg.apache.directory.server.core.journal.DefaultJournalStore
digestMd5MechanismHandlerThe DIGEST-MD5 mechanism handler.org.apache.directory.server.ldap.handlers.bind.digestMD5.DigestMd5MechanismHandler
dnsServerContains the configuration parameters for the DNS protocol provider.org.apache.directory.server.dns.DnsServer
eventInterceptorAn {@link Interceptor} based service for notifying {@link DirectoryListener}s of changes to the DIT.org.apache.directory.server.core.event.EventInterceptor
exceptionInterceptorAn {@link org.apache.directory.server.core.interceptor.Interceptor} that detects any operations that breaks integrity of {@link Partition} and terminates the current invocation chain by throwing a {@link Exception}. Those operations include when an entry already exists at a DN and is added once again to the same DN.org.apache.directory.server.core.exception.ExceptionInterceptor
extendedOperationHandlerAn extension (hook) point that enables an implementor to provide his or her own LDAP 'Extended' operation.org.apache.directory.server.ldap.ExtendedOperationHandler
gracefulShutdownHandlerorg.apache.directory.server.ldap.handlers.extended.GracefulShutdownHandler
gssapiMechanismHandlerThe GSSAPI Sasl mechanism handler.org.apache.directory.server.ldap.handlers.bind.gssapi.GssapiMechanismHandler
httpServerClass to start the jetty http serverorg.apache.directory.server.integration.http.HttpServer
jdbmIndexA Jdbm based index implementation.org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmIndex
jdbmPartitionA {@link Partition} that stores entries in JDBM database.org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition
journalInterceptorAn interceptor which intercepts write operations to the directory and logs them into a journal.org.apache.directory.server.core.journal.JournalInterceptor
kdcServerContains the configuration parameters for the Kerberos protocol provider.org.apache.directory.server.kerberos.kdc.KdcServer
keyDerivationInterceptorAn {@link Interceptor} that creates symmetric Kerberos keys for users. When a 'userPassword' is added or modified, the 'userPassword' and 'krb5PrincipalName' are used to derive Kerberos keys. If the 'userPassword' is the special keyword 'randomKey', a random key is generated and used as the Kerberos key.org.apache.directory.server.core.kerberos.KeyDerivationInterceptor
launchDiagnosticUiHandlerorg.apache.directory.server.ldap.handlers.extended.LaunchDiagnosticUiHandler
ldapServerAn LDAP protocol provider implementation which dynamically associates handlers.org.apache.directory.server.ldap.LdapServer
memoryChangeLogStoreA change log store that keeps it's information in memory.org.apache.directory.server.core.changelog.MemoryChangeLogStore
normalizationInterceptorA name normalization service. This service makes sure all relative and distinguished names are normalized before calls are made against the respective interface methods on {@link DefaultPartitionNexus}. The Filters are also normalized. If the RDN AttributeTypes are not present in the entry for an Add request, they will be added.org.apache.directory.server.core.normalization.NormalizationInterceptor
ntlmMechanismHandlerA handler for the NTLM Sasl and GSS-SPNEGO mechanism. Note that both mechanisms require an NTLM mechanism provider which could be implemented using jCIFS or native Win32 system calls via a JNI wrapper.org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler
ntpServerContains the configuration parameters for the NTP protocol provider.org.apache.directory.server.ntp.NtpServer
operationalAttributeInterceptorAn {@link Interceptor} that adds or modifies the default attributes of entries. There are four default attributes for now; 'creatorsName', 'createTimestamp', 'modifiersName', and 'modifyTimestamp'.org.apache.directory.server.core.operational.OperationalAttributeInterceptor
passwordPolicyInterceptorAn {@link Interceptor} that enforces password policy for users. Add or modify operations on the 'userPassword' attribute are checked against a password policy. The password is rejected if it does not pass the password policy checks. The password MUST be passed to the core as plaintext.org.apache.directory.server.core.kerberos.PasswordPolicyInterceptor
plainMechanismHandlerA handler for the PLAIN Sasl mechanism.org.apache.directory.server.ldap.handlers.bind.plain.PlainMechanismHandler
referralInterceptorAn service which is responsible referral handling behavoirs. It manages referral handling behavoir when the {@link Context#REFERRAL} is implicitly or explicitly set to "ignore", when set to "throw" and when set to "follow".org.apache.directory.server.core.referral.ReferralInterceptor
replicaPeerConfigurationA configuration for a replica peer. We may have many replications relation set for a server, each one of them being described with this structure.org.apache.directory.server.ldap.replication.ReplicaPeerConfiguration
replicationSystemThe replication sub-system.org.apache.directory.server.ldap.replication.ReplicationSystem
schemaInterceptorAn {@link org.apache.directory.server.core.interceptor.Interceptor} that manages and enforces schemas.org.apache.directory.server.core.schema.SchemaInterceptor
simpleMechanismHandlerA Dummy mechanism handler for Simple mechanism: not really used but needed for the mechanism map.org.apache.directory.server.ldap.handlers.bind.SimpleMechanismHandler
standardThreadPoolorg.apache.directory.server.protocol.shared.StandardThreadPool
startTlsHandlerHandler for the StartTLS extended operation.org.apache.directory.server.ldap.handlers.extended.StartTlsHandler
storedProcedureExtendedOperationHandlerorg.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler
subentryInterceptorThe Subentry interceptor service which is responsible for filtering out subentries on search operations and injecting operational attributesorg.apache.directory.server.core.subtree.SubentryInterceptor
tcpTransportorg.apache.directory.server.protocol.shared.transport.TcpTransport
triggerInterceptorThe Trigger Service based on the Trigger Specification.org.apache.directory.server.core.trigger.TriggerInterceptor
udpTransportorg.apache.directory.server.protocol.shared.transport.UdpTransport
webAppA class to configure a web applicationorg.apache.directory.server.integration.http.WebApp

Element Detail

Element: aciAuthorizationInterceptor

Element: apacheDS

AttributeTypeDescription
ldifDirectoryxs:stringGet the directory where
synchPeriodMillisxs:long
ElementTypeDescription
ldapServerldapServer

Element: authenticationInterceptor

ElementTypeDescription
authenticators(<spring:bean/>)*

Element: certGenerationRequestHandler

ElementTypeDescription
ldapServerldapServer

Element: changeLogInterceptor

Element: changePasswordServer

AttributeTypeDescription
allowableClockSkewxs:longReturns the allowable clock skew.
catelogBasedxs:booleanGets true if this service uses a catalog for searching different regions of the DIT for its data.
emptyAddressesAllowedxs:booleanReturns whether empty addresses are allowed.
enabledxs:boolean{@inheritDoc}
policyCategoryCountxs:integerSets the policy category count - what's this?
policyPasswordLengthxs:integerSets the policy's minimum?? password length.
policyTokenSizexs:integerSets the policy token size - what's this?
primaryRealmxs:stringReturns the primary realm.
searchBaseDnxs:stringReturns the search base DN.
servicePrincipalxs:stringReturns the Change Password service principal.
ElementTypeDescription
encryptionTypes(<spring:bean/>)*Returns the encryption types.
transportstcpTransport | udpTransportSet the underlying transports

Element: collectiveAttributeInterceptor

Element: cramMd5MechanismHandler

Element: defaultAuthorizationInterceptor

Element: defaultDirectoryService

AttributeTypeDescription
accessControlEnabledxs:booleanReturns true if access control checks are enabled.
allowAnonymousAccessxs:booleanReturns true if anonymous access is allowed on entries besides the RootDSE. If the access control subsystem is enabled then access to some entries may not be allowed even when full anonymous access is enabled.
denormalizeOpAttrsEnabledxs:booleanreturn true if the operational attributes must be normalized when returned
exitVmOnShutdownxs:boolean
instanceIdxs:string
maxPDUSizexs:integerSet the maximum allowed size for an incoming PDU
passwordHiddenxs:boolean{@inheritDoc}
replicaIdxs:integer
shutdownHookEnabledxs:boolean
syncPeriodMillisxs:long
workingDirectoryxs:stringReturns working directory (counterpart of var/lib) where partitions are stored by default.
ElementTypeDescription
changeLog<spring:bean/>{@inheritDoc}
eventService<spring:bean/>
interceptors(<spring:bean/>)*Returns interceptors in the server.
journal<spring:bean/>{@inheritDoc}
partitions(<spring:bean/>)*Gets the {@link Partition}s used by this DirectoryService.
referralManager<spring:bean/>Set the referralManager
replicationConfiguration<spring:bean/>
schemaManager<spring:bean/>Set the SchemaManager instance.
schemaService<spring:bean/>
systemPartitionjdbmPartition
testEntries(<spring:bean/>)*Returns test directory entries({@link LdifEntry}) to be loaded while bootstrapping.

Element: defaultJournalStore

AttributeTypeDescription
fileNamexs:string
workingDirectoryxs:string{@inheritDoc}

Element: digestMd5MechanismHandler

Element: dnsServer

AttributeTypeDescription
catelogBasedxs:booleanGets true if this service uses a catalog for searching different regions of the DIT for its data.
enabledxs:boolean{@inheritDoc}
searchBaseDnxs:stringReturns the search base DN.
ElementTypeDescription
transportstcpTransport | udpTransportSet the underlying transports

Element: eventInterceptor

Element: exceptionInterceptor

Element: extendedOperationHandler

ElementTypeDescription
ldapServerldapServerSets the LDAP server for this extendedOperation handler.

Element: gracefulShutdownHandler

ElementTypeDescription
ldapServerldapServer

Element: gssapiMechanismHandler

Element: httpServer

AttributeTypeDescription
confFilexs:string
portxs:integer
ElementTypeDescription
webApps(<spring:bean/>)*

Element: jdbmIndex

AttributeTypeDescription
attributeIdxs:stringGets the attribute identifier set at configuration time for this index which may not be the OID but an alias name for the attributeType associated with this Index
cacheSizexs:integerGets the size of the index cache in terms of the number of index entries to be cached.
numDupLimitxs:integerGets the threshold at which point duplicate keys use btree indirection to store their values.
wkDirPathxs:stringGets the working directory path to something other than the default. Sometimes more performance is gained by locating indices on separate disk spindles.

Element: jdbmPartition

AttributeTypeDescription
cacheSizexs:integer
idxs:string
optimizerEnabledxs:boolean
partitionDirxs:string
suffixxs:string
syncOnWritexs:boolean
ElementTypeDescription
aliasIndexOnjdbmIndex
indexedAttributes(<spring:bean/>)*
ndnIndexOnjdbmIndex
oneAliasIndexOnjdbmIndex
oneLevelIndexOnjdbmIndex
presenceIndexOnjdbmIndex
schemaManager<spring:bean/>
subAliasIndexOnjdbmIndex
updnIndexOnjdbmIndex

Element: journalInterceptor

Element: kdcServer

AttributeTypeDescription
allowableClockSkewxs:longReturns the allowable clock skew.
bodyChecksumVerifiedxs:boolean
catelogBasedxs:booleanGets true if this service uses a catalog for searching different regions of the DIT for its data.
emptyAddressesAllowedxs:boolean
enabledxs:boolean{@inheritDoc}
forwardableAllowedxs:boolean
kdcPrincipalxs:string
maximumRenewableLifetimexs:long
maximumTicketLifetimexs:long
paEncTimestampRequiredxs:booleanReturns whether pre-authentication by encrypted timestamp is required.
postdatedAllowedxs:boolean
primaryRealmxs:stringReturns the primary realm.
proxiableAllowedxs:boolean
renewableAllowedxs:boolean
searchBaseDnxs:stringReturns the search base DN.
ElementTypeDescription
encryptionTypes(<spring:bean/>)*Returns the encryption types.
transportstcpTransport | udpTransportSet the underlying transports

Element: keyDerivationInterceptor

Element: launchDiagnosticUiHandler

ElementTypeDescription
ldapServerldapServer

Element: ldapServer

AttributeTypeDescription
allowAnonymousAccessxs:booleanReturns true if anonymous access is allowed.
catelogBasedxs:booleanGets true if this service uses a catalog for searching different regions of the DIT for its data.
certificatePasswordxs:stringSet the certificate passord.
confidentialityRequiredxs:booleanGets whether or not TLS secured connections are required to perform operations on this LdapServer.
enabledxs:boolean{@inheritDoc}
keystoreFilexs:stringSet the external keystore path
maxSizeLimitxs:longReturns the maximum size limit in number of entries to return for search.
maxTimeLimitxs:integerReturns the maximum time limit in milliseconds to conduct a search.
saslHostxs:stringReturns the FQDN of this SASL host, validated during SASL negotiation.
saslPrincipalxs:stringReturns the Kerberos principal name for this LDAP service, used by GSSAPI.
searchBaseDnxs:stringReturns the search base DN.
ElementTypeDescription
directoryServicedefaultDirectoryService
extendedOperationHandlers(certGenerationRequestHandler | extendedOperationHandler | gracefulShutdownHandler | launchDiagnosticUiHandler | startTlsHandler | storedProcedureExtendedOperationHandler)*Gets the {@link ExtendedOperationHandler}s.
replicationSystemreplicationSystem
saslMechanismHandlers<spring:bean/>
saslRealms(<spring:bean/>)*Returns the realms serviced by this SASL host, used by DIGEST-MD5 and GSSAPI.
transportstcpTransport | udpTransportSet the underlying transports

Element: memoryChangeLogStore

Element: normalizationInterceptor

Element: ntlmMechanismHandler

AttributeTypeDescription
ntlmProviderFqcnxs:string
ElementTypeDescription
ntlmProvider<spring:bean/>

Element: ntpServer

AttributeTypeDescription
enabledxs:boolean{@inheritDoc}
ElementTypeDescription
transportstcpTransport | udpTransportSet the underlying transports

Element: operationalAttributeInterceptor

Element: passwordPolicyInterceptor

Element: plainMechanismHandler

Element: referralInterceptor

Element: replicaPeerConfiguration

AttributeTypeDescription
intervalxs:longSet the delay between two RefreshOnly replication. Its given in seconds.
passwordxs:string
refreshOnlyxs:booleanSet the type of replication wanted. If false, it will default to RefreshAndPersist.
ElementTypeDescription
principalDN<spring:bean/>
producer<spring:bean/>

Element: replicationSystem

ElementTypeDescription
replicaPeers(<spring:bean/>)*Set the list of replica peers this server is connected to

Element: schemaInterceptor

Element: simpleMechanismHandler

Element: standardThreadPool

AttributeTypeDescription
maxThreadsxs:integer

Element: startTlsHandler

ElementTypeDescription
ldapServerldapServer

Element: storedProcedureExtendedOperationHandler

ElementTypeDescription
ldapServerldapServer

Element: subentryInterceptor

Element: tcpTransport

AttributeTypeDescription
addressxs:string{@inheritDoc}
backLogxs:integer{@inheritDoc}
enableSSLxs:booleanEnable or disable SSL
nbThreadsxs:integer{@inheritDoc}
portxs:integer{@inheritDoc}
tcpPortxs:integerThe port

Element: triggerInterceptor

Element: udpTransport

AttributeTypeDescription
addressxs:string{@inheritDoc}
backLogxs:integer{@inheritDoc}
enableSSLxs:booleanEnable or disable SSL
nbThreadsxs:integer{@inheritDoc}
portxs:integer{@inheritDoc}
udpPortxs:integerThe port

Element: webApp

AttributeTypeDescription
contextPathxs:string
warFilexs:string