Package com.unboundid.ldap.listener

Class InMemoryDirectoryServerConfig

java.lang.Object
com.unboundid.ldap.listener.InMemoryDirectoryServerConfig
Direct Known Subclasses:
ReadOnlyInMemoryDirectoryServerConfig
@NotExtensible @Mutable @ThreadSafety(level=NOT_THREADSAFE) public class InMemoryDirectoryServerConfig extends Object
This class provides a simple data structure with information that may be used to control the behavior of an InMemoryDirectoryServer instance. At least one base DN must be specified. For all other properties, the following default values will be used unless an alternate configuration is provided:
  • Listeners: The server will provide a single listener that will use an automatically-selected port on all interfaces, which will not use SSL or StartTLS.
  • Allowed Operation Types: All types of operations will be allowed.
  • Authentication Required Operation Types: Authentication will not be required for any types of operations.
  • Schema: The server will use a schema with a number of standard attribute types and object classes.
  • Additional Bind Credentials: The server will not have any additional bind credentials.
  • Referential Integrity Attributes: Referential integrity will not be maintained.
  • Generate Operational Attributes: The server will automatically generate a number of operational attributes.
  • Extended Operation Handlers: The server will support the password modify extended operation as defined in RFC 3062, the start and end transaction extended operations as defined in RFC 5805, and the "Who Am I?" extended operation as defined in RFC 4532.
  • SASL Bind Handlers: The server will support the SASL PLAIN mechanism as defined in RFC 4616.
  • Max ChangeLog Entries: The server will not provide an LDAP changelog.
  • Access Log Handler: The server will not perform any access logging.
  • Code Log Handler: The server will not perform any code logging.
  • LDAP Debug Log Handler: The server will not perform any LDAP debug logging.
  • Listener Exception Handler: The server will not use a listener exception handler.
  • Maximum Size Limit: The server will not enforce a maximum search size limit.
  • Password Attributes: The server will use userPassword as the only password attribute.
  • Password Encoders: The server will not use any password encoders by default, so passwords will remain in clear text.

  • Constructor Details

    • InMemoryDirectoryServerConfig

      public InMemoryDirectoryServerConfig(@NotNull String... baseDNs) throws LDAPException
      Creates a new in-memory directory server config object with the provided set of base DNs.
      Parameters:
      baseDNs - The set of base DNs to use for the server. It must not be null or empty.
      Throws:
      LDAPException - If the provided set of base DN strings is null or empty, or if any of the provided base DN strings cannot be parsed as a valid DN.

    • InMemoryDirectoryServerConfig

      public InMemoryDirectoryServerConfig(@NotNull DN... baseDNs) throws LDAPException
      Creates a new in-memory directory server config object with the default settings.
      Parameters:
      baseDNs - The set of base DNs to use for the server. It must not be null or empty.
      Throws:
      LDAPException - If the provided set of base DNs is null or empty.

    • InMemoryDirectoryServerConfig

      public InMemoryDirectoryServerConfig(@NotNull InMemoryDirectoryServerConfig cfg)
      Creates a new in-memory directory server config object that is a duplicate of the provided config and may be altered without impacting the state of the given config object.
      Parameters:
      cfg - The in-memory directory server config object for to be duplicated.

  • Method Details

    • getBaseDNs

      @NotNull public DN[] getBaseDNs()
      Retrieves the set of base DNs that should be used for the directory server.
      Returns:
      The set of base DNs that should be used for the directory server.

    • setBaseDNs

      public void setBaseDNs(@NotNull String... baseDNs) throws LDAPException
      Specifies the set of base DNs that should be used for the directory server.
      Parameters:
      baseDNs - The set of base DNs that should be used for the directory server. It must not be null or empty.
      Throws:
      LDAPException - If the provided set of base DN strings is null or empty, or if any of the provided base DN strings cannot be parsed as a valid DN.

    • setBaseDNs

      public void setBaseDNs(@NotNull DN... baseDNs) throws LDAPException
      Specifies the set of base DNs that should be used for the directory server.
      Parameters:
      baseDNs - The set of base DNs that should be used for the directory server. It must not be null or empty.
      Throws:
      LDAPException - If the provided set of base DNs is null or empty.

    • getListenerConfigs

      @NotNull public List<InMemoryListenerConfig> getListenerConfigs()
      Retrieves the list of listener configurations that should be used for the directory server.
      Returns:
      The list of listener configurations that should be used for the directory server.

    • setListenerConfigs

      public void setListenerConfigs(@NotNull InMemoryListenerConfig... listenerConfigs) throws LDAPException
      Specifies the configurations for all listeners that should be used for the directory server.
      Parameters:
      listenerConfigs - The configurations for all listeners that should be used for the directory server. It must not be null or empty, and it must not contain multiple configurations with the same name.
      Throws:
      LDAPException - If there is a problem with the provided set of listener configurations.

    • setListenerConfigs

      public void setListenerConfigs(@NotNull Collection<InMemoryListenerConfig> listenerConfigs) throws LDAPException
      Specifies the configurations for all listeners that should be used for the directory server.
      Parameters:
      listenerConfigs - The configurations for all listeners that should be used for the directory server. It must not be null or empty, and it must not contain multiple configurations with the same name.
      Throws:
      LDAPException - If there is a problem with the provided set of listener configurations.

    • getAllowedOperationTypes

      @NotNull public Set<OperationType> getAllowedOperationTypes()
      Retrieves the set of operation types that will be allowed by the server. Note that if the server is configured to support StartTLS, then it will be allowed even if other types of extended operations are not allowed.
      Returns:
      The set of operation types that will be allowed by the server.

    • setAllowedOperationTypes

      public void setAllowedOperationTypes(@Nullable OperationType... operationTypes)
      Specifies the set of operation types that will be allowed by the server. Note that if the server is configured to support StartTLS, then it will be allowed even if other types of extended operations are not allowed.
      Parameters:
      operationTypes - The set of operation types that will be allowed by the server.

    • setAllowedOperationTypes

      public void setAllowedOperationTypes(@Nullable Collection<OperationType> operationTypes)
      Specifies the set of operation types that will be allowed by the server. Note that if the server is configured to support StartTLS, then it will be allowed even if other types of extended operations are not allowed.
      Parameters:
      operationTypes - The set of operation types that will be allowed by the server.

    • getAuthenticationRequiredOperationTypes

      @NotNull public Set<OperationType> getAuthenticationRequiredOperationTypes()
      Retrieves the set of operation types that will only be allowed for authenticated clients. Note that authentication will never be required for bind operations, and if the server is configured to support StartTLS, then authentication will never be required for StartTLS operations even if it is required for other types of extended operations.
      Returns:
      The set of operation types that will only be allowed for authenticated clients.

    • setAuthenticationRequiredOperationTypes

      public void setAuthenticationRequiredOperationTypes(@Nullable OperationType... operationTypes)
      Specifies the set of operation types that will only be allowed for authenticated clients. Note that authentication will never be required for bind operations, and if the server is configured to support StartTLS, then authentication will never be required for StartTLS operations even if it is required for other types of extended operations.
      Parameters:
      operationTypes - The set of operation types that will be allowed for authenticated clients.

    • setAuthenticationRequiredOperationTypes

      public void setAuthenticationRequiredOperationTypes(@Nullable Collection<OperationType> operationTypes)
      Specifies the set of operation types that will only be allowed for authenticated clients. Note that authentication will never be required for bind operations, and if the server is configured to support StartTLS, then authentication will never be required for StartTLS operations even if it is required for other types of extended operations.
      Parameters:
      operationTypes - The set of operation types that will be allowed for authenticated clients.

    • getAdditionalBindCredentials

      @NotNull public Map<DN,byte[]> getAdditionalBindCredentials()
      Retrieves a map containing DNs and passwords of additional users that will be allowed to bind to the server, even if their entries do not exist in the data set. This can be used to mimic the functionality of special administrative accounts (e.g., "cn=Directory Manager" in many directories). The map that is returned may be altered if desired.
      Returns:
      A map containing DNs and passwords of additional users that will be allowed to bind to the server, even if their entries do not exist in the data set.

    • addAdditionalBindCredentials

      public void addAdditionalBindCredentials(@NotNull String dn, @NotNull String password) throws LDAPException
      Adds an additional bind DN and password combination that can be used to bind to the server, even if the corresponding entry does not exist in the data set. This can be used to mimic the functionality of special administrative accounts (e.g., "cn=Directory Manager" in many directories). If a password has already been defined for the given DN, then it will be replaced with the newly-supplied password.
      Parameters:
      dn - The bind DN to allow. It must not be null or represent the null DN.
      password - The password for the provided bind DN. It must not be null or empty.
      Throws:
      LDAPException - If there is a problem with the provided bind DN or password.

    • addAdditionalBindCredentials

      public void addAdditionalBindCredentials(@NotNull String dn, @NotNull byte[] password) throws LDAPException
      Adds an additional bind DN and password combination that can be used to bind to the server, even if the corresponding entry does not exist in the data set. This can be used to mimic the functionality of special administrative accounts (e.g., "cn=Directory Manager" in many directories). If a password has already been defined for the given DN, then it will be replaced with the newly-supplied password.
      Parameters:
      dn - The bind DN to allow. It must not be null or represent the null DN.
      password - The password for the provided bind DN. It must not be null or empty.
      Throws:
      LDAPException - If there is a problem with the provided bind DN or password.

    • getListenerExceptionHandler

      @Nullable public LDAPListenerExceptionHandler getListenerExceptionHandler()
      Retrieves the object that should be used to handle any errors encountered while attempting to interact with a client, if defined.
      Returns:
      The object that should be used to handle any errors encountered while attempting to interact with a client, or null if no exception handler should be used.

    • setListenerExceptionHandler

      public void setListenerExceptionHandler(@Nullable LDAPListenerExceptionHandler exceptionHandler)
      Specifies the LDAP listener exception handler that the server should use to handle any errors encountered while attempting to interact with a client.
      Parameters:
      exceptionHandler - The LDAP listener exception handler that the server should use to handle any errors encountered while attempting to interact with a client. It may be null if no exception handler should be used.

    • getSchema

      @Nullable public Schema getSchema()
      Retrieves the schema that should be used by the server, if defined. If a schema is defined, then it will be used to validate entries and determine which matching rules should be used for various types of matching operations.
      Returns:
      The schema that should be used by the server, or null if no schema should be used.

    • setSchema

      public void setSchema(@Nullable Schema schema)
      Specifies the schema that should be used by the server. If a schema is defined, then it will be used to validate entries and determine which matching rules should be used for various types of matching operations.
      Parameters:
      schema - The schema that should be used by the server. It may be null if no schema should be used.

    • enforceAttributeSyntaxCompliance

      public boolean enforceAttributeSyntaxCompliance()
      Indicates whether the server should reject attribute values which violate the constraints of the associated syntax. This setting will be ignored if a null schema is in place.
      Returns:
      true if the server should reject attribute values which violate the constraints of the associated syntax, or false if not.

    • setEnforceAttributeSyntaxCompliance

      public void setEnforceAttributeSyntaxCompliance(boolean enforceAttributeSyntaxCompliance)
      Specifies whether the server should reject attribute values which violate the constraints of the associated syntax. This setting will be ignored if a null schema is in place.
      Parameters:
      enforceAttributeSyntaxCompliance - Indicates whether the server should reject attribute values which violate the constraints of the associated syntax.

    • enforceSingleStructuralObjectClass

      public boolean enforceSingleStructuralObjectClass()
      Indicates whether the server should reject entries which do not contain exactly one structural object class. This setting will be ignored if a null schema is in place.
      Returns:
      true if the server should reject entries which do not contain exactly one structural object class, or false if it should allow entries which do not have any structural class or that have multiple structural classes.

    • setEnforceSingleStructuralObjectClass

      public void setEnforceSingleStructuralObjectClass(boolean enforceSingleStructuralObjectClass)
      Specifies whether the server should reject entries which do not contain exactly one structural object class. This setting will be ignored if a null schema is in place.
      Parameters:
      enforceSingleStructuralObjectClass - Indicates whether the server should reject entries which do not contain exactly one structural object class.

    • getAccessLogHandler

      @Nullable public Handler getAccessLogHandler()
      Retrieves the log handler that should be used to record access log messages about operations processed by the server, if any.
      Returns:
      The log handler that should be used to record access log messages about operations processed by the server, or null if no access logging should be performed.

    • setAccessLogHandler

      public void setAccessLogHandler(@Nullable Handler accessLogHandler)
      Specifies the log handler that should be used to record access log messages about operations processed by the server.
      Parameters:
      accessLogHandler - The log handler that should be used to record access log messages about operations processed by the server. It may be null if no access logging should be performed.

    • getJSONAccessLogHandler

      @Nullable public Handler getJSONAccessLogHandler()
      Retrieves the log handler that should be used to record JSON-formatted access log messages about operations processed by the server, if any.
      Returns:
      The log handler that should be used to record JSON-formatted access log messages about operations processed by the server, or null if no access logging should be performed.

    • setJSONAccessLogHandler

      public void setJSONAccessLogHandler(@Nullable Handler jsonAccessLogHandler)
      Specifies the log handler that should be used to record JSON-formatted access log messages about operations processed by the server.
      Parameters:
      jsonAccessLogHandler - The log handler that should be used to record JSON-formatted access log messages about operations processed by the server. It may be null if no access logging should be performed.

    • getLDAPDebugLogHandler

      @Nullable public Handler getLDAPDebugLogHandler()
      Retrieves the log handler that should be used to record detailed messages about LDAP communication to and from the server, which may be useful for debugging purposes.
      Returns:
      The log handler that should be used to record detailed protocol-level debug messages about LDAP communication to and from the server, or null if no debug logging should be performed.

    • setLDAPDebugLogHandler

      public void setLDAPDebugLogHandler(@Nullable Handler ldapDebugLogHandler)
      Specifies the log handler that should be used to record detailed messages about LDAP communication to and from the server, which may be useful for debugging purposes.
      Parameters:
      ldapDebugLogHandler - The log handler that should be used to record detailed messages about LDAP communication to and from the server. It may be null if no LDAP debug logging should be performed.

    • getCodeLogPath

      @Nullable public String getCodeLogPath()
      Retrieves the path to a file to be written with generated code that may be used to construct the requests processed by the server.
      Returns:
      The path to a file to be written with generated code that may be used to construct the requests processed by the server, or null if no code log should be written.

    • includeRequestProcessingInCodeLog

      public boolean includeRequestProcessingInCodeLog()
      Indicates whether the code log should include sample code for processing the generated requests. This will only be used if getCodeLogPath() returns a non-null value.
      Returns:
      false if the code log should only include code that corresponds to requests received from clients, or true if the code log should also include sample code for processing the generated requests and interpreting the results.

    • setCodeLogDetails

      public void setCodeLogDetails(@Nullable String codeLogPath, boolean includeProcessing)
      Specifies information about code logging that should be performed by the server, if any.
      Parameters:
      codeLogPath - The path to the file to which a code log should be written. It may be null if no code log should be written.
      includeProcessing - Indicates whether to include sample code that demonstrates how to process the requests and interpret the results. This will only be used if the codeLogPath argument is non-null.

    • getOperationInterceptors

      @NotNull public List<InMemoryOperationInterceptor> getOperationInterceptors()
      Retrieves a list of the operation interceptors that may be used to intercept and transform requests before they are processed by the in-memory directory server, and/or to intercept and transform responses before they are returned to the client. The contents of the list may be altered by the caller.
      Returns:
      An updatable list of the operation interceptors that may be used to intercept and transform requests and/or responses.

    • addInMemoryOperationInterceptor

      public void addInMemoryOperationInterceptor(@NotNull InMemoryOperationInterceptor interceptor)
      Adds the provided operation interceptor to the list of operation interceptors that may be used to transform requests before they are processed by the in-memory directory server, and/or to transform responses before they are returned to the client.
      Parameters:
      interceptor - The operation interceptor that should be invoked in the course of processing requests and responses.

    • getExtendedOperationHandlers

      @NotNull public List<InMemoryExtendedOperationHandler> getExtendedOperationHandlers()
      Retrieves a list of the extended operation handlers that may be used to process extended operations in the server. The contents of the list may be altered by the caller.
      Returns:
      An updatable list of the extended operation handlers that may be used to process extended operations in the server.

    • addExtendedOperationHandler

      public void addExtendedOperationHandler(@NotNull InMemoryExtendedOperationHandler handler)
      Adds the provided extended operation handler for use by the server for processing certain types of extended operations.
      Parameters:
      handler - The extended operation handler that should be used by the server for processing certain types of extended operations.

    • getSASLBindHandlers

      @NotNull public List<InMemorySASLBindHandler> getSASLBindHandlers()
      Retrieves a list of the SASL bind handlers that may be used to process SASL bind requests in the server. The contents of the list may be altered by the caller.
      Returns:
      An updatable list of the SASL bind handlers that may be used to process SASL bind requests in the server.

    • addSASLBindHandler

      public void addSASLBindHandler(@NotNull InMemorySASLBindHandler handler)
      Adds the provided SASL bind handler for use by the server for processing certain types of SASL bind requests.
      Parameters:
      handler - The SASL bind handler that should be used by the server for processing certain types of SASL bind requests.

    • generateOperationalAttributes

      public boolean generateOperationalAttributes()
      Indicates whether the server should automatically generate operational attributes (including entryDN, entryUUID, creatorsName, createTimestamp, modifiersName, modifyTimestamp, and subschemaSubentry) for entries in the server.
      Returns:
      true if the server should automatically generate operational attributes for entries in the server, or false if not.

    • setGenerateOperationalAttributes

      public void setGenerateOperationalAttributes(boolean generateOperationalAttributes)
      Specifies whether the server should automatically generate operational attributes (including entryDN, entryUUID, creatorsName, createTimestamp, modifiersName, modifyTimestamp, and subschemaSubentry) for entries in the server.
      Parameters:
      generateOperationalAttributes - Indicates whether the server should automatically generate operational attributes for entries in the server.

    • getMaxChangeLogEntries

      public int getMaxChangeLogEntries()
      Retrieves the maximum number of changelog entries that the server should maintain.
      Returns:
      The maximum number of changelog entries that the server should maintain, or 0 if the server should not maintain a changelog.

    • setMaxChangeLogEntries

      public void setMaxChangeLogEntries(int maxChangeLogEntries)
      Specifies the maximum number of changelog entries that the server should maintain. A value less than or equal to zero indicates that the server should not attempt to maintain a changelog.
      Parameters:
      maxChangeLogEntries - The maximum number of changelog entries that the server should maintain.

    • getMaxConnections

      public int getMaxConnections()
      Retrieves the maximum number of concurrent connections that the server will allow. If a client tries to establish a new connection while the server already has the maximum number of concurrent connections, then the new connection will be rejected. Note that if the server is configured with multiple listeners, then each listener will be allowed to have up to this number of connections.
      Returns:
      The maximum number of concurrent connections that the server will allow, or zero if no limit should be enforced.

    • setMaxConnections

      public void setMaxConnections(int maxConnections)
      Specifies the maximum number of concurrent connections that the server will allow. If a client tries to establish a new connection while the server already has the maximum number of concurrent connections, then the new connection will be rejected. Note that if the server is configured with multiple listeners, then each listener will be allowed to have up to this number of connections.
      Parameters:
      maxConnections - The maximum number of concurrent connections that the server will allow. A value that is less than or equal to zero indicates no limit.

    • getMaxMessageSizeBytes

      public int getMaxMessageSizeBytes()
      Retrieves the maximum size in bytes for LDAP messages that will be accepted by the server.
      Returns:
      The maximum size in bytes for LDAP messages that will be accepted by the server.

    • setMaxMessageSizeBytes

      public void setMaxMessageSizeBytes(int maxMessageSizeBytes)
      Specifies the maximum size in bytes for LDAP messages that will be accepted by the server.
      Parameters:
      maxMessageSizeBytes - The maximum size in bytes for LDAP messages that will be accepted by the server. A value that is less than or equal to zero will use the maximum allowed message size.

    • getMaxSizeLimit

      public int getMaxSizeLimit()
      Retrieves the maximum number of entries that the server should return in any search operation.
      Returns:
      The maximum number of entries that the server should return in any search operation, or zero if no limit should be enforced.

    • setMaxSizeLimit

      public void setMaxSizeLimit(int maxSizeLimit)
      Specifies the maximum number of entries that the server should return in any search operation. A value less than or equal to zero indicates that no maximum limit should be enforced.
      Parameters:
      maxSizeLimit - The maximum number of entries that the server should return in any search operation.

    • getEqualityIndexAttributes

      @NotNull public List<String> getEqualityIndexAttributes()
      Retrieves a list containing the names or OIDs of the attribute types for which to maintain an equality index to improve the performance of certain kinds of searches.
      Returns:
      A list containing the names or OIDs of the attribute types for which to maintain an equality index to improve the performance of certain kinds of searches, or an empty list if no equality indexes should be created.

    • setEqualityIndexAttributes

      public void setEqualityIndexAttributes(@Nullable String... equalityIndexAttributes)
      Specifies the names or OIDs of the attribute types for which to maintain an equality index to improve the performance of certain kinds of searches.
      Parameters:
      equalityIndexAttributes - The names or OIDs of the attributes for which to maintain an equality index to improve the performance of certain kinds of searches. It may be null or empty to indicate that no equality indexes should be maintained.

    • setEqualityIndexAttributes

      public void setEqualityIndexAttributes(@Nullable Collection<String> equalityIndexAttributes)
      Specifies the names or OIDs of the attribute types for which to maintain an equality index to improve the performance of certain kinds of searches.
      Parameters:
      equalityIndexAttributes - The names or OIDs of the attributes for which to maintain an equality index to improve the performance of certain kinds of searches. It may be null or empty to indicate that no equality indexes should be maintained.

    • getReferentialIntegrityAttributes

      @NotNull public Set<String> getReferentialIntegrityAttributes()
      Retrieves the names of the attributes for which referential integrity should be maintained. If referential integrity is to be provided and an entry is removed, then any other entries containing one of the specified attributes with a value equal to the DN of the entry that was removed, then that value will also be removed. Similarly, if an entry is moved or renamed, then any references to that entry in one of the specified attributes will be updated to reflect the new DN.
      Returns:
      The names of the attributes for which referential integrity should be maintained, or an empty set if referential integrity should not be maintained for any attributes.

    • setReferentialIntegrityAttributes

      public void setReferentialIntegrityAttributes(@Nullable String... referentialIntegrityAttributes)
      Specifies the names of the attributes for which referential integrity should be maintained. If referential integrity is to be provided and an entry is removed, then any other entries containing one of the specified attributes with a value equal to the DN of the entry that was removed, then that value will also be removed. Similarly, if an entry is moved or renamed, then any references to that entry in one of the specified attributes will be updated to reflect the new DN.
      Parameters:
      referentialIntegrityAttributes - The names of the attributes for which referential integrity should be maintained. The values of these attributes should be DNs. It may be null or empty if referential integrity should not be maintained.

    • setReferentialIntegrityAttributes

      public void setReferentialIntegrityAttributes(@Nullable Collection<String> referentialIntegrityAttributes)
      Specifies the names of the attributes for which referential integrity should be maintained. If referential integrity is to be provided and an entry is removed, then any other entries containing one of the specified attributes with a value equal to the DN of the entry that was removed, then that value will also be removed. Similarly, if an entry is moved or renamed, then any references to that entry in one of the specified attributes will be updated to reflect the new DN.
      Parameters:
      referentialIntegrityAttributes - The names of the attributes for which referential integrity should be maintained. The values of these attributes should be DNs. It may be null or empty if referential integrity should not be maintained.

    • getVendorName

      @Nullable public String getVendorName()
      Retrieves the vendor name value to report in the server root DSE.
      Returns:
      The vendor name value to report in the server root DSE, or null if no vendor name should appear.

    • setVendorName

      public void setVendorName(@Nullable String vendorName)
      Specifies the vendor name value to report in the server root DSE.
      Parameters:
      vendorName - The vendor name value to report in the server root DSE. It may be null if no vendor name should appear.

    • getVendorVersion

      @Nullable public String getVendorVersion()
      Retrieves the vendor version value to report in the server root DSE.
      Returns:
      The vendor version value to report in the server root DSE, or null if no vendor version should appear.

    • setVendorVersion

      public void setVendorVersion(@Nullable String vendorVersion)
      Specifies the vendor version value to report in the server root DSE.
      Parameters:
      vendorVersion - The vendor version value to report in the server root DSE. It may be null if no vendor version should appear.

    • getRootDSEEntry

      @Nullable public ReadOnlyEntry getRootDSEEntry()
      Retrieves a predefined entry that should always be returned as the in-memory directory server's root DSE, if defined.
      Returns:
      A predefined entry that should always be returned as the in-memory directory server's root DSE, or null if the root DSE should be dynamically generated.

    • setRootDSEEntry

      public void setRootDSEEntry(@Nullable Entry rootDSEEntry)
      Specifies an entry that should always be returned as the in-memory directory server's root DSE. Note that if a specific root DSE entry is provided, then the generated root DSE will not necessarily accurately reflect the capabilities of the server, nor will it be dynamically updated as operations are processed. As an alternative, the setCustomRootDSEAttributes(java.util.List<com.unboundid.ldap.sdk.Attribute>) method may be used to specify custom attributes that should be included in the root DSE entry while still having the server generate dynamic values for other attributes. If both a root DSE entry and a custom set of root DSE attributes are specified, then the root DSE entry will take precedence.
      Parameters:
      rootDSEEntry - An entry that should always be returned as the in-memory directory server's root DSE, or null to indicate that the root DSE should be dynamically generated.

    • getCustomRootDSEAttributes

      @NotNull public List<Attribute> getCustomRootDSEAttributes()
      Retrieves a list of custom attributes that should be included in the root DSE that is dynamically generated by the in-memory directory server.
      Returns:
      A list of custom attributes that will be included in the root DSE that is generated by the in-memory directory server, or an empty list if none should be included.

    • setCustomRootDSEAttributes

      public void setCustomRootDSEAttributes(@Nullable List<Attribute> customRootDSEAttributes)
      Specifies a list of custom attributes that should be included in the root DSE that is dynamically generated by the in-memory directory server. Note that this list of attributes will not be used if the setRootDSEEntry(com.unboundid.ldap.sdk.Entry) method is used to override the entire entry. Also note that any attributes provided in this list will override those that would be dynamically generated by the in-memory directory server.
      Parameters:
      customRootDSEAttributes - A list of custom attributes that should be included in the root DSE that is dynamically generated by the in-memory directory server. It may be null or empty if no custom attributes should be included in the root DSE.

    • getPasswordAttributes

      @NotNull public Set<String> getPasswordAttributes()
      Retrieves an unmodifiable set containing the names or OIDs of the attributes that may hold passwords. These are the attributes whose values will be used in bind processing, and clear-text values stored in these attributes may be encoded using an InMemoryPasswordEncoder.
      Returns:
      An unmodifiable set containing the names or OIDs of the attributes that may hold passwords, or an empty set if no password attributes have been defined.

    • setPasswordAttributes

      public void setPasswordAttributes(@Nullable String... passwordAttributes)
      Specifies the names or OIDs of the attributes that may hold passwords. These are the attributes whose values will be used in bind processing, and clear-text values stored in these attributes may be encoded using an InMemoryPasswordEncoder.
      Parameters:
      passwordAttributes - The names or OIDs of the attributes that may hold passwords. It may be null or empty if there should not be any password attributes, but that will prevent user authentication from succeeding.

    • setPasswordAttributes

      public void setPasswordAttributes(@Nullable Collection<String> passwordAttributes)
      Specifies the names or OIDs of the attributes that may hold passwords. These are the attributes whose values will be used in bind processing, and clear-text values stored in these attributes may be encoded using an InMemoryPasswordEncoder.
      Parameters:
      passwordAttributes - The names or OIDs of the attributes that may hold passwords. It may be null or empty if there should not be any password attributes, but that will prevent user authentication from succeeding.

    • getPrimaryPasswordEncoder

      @Nullable public InMemoryPasswordEncoder getPrimaryPasswordEncoder()
      Retrieves the primary password encoder for the in-memory directory server, if any. The primary password encoder will be used to encode the values of any clear-text passwords provided in add or modify operations and in LDIF imports, and will also be used during authentication processing for any encoded passwords that start with the same prefix as this password encoder.
      Returns:
      The primary password encoder for the in-memory directory server, or null if clear-text passwords should be left in the clear without any encoding.

    • getSecondaryPasswordEncoders

      @NotNull public List<InMemoryPasswordEncoder> getSecondaryPasswordEncoders()
      Retrieves an unmodifiable map of the secondary password encoders for the in-memory directory server, indexed by prefix. The secondary password encoders will be used to interact with pre-encoded passwords, but will not be used to encode new clear-text passwords.
      Returns:
      An unmodifiable map of the secondary password encoders for the in-memory directory server, or an empty map if no secondary encoders are defined.

    • setPasswordEncoders

      public void setPasswordEncoders(@Nullable InMemoryPasswordEncoder primaryEncoder, @Nullable InMemoryPasswordEncoder... secondaryEncoders) throws LDAPException
      Specifies the set of password encoders to use for the in-memory directory server. There must not be any conflicts between the prefixes used for any of the password encoders (that is, none of the secondary password encoders may use the same prefix as the primary password encoder or the same prefix as any other secondary password encoder).

      Either or both the primary and secondary encoders may be left undefined. If both primary and secondary encoders are left undefined, then the server will assume that all passwords are in the clear. If only a primary encoder is configured without any secondary encoders, then the server will encode all new passwords that don't start with its prefix. If only secondary encoders are configured without a primary encoder, then all new passwords will be left in the clear, but any existing pre-encoded passwords using those mechanisms will be handled properly.
      Parameters:
      primaryEncoder - The primary password encoder to use for the in-memory directory server. This encoder will be used to encode any new clear-text passwords that are provided to the server in add or modify operations or in LDIF imports. It will also be used to interact with pre-encoded passwords for any encoded passwords that start with the same prefix as this password encoder. It may be null if no password encoder is desired and clear-text passwords should remain in the clear.
      secondaryEncoders - The secondary password encoders to use when interacting with pre-encoded passwords, but that will not be used to encode new clear-text passwords. This may be null or empty if no secondary password encoders are needed.
      Throws:
      LDAPException - If there is a conflict between the prefixes used by two or more of the provided encoders.

    • setPasswordEncoders

      public void setPasswordEncoders(@Nullable InMemoryPasswordEncoder primaryEncoder, @Nullable Collection<InMemoryPasswordEncoder> secondaryEncoders) throws LDAPException
      Specifies the set of password encoders to use for the in-memory directory server. There must not be any conflicts between the prefixes used for any of the password encoders (that is, none of the secondary password encoders may use the same prefix as the primary password encoder or the same prefix as any other secondary password encoder).

      Either or both the primary and secondary encoders may be left undefined. If both primary and secondary encoders are left undefined, then the server will assume that all passwords are in the clear. If only a primary encoder is configured without any secondary encoders, then the server will encode all new passwords that don't start with its prefix. If only secondary encoders are configured without a primary encoder, then all new passwords will be left in the clear, but any existing pre-encoded passwords using those mechanisms will be handled properly.
      Parameters:
      primaryEncoder - The primary password encoder to use for the in-memory directory server. This encoder will be used to encode any new clear-text passwords that are provided to the server in add or modify operations or in LDIF imports. It will also be used to interact with pre-encoded passwords for any encoded passwords that start with the same prefix as this password encoder. It may be null if no password encoder is desired and clear-text passwords should remain in the clear.
      secondaryEncoders - The secondary password encoders to use when interacting with pre-encoded passwords, but that will not be used to encode new clear-text passwords. This may be null or empty if no secondary password encoders are needed.
      Throws:
      LDAPException - If there is a conflict between the prefixes used by two or more of the provided encoders.

    • toString

      @NotNull public String toString()
      Retrieves a string representation of this in-memory directory server configuration.
      Overrides:
      toString in class Object
      Returns:
      A string representation of this in-memory directory server configuration.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of this in-memory directory server configuration to the provided buffer.
      Parameters:
      buffer - The buffer to which the string representation should be appended.