com.rli.slapd.server

Class LDAPEntry

java.lang.Object

com.rli.slapd.server.LDAPEntry

All Implemented Interfaces:

java.io.Serializable, java.lang.Cloneable

public class LDAPEntry
extends java.lang.Object
implements java.io.Serializable, java.lang.Cloneable

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected static java.lang.String[]	DEFAULT_IGNORED_ATTR
protected static java.util.Set<java.lang.String>	DEFAULT_IGNORED_ATTR_SET

Constructor Summary

Constructors

Constructor and Description
LDAPEntry() Constructs an empty entry.
LDAPEntry(java.lang.String distinguishedName) Constructs a new entry with the specified distinguished name and with an empty attribute set.
LDAPEntry(java.lang.String distinguishedName, LDAPAttributeSet attrs) Constructs a new entry with the specified distinguished name and set of attributes.

Method Summary

Modifier and Type	Method and Description
static java.util.Set<java.lang.String>	buildValidIgnoredAttributesForNormalization(java.lang.String[] customAttributes, boolean addDefaults) Build a valid HashSet to pass to setIgnoredAttributesForNormalization
static LDAPEntry	byteArrayToEntry(byte[] buf)
java.lang.Object	byteArrayToObject(byte[] buf, int offset) Constacted by CustomerizedSerializable interface.
java.lang.Object	clone()
int	compare(LDAPEntry e2) Compare the entry with an other one, and return byte-to-byte hash-fingerprint comparison.
static int	compare(LDAPEntry e1, LDAPEntry e2) Compare 2 entries regarding their content. compare(e1,e2)==0 is equivalent to e1.equals(e2).
static LDAPModification[]	compareAttributes(LDAPEntry oldInstance, LDAPEntry newInstance) Compare 2 versions (old and new) of one entry. Case sensitive comparison.
static LDAPModification[]	compareAttributes(LDAPEntry oldInstance, LDAPEntry newInstance, boolean ignoreCase) Same as compareAttributes(LDAPEntry, LDAPEntry) with the ignoreCase option
static boolean	containsRangedAttribute(LDAPEntry entry, java.lang.String attrName)
static void	decrypt(LDAPEntry entry, java.util.Collection<java.lang.String> attrNames)
static void	encrypt(LDAPEntry entry, java.util.Collection<java.lang.String> attrNames)
static void	encrypt(LDAPEntry entry, java.util.Collection<java.lang.String> attrNames, boolean forceNoSalt)
boolean	equals(LDAPEntry e2) Test equivalence of content, based on hash-fingerprint.
LDAPAttribute	getAttribute(java.lang.String attrName) In an entry, returns the single attribute that exactly matches the specified attribute name.
LDAPAttributeSet	getAttributeSet() Returns the attribute set of the entry.
java.lang.String	getDN() Returns the distinguished name of the current entry.
byte[]	getHash() Gets the MD5-hash(aka fingerprint) of the entry.
byte[]	getHash(boolean reCompute) Gets the MD5-hash(aka fingerprint) of the entry.
byte[]	getHash(boolean reCompute, java.lang.String algorithm) Gets the hash(aka fingerprint) of the entry.
LDAPDN	getLDAPDN()
void	setDN(java.lang.String name)
void	setIgnoredAttributesForNormalization(java.util.Set<java.lang.String> IgnoredAttributesSet) Define the set of attributes to ignore before computing the hash-fingerprint of the entry.
byte[]	toByteArray() Constacted by CustomerizedSerializable interface.
byte[]	toByteArray(boolean normalize) Constacted by CustomerizedSerializable interface.
java.lang.String	toLDIF() Gets the LDAPEntry in LDIF format.
java.lang.String	toOrderedString()
java.lang.String	toString() Retrieves the string representation of the entry's distinguished name (DN) and its attributes.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

DEFAULT_IGNORED_ATTR

protected static final java.lang.String[] DEFAULT_IGNORED_ATTR

DEFAULT_IGNORED_ATTR_SET

protected static java.util.Set<java.lang.String> DEFAULT_IGNORED_ATTR_SET

Constructor Detail

LDAPEntry

public LDAPEntry()

Constructs an empty entry.

LDAPEntry

public LDAPEntry(java.lang.String distinguishedName)

Constructs a new entry with the specified distinguished name and with an empty attribute set.

Parameters:

distinguishedName - the distinguished name of the new entry

LDAPEntry

public LDAPEntry(java.lang.String distinguishedName,
                 LDAPAttributeSet attrs)

Constructs a new entry with the specified distinguished name and set of attributes.

Parameters:

distinguishedName - the distinguished name of the new entry

attrs - the set of attributes to assign to the new entry

See Also:

LDAPAttributeSet

Method Detail

getDN

public java.lang.String getDN()

Returns the distinguished name of the current entry.

Returns:

distinguished name of the current entry.

setDN

public void setDN(java.lang.String name)

getLDAPDN

public LDAPDN getLDAPDN()
                 throws LDAPException

Throws:

LDAPException

getAttributeSet

public LDAPAttributeSet getAttributeSet()

Returns the attribute set of the entry.

Returns:

set of attributes in the entry.

See Also:

LDAPAttributeSet

getAttribute

public LDAPAttribute getAttribute(java.lang.String attrName)

In an entry, returns the single attribute that exactly matches the specified attribute name.

Parameters:

attrName - name of attribute to return For example:

     "cn"            // Only a non-subtyped version of cn
     "cn;lang-ja"    // Only a Japanese version of cn, will not
                     // return "cn;lang-ja-JP-kanji", for example
 

Returns:

attribute in the current entry that has exactly the same name, or null (if no attribute in the entry matches the specified name).

See Also:

LDAPAttribute

getHash

public byte[] getHash()

Gets the MD5-hash(aka fingerprint) of the entry. Will compute default hashkey if it has not been computed yet.

WARNING : if hashkey has aready been computed and the entry has changed since, getHash() will not be accurate as it will return the previous hashkey ; use getHash(reCompute=true) instead.

Building of a consistent hashkey relies on the possibility to get a unique and relevant representation of the entry. getHash functions takes the unique Byte representation built by toByteArray(normalize=true) and pass it to a hashing function (default : MD5). In order to normalize an entry, some attributes must be ignored. Server attributes, such as 'cacheCreateTimestamp' are indeed irrelevant in the process of fingerprinting the entry. A default static set of ignored attribute is built when toByteArray method is called, only if no custom set is previously defined. To define a custom set, you can use buildValidIgnoredAttributesForNormalization to build a valid HashSet, then pass it to every entry by calling setIgnoredAttributesForNormalization BEFORE calling getHash.

Returns:

hashkey(aka fingerprint) of the entry

See Also:

setIgnoredAttributesForNormalization, MessageDigest

getHash

public byte[] getHash(boolean reCompute)

Gets the MD5-hash(aka fingerprint) of the entry. Will compute default hashkey only if reCompute==true.

WARNING: if reCompute=false and hash has not been computed yet, or entry has changed since, the hash returned will not be accurate (null or wrong).

Building of a consistent hashkey relies on the possibility to get a unique and relevant representation of the entry. getHash functions takes the unique Byte representation built by toByteArray(normalize=true) and pass it to a hashing function (default : MD5). In order to normalize an entry, some attributes must be ignored. Server attributes, such as 'cacheCreateTimestamp' are indeed irrelevant in the process of fingerprinting the entry. A default static set of ignored attribute is built when toByteArray method is called, only if no custom set is previously defined. To define a custom set, you can use buildValidIgnoredAttributesForNormalization to build a valid HashSet, then pass it to every entry by calling setIgnoredAttributesForNormalization BEFORE calling getHash.

Parameters:

reCompute - : true to re-compute it, false to get it as-is

Returns:

hashkey(aka fingerprint) of the entry

See Also:

setIgnoredAttributesForNormalization, MessageDigest

getHash

public byte[] getHash(boolean reCompute,
                      java.lang.String algorithm)

Gets the hash(aka fingerprint) of the entry. Will compute default hashkey only if reCompute==true.

WARNING: if reCompute=false and hash has not been computed yet, or entry has changed since, the hash returned will not be accurate -> null or wrong.

Building of a consistent hashkey relies on the possibility to get a unique and relevant representation of the entry. getHash functions takes the unique Byte representation built by toByteArray(normalize=true) and pass it to a hashing function (default : MD5). In order to normalize an entry, some attributes must be ignored. Server attributes, such as 'cacheCreateTimestamp' are indeed irrelevant in the process of fingerprinting the entry. A default static set of ignored attribute is built when toByteArray method is called, only if no custom set is previously defined. To define a custom set, you can use buildValidIgnoredAttributesForNormalization to build a valid HashSet, then pass it to every entry by calling setIgnoredAttributesForNormalization BEFORE calling getHash.

Parameters:

reCompute - : true to re-compute it, false to get it as-is

algorithm - : the name of the algorithm requested, use MessageDigest. "MD5" or "SHA-256" are recommended. In case of NoSuchAlgorithmException, this method will use MD5 instead.

Returns:

hashkey(aka fingerprint) of the entry

See Also:

setIgnoredAttributesForNormalization, MessageDigest

compare

public static int compare(LDAPEntry e1,
                          LDAPEntry e2)

Compare 2 entries regarding their content.
compare(e1,e2)==0 is equivalent to e1.equals(e2).

Comparison is based on content hashing. Efficient sorting is achieved if every entry has pre-computed hash.

Returns:

e1.hash - e2.hash

See Also:

com.rli.slapd.server.LDAPEntry.getHash()

compareAttributes

public static LDAPModification[] compareAttributes(LDAPEntry oldInstance,
                                                   LDAPEntry newInstance)

Compare 2 versions (old and new) of one entry.
Case sensitive comparison. Use compareAttributes(LDAPEntry, LDAPEntry, boolean) to force ignoreCase. Returns an Array of LDAPModification that leads from the old state to the new state of the entry.

Parameters:

oldInstance - original state of the entry

newInstance - following state of the entry

Returns:

Array of LDAPModification that needs to be executed on the oldInstance to become the newInstance

compareAttributes

public static LDAPModification[] compareAttributes(LDAPEntry oldInstance,
                                                   LDAPEntry newInstance,
                                                   boolean ignoreCase)

Same as compareAttributes(LDAPEntry, LDAPEntry) with the ignoreCase option

compare

public int compare(LDAPEntry e2)

Compare the entry with an other one, and return byte-to-byte hash-fingerprint comparison.

Parameters:

e2 -

Returns:

e2.hash - this.hash

equals

public boolean equals(LDAPEntry e2)

Test equivalence of content, based on hash-fingerprint.

Parameters:

e2 -

Returns:

e1.hash == e2.hash

setIgnoredAttributesForNormalization

public void setIgnoredAttributesForNormalization(java.util.Set<java.lang.String> IgnoredAttributesSet)

Define the set of attributes to ignore before computing the hash-fingerprint of the entry.

WARNING: The ignored attributes set MUST contain only lower case, as lower case representations of attributes names will be directly compared to the elements of this set. Use buildValidIgnoredAttributesForNormalization for safety.

buildValidIgnoredAttributesForNormalization

public static java.util.Set<java.lang.String> buildValidIgnoredAttributesForNormalization(java.lang.String[] customAttributes,
                                                                                          boolean addDefaults)

Build a valid HashSet to pass to setIgnoredAttributesForNormalization

Parameters:

customAttributes - array of attributes to be ignored

addDefaults - set to true to ignore both default and custom ignoredAttributes

Returns:

IgnoredAttributeSet

toString

public java.lang.String toString()

Retrieves the string representation of the entry's distinguished name (DN) and its attributes. For example:

 LDAPEntry: uid=bjensen, ou=People, o=airius.com; LDAPAttributeSet:
 LDAPAttribute {type='cn', values='Barbara Jensen,Babs Jensen'}
 LDAPAttribute {type='sn', values='Jensen'}LDAPAttribute {type='givenname',
 values='Barbara'}LDAPAttribute {type='objectclass', values='top,person,
 organizationalPerson,inetOrgPerson'}LDAPAttribute {type='ou',
 values='Product Development,People'}
 

Overrides:

toString in class java.lang.Object

Returns:

string representation of the entry's DN and its attributes.

toOrderedString

public java.lang.String toOrderedString()

toByteArray

public byte[] toByteArray()
                   throws java.io.IOException

Constacted by CustomerizedSerializable interface. A encoder to convert this object [BPage] into a binary presentation which can then be decoded by the corresponding decoder byteArrayToObject

Throws:

java.io.IOException

toByteArray

public byte[] toByteArray(boolean normalize)
                   throws java.io.IOException

Constacted by CustomerizedSerializable interface. A encoder to convert this object [BPage] into a binary presentation which can then be decoded by the corresponding decoder byteArrayToObject

Parameters:

normalize - true to compute a normalized representation of the entry. Ignores unrelevant/inconsistent attributes defined by setIgnoredAttributesForNormalization.

Returns:

binary representation of the LDAP entry

Throws:

java.io.IOException

See Also:

setIgnoredAttributesForNormalization

byteArrayToObject

public java.lang.Object byteArrayToObject(byte[] buf,
                                          int offset)
                                   throws java.io.IOException

Constacted by CustomerizedSerializable interface.

Throws:

java.io.IOException

byteArrayToEntry

public static LDAPEntry byteArrayToEntry(byte[] buf)
                                  throws java.io.IOException

Throws:

java.io.IOException

toLDIF

public java.lang.String toLDIF()

Gets the LDAPEntry in LDIF format.

Returns:

String with the LDIB representation of the entry

clone

public java.lang.Object clone()
                       throws java.lang.CloneNotSupportedException

Overrides:

clone in class java.lang.Object

Throws:

java.lang.CloneNotSupportedException

encrypt

public static void encrypt(LDAPEntry entry,
                           java.util.Collection<java.lang.String> attrNames)
                    throws LDAPException

Parameters:

entry - -- the entry

attrNames - -- the Collection of attributes which should be encrypted

forceNoSalt - force the cipher text without salting

Throws:

LDAPException

See Also:

LDAPAttribute.encrypt()

encrypt

public static void encrypt(LDAPEntry entry,
                           java.util.Collection<java.lang.String> attrNames,
                           boolean forceNoSalt)
                    throws LDAPException

Throws:

LDAPException

decrypt

public static void decrypt(LDAPEntry entry,
                           java.util.Collection<java.lang.String> attrNames)
                    throws LDAPException

Parameters:

entry - -- the entry

attrNames - -- the Collection of attributes which could be encrypted; if null, all attributes will be scanned.

Throws:

LDAPException

See Also:

LDAPAttribute.decrypt()

containsRangedAttribute

public static boolean containsRangedAttribute(LDAPEntry entry,
                                              java.lang.String attrName)

Parameters:

entry - The LDAPEntry to be checked

attrName - The name of attribute which may be ranged; null if any attribute name

Returns: