/** {@inheritDoc} */
public ConfigChangeResult applyConfigurationChange(
ExternalSASLMechanismHandlerCfg configuration) {
final ConfigChangeResult ccr = new ConfigChangeResult();
// See if we should attempt to validate client certificates against those in
// the corresponding user's entry.
CertificateValidationPolicy newValidationPolicy = CertificateValidationPolicy.ALWAYS;
switch (configuration.getCertificateValidationPolicy()) {
case NEVER:
newValidationPolicy = CertificateValidationPolicy.NEVER;
break;
case IFPRESENT:
newValidationPolicy = CertificateValidationPolicy.IFPRESENT;
break;
case ALWAYS:
newValidationPolicy = CertificateValidationPolicy.ALWAYS;
break;
}
// Get the attribute type to use for validating the certificates. If none
// is provided, then default to the userCertificate type.
AttributeType newCertificateType = configuration.getCertificateAttribute();
if (newCertificateType == null) {
newCertificateType =
DirectoryServer.getAttributeType(DEFAULT_VALIDATION_CERT_ATTRIBUTE, true);
}
if (ccr.getResultCode() == ResultCode.SUCCESS) {
validationPolicy = newValidationPolicy;
certificateAttributeType = newCertificateType;
currentConfig = configuration;
}
return ccr;
}
/** {@inheritDoc} */
@Override
public ConfigChangeResult applyConfigurationChange(LDAPConnectionHandlerCfg config) {
final ConfigChangeResult ccr = new ConfigChangeResult();
// Note that the following properties cannot be modified:
//
// * listen port and addresses
// * use ssl
// * ssl policy
// * ssl cert nickname
// * accept backlog
// * tcp reuse address
// * num request handler
// Clear the stat tracker if LDAPv2 is being enabled.
if (currentConfig.isAllowLDAPV2() != config.isAllowLDAPV2() && config.isAllowLDAPV2()) {
statTracker.clearStatistics();
}
// Apply the changes.
currentConfig = config;
enabled = config.isEnabled();
allowedClients = config.getAllowedClient();
deniedClients = config.getDeniedClient();
// Reconfigure SSL if needed.
try {
configureSSL(config);
} catch (DirectoryException e) {
logger.traceException(e);
ccr.setResultCode(e.getResultCode());
ccr.addMessage(e.getMessageObject());
return ccr;
}
if (config.isAllowLDAPV2()) {
DirectoryServer.registerSupportedLDAPVersion(2, this);
} else {
DirectoryServer.deregisterSupportedLDAPVersion(2, this);
}
return ccr;
}
@Override
public ConfigChangeResult applyConfigurationChange(HTTPConnectionHandlerCfg config) {
final ConfigChangeResult ccr = new ConfigChangeResult();
if (anyChangeRequiresRestart(config)) {
ccr.setAdminActionRequired(true);
ccr.addMessage(ERR_CONNHANDLER_CONFIG_CHANGES_REQUIRE_RESTART.get("HTTP"));
}
// Reconfigure SSL if needed.
try {
configureSSL(config);
} catch (DirectoryException e) {
logger.traceException(e);
ccr.setResultCode(e.getResultCode());
ccr.addMessage(e.getMessageObject());
return ccr;
}
if (config.isEnabled() && this.currentConfig.isEnabled() && isListening()) {
// Server was running and will still be running if the "enabled" was flipped,
// leave it to the stop / start server to handle it.
if (!this.currentConfig.isKeepStats() && config.isKeepStats()) {
// It must now keep stats while it was not previously.
setHttpStatsProbe(this.httpServer);
} else if (this.currentConfig.isKeepStats()
&& !config.isKeepStats()
&& this.httpProbe != null) {
// It must NOT keep stats anymore.
getHttpConfig(this.httpServer).removeProbes(this.httpProbe);
this.httpProbe = null;
}
}
this.initConfig = config;
this.currentConfig = config;
this.enabled = this.currentConfig.isEnabled();
return ccr;
}
