Exemplo n.º 1
0
  /** {@inheritDoc} */
  @Override()
  public void search(SearchOperation searchOperation)
      throws DirectoryException, CanceledOperationException {
    readerBegin();

    EntryContainer ec;
    if (rootContainer != null) {
      ec = rootContainer.getEntryContainer(searchOperation.getBaseDN());
    } else {
      Message message = ERR_ROOT_CONTAINER_NOT_INITIALIZED.get(getBackendID());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }
    ec.sharedLock.lock();

    try {
      ec.search(searchOperation);
    } catch (DatabaseException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw createDirectoryException(e);
    } finally {
      ec.sharedLock.unlock();
      readerEnd();
    }
  }
Exemplo n.º 2
0
  /** {@inheritDoc} */
  @Override
  public Entry getEntry(DN entryDN) throws DirectoryException {
    // If the requested entry was null, then throw an exception.
    if (entryDN == null) {
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(),
          ERR_BACKEND_GET_ENTRY_NULL.get(getBackendID()));
    }

    // If the requested entry was the backend base entry, then retrieve it.
    if (entryDN.equals(backupBaseDN)) {
      return backupBaseEntry.duplicate(true);
    }

    // See if the requested entry was one level below the backend base entry.
    // If so, then it must point to a backup directory.  Otherwise, it must be
    // two levels below the backup base entry and must point to a specific
    // backup.
    DN parentDN = entryDN.getParentDNInSuffix();
    if (parentDN == null) {
      Message message = ERR_BACKUP_INVALID_BASE.get(String.valueOf(entryDN));
      throw new DirectoryException(ResultCode.NO_SUCH_OBJECT, message);
    } else if (parentDN.equals(backupBaseDN)) {
      return getBackupDirectoryEntry(entryDN);
    } else if (backupBaseDN.equals(parentDN.getParentDNInSuffix())) {
      return getBackupEntry(entryDN);
    } else {
      Message message = ERR_BACKUP_INVALID_BASE.get(String.valueOf(entryDN));
      throw new DirectoryException(ResultCode.NO_SUCH_OBJECT, message, backupBaseDN, null);
    }
  }
Exemplo n.º 3
0
  /** {@inheritDoc} */
  @Override()
  public Entry getEntry(DN entryDN) throws DirectoryException {
    readerBegin();

    EntryContainer ec;
    if (rootContainer != null) {
      ec = rootContainer.getEntryContainer(entryDN);
    } else {
      Message message = ERR_ROOT_CONTAINER_NOT_INITIALIZED.get(getBackendID());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    ec.sharedLock.lock();
    Entry entry;
    try {
      entry = ec.getEntry(entryDN);
    } catch (DatabaseException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw createDirectoryException(e);
    } finally {
      ec.sharedLock.unlock();
      readerEnd();
    }

    return entry;
  }
Exemplo n.º 4
0
  /** {@inheritDoc} */
  @Override()
  public void replaceEntry(Entry oldEntry, Entry newEntry, ModifyOperation modifyOperation)
      throws DirectoryException, CanceledOperationException {
    checkDiskSpace(modifyOperation);
    writerBegin();

    DN entryDN = newEntry.getDN();
    EntryContainer ec;
    if (rootContainer != null) {
      ec = rootContainer.getEntryContainer(entryDN);
    } else {
      Message message = ERR_ROOT_CONTAINER_NOT_INITIALIZED.get(getBackendID());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    ec.sharedLock.lock();

    try {
      ec.replaceEntry(oldEntry, newEntry, modifyOperation);
    } catch (DatabaseException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw createDirectoryException(e);
    } finally {
      ec.sharedLock.unlock();
      writerEnd();
    }
  }
Exemplo n.º 5
0
  /** {@inheritDoc} */
  @Override()
  public long numSubordinates(DN entryDN, boolean subtree) throws DirectoryException {
    EntryContainer ec;
    if (rootContainer != null) {
      ec = rootContainer.getEntryContainer(entryDN);
    } else {
      Message message = ERR_ROOT_CONTAINER_NOT_INITIALIZED.get(getBackendID());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    if (ec == null) {
      return -1;
    }

    readerBegin();
    ec.sharedLock.lock();
    try {
      long count = ec.getNumSubordinates(entryDN, subtree);
      if (count == Long.MAX_VALUE) {
        // The index entry limit has exceeded and there is no count maintained.
        return -1;
      }
      return count;
    } catch (DatabaseException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw createDirectoryException(e);
    } finally {
      ec.sharedLock.unlock();
      readerEnd();
    }
  }
  /** {@inheritDoc} */
  @Override
  public ByteString encodePasswordWithScheme(ByteSequence plaintext) throws DirectoryException {
    StringBuilder buffer = new StringBuilder();
    buffer.append('{');
    buffer.append(STORAGE_SCHEME_NAME_SHA_1);
    buffer.append('}');

    // TODO: Can we avoid this copy?
    byte[] plaintextBytes = null;
    byte[] digestBytes;

    synchronized (digestLock) {
      try {
        plaintextBytes = plaintext.toByteArray();
        digestBytes = messageDigest.digest(plaintextBytes);
      } catch (Exception e) {
        logger.traceException(e);

        LocalizableMessage message =
            ERR_PWSCHEME_CANNOT_ENCODE_PASSWORD.get(CLASS_NAME, getExceptionMessage(e));
        throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message, e);
      } finally {
        if (plaintextBytes != null) {
          Arrays.fill(plaintextBytes, (byte) 0);
        }
      }
    }

    buffer.append(Base64.encode(digestBytes));

    return ByteString.valueOfUtf8(buffer);
  }
Exemplo n.º 7
0
  /**
   * Generates an entry for a backup directory based on the provided DN. The DN must contain an RDN
   * component that specifies the path to the backup directory, and that directory must exist and be
   * a valid backup directory.
   *
   * @param entryDN The DN of the backup directory entry to retrieve.
   * @return The requested backup directory entry.
   * @throws DirectoryException If the specified directory does not exist or is not a valid backup
   *     directory, or if the DN does not specify any backup directory.
   */
  private Entry getBackupDirectoryEntry(DN entryDN) throws DirectoryException {
    // Make sure that the DN specifies a backup directory.
    AttributeType t = DirectoryServer.getAttributeType(ATTR_BACKUP_DIRECTORY_PATH, true);
    AttributeValue v = entryDN.getRDN().getAttributeValue(t);
    if (v == null) {
      Message message = ERR_BACKUP_DN_DOES_NOT_SPECIFY_DIRECTORY.get(String.valueOf(entryDN));
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message, backupBaseDN, null);
    }

    // Get a handle to the backup directory and the information that it
    // contains.
    BackupDirectory backupDirectory;
    try {
      backupDirectory = BackupDirectory.readBackupDirectoryDescriptor(v.getValue().toString());
    } catch (ConfigException ce) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ce);
      }

      Message message =
          ERR_BACKUP_INVALID_BACKUP_DIRECTORY.get(String.valueOf(entryDN), ce.getMessage());
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    } catch (Exception e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }

      Message message = ERR_BACKUP_ERROR_GETTING_BACKUP_DIRECTORY.get(getExceptionMessage(e));
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    // Construct the backup directory entry to return.
    LinkedHashMap<ObjectClass, String> ocMap = new LinkedHashMap<ObjectClass, String>(2);
    ocMap.put(DirectoryServer.getTopObjectClass(), OC_TOP);

    ObjectClass backupDirOC = DirectoryServer.getObjectClass(OC_BACKUP_DIRECTORY, true);
    ocMap.put(backupDirOC, OC_BACKUP_DIRECTORY);

    LinkedHashMap<AttributeType, List<Attribute>> opAttrs =
        new LinkedHashMap<AttributeType, List<Attribute>>(0);
    LinkedHashMap<AttributeType, List<Attribute>> userAttrs =
        new LinkedHashMap<AttributeType, List<Attribute>>(3);

    ArrayList<Attribute> attrList = new ArrayList<Attribute>(1);
    attrList.add(Attributes.create(t, v));
    userAttrs.put(t, attrList);

    t = DirectoryServer.getAttributeType(ATTR_BACKUP_BACKEND_DN, true);
    attrList = new ArrayList<Attribute>(1);
    attrList.add(
        Attributes.create(
            t, AttributeValues.create(t, backupDirectory.getConfigEntryDN().toString())));
    userAttrs.put(t, attrList);

    Entry e = new Entry(entryDN, ocMap, userAttrs, opAttrs);
    e.processVirtualAttributes();
    return e;
  }
Exemplo n.º 8
0
 /**
  * Fetch a record from the entry tree.
  *
  * @param txn a non null transaction
  * @param entryID The desired entry ID which forms the key.
  * @return The requested entry, or null if there is no such record.
  * @throws DirectoryException If a problem occurs while getting the entry.
  * @throws StorageRuntimeException If an error occurs in the storage.
  */
 public Entry get(ReadableTransaction txn, EntryID entryID)
     throws DirectoryException, StorageRuntimeException {
   try {
     return get0(txn.read(getName(), entryID.toByteString()));
   } catch (Exception e) {
     throw new DirectoryException(
         DirectoryServer.getServerErrorResultCode(), ERR_ENTRY_DATABASE_CORRUPT.get(entryID));
   }
 }
Exemplo n.º 9
0
  private SSLContext createSSLContext(LDAPConnectionHandlerCfg config) throws DirectoryException {
    try {
      DN keyMgrDN = config.getKeyManagerProviderDN();
      KeyManagerProvider<?> keyManagerProvider = DirectoryServer.getKeyManagerProvider(keyMgrDN);
      if (keyManagerProvider == null) {
        logger.error(ERR_NULL_KEY_PROVIDER_MANAGER, keyMgrDN, friendlyName);
        disableAndWarnIfUseSSL(config);
        keyManagerProvider = new NullKeyManagerProvider();
        // The SSL connection is unusable without a key manager provider
      } else if (!keyManagerProvider.containsAtLeastOneKey()) {
        logger.error(ERR_INVALID_KEYSTORE, friendlyName);
        disableAndWarnIfUseSSL(config);
      }

      final SortedSet<String> aliases = new TreeSet<>(config.getSSLCertNickname());
      final KeyManager[] keyManagers;
      if (aliases.isEmpty()) {
        keyManagers = keyManagerProvider.getKeyManagers();
      } else {
        final Iterator<String> it = aliases.iterator();
        while (it.hasNext()) {
          if (!keyManagerProvider.containsKeyWithAlias(it.next())) {
            logger.error(ERR_KEYSTORE_DOES_NOT_CONTAIN_ALIAS, aliases, friendlyName);
            it.remove();
          }
        }

        if (aliases.isEmpty()) {
          disableAndWarnIfUseSSL(config);
        }
        keyManagers =
            SelectableCertificateKeyManager.wrap(
                keyManagerProvider.getKeyManagers(), aliases, friendlyName);
      }

      DN trustMgrDN = config.getTrustManagerProviderDN();
      TrustManagerProvider<?> trustManagerProvider =
          DirectoryServer.getTrustManagerProvider(trustMgrDN);
      if (trustManagerProvider == null) {
        trustManagerProvider = new NullTrustManagerProvider();
      }

      SSLContext sslContext = SSLContext.getInstance(SSL_CONTEXT_INSTANCE_NAME);
      sslContext.init(keyManagers, trustManagerProvider.getTrustManagers(), null);
      return sslContext;
    } catch (Exception e) {
      logger.traceException(e);
      ResultCode resCode = DirectoryServer.getServerErrorResultCode();
      LocalizableMessage message =
          ERR_CONNHANDLER_SSL_CANNOT_INITIALIZE.get(getExceptionMessage(e));
      throw new DirectoryException(resCode, message, e);
    }
  }
Exemplo n.º 10
0
  private SSLEngineConfigurator createSSLEngineConfigurator(HTTPConnectionHandlerCfg config)
      throws DirectoryException {
    if (!config.isUseSSL()) {
      return null;
    }

    try {
      SSLContext sslContext = createSSLContext(config);
      SSLEngineConfigurator configurator = new SSLEngineConfigurator(sslContext);
      configurator.setClientMode(false);

      // configure with defaults from the JVM
      final SSLEngine defaults = sslContext.createSSLEngine();
      configurator.setEnabledProtocols(defaults.getEnabledProtocols());
      configurator.setEnabledCipherSuites(defaults.getEnabledCipherSuites());

      final Set<String> protocols = config.getSSLProtocol();
      if (!protocols.isEmpty()) {
        configurator.setEnabledProtocols(protocols.toArray(new String[protocols.size()]));
      }

      final Set<String> ciphers = config.getSSLCipherSuite();
      if (!ciphers.isEmpty()) {
        configurator.setEnabledCipherSuites(ciphers.toArray(new String[ciphers.size()]));
      }

      switch (config.getSSLClientAuthPolicy()) {
        case DISABLED:
          configurator.setNeedClientAuth(false);
          configurator.setWantClientAuth(false);
          break;
        case REQUIRED:
          configurator.setNeedClientAuth(true);
          configurator.setWantClientAuth(true);
          break;
        case OPTIONAL:
        default:
          configurator.setNeedClientAuth(false);
          configurator.setWantClientAuth(true);
          break;
      }

      return configurator;
    } catch (Exception e) {
      logger.traceException(e);
      ResultCode resCode = DirectoryServer.getServerErrorResultCode();
      throw new DirectoryException(
          resCode, ERR_CONNHANDLER_SSL_CANNOT_INITIALIZE.get(getExceptionMessage(e)), e);
    }
  }
Exemplo n.º 11
0
  /**
   * Verify the integrity of the backend instance.
   *
   * @param verifyConfig The verify configuration.
   * @param statEntry Optional entry to save stats into.
   * @return The error count.
   * @throws ConfigException If an unrecoverable problem arises during initialization.
   * @throws InitializationException If a problem occurs during initialization that is not related
   *     to the server configuration.
   * @throws DirectoryException If a Directory Server error occurs.
   */
  public long verifyBackend(VerifyConfig verifyConfig, Entry statEntry)
      throws InitializationException, ConfigException, DirectoryException {
    // If the backend already has the root container open, we must use the same
    // underlying root container
    boolean openRootContainer = rootContainer == null;
    long errorCount = 0;

    try {
      if (openRootContainer) {
        EnvironmentConfig envConfig = ConfigurableEnvironment.parseConfigEntry(cfg);

        envConfig.setReadOnly(true);
        envConfig.setAllowCreate(false);
        envConfig.setTransactional(false);
        envConfig.setConfigParam("je.env.isLocking", "true");
        envConfig.setConfigParam("je.env.runCheckpointer", "true");

        rootContainer = initializeRootContainer(envConfig);
      }

      VerifyJob verifyJob = new VerifyJob(verifyConfig);
      errorCount = verifyJob.verifyBackend(rootContainer, statEntry);
    } catch (DatabaseException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw createDirectoryException(e);
    } catch (JebException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), e.getMessageObject());
    } finally {
      // If a root container was opened in this method as read only, close it
      // to leave the backend in the same state.
      if (openRootContainer && rootContainer != null) {
        try {
          rootContainer.close();
          rootContainer = null;
        } catch (DatabaseException e) {
          if (debugEnabled()) {
            TRACER.debugCaught(DebugLogLevel.ERROR, e);
          }
        }
      }
    }
    return errorCount;
  }
Exemplo n.º 12
0
  /**
   * Decodes the entry encode configuration from current position and length of the given byte
   * array.
   *
   * @param buffer The byte array containing the encoded entry.
   * @param length The number of bytes contained in the encode configuration.
   * @param compressedSchema The compressed schema manager to use when decoding.
   * @return The decoded configuration.
   * @throws DirectoryException If the configuration cannot be properly decoded.
   */
  public static EntryEncodeConfig decode(
      ByteSequenceReader buffer, int length, CompressedSchema compressedSchema)
      throws DirectoryException {
    if (length != 1) {
      LocalizableMessage message = ERR_ENTRYENCODECFG_INVALID_LENGTH.get();
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    byte b = buffer.readByte();
    boolean excludeDN = is(b, ENCODE_FLAG_EXCLUDE_DN);
    boolean compressAttrDescriptions = is(b, ENCODE_FLAG_COMPRESS_ADS);
    boolean compressObjectClassSets = is(b, ENCODE_FLAG_COMPRESS_OCS);
    return new EntryEncodeConfig(
        excludeDN, compressAttrDescriptions, compressObjectClassSets, compressedSchema);
  }
Exemplo n.º 13
0
 /** {@inheritDoc} */
 @Override
 public MemberList getMembers() throws DirectoryException {
   Group targetGroup = DirectoryServer.getGroupManager().getGroupInstance(targetGroupDN);
   if (targetGroup == null) {
     LocalizableMessage message =
         ERR_VIRTUAL_STATIC_GROUP_NO_TARGET_GROUP.get(targetGroupDN, groupEntryDN);
     throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
   } else if (targetGroup instanceof VirtualStaticGroup) {
     LocalizableMessage message =
         ERR_VIRTUAL_STATIC_GROUP_TARGET_CANNOT_BE_VIRTUAL.get(groupEntryDN, targetGroupDN);
     throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
   } else {
     return targetGroup.getMembers();
   }
 }
Exemplo n.º 14
0
  /**
   * Creates a customized DirectoryException from the DatabaseException thrown by JE backend.
   *
   * @param e The DatabaseException to be converted.
   * @return DirectoryException created from exception.
   */
  DirectoryException createDirectoryException(DatabaseException e) {
    ResultCode resultCode = DirectoryServer.getServerErrorResultCode();
    Message message;
    if ((e instanceof EnvironmentFailureException) && !rootContainer.isValid()) {
      message = NOTE_BACKEND_ENVIRONMENT_UNUSABLE.get(getBackendID());
      logError(message);
      DirectoryServer.sendAlertNotification(
          DirectoryServer.getInstance(), ALERT_TYPE_BACKEND_ENVIRONMENT_UNUSABLE, message);
    }

    String jeMessage = e.getMessage();
    if (jeMessage == null) {
      jeMessage = stackTraceToSingleLineString(e);
    }
    message = ERR_JEB_DATABASE_EXCEPTION.get(jeMessage);
    return new DirectoryException(resultCode, message, e);
  }
Exemplo n.º 15
0
  /** {@inheritDoc} */
  @Override
  public boolean isMember(Entry userEntry, Set<DN> examinedGroups) throws DirectoryException {
    if (!examinedGroups.add(getGroupDN())) {
      return false;
    }

    Group targetGroup = DirectoryServer.getGroupManager().getGroupInstance(targetGroupDN);
    if (targetGroup == null) {
      LocalizableMessage message =
          ERR_VIRTUAL_STATIC_GROUP_NO_TARGET_GROUP.get(targetGroupDN, groupEntryDN);
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    } else if (targetGroup instanceof VirtualStaticGroup) {
      LocalizableMessage message =
          ERR_VIRTUAL_STATIC_GROUP_TARGET_CANNOT_BE_VIRTUAL.get(groupEntryDN, targetGroupDN);
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    } else {
      return targetGroup.isMember(userEntry);
    }
  }
Exemplo n.º 16
0
  private SSLEngine createSSLEngine(LDAPConnectionHandlerCfg config, SSLContext sslContext)
      throws DirectoryException {
    try {
      SSLEngine sslEngine = sslContext.createSSLEngine();
      sslEngine.setUseClientMode(false);

      final Set<String> protocols = config.getSSLProtocol();
      if (!protocols.isEmpty()) {
        sslEngine.setEnabledProtocols(protocols.toArray(new String[0]));
      }

      final Set<String> ciphers = config.getSSLCipherSuite();
      if (!ciphers.isEmpty()) {
        sslEngine.setEnabledCipherSuites(ciphers.toArray(new String[0]));
      }

      switch (config.getSSLClientAuthPolicy()) {
        case DISABLED:
          sslEngine.setNeedClientAuth(false);
          sslEngine.setWantClientAuth(false);
          break;
        case REQUIRED:
          sslEngine.setWantClientAuth(true);
          sslEngine.setNeedClientAuth(true);
          break;
        case OPTIONAL:
        default:
          sslEngine.setNeedClientAuth(false);
          sslEngine.setWantClientAuth(true);
          break;
      }

      return sslEngine;
    } catch (Exception e) {
      logger.traceException(e);
      ResultCode resCode = DirectoryServer.getServerErrorResultCode();
      LocalizableMessage message =
          ERR_CONNHANDLER_SSL_CANNOT_INITIALIZE.get(getExceptionMessage(e));
      throw new DirectoryException(resCode, message, e);
    }
  }
Exemplo n.º 17
0
  /** {@inheritDoc} */
  @Override()
  public void renameEntry(DN currentDN, Entry entry, ModifyDNOperation modifyDNOperation)
      throws DirectoryException, CanceledOperationException {
    checkDiskSpace(modifyDNOperation);
    writerBegin();

    EntryContainer currentContainer;
    if (rootContainer != null) {
      currentContainer = rootContainer.getEntryContainer(currentDN);
    } else {
      Message message = ERR_ROOT_CONTAINER_NOT_INITIALIZED.get(getBackendID());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    EntryContainer container = rootContainer.getEntryContainer(entry.getDN());

    if (currentContainer != container) {
      // FIXME: No reason why we cannot implement a move between containers
      // since the containers share the same database environment.
      Message msg = WARN_JEB_FUNCTION_NOT_SUPPORTED.get();
      throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, msg);
    }

    currentContainer.sharedLock.lock();
    try {
      currentContainer.renameEntry(currentDN, entry, modifyDNOperation);
    } catch (DatabaseException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw createDirectoryException(e);
    } finally {
      currentContainer.sharedLock.unlock();
      writerEnd();
    }
  }
Exemplo n.º 18
0
  /** {@inheritDoc} */
  public ConfigChangeResult applyConfigurationChange(LocalDBBackendCfg newCfg) {
    ConfigChangeResult ccr;
    ResultCode resultCode = ResultCode.SUCCESS;
    ArrayList<Message> messages = new ArrayList<Message>();

    try {
      if (rootContainer != null) {
        DN[] newBaseDNs = new DN[newCfg.getBaseDN().size()];
        newBaseDNs = newCfg.getBaseDN().toArray(newBaseDNs);

        // Check for changes to the base DNs.
        for (DN baseDN : cfg.getBaseDN()) {
          boolean found = false;
          for (DN dn : newBaseDNs) {
            if (dn.equals(baseDN)) {
              found = true;
            }
          }
          if (!found) {
            // The base DN was deleted.
            DirectoryServer.deregisterBaseDN(baseDN);
            EntryContainer ec = rootContainer.unregisterEntryContainer(baseDN);
            ec.close();
            ec.delete();
          }
        }

        for (DN baseDN : newBaseDNs) {
          if (!rootContainer.getBaseDNs().contains(baseDN)) {
            try {
              // The base DN was added.
              EntryContainer ec = rootContainer.openEntryContainer(baseDN, null);
              rootContainer.registerEntryContainer(baseDN, ec);
              DirectoryServer.registerBaseDN(baseDN, this, false);
            } catch (Exception e) {
              if (debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
              }

              resultCode = DirectoryServer.getServerErrorResultCode();

              messages.add(
                  ERR_BACKEND_CANNOT_REGISTER_BASEDN.get(
                      String.valueOf(baseDN), String.valueOf(e)));
              ccr = new ConfigChangeResult(resultCode, false, messages);
              return ccr;
            }
          }
        }

        baseDNs = newBaseDNs;
      }

      if (cfg.getDiskFullThreshold() != newCfg.getDiskFullThreshold()
          || cfg.getDiskLowThreshold() != newCfg.getDiskLowThreshold()) {
        diskMonitor.setFullThreshold(newCfg.getDiskFullThreshold());
        diskMonitor.setLowThreshold(newCfg.getDiskLowThreshold());
      }

      // Put the new configuration in place.
      this.cfg = newCfg;
    } catch (Exception e) {
      messages.add(Message.raw(stackTraceToSingleLineString(e)));
      ccr = new ConfigChangeResult(DirectoryServer.getServerErrorResultCode(), false, messages);
      return ccr;
    }

    ccr = new ConfigChangeResult(resultCode, false, messages);
    return ccr;
  }
Exemplo n.º 19
0
 private DirectoryException newDirectoryException(Exception e) {
   LocalizableMessage message = LocalizableMessage.raw(e.getMessage());
   return new DirectoryException(DirectoryServer.getServerErrorResultCode(), message, e);
 }
Exemplo n.º 20
0
  /**
   * Rebuild index(es) in the backend instance. Note that the server will not explicitly initialize
   * this backend before calling this method.
   *
   * @param rebuildConfig The rebuild configuration.
   * @throws ConfigException If an unrecoverable problem arises during initialization.
   * @throws InitializationException If a problem occurs during initialization that is not related
   *     to the server configuration.
   * @throws DirectoryException If a Directory Server error occurs.
   */
  public void rebuildBackend(RebuildConfig rebuildConfig)
      throws InitializationException, ConfigException, DirectoryException {
    // If the backend already has the root container open, we must use the same
    // underlying root container
    boolean openRootContainer = rootContainer == null;

    /*
     * If the rootContainer is open, the backend is initialized by something
     * else. We can't do any rebuild of system indexes while others are using
     * this backend.
     */
    if (!openRootContainer && rebuildConfig.includesSystemIndex()) {
      Message message = ERR_JEB_REBUILD_BACKEND_ONLINE.get();
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    try {
      EnvironmentConfig envConfig;
      if (openRootContainer) {
        envConfig = new EnvironmentConfig();
        envConfig.setAllowCreate(true);
        envConfig.setTransactional(false);
        envConfig.setDurability(Durability.COMMIT_NO_SYNC);
        envConfig.setLockTimeout(0, TimeUnit.SECONDS);
        envConfig.setTxnTimeout(0, TimeUnit.SECONDS);
        envConfig.setConfigParam(
            EnvironmentConfig.CLEANER_MIN_FILE_UTILIZATION,
            String.valueOf(cfg.getDBCleanerMinUtilization()));
        envConfig.setConfigParam(
            EnvironmentConfig.LOG_FILE_MAX, String.valueOf(cfg.getDBLogFileMax()));

        Importer importer = new Importer(rebuildConfig, cfg, envConfig);
        rootContainer = initializeRootContainer(envConfig);
        importer.rebuildIndexes(rootContainer);
      } else {
        envConfig = ConfigurableEnvironment.parseConfigEntry(cfg);

        Importer importer = new Importer(rebuildConfig, cfg, envConfig);
        importer.rebuildIndexes(rootContainer);
      }
    } catch (ExecutionException execEx) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, execEx);
      }
      Message message = ERR_EXECUTION_ERROR.get(execEx.getMessage());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    } catch (InterruptedException intEx) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, intEx);
      }
      Message message = ERR_INTERRUPTED_ERROR.get(intEx.getMessage());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    } catch (ConfigException ce) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ce);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), ce.getMessageObject());
    } catch (JebException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), e.getMessageObject());
    } catch (InitializationException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw new InitializationException(e.getMessageObject());
    } finally {
      // If a root container was opened in this method as read only, close it
      // to leave the backend in the same state.
      if (openRootContainer && rootContainer != null) {
        try {
          rootContainer.close();
          rootContainer = null;
        } catch (DatabaseException e) {
          if (debugEnabled()) {
            TRACER.debugCaught(DebugLogLevel.ERROR, e);
          }
        }
      }
    }
  }
  /** {@inheritDoc} */
  @Override
  public LDIFImportResult importLDIF(
      LDIFImportConfig importConfig, RootContainer rootContainer, ServerContext serverContext)
      throws DirectoryException {
    try {
      ScheduledThreadPoolExecutor timerService = new ScheduledThreadPoolExecutor(1);
      try {
        final LDIFReader reader;
        try {
          reader = new LDIFReader(importConfig);
        } catch (Exception e) {
          LocalizableMessage m =
              ERR_LDIF_BACKEND_CANNOT_CREATE_LDIF_READER.get(stackTraceToSingleLineString(e));
          throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), m, e);
        }

        long importCount = 0;
        final long startTime = System.currentTimeMillis();
        timerService.scheduleAtFixedRate(
            new ImportProgress(reader),
            IMPORT_PROGRESS_INTERVAL,
            IMPORT_PROGRESS_INTERVAL,
            TimeUnit.MILLISECONDS);
        while (true) {
          final Entry entry;
          try {
            entry = reader.readEntry();
            if (entry == null) {
              break;
            }
          } catch (LDIFException le) {
            if (!le.canContinueReading()) {
              LocalizableMessage m =
                  ERR_LDIF_BACKEND_ERROR_READING_LDIF.get(stackTraceToSingleLineString(le));
              throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), m, le);
            }
            continue;
          }

          final DN dn = entry.getName();
          final EntryContainer ec = rootContainer.getEntryContainer(dn);
          if (ec == null) {
            final LocalizableMessage m = ERR_LDIF_SKIP.get(dn);
            logger.error(m);
            reader.rejectLastEntry(m);
            continue;
          }

          try {
            ec.addEntry(entry, null);
            importCount++;
          } catch (DirectoryException e) {
            switch (e.getResultCode().asEnum()) {
              case ENTRY_ALREADY_EXISTS:
                if (importConfig.replaceExistingEntries()) {
                  final Entry oldEntry = ec.getEntry(entry.getName());
                  ec.replaceEntry(oldEntry, entry, null);
                } else {
                  reader.rejectLastEntry(WARN_IMPORT_ENTRY_EXISTS.get());
                }
                break;
              case NO_SUCH_OBJECT:
                reader.rejectLastEntry(ERR_IMPORT_PARENT_NOT_FOUND.get(dn.parent()));
                break;
              default:
                // Not sure why it failed.
                reader.rejectLastEntry(e.getMessageObject());
                break;
            }
          }
        }
        final long finishTime = System.currentTimeMillis();

        waitForShutdown(timerService);

        final long importTime = finishTime - startTime;
        float rate = 0;
        if (importTime > 0) {
          rate = 1000f * reader.getEntriesRead() / importTime;
        }
        logger.info(
            NOTE_IMPORT_FINAL_STATUS,
            reader.getEntriesRead(),
            importCount,
            reader.getEntriesIgnored(),
            reader.getEntriesRejected(),
            0,
            importTime / 1000,
            rate);
        return new LDIFImportResult(
            reader.getEntriesRead(), reader.getEntriesRejected(), reader.getEntriesIgnored());
      } finally {
        rootContainer.close();

        // if not already stopped, then stop it
        waitForShutdown(timerService);
      }
    } catch (DirectoryException e) {
      logger.traceException(e);
      throw e;
    } catch (OpenDsException e) {
      logger.traceException(e);
      throw new DirectoryException(getServerErrorResultCode(), e.getMessageObject());
    } catch (Exception e) {
      logger.traceException(e);
      throw new DirectoryException(
          getServerErrorResultCode(), LocalizableMessage.raw(e.getMessage()));
    }
  }
Exemplo n.º 22
0
  /**
   * Generates an entry for a backup based on the provided DN. The DN must have an RDN component
   * that specifies the backup ID, and the parent DN must have an RDN component that specifies the
   * backup directory.
   *
   * @param entryDN The DN of the backup entry to retrieve.
   * @return The requested backup entry.
   * @throws DirectoryException If the specified backup does not exist or is invalid.
   */
  private Entry getBackupEntry(DN entryDN) throws DirectoryException {
    // First, get the backup ID from the entry DN.
    AttributeType idType = DirectoryServer.getAttributeType(ATTR_BACKUP_ID, true);
    AttributeValue idValue = entryDN.getRDN().getAttributeValue(idType);
    if (idValue == null) {
      Message message = ERR_BACKUP_NO_BACKUP_ID_IN_DN.get(String.valueOf(entryDN));
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    }
    String backupID = idValue.getValue().toString();

    // Next, get the backup directory from the parent DN.
    DN parentDN = entryDN.getParentDNInSuffix();
    if (parentDN == null) {
      Message message = ERR_BACKUP_NO_BACKUP_PARENT_DN.get(String.valueOf(entryDN));
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    }

    AttributeType t = DirectoryServer.getAttributeType(ATTR_BACKUP_DIRECTORY_PATH, true);
    AttributeValue v = parentDN.getRDN().getAttributeValue(t);
    if (v == null) {
      Message message = ERR_BACKUP_NO_BACKUP_DIR_IN_DN.get(String.valueOf(entryDN));
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    }

    BackupDirectory backupDirectory;
    try {
      backupDirectory = BackupDirectory.readBackupDirectoryDescriptor(v.getValue().toString());
    } catch (ConfigException ce) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ce);
      }

      Message message =
          ERR_BACKUP_INVALID_BACKUP_DIRECTORY.get(String.valueOf(entryDN), ce.getMessageObject());
      throw new DirectoryException(ResultCode.CONSTRAINT_VIOLATION, message);
    } catch (Exception e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }

      Message message = ERR_BACKUP_ERROR_GETTING_BACKUP_DIRECTORY.get(getExceptionMessage(e));
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    BackupInfo backupInfo = backupDirectory.getBackupInfo(backupID);
    if (backupInfo == null) {
      Message message = ERR_BACKUP_NO_SUCH_BACKUP.get(backupID, backupDirectory.getPath());
      throw new DirectoryException(ResultCode.NO_SUCH_OBJECT, message, parentDN, null);
    }

    // Construct the backup entry to return.
    LinkedHashMap<ObjectClass, String> ocMap = new LinkedHashMap<ObjectClass, String>(3);
    ocMap.put(DirectoryServer.getTopObjectClass(), OC_TOP);

    ObjectClass oc = DirectoryServer.getObjectClass(OC_BACKUP_INFO, true);
    ocMap.put(oc, OC_BACKUP_INFO);

    oc = DirectoryServer.getObjectClass(OC_EXTENSIBLE_OBJECT_LC, true);
    ocMap.put(oc, OC_EXTENSIBLE_OBJECT);

    LinkedHashMap<AttributeType, List<Attribute>> opAttrs =
        new LinkedHashMap<AttributeType, List<Attribute>>(0);
    LinkedHashMap<AttributeType, List<Attribute>> userAttrs =
        new LinkedHashMap<AttributeType, List<Attribute>>();

    ArrayList<Attribute> attrList = new ArrayList<Attribute>(1);
    attrList.add(Attributes.create(idType, idValue));
    userAttrs.put(idType, attrList);

    backupInfo.getBackupDirectory();
    attrList = new ArrayList<Attribute>(1);
    attrList.add(Attributes.create(t, v));
    userAttrs.put(t, attrList);

    Date backupDate = backupInfo.getBackupDate();
    if (backupDate != null) {
      t = DirectoryServer.getAttributeType(ATTR_BACKUP_DATE, true);
      attrList = new ArrayList<Attribute>(1);
      attrList.add(
          Attributes.create(
              t, AttributeValues.create(t, GeneralizedTimeSyntax.format(backupDate))));
      userAttrs.put(t, attrList);
    }

    t = DirectoryServer.getAttributeType(ATTR_BACKUP_COMPRESSED, true);
    attrList = new ArrayList<Attribute>(1);
    attrList.add(Attributes.create(t, BooleanSyntax.createBooleanValue(backupInfo.isCompressed())));
    userAttrs.put(t, attrList);

    t = DirectoryServer.getAttributeType(ATTR_BACKUP_ENCRYPTED, true);
    attrList = new ArrayList<Attribute>(1);
    attrList.add(Attributes.create(t, BooleanSyntax.createBooleanValue(backupInfo.isEncrypted())));
    userAttrs.put(t, attrList);

    t = DirectoryServer.getAttributeType(ATTR_BACKUP_INCREMENTAL, true);
    attrList = new ArrayList<Attribute>(1);
    attrList.add(
        Attributes.create(t, BooleanSyntax.createBooleanValue(backupInfo.isIncremental())));
    userAttrs.put(t, attrList);

    HashSet<String> dependencies = backupInfo.getDependencies();
    if (dependencies != null && !dependencies.isEmpty()) {
      t = DirectoryServer.getAttributeType(ATTR_BACKUP_DEPENDENCY, true);
      AttributeBuilder builder = new AttributeBuilder(t);
      for (String s : dependencies) {
        builder.add(AttributeValues.create(t, s));
      }
      attrList = new ArrayList<Attribute>(1);
      attrList.add(builder.toAttribute());
      userAttrs.put(t, attrList);
    }

    byte[] signedHash = backupInfo.getSignedHash();
    if (signedHash != null) {
      t = DirectoryServer.getAttributeType(ATTR_BACKUP_SIGNED_HASH, true);
      attrList = new ArrayList<Attribute>(1);
      attrList.add(Attributes.create(t, AttributeValues.create(t, ByteString.wrap(signedHash))));
      userAttrs.put(t, attrList);
    }

    byte[] unsignedHash = backupInfo.getUnsignedHash();
    if (unsignedHash != null) {
      t = DirectoryServer.getAttributeType(ATTR_BACKUP_UNSIGNED_HASH, true);
      attrList = new ArrayList<Attribute>(1);
      attrList.add(Attributes.create(t, AttributeValues.create(t, ByteString.wrap(unsignedHash))));
      userAttrs.put(t, attrList);
    }

    HashMap<String, String> properties = backupInfo.getBackupProperties();
    if (properties != null && !properties.isEmpty()) {
      for (Map.Entry<String, String> e : properties.entrySet()) {
        t = DirectoryServer.getAttributeType(toLowerCase(e.getKey()), true);
        attrList = new ArrayList<Attribute>(1);
        attrList.add(Attributes.create(t, AttributeValues.create(t, e.getValue())));
        userAttrs.put(t, attrList);
      }
    }

    Entry e = new Entry(entryDN, ocMap, userAttrs, opAttrs);
    e.processVirtualAttributes();
    return e;
  }
Exemplo n.º 23
0
  /** {@inheritDoc} */
  @Override()
  public void exportLDIF(LDIFExportConfig exportConfig) throws DirectoryException {
    // If the backend already has the root container open, we must use the same
    // underlying root container
    boolean openRootContainer = rootContainer == null;

    try {
      if (openRootContainer) {
        EnvironmentConfig envConfig = ConfigurableEnvironment.parseConfigEntry(cfg);

        envConfig.setReadOnly(true);
        envConfig.setAllowCreate(false);
        envConfig.setTransactional(false);
        envConfig.setConfigParam("je.env.isLocking", "true");
        envConfig.setConfigParam("je.env.runCheckpointer", "true");

        rootContainer = initializeRootContainer(envConfig);
      }

      ExportJob exportJob = new ExportJob(exportConfig);
      exportJob.exportLDIF(rootContainer);
    } catch (IOException ioe) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ioe);
      }
      Message message = ERR_JEB_EXPORT_IO_ERROR.get(ioe.getMessage());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    } catch (JebException je) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, je);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), je.getMessageObject());
    } catch (DatabaseException de) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, de);
      }
      throw createDirectoryException(de);
    } catch (LDIFException e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), e.getMessageObject());
    } catch (InitializationException ie) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ie);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), ie.getMessageObject());
    } catch (ConfigException ce) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ce);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), ce.getMessageObject());
    } finally {
      // If a root container was opened in this method as read only, close it
      // to leave the backend in the same state.
      if (openRootContainer && rootContainer != null) {
        try {
          rootContainer.close();
          rootContainer = null;
        } catch (DatabaseException e) {
          if (debugEnabled()) {
            TRACER.debugCaught(DebugLogLevel.ERROR, e);
          }
        }
      }
    }
  }
  private void processSearch(BooleanHolder executePostOpPlugins) throws CanceledOperationException {
    // Process the search base and filter to convert them from their raw forms
    // as provided by the client to the forms required for the rest of the
    // search processing.
    baseDN = getBaseDN();
    filter = getFilter();

    if (baseDN == null || filter == null) {
      return;
    }

    // Check to see if there are any controls in the request. If so, then
    // see if there is any special processing required.
    try {
      handleRequestControls();
    } catch (DirectoryException de) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, de);
      }

      setResponseData(de);
      return;
    }

    // Check to see if the client has permission to perform the
    // search.

    // FIXME: for now assume that this will check all permission
    // pertinent to the operation. This includes proxy authorization
    // and any other controls specified.
    try {
      if (!AccessControlConfigManager.getInstance().getAccessControlHandler().isAllowed(this)) {
        setResultCode(ResultCode.INSUFFICIENT_ACCESS_RIGHTS);
        appendErrorMessage(ERR_SEARCH_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS.get(String.valueOf(baseDN)));
        return;
      }
    } catch (DirectoryException e) {
      setResultCode(e.getResultCode());
      appendErrorMessage(e.getMessageObject());
      return;
    }

    // Check for a request to cancel this operation.
    checkIfCanceled(false);

    // Invoke the pre-operation search plugins.
    executePostOpPlugins.value = true;
    PluginResult.PreOperation preOpResult =
        DirectoryServer.getPluginConfigManager().invokePreOperationSearchPlugins(this);
    if (!preOpResult.continueProcessing()) {
      setResultCode(preOpResult.getResultCode());
      appendErrorMessage(preOpResult.getErrorMessage());
      setMatchedDN(preOpResult.getMatchedDN());
      setReferralURLs(preOpResult.getReferralURLs());
      return;
    }

    // Check for a request to cancel this operation.
    checkIfCanceled(false);

    // Get the backend that should hold the search base. If there is none,
    // then fail.
    if (backend == null) {
      setResultCode(ResultCode.NO_SUCH_OBJECT);
      appendErrorMessage(ERR_SEARCH_BASE_DOESNT_EXIST.get(String.valueOf(baseDN)));
      return;
    }

    // We'll set the result code to "success". If a problem occurs, then it
    // will be overwritten.
    setResultCode(ResultCode.SUCCESS);

    try {
      // If there's a persistent search, then register it with the server.
      boolean processSearchNow = true;
      if (persistentSearch != null) {
        // If we're only interested in changes, then we do not actually want
        // to process the search now.
        processSearchNow = !persistentSearch.isChangesOnly();

        // The Core server maintains the count of concurrent persistent searches
        // so that all the backends (Remote and Local) are aware of it. Verify
        // with the core if we have already reached the threshold.
        if (!DirectoryServer.allowNewPersistentSearch()) {
          setResultCode(ResultCode.ADMIN_LIMIT_EXCEEDED);
          appendErrorMessage(ERR_MAX_PSEARCH_LIMIT_EXCEEDED.get());
          return;
        }
        backend.registerPersistentSearch(persistentSearch);
        persistentSearch.enable();
      }

      if (processSearchNow) {
        // Process the search in the backend and all its subordinates.
        backend.search(this);
      }
    } catch (DirectoryException de) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.VERBOSE, de);
      }

      setResponseData(de);

      if (persistentSearch != null) {
        persistentSearch.cancel();
        setSendResponse(true);
      }

      return;
    } catch (CanceledOperationException coe) {
      if (persistentSearch != null) {
        persistentSearch.cancel();
        setSendResponse(true);
      }

      throw coe;
    } catch (Exception e) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }

      setResultCode(DirectoryServer.getServerErrorResultCode());
      appendErrorMessage(ERR_SEARCH_BACKEND_EXCEPTION.get(getExceptionMessage(e)));

      if (persistentSearch != null) {
        persistentSearch.cancel();
        setSendResponse(true);
      }
    }
  }
Exemplo n.º 25
0
  /** {@inheritDoc} */
  @Override()
  public LDIFImportResult importLDIF(LDIFImportConfig importConfig) throws DirectoryException {
    RuntimeInformation.logInfo();

    // If the backend already has the root container open, we must use the same
    // underlying root container
    boolean openRootContainer = rootContainer == null;

    // If the rootContainer is open, the backend is initialized by something
    // else.
    // We can't do import while the backend is online.
    if (!openRootContainer) {
      Message message = ERR_JEB_IMPORT_BACKEND_ONLINE.get();
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    }

    try {
      EnvironmentConfig envConfig = new EnvironmentConfig();

      envConfig.setAllowCreate(true);
      envConfig.setTransactional(false);
      envConfig.setDurability(Durability.COMMIT_NO_SYNC);
      envConfig.setLockTimeout(0, TimeUnit.SECONDS);
      envConfig.setTxnTimeout(0, TimeUnit.SECONDS);
      envConfig.setConfigParam(
          EnvironmentConfig.CLEANER_MIN_FILE_UTILIZATION,
          String.valueOf(cfg.getDBCleanerMinUtilization()));
      envConfig.setConfigParam(
          EnvironmentConfig.LOG_FILE_MAX, String.valueOf(cfg.getDBLogFileMax()));

      if (!importConfig.appendToExistingData()) {
        if (importConfig.clearBackend() || cfg.getBaseDN().size() <= 1) {
          // We have the writer lock on the environment, now delete the
          // environment and re-open it. Only do this when we are
          // importing to all the base DNs in the backend or if the backend only
          // have one base DN.
          File parentDirectory = getFileForPath(cfg.getDBDirectory());
          File backendDirectory = new File(parentDirectory, cfg.getBackendId());
          // If the backend does not exist the import will create it.
          if (backendDirectory.exists()) {
            EnvManager.removeFiles(backendDirectory.getPath());
          }
        }
      }

      Importer importer = new Importer(importConfig, cfg, envConfig);
      rootContainer = initializeRootContainer(envConfig);
      return importer.processImport(rootContainer);
    } catch (ExecutionException execEx) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, execEx);
      }
      if (execEx.getCause() instanceof DirectoryException) {
        throw ((DirectoryException) execEx.getCause());
      } else {
        Message message = ERR_EXECUTION_ERROR.get(execEx.getMessage());
        throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
      }
    } catch (InterruptedException intEx) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, intEx);
      }
      Message message = ERR_INTERRUPTED_ERROR.get(intEx.getMessage());
      throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message);
    } catch (JebException je) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, je);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), je.getMessageObject());
    } catch (InitializationException ie) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ie);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), ie.getMessageObject());
    } catch (ConfigException ce) {
      if (debugEnabled()) {
        TRACER.debugCaught(DebugLogLevel.ERROR, ce);
      }
      throw new DirectoryException(
          DirectoryServer.getServerErrorResultCode(), ce.getMessageObject());
    } finally {
      // leave the backend in the same state.
      try {
        if (rootContainer != null) {
          long startTime = System.currentTimeMillis();
          rootContainer.close();
          long finishTime = System.currentTimeMillis();
          long closeTime = (finishTime - startTime) / 1000;
          Message msg = NOTE_JEB_IMPORT_LDIF_ROOTCONTAINER_CLOSE.get(closeTime);
          logError(msg);
          rootContainer = null;
        }

        // Sync the environment to disk.
        if (debugEnabled()) {
          Message message = NOTE_JEB_IMPORT_CLOSING_DATABASE.get();
          TRACER.debugInfo(message.toString());
        }
      } catch (DatabaseException de) {
        if (debugEnabled()) {
          TRACER.debugCaught(DebugLogLevel.ERROR, de);
        }
      }
    }
  }