directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1183434 [1/4] - in /directory/apacheds/trunk/interceptors: ./ admin/ admin/.settings/ admin/src/ admin/src/main/ admin/src/main/java/ admin/src/main/java/org/ admin/src/main/java/org/apache/ admin/src/main/java/org/apache/directory/ admin/...
Date Fri, 14 Oct 2011 17:17:02 GMT
Author: elecharny
Date: Fri Oct 14 17:17:00 2011
New Revision: 1183434

URL: http://svn.apache.org/viewvc?rev=1183434&view=rev
Log:
Added the interceptors project

Added:
    directory/apacheds/trunk/interceptors/   (with props)
    directory/apacheds/trunk/interceptors/admin/   (with props)
    directory/apacheds/trunk/interceptors/admin/.classpath
    directory/apacheds/trunk/interceptors/admin/.project
    directory/apacheds/trunk/interceptors/admin/.settings/
    directory/apacheds/trunk/interceptors/admin/.settings/org.eclipse.jdt.core.prefs
    directory/apacheds/trunk/interceptors/admin/pom.xml
    directory/apacheds/trunk/interceptors/admin/src/
    directory/apacheds/trunk/interceptors/admin/src/main/
    directory/apacheds/trunk/interceptors/admin/src/main/java/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/
    directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
    directory/apacheds/trunk/interceptors/admin/target/
    directory/apacheds/trunk/interceptors/admin/target/.plxarc
    directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT-sources.jar   (with props)
    directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT.jar   (with props)
    directory/apacheds/trunk/interceptors/admin/target/classes/
    directory/apacheds/trunk/interceptors/admin/target/classes/META-INF/
    directory/apacheds/trunk/interceptors/admin/target/classes/META-INF/DEPENDENCIES
    directory/apacheds/trunk/interceptors/admin/target/classes/META-INF/LICENSE
    directory/apacheds/trunk/interceptors/admin/target/classes/META-INF/NOTICE
    directory/apacheds/trunk/interceptors/admin/target/classes/org/
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/directory/
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/directory/server/
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/directory/server/core/
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/directory/server/core/admin/
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/directory/server/core/admin/AdministrativePointInterceptor$1.class   (with props)
    directory/apacheds/trunk/interceptors/admin/target/classes/org/apache/directory/server/core/admin/AdministrativePointInterceptor.class   (with props)
    directory/apacheds/trunk/interceptors/admin/target/generated-sources/
    directory/apacheds/trunk/interceptors/admin/target/generated-sources/annotations/
    directory/apacheds/trunk/interceptors/admin/target/maven-archiver/
    directory/apacheds/trunk/interceptors/admin/target/maven-archiver/pom.properties
    directory/apacheds/trunk/interceptors/admin/target/maven-shared-archive-resources/
    directory/apacheds/trunk/interceptors/admin/target/maven-shared-archive-resources/META-INF/
    directory/apacheds/trunk/interceptors/admin/target/maven-shared-archive-resources/META-INF/DEPENDENCIES
    directory/apacheds/trunk/interceptors/admin/target/maven-shared-archive-resources/META-INF/LICENSE
    directory/apacheds/trunk/interceptors/admin/target/maven-shared-archive-resources/META-INF/NOTICE
    directory/apacheds/trunk/interceptors/admin/target/surefire/
    directory/apacheds/trunk/interceptors/admin/target/test-classes/
    directory/apacheds/trunk/interceptors/admin/target/test-classes/META-INF/
    directory/apacheds/trunk/interceptors/admin/target/test-classes/META-INF/DEPENDENCIES
    directory/apacheds/trunk/interceptors/admin/target/test-classes/META-INF/LICENSE
    directory/apacheds/trunk/interceptors/admin/target/test-classes/META-INF/NOTICE
    directory/apacheds/trunk/interceptors/authn/   (with props)
    directory/apacheds/trunk/interceptors/authn/.classpath
    directory/apacheds/trunk/interceptors/authn/.project
    directory/apacheds/trunk/interceptors/authn/.settings/
    directory/apacheds/trunk/interceptors/authn/.settings/org.eclipse.jdt.core.prefs
    directory/apacheds/trunk/interceptors/authn/pom.xml
    directory/apacheds/trunk/interceptors/authn/src/
    directory/apacheds/trunk/interceptors/authn/src/main/
    directory/apacheds/trunk/interceptors/authn/src/main/java/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AnonymousAuthenticator.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/Authenticator.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/DelegatingAuthenticator.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/EncryptionMethod.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/PasswordHistory.java
    directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/PasswordUtil.java

Propchange: directory/apacheds/trunk/interceptors/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 14 17:17:00 2011
@@ -0,0 +1,11 @@
+target
+.project
+.classpath
+.settings
+eclipse-classes
+*.log
+*.iml
+*.ipr
+dependency-reduced-pom.xml
+META-INF
+

Propchange: directory/apacheds/trunk/interceptors/admin/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Oct 14 17:17:00 2011
@@ -0,0 +1,11 @@
+target
+.project
+.classpath
+.settings
+eclipse-classes
+*.log
+*.iml
+*.ipr
+dependency-reduced-pom.xml
+META-INF
+

Added: directory/apacheds/trunk/interceptors/admin/.classpath
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/.classpath?rev=1183434&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/.classpath (added)
+++ directory/apacheds/trunk/interceptors/admin/.classpath Fri Oct 14 17:17:00 2011
@@ -0,0 +1,89 @@
+<classpath>
+  <classpathentry kind="src" path="src/main/java" including="**/*.java"/>
+  <classpathentry kind="src" path="target/maven-shared-archive-resources" excluding="**/*.java"/>
+  <classpathentry kind="output" path="target/classes"/>
+  <classpathentry kind="var" path="M2_REPO/findbugs/annotations/1.0.0/annotations-1.0.0.jar"/>
+  <classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.7/antlr-2.7.7.jar"/>
+  <classpathentry kind="src" path="/apacheds-core-api"/>
+  <classpathentry kind="src" path="/apacheds-core-constants"/>
+  <classpathentry kind="src" path="/apacheds-core-shared"/>
+  <classpathentry kind="src" path="/apacheds-i18n"/>
+  <classpathentry kind="var" path="M2_REPO/bouncycastle/bcprov-jdk15/140/bcprov-jdk15-140.jar" sourcepath="M2_REPO/bouncycastle/bcprov-jdk15/140/bcprov-jdk15-140-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/bouncycastle/bcprov-jdk15/140/bcprov-jdk15-140-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1.jar" sourcepath="M2_REPO/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/commons-io/commons-io/2.0.1/commons-io-2.0.1.jar" sourcepath="M2_REPO/commons-io/commons-io/2.0.1/commons-io-2.0.1-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/commons-io/commons-io/2.0.1/commons-io-2.0.1-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/commons-lang/commons-lang/2.6/commons-lang-2.6.jar" sourcepath="M2_REPO/commons-lang/commons-lang/2.6/commons-lang-2.6-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/commons-pool/commons-pool/1.5.6/commons-pool-1.5.6.jar" sourcepath="M2_REPO/commons-pool/commons-pool/1.5.6/commons-pool-1.5.6-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/commons-pool/commons-pool/1.5.6/commons-pool-1.5.6-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/net/sf/ehcache/ehcache-core/2.4.4/ehcache-core-2.4.4.jar" sourcepath="M2_REPO/net/sf/ehcache/ehcache-core/2.4.4/ehcache-core-2.4.4-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/net/sf/ehcache/ehcache-core/2.4.4/ehcache-core-2.4.4-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/org/hamcrest/hamcrest-core/1.1/hamcrest-core-1.1.jar" sourcepath="M2_REPO/org/hamcrest/hamcrest-core/1.1/hamcrest-core-1.1-sources.jar"/>
+  <classpathentry kind="var" path="M2_REPO/junit/junit/4.9/junit-4.9.jar" sourcepath="M2_REPO/junit/junit/4.9/junit-4.9-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/junit/junit/4.9/junit-4.9-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/org/apache/directory/junit/junit-addons/0.1/junit-addons-0.1.jar" sourcepath="M2_REPO/org/apache/directory/junit/junit-addons/0.1/junit-addons-0.1-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/org/apache/directory/junit/junit-addons/0.1/junit-addons-0.1-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.16/log4j-1.2.16.jar" sourcepath="M2_REPO/log4j/log4j/1.2.16/log4j-1.2.16-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/log4j/log4j/1.2.16/log4j-1.2.16-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/org/apache/mina/mina-core/2.0.4/mina-core-2.0.4.jar" sourcepath="M2_REPO/org/apache/mina/mina-core/2.0.4/mina-core-2.0.4-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/org/apache/mina/mina-core/2.0.4/mina-core-2.0.4-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/org/apache/felix/org.apache.felix.framework/3.2.2/org.apache.felix.framework-3.2.2.jar" sourcepath="M2_REPO/org/apache/felix/org.apache.felix.framework/3.2.2/org.apache.felix.framework-3.2.2-sources.jar"/>
+  <classpathentry kind="src" path="/shared-asn1-api"/>
+  <classpathentry kind="src" path="/shared-asn1-ber"/>
+  <classpathentry kind="src" path="/shared-i18n"/>
+  <classpathentry kind="src" path="/shared-ldap-client-api"/>
+  <classpathentry kind="src" path="/shared-ldap-codec-core"/>
+  <classpathentry kind="src" path="/shared-ldap-codec-standalone"/>
+  <classpathentry kind="src" path="/shared-ldap-extras-aci"/>
+  <classpathentry kind="src" path="/shared-ldap-extras-codec"/>
+  <classpathentry kind="src" path="/shared-ldap-extras-codec-api"/>
+  <classpathentry kind="src" path="/shared-ldap-extras-trigger"/>
+  <classpathentry kind="src" path="/shared-ldap-extras-util"/>
+  <classpathentry kind="src" path="/shared-ldap-model"/>
+  <classpathentry kind="src" path="/shared-ldap-net-mina"/>
+  <classpathentry kind="src" path="/shared-ldap-schema-data"/>
+  <classpathentry kind="src" path="/shared-util"/>
+  <classpathentry kind="var" path="M2_REPO/org/slf4j/slf4j-api/1.6.2/slf4j-api-1.6.2.jar" sourcepath="M2_REPO/org/slf4j/slf4j-api/1.6.2/slf4j-api-1.6.2-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/org/slf4j/slf4j-api/1.6.2/slf4j-api-1.6.2-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="var" path="M2_REPO/org/slf4j/slf4j-log4j12/1.6.2/slf4j-log4j12-1.6.2.jar" sourcepath="M2_REPO/org/slf4j/slf4j-log4j12/1.6.2/slf4j-log4j12-1.6.2-sources.jar">
+    <attributes>
+      <attribute value="jar:file:/Users/elecharny/.m2/repository/org/slf4j/slf4j-log4j12/1.6.2/slf4j-log4j12-1.6.2-javadoc.jar!/" name="javadoc_location"/>
+    </attributes>
+  </classpathentry>
+  <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+</classpath>
\ No newline at end of file

Added: directory/apacheds/trunk/interceptors/admin/.project
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/.project?rev=1183434&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/.project (added)
+++ directory/apacheds/trunk/interceptors/admin/.project Fri Oct 14 17:17:00 2011
@@ -0,0 +1,33 @@
+<projectDescription>
+  <name>apacheds-interceptors-admin</name>
+  <comment>AdministrativePoint interceptor. NO_M2ECLIPSE_SUPPORT: Project files created with the maven-eclipse-plugin are not supported in M2Eclipse.</comment>
+  <projects>
+    <project>apacheds-core-api</project>
+    <project>apacheds-core-constants</project>
+    <project>apacheds-core-shared</project>
+    <project>apacheds-i18n</project>
+    <project>shared-asn1-api</project>
+    <project>shared-asn1-ber</project>
+    <project>shared-i18n</project>
+    <project>shared-ldap-client-api</project>
+    <project>shared-ldap-codec-core</project>
+    <project>shared-ldap-codec-standalone</project>
+    <project>shared-ldap-extras-aci</project>
+    <project>shared-ldap-extras-codec</project>
+    <project>shared-ldap-extras-codec-api</project>
+    <project>shared-ldap-extras-trigger</project>
+    <project>shared-ldap-extras-util</project>
+    <project>shared-ldap-model</project>
+    <project>shared-ldap-net-mina</project>
+    <project>shared-ldap-schema-data</project>
+    <project>shared-util</project>
+  </projects>
+  <buildSpec>
+    <buildCommand>
+      <name>org.eclipse.jdt.core.javabuilder</name>
+    </buildCommand>
+  </buildSpec>
+  <natures>
+    <nature>org.eclipse.jdt.core.javanature</nature>
+  </natures>
+</projectDescription>
\ No newline at end of file

Added: directory/apacheds/trunk/interceptors/admin/.settings/org.eclipse.jdt.core.prefs
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/.settings/org.eclipse.jdt.core.prefs?rev=1183434&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/.settings/org.eclipse.jdt.core.prefs (added)
+++ directory/apacheds/trunk/interceptors/admin/.settings/org.eclipse.jdt.core.prefs Fri Oct 14 17:17:00 2011
@@ -0,0 +1,9 @@
+#Thu Oct 13 15:15:52 CEST 2011
+encoding//src/test/java=ISO-8859-1
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
+eclipse.preferences.version=1
+encoding//src/test/resources=ISO-8859-1
+org.eclipse.jdt.core.compiler.source=1.6
+encoding//src/main/java=ISO-8859-1
+encoding//src/main/resources=ISO-8859-1
+org.eclipse.jdt.core.compiler.compliance=1.6

Added: directory/apacheds/trunk/interceptors/admin/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/pom.xml?rev=1183434&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/pom.xml (added)
+++ directory/apacheds/trunk/interceptors/admin/pom.xml Fri Oct 14 17:17:00 2011
@@ -0,0 +1,183 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.apache.directory.server</groupId>
+    <artifactId>apacheds-interceptors</artifactId>
+    <version>2.0.0-M4-SNAPSHOT</version>
+  </parent>
+  
+  <artifactId>apacheds-interceptors-admin</artifactId>
+  <name>ApacheDS AdministrativePoint Interceptor</name>
+  <packaging>jar</packaging>
+
+  <description>
+    AdministrativePoint interceptor
+  </description>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.apache.directory.junit</groupId>
+      <artifactId>junit-addons</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-i18n</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-core-api</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-core-api</artifactId>
+      <classifier>tests</classifier>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-core-shared</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>commons-collections</groupId>
+      <artifactId>commons-collections</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>commons-lang</groupId>
+      <artifactId>commons-lang</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-client-api</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-i18n</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-codec-standalone</artifactId>
+      <scope>provided</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-codec-core</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-extras-aci</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-extras-trigger</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-extras-util</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-model</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-schema-data</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-util</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>bouncycastle</groupId>
+      <artifactId>bcprov-jdk15</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>net.sf.ehcache</groupId>
+      <artifactId>ehcache-core</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.apache.directory.shared</groupId>
+      <artifactId>shared-ldap-extras-codec</artifactId>
+      <scope>provided</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration> 
+          <systemPropertyVariables>
+            <workingDirectory>${basedir}/target/server-work</workingDirectory>
+          </systemPropertyVariables>
+        </configuration>
+      </plugin>
+      
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-source-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>attach-sources</id>
+            <phase>verify</phase>
+            <goals>
+              <goal>jar</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+        <filtering>true</filtering>
+        <excludes>
+          <exclude>**/*.gif</exclude>
+        </excludes>
+      </resource>
+    </resources>
+  </build>
+</project>
+

Added: directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java?rev=1183434&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java (added)
+++ directory/apacheds/trunk/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java Fri Oct 14 17:17:00 2011
@@ -0,0 +1,1515 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.directory.server.core.admin;
+
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+
+import javax.naming.directory.SearchControls;
+
+import org.apache.directory.server.constants.ServerDNConstants;
+import org.apache.directory.server.core.shared.DefaultCoreSession;
+import org.apache.directory.server.core.api.CoreSession;
+import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.LdapPrincipal;
+import org.apache.directory.server.core.api.administrative.AccessControlAAP;
+import org.apache.directory.server.core.api.administrative.AccessControlAdministrativePoint;
+import org.apache.directory.server.core.api.administrative.AccessControlIAP;
+import org.apache.directory.server.core.api.administrative.AccessControlSAP;
+import org.apache.directory.server.core.api.administrative.AdministrativePoint;
+import org.apache.directory.server.core.api.administrative.CollectiveAttributeAAP;
+import org.apache.directory.server.core.api.administrative.CollectiveAttributeAdministrativePoint;
+import org.apache.directory.server.core.api.administrative.CollectiveAttributeIAP;
+import org.apache.directory.server.core.api.administrative.CollectiveAttributeSAP;
+import org.apache.directory.server.core.api.administrative.SubschemaAAP;
+import org.apache.directory.server.core.api.administrative.SubschemaAdministrativePoint;
+import org.apache.directory.server.core.api.administrative.SubschemaSAP;
+import org.apache.directory.server.core.api.administrative.TriggerExecutionAAP;
+import org.apache.directory.server.core.api.administrative.TriggerExecutionAdministrativePoint;
+import org.apache.directory.server.core.api.administrative.TriggerExecutionIAP;
+import org.apache.directory.server.core.api.administrative.TriggerExecutionSAP;
+import org.apache.directory.server.core.api.entry.ClonedServerEntry;
+import org.apache.directory.server.core.api.filtering.EntryFilteringCursor;
+import org.apache.directory.server.core.api.interceptor.BaseInterceptor;
+import org.apache.directory.server.core.api.interceptor.Interceptor;
+import org.apache.directory.server.core.api.interceptor.NextInterceptor;
+import org.apache.directory.server.core.api.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.api.interceptor.context.DeleteOperationContext;
+import org.apache.directory.server.core.api.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.api.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.api.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.api.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
+import org.apache.directory.server.core.api.partition.PartitionNexus;
+import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.model.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.model.entry.Attribute;
+import org.apache.directory.shared.ldap.model.entry.DefaultAttribute;
+import org.apache.directory.shared.ldap.model.entry.Entry;
+import org.apache.directory.shared.ldap.model.entry.Modification;
+import org.apache.directory.shared.ldap.model.entry.Value;
+import org.apache.directory.shared.ldap.model.exception.LdapException;
+import org.apache.directory.shared.ldap.model.exception.LdapInvalidAttributeValueException;
+import org.apache.directory.shared.ldap.model.exception.LdapNoSuchAttributeException;
+import org.apache.directory.shared.ldap.model.exception.LdapOperationException;
+import org.apache.directory.shared.ldap.model.exception.LdapUnwillingToPerformException;
+import org.apache.directory.shared.ldap.model.filter.ExprNode;
+import org.apache.directory.shared.ldap.model.filter.PresenceNode;
+import org.apache.directory.shared.ldap.model.message.AliasDerefMode;
+import org.apache.directory.shared.ldap.model.message.ResultCodeEnum;
+import org.apache.directory.shared.ldap.model.name.Dn;
+import org.apache.directory.shared.ldap.model.subtree.AdministrativeRole;
+import org.apache.directory.shared.ldap.util.tree.DnNode;
+import org.apache.directory.shared.util.Strings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * An interceptor to manage the Administrative model
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class AdministrativePointInterceptor extends BaseInterceptor
+{
+    /** A {@link Logger} for this class */
+    private static final Logger LOG = LoggerFactory.getLogger( AdministrativePointInterceptor.class );
+
+    /**
+     * Speedup for logs
+     */
+    private static final boolean IS_DEBUG = LOG.isDebugEnabled();
+
+    /** A reference to the nexus for direct backend operations */
+    private PartitionNexus nexus;
+
+    /** The possible roles */
+    private static final Set<String> ROLES = new HashSet<String>();
+
+    // Initialize the ROLES field
+    static
+    {
+        ROLES.add( Strings.toLowerCase( SchemaConstants.AUTONOMOUS_AREA ) );
+        ROLES.add( SchemaConstants.AUTONOMOUS_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ) );
+        ROLES.add( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.ACCESS_CONTROL_INNER_AREA ) );
+        ROLES.add( SchemaConstants.ACCESS_CONTROL_INNER_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ) );
+        ROLES.add( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA ) );
+        ROLES.add( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA ) );
+        ROLES.add( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ) );
+        ROLES.add( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+        ROLES.add( Strings.toLowerCase( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA ) );
+        ROLES.add( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA_OID );
+    }
+
+    /** A Map to associate a role with it's OID */
+    private static final Map<String, String> ROLES_OID = new HashMap<String, String>();
+
+    // Initialize the roles/oid map
+    static
+    {
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.AUTONOMOUS_AREA ), SchemaConstants.AUTONOMOUS_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ),
+            SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.ACCESS_CONTROL_INNER_AREA ),
+            SchemaConstants.ACCESS_CONTROL_INNER_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ),
+            SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA ),
+            SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA ),
+            SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ),
+            SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+        ROLES_OID.put( Strings.toLowerCase( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA ),
+            SchemaConstants.TRIGGER_EXECUTION_INNER_AREA_OID );
+    }
+
+    /** The possible inner area roles */
+    private static final Set<String> INNER_AREA_ROLES = new HashSet<String>();
+
+    static
+    {
+        INNER_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.ACCESS_CONTROL_INNER_AREA ) );
+        INNER_AREA_ROLES.add( SchemaConstants.ACCESS_CONTROL_INNER_AREA_OID );
+        INNER_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA ) );
+        INNER_AREA_ROLES.add( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA_OID );
+        INNER_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA ) );
+        INNER_AREA_ROLES.add( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA_OID );
+    }
+
+    /** The possible specific area roles */
+    private static final Set<String> SPECIFIC_AREA_ROLES = new HashSet<String>();
+
+    static
+    {
+        SPECIFIC_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ) );
+        SPECIFIC_AREA_ROLES.add( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+        SPECIFIC_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ) );
+        SPECIFIC_AREA_ROLES.add( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+        SPECIFIC_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA ) );
+        SPECIFIC_AREA_ROLES.add( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA_OID );
+        SPECIFIC_AREA_ROLES.add( Strings.toLowerCase( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ) );
+        SPECIFIC_AREA_ROLES.add( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+    }
+
+    /** A lock to guarantee the AP cache consistency */
+    private ReentrantReadWriteLock mutex = new ReentrantReadWriteLock();
+
+    /**
+     * Get a read-lock on the AP cache.
+     * No read operation can be done on the AP cache if this
+     * method is not called before.
+     */
+    public void lockRead()
+    {
+        mutex.readLock().lock();
+    }
+
+
+    /**
+     * Get a write-lock on the AP cache.
+     * No write operation can be done on the apCache if this
+     * method is not called before.
+     */
+    public void lockWrite()
+    {
+        mutex.writeLock().lock();
+    }
+
+
+    /**
+     * Release the read-write lock on the AP cache.
+     * This method must be called after having read or modified the
+     * AP cache
+     */
+    public void unlock()
+    {
+        if ( mutex.isWriteLockedByCurrentThread() )
+        {
+            mutex.writeLock().unlock();
+        }
+        else
+        {
+            mutex.readLock().unlock();
+        }
+    }
+
+
+    /**
+     * Create the list of AP for a given entry
+     */
+    private void createAdministrativePoints( Attribute adminPoint, Dn dn, String uuid ) throws LdapException
+    {
+        if ( isAAP( adminPoint ) )
+        {
+            // The AC AAP
+            AccessControlAdministrativePoint acAap = new AccessControlAAP( dn, uuid );
+            directoryService.getAccessControlAPCache().add( dn, acAap );
+
+            // The CA AAP
+            CollectiveAttributeAdministrativePoint caAap = new CollectiveAttributeAAP( dn, uuid );
+            directoryService.getCollectiveAttributeAPCache().add( dn, caAap );
+
+            // The TE AAP
+            TriggerExecutionAdministrativePoint teAap = new TriggerExecutionAAP( dn, uuid );
+            directoryService.getTriggerExecutionAPCache().add( dn, teAap );
+
+            // The SS AAP
+            SubschemaAdministrativePoint ssAap = new SubschemaAAP( dn, uuid );
+            directoryService.getSubschemaAPCache().add( dn, ssAap );
+
+            // TODO : Here, we have to update the children, removing any 
+            // reference to any other underlying AP
+
+            // If it's an AAP, we can get out immediately
+            return;
+        }
+
+        for ( Value<?> value : adminPoint )
+        {
+            String role = value.getString();
+
+            // Deal with AccessControl AP
+            if ( isAccessControlSpecificRole( role ) )
+            {
+                AccessControlAdministrativePoint sap = new AccessControlSAP( dn, uuid );
+                directoryService.getAccessControlAPCache().add( dn, sap );
+
+                // TODO : Here, we have to update the children, removing any 
+                // reference to any other underlying AccessControl IAP or SAP 
+
+                continue;
+            }
+
+            if ( isAccessControlInnerRole( role ) )
+            {
+                AccessControlAdministrativePoint iap = new AccessControlIAP( dn, uuid );
+                directoryService.getAccessControlAPCache().add( dn, iap );
+
+                continue;
+            }
+
+            // Deal with CollectiveAttribute AP
+            if ( isCollectiveAttributeSpecificRole( role ) )
+            {
+                CollectiveAttributeAdministrativePoint sap = new CollectiveAttributeSAP( dn, uuid );
+                directoryService.getCollectiveAttributeAPCache().add( dn, sap );
+
+                // TODO : Here, we have to update the children, removing any 
+                // reference to any other underlying CollectiveAttribute IAP or SAP 
+                
+                continue;
+            }
+
+            if ( isCollectiveAttributeInnerRole( role ) )
+            {
+                CollectiveAttributeAdministrativePoint iap = new CollectiveAttributeIAP( dn, uuid );
+                directoryService.getCollectiveAttributeAPCache().add( dn, iap );
+
+                continue;
+            }
+
+            // Deal with SubSchema AP
+            if ( isSubschemaSpecficRole( role ) )
+            {
+                SubschemaAdministrativePoint sap = new SubschemaSAP( dn, uuid );
+                directoryService.getSubschemaAPCache().add( dn, sap );
+
+                // TODO : Here, we have to update the children, removing any 
+                // reference to any other underlying Subschema IAP or SAP 
+
+                continue;
+            }
+
+            // Deal with TriggerExecution AP
+            if ( isTriggerExecutionSpecificRole( role ) )
+            {
+                TriggerExecutionAdministrativePoint sap = new TriggerExecutionSAP( dn, uuid );
+                directoryService.getTriggerExecutionAPCache().add( dn, sap );
+
+                // TODO : Here, we have to update the children, removing any 
+                // reference to any other underlying TriggerExecution IAP or SAP
+                
+                continue;
+            }
+
+            if ( isTriggerExecutionInnerRole( role ) )
+            {
+                TriggerExecutionAdministrativePoint iap = new TriggerExecutionIAP( dn, uuid );
+                directoryService.getTriggerExecutionAPCache().add( dn, iap );
+
+                continue;
+            }
+        }
+
+        return;
+    }
+
+
+    /**
+     * Update the cache clones with the added roles
+     */
+    private void addRole( String role, Dn dn, String uuid, DnNode<AccessControlAdministrativePoint> acapCache,
+        DnNode<CollectiveAttributeAdministrativePoint> caapCache, DnNode<TriggerExecutionAdministrativePoint> teapCache,
+        DnNode<SubschemaAdministrativePoint> ssapCache ) throws LdapException
+    {
+        // Deal with Autonomous AP : create the 4 associated SAP/AAP
+        if ( isAutonomousAreaRole( role ) )
+        {
+            // The AC AAP
+            AccessControlAdministrativePoint acAap = new AccessControlAAP( dn, uuid );
+            acapCache.add( dn, acAap );
+
+            // The CA AAP
+            CollectiveAttributeAdministrativePoint caAap = new CollectiveAttributeAAP( dn, uuid );
+            caapCache.add( dn, caAap );
+
+            // The TE AAP
+            TriggerExecutionAdministrativePoint teAap = new TriggerExecutionAAP( dn, uuid );
+            teapCache.add( dn, teAap );
+
+            // The SS AAP
+            SubschemaAdministrativePoint ssAap = new SubschemaAAP( dn, uuid );
+            ssapCache.add( dn, ssAap );
+            
+            // If it's an AAP, we can get out immediately
+            return;
+        }
+
+        // Deal with AccessControl AP
+        if ( isAccessControlSpecificRole( role ) )
+        {
+            AccessControlAdministrativePoint sap = new AccessControlSAP( dn, uuid );
+            acapCache.add( dn, sap );
+
+            return;
+        }
+
+        if ( isAccessControlInnerRole( role ) )
+        {
+            AccessControlAdministrativePoint iap = new AccessControlIAP( dn, uuid );
+            acapCache.add( dn, iap );
+
+            return;
+        }
+
+        // Deal with CollectiveAttribute AP
+        if ( isCollectiveAttributeSpecificRole( role ) )
+        {
+            CollectiveAttributeAdministrativePoint sap = new CollectiveAttributeSAP( dn, uuid );
+            caapCache.add( dn, sap );
+
+            return;
+        }
+
+        if ( isCollectiveAttributeInnerRole( role ) )
+        {
+            CollectiveAttributeAdministrativePoint iap = new CollectiveAttributeIAP( dn, uuid );
+            caapCache.add( dn, iap );
+
+            return;
+        }
+
+        // Deal with SubSchema AP
+        if ( isSubschemaSpecficRole( role ) )
+        {
+            SubschemaAdministrativePoint sap = new SubschemaSAP( dn, uuid );
+            ssapCache.add( dn, sap );
+
+            return;
+        }
+
+        // Deal with TriggerExecution AP
+        if ( isTriggerExecutionSpecificRole( role ) )
+        {
+            TriggerExecutionAdministrativePoint sap = new TriggerExecutionSAP( dn, uuid );
+            teapCache.add( dn, sap );
+
+            return;
+        }
+
+        if ( isTriggerExecutionInnerRole( role ) )
+        {
+            TriggerExecutionAdministrativePoint iap = new TriggerExecutionIAP( dn, uuid );
+            teapCache.add( dn, iap );
+
+            return;
+        }
+    }
+
+
+
+
+    /**
+     * Update the cache clones with the added roles
+     */
+    private void delRole( String role, Dn dn, String uuid, DnNode<AccessControlAdministrativePoint> acapCache,
+        DnNode<CollectiveAttributeAdministrativePoint> caapCache, DnNode<TriggerExecutionAdministrativePoint> teapCache,
+        DnNode<SubschemaAdministrativePoint> ssapCache ) throws LdapException
+    {
+        // Deal with Autonomous AP : remove the 4 associated SAP/AAP
+        if ( isAutonomousAreaRole( role ) )
+        {
+            // The AC AAP
+            acapCache.remove( dn );
+
+            // The CA AAP
+            caapCache.remove( dn );
+
+            // The TE AAP
+            teapCache.remove( dn );
+
+            // The SS AAP
+            ssapCache.remove( dn );
+            
+            return;
+        }
+
+        // Deal with AccessControl AP
+        if ( isAccessControlSpecificRole( role ) || isAccessControlInnerRole( role ) )
+        {
+            acapCache.remove( dn );
+
+            return;
+        }
+
+        // Deal with CollectiveAttribute AP
+        if ( isCollectiveAttributeSpecificRole( role ) || isCollectiveAttributeInnerRole( role ) )
+        {
+            caapCache.remove( dn );
+
+            return;
+        }
+
+        // Deal with SubSchema AP
+        if ( isSubschemaSpecficRole( role ) )
+        {
+            ssapCache.remove( dn );
+
+            return;
+        }
+
+        // Deal with TriggerExecution AP
+        if ( isTriggerExecutionSpecificRole( role ) || isTriggerExecutionInnerRole( role ) )
+        {
+            teapCache.remove( dn );
+
+            return;
+        }
+    }
+
+    
+    private AdministrativePoint getParent( AdministrativePoint ap, List<AdministrativePoint> aps,
+        AdministrativeRole role, DnNode<List<AdministrativePoint>> currentNode )
+    {
+        AdministrativePoint parent = null;
+
+        for ( AdministrativePoint adminPoint : aps )
+        {
+            if ( adminPoint.isAutonomous() || ( adminPoint.getRole() == ap.getRole() ) )
+            {
+                // Same role or AP : this is the parent
+                return adminPoint;
+            }
+            else if ( adminPoint.getRole() == role )
+            {
+                parent = adminPoint;
+            }
+        }
+
+        if ( parent != null )
+        {
+            return parent;
+        }
+
+        // We have to go down one level
+        if ( currentNode.hasParent() )
+        {
+            return findParent( ap, currentNode );
+        }
+        else
+        {
+            return null;
+        }
+    }
+
+
+    /**
+     * Find the parent for the given administrative point. If the AP is an AAP, the parent will be the closest
+     * AAP or the closest SAP. If we have a SAP between the added AAP and a AAP, then 
+     */
+    private AdministrativePoint findParent( AdministrativePoint ap, DnNode<List<AdministrativePoint>> currentNode )
+    {
+        List<AdministrativePoint> aps = currentNode.getElement();
+
+        if ( aps != null )
+        {
+            // Check if the current element is a valid parent
+            switch ( ap.getRole() )
+            {
+                case AutonomousArea:
+                    AdministrativePoint currentAp = aps.get( 0 );
+
+                    if ( currentAp.isAutonomous() )
+                    {
+                        return currentAp;
+                    }
+                    else
+                    {
+                        // We have to go down one level, as an AAP
+                        // must have another AAP as a parent
+                        if ( currentNode.hasParent() )
+                        {
+                            return findParent( ap, currentNode );
+                        }
+                        else
+                        {
+                            return null;
+                        }
+                    }
+
+                case AccessControlInnerArea:
+                    return getParent( ap, aps, AdministrativeRole.AccessControlSpecificArea, currentNode );
+
+                case CollectiveAttributeInnerArea:
+                    return getParent( ap, aps, AdministrativeRole.CollectiveAttributeSpecificArea, currentNode );
+
+                case TriggerExecutionInnerArea:
+                    return getParent( ap, aps, AdministrativeRole.TriggerExecutionSpecificArea, currentNode );
+
+                case AccessControlSpecificArea:
+                    return getParent( ap, aps, AdministrativeRole.AccessControlSpecificArea, currentNode );
+
+                case CollectiveAttributeSpecificArea:
+                    return getParent( ap, aps, AdministrativeRole.CollectiveAttributeSpecificArea, currentNode );
+
+                case SubSchemaSpecificArea:
+                    return getParent( ap, aps, AdministrativeRole.SubSchemaSpecificArea, currentNode );
+
+                case TriggerExecutionSpecificArea:
+                    return getParent( ap, aps, AdministrativeRole.TriggerExecutionSpecificArea, currentNode );
+
+                default:
+                    return null;
+            }
+        }
+        else
+        {
+            if ( currentNode.hasParent() )
+            {
+                return findParent( ap, currentNode.getParent() );
+            }
+            else
+            {
+                return null;
+            }
+        }
+    }
+
+
+    /**
+     * Check if we can safely add a role. If it's an AAP, we have to be sure that
+     * it's the only role present in the AT.
+     */
+    private void checkAddRole( Value<?> role, Attribute adminPoint, Dn dn ) throws LdapException
+    {
+        String roleStr = Strings.toLowerCase( Strings.trim( role.getString() ) );
+
+        // Check that the added AdministrativeRole is valid
+        if ( !ROLES.contains( roleStr ) )
+        {
+            String message = "Cannot add the given role, it's not a valid one :" + role;
+            LOG.error( message );
+            throw new LdapUnwillingToPerformException( message );
+        }
+
+        // If we are trying to add an AAP, we have to check that 
+        // it's the only role in the AdminPoint AT
+        if ( isAutonomousAreaRole( roleStr ) )
+        {
+            if ( adminPoint.size() > 1 )
+            {
+                String message = "Cannot add an Autonomous Administratve Point when some other roles are added : "
+                    + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+            else
+            {
+                // Fine : we only have one AAP
+                return;
+            }
+        }
+        
+        // Check that we don't have already an AAP in the AdminPoint AT when we try to
+        // add a role
+        if ( adminPoint.contains( SchemaConstants.AUTONOMOUS_AREA ) )
+        {
+            String message = "Cannot add a role when an Autonomous Administratve Point is already present : "
+                + adminPoint;
+            LOG.error( message );
+            throw new LdapUnwillingToPerformException( message );
+        }
+
+        // check that we can't mix Inner and Specific areas
+        checkInnerSpecificMix( roleStr, adminPoint );
+
+        // Check that we don't add an IAP with no parent. The IAP must be added under
+        // either a AAP, or a SAP/IAP within the same family
+        if ( isIAP( roleStr ) )
+        {
+            checkIAPHasParent( roleStr, adminPoint, dn );
+        }
+    }
+
+
+    /**
+     * Check if we can safely delete a role
+     */
+    private void checkDelRole( Value<?> role, Attribute adminPoint, Dn dn ) throws LdapException
+    {
+        String roleStr = Strings.toLowerCase( Strings.trim( role.getString() ) );
+
+        // Check that the removed AdministrativeRole is valid
+        if ( !ROLES.contains( roleStr ) )
+        {
+            String message = "Cannot delete the given role, it's not a valid one :" + role;
+            LOG.error( message );
+            throw new LdapUnwillingToPerformException( message );
+        }
+
+        // Now we are trying to delete an Administrative point. We have to check that 
+        // we only have one role if the deleted role is an AAP
+        if ( isAutonomousAreaRole( roleStr ) )
+        {
+            // We know have to check that removing the AAP, we will not 
+            // left any pending IAP. We should check for the 3 potential IAPs :
+            // AccessControl, CollectiveAttribute and TriggerExecution.
+            // If the removed AP has a parent, no need to go any further :
+            // the children IAPs will depend on this parent.
+            
+            // Process the ACs
+            DnNode<AccessControlAdministrativePoint> acAps = directoryService.getAccessControlAPCache();
+            
+            if ( !acAps.hasParent( dn ) )
+            {
+                // No parent, check for any IAP
+                List<AccessControlAdministrativePoint> children = acAps.getDescendantElements( dn );
+                
+                for ( AccessControlAdministrativePoint child : children )
+                {
+                    if ( child.isInner() )
+                    {
+                        // Ok, we are dead : the IAP will remain with no parent.
+                        String message = "Cannot delete the given role, the " + child.getDn() + " AccessControl IAP will remain orphan";
+                        LOG.error( message );
+                        throw new LdapUnwillingToPerformException( message );
+                    }
+                }
+            }
+            
+            // Process the CAs
+            DnNode<CollectiveAttributeAdministrativePoint> caAps = directoryService.getCollectiveAttributeAPCache();
+            
+            if ( !acAps.hasParent( dn ) )
+            {
+                // No parent, check for any IAP
+                List<CollectiveAttributeAdministrativePoint> children = caAps.getDescendantElements( dn );
+                
+                for ( CollectiveAttributeAdministrativePoint child : children )
+                {
+                    if ( child.isInner() )
+                    {
+                        // Ok, we are dead : the IAP will remain with no parent.
+                        String message = "Cannot delete the given role, the " + child.getDn() + " CollectiveAttribute IAP will remain orphan";
+                        LOG.error( message );
+                        throw new LdapUnwillingToPerformException( message );
+                    }
+                }
+            }
+            
+            // Process the TEs
+            DnNode<TriggerExecutionAdministrativePoint> teAps = directoryService.getTriggerExecutionAPCache();
+            
+            if ( !acAps.hasParent( dn ) )
+            {
+                // No parent, check for any IAP
+                List<TriggerExecutionAdministrativePoint> children = teAps.getDescendantElements( dn );
+                
+                for ( TriggerExecutionAdministrativePoint child : children )
+                {
+                    if ( child.isInner() )
+                    {
+                        // Ok, we are dead : the IAP will remain with no parent.
+                        String message = "Cannot delete the given role, the " + child.getDn() + " TriggerExecution IAP will remain orphan";
+                        LOG.error( message );
+                        throw new LdapUnwillingToPerformException( message );
+                    }
+                }
+            }
+        }
+    }
+
+
+    /**
+     * Creates an Administrative service interceptor.
+     */
+    public AdministrativePointInterceptor()
+    {
+    }
+
+
+    //-------------------------------------------------------------------------------------------
+    // Helper methods
+    //-------------------------------------------------------------------------------------------
+    private List<Entry> getAdministrativePoints() throws LdapException
+    {
+        List<Entry> entries = new ArrayList<Entry>();
+
+        Dn adminDn = new Dn( schemaManager, ServerDNConstants.ADMIN_SYSTEM_DN );
+
+        SearchControls controls = new SearchControls();
+        controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
+        controls.setReturningAttributes( new String[]
+            { SchemaConstants.ADMINISTRATIVE_ROLE_AT, SchemaConstants.ENTRY_UUID_AT } );
+
+        // Search for all the adminstrativePoints in the base
+        ExprNode filter = new PresenceNode( ADMINISTRATIVE_ROLE_AT );
+
+        CoreSession adminSession = new DefaultCoreSession( new LdapPrincipal( schemaManager, adminDn, AuthenticationLevel.STRONG ),
+            directoryService );
+
+        SearchOperationContext searchOperationContext = new SearchOperationContext( adminSession, Dn.ROOT_DSE, filter,
+            controls );
+
+        searchOperationContext.setAliasDerefMode( AliasDerefMode.NEVER_DEREF_ALIASES );
+
+        EntryFilteringCursor results = nexus.search( searchOperationContext );
+
+        try
+        {
+            while ( results.next() )
+            {
+                Entry entry = results.get();
+
+                entries.add( entry );
+            }
+            
+            results.close();
+        }
+        catch ( Exception e )
+        {
+            throw new LdapOperationException( e.getMessage(), e );
+        }
+
+        return entries;
+    }
+
+
+    /**
+     * Tells if a given role is a valid administrative role. We check the lower cased
+     * and trimmed value, and also the OID value.
+     */
+    private boolean isValidRole( String role )
+    {
+        return ROLES.contains( Strings.toLowerCase( Strings.trim( role ) ) );
+    }
+
+
+    /**
+     * Update The Administrative Points cache, adding the given AdminPoints
+     */
+    private void addAdminPointCache( List<Entry> adminPointEntries ) throws LdapException
+    {
+        for ( Entry adminPointEntry : adminPointEntries )
+        {
+            // update the cache
+            Dn dn = adminPointEntry.getDn();
+
+            String uuid = adminPointEntry.get( ENTRY_UUID_AT ).getString();
+            Attribute adminPoint = adminPointEntry.get( ADMINISTRATIVE_ROLE_AT );
+
+            createAdministrativePoints( adminPoint, dn, uuid );
+        }
+    }
+
+
+    /**
+     * Update The Administrative Points cache, removing the given AdminPoint
+     */
+    private void deleteAdminPointCache( Attribute adminPoint, DeleteOperationContext deleteContext )
+        throws LdapException
+    {
+        Dn dn = deleteContext.getDn();
+        
+        // Remove the APs in the AP cache
+        for ( Value<?> value : adminPoint )
+        {
+            String role = value.getString();
+
+            // Deal with Autonomous AP : delete the 4 associated SAP/AAP
+            if ( isAutonomousAreaRole( role ) )
+            {
+                // The AC AAP
+                directoryService.getAccessControlAPCache().remove( dn );
+
+                // The CA AAP
+                directoryService.getCollectiveAttributeAPCache().remove( dn );
+
+                // The TE AAP
+                directoryService.getTriggerExecutionAPCache().remove( dn );
+
+                // The SS AAP
+                directoryService.getSubschemaAPCache().remove( dn );
+
+                // If it's an AAP, we can get out immediately
+                return;
+            }
+
+            // Deal with AccessControl AP
+            if ( isAccessControlSpecificRole( role ) || isAccessControlInnerRole( role ) )
+            {
+                directoryService.getAccessControlAPCache().remove( dn );
+
+                continue;
+            }
+
+            // Deal with CollectveAttribute AP
+            if ( isCollectiveAttributeSpecificRole( role ) || isCollectiveAttributeInnerRole( role ) )
+            {
+                directoryService.getCollectiveAttributeAPCache().remove( dn );
+
+                continue;
+            }
+
+
+            // Deal with SubSchema AP
+            if ( isSubschemaSpecficRole( role ) )
+            {
+                directoryService.getSubschemaAPCache().remove( dn );
+
+                continue;
+            }
+
+            // Deal with TriggerExecution AP
+            if ( isTriggerExecutionSpecificRole( role ) || isTriggerExecutionInnerRole( role ))
+            {
+                directoryService.getTriggerExecutionAPCache().remove( dn );
+
+                continue;
+            }
+        }
+    }
+
+
+    /**
+     * Tells if the role is an AC IAP
+     */
+    private boolean isAccessControlInnerRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.ACCESS_CONTROL_INNER_AREA ) ||
+               role.equals( SchemaConstants.ACCESS_CONTROL_INNER_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is an AC SAP
+     */
+    private boolean isAccessControlSpecificRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ) ||
+               role.equals( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is a CA IAP
+     */
+    private boolean isCollectiveAttributeInnerRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA ) ||
+               role.equals( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is a CA SAP
+     */
+    private boolean isCollectiveAttributeSpecificRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ) ||
+               role.equals( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is a TE IAP
+     */
+    private boolean isTriggerExecutionInnerRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA ) ||
+               role.equals( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is a TE SAP
+     */
+    private boolean isTriggerExecutionSpecificRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ) ||
+               role.equals( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is a SS SAP
+     */
+    private boolean isSubschemaSpecficRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA ) ||
+               role.equals( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the role is an AAP
+     */
+    private boolean isAutonomousAreaRole( String role )
+    {
+        return role.equalsIgnoreCase( SchemaConstants.AUTONOMOUS_AREA ) ||
+               role.equals( SchemaConstants.AUTONOMOUS_AREA_OID );
+    }
+
+
+    /**
+     * Tells if the Administrative Point role is an AAP
+     */
+    private boolean isAAP( Attribute adminPoint )
+    {
+        return ( adminPoint.contains( SchemaConstants.AUTONOMOUS_AREA ) || adminPoint
+            .contains( SchemaConstants.AUTONOMOUS_AREA_OID ) );
+    }
+
+
+    private boolean hasAccessControlSpecificRole( Attribute adminPoint )
+    {
+        return adminPoint.contains( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ) ||
+               adminPoint.contains( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+    }
+
+
+    private boolean isIAP( String role )
+    {
+        return INNER_AREA_ROLES.contains( role );
+    }
+
+
+    private boolean hasCollectiveAttributeSpecificRole( Attribute adminPoint )
+    {
+        return adminPoint.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ) ||
+               adminPoint.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+    }
+
+
+    private boolean hasTriggerExecutionSpecificRole( Attribute adminPoint )
+    {
+        return adminPoint.contains( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ) ||
+               adminPoint.contains( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+    }
+
+
+    /**
+     * Check that we don't have an IAP and a SAP with the same family
+     */
+    private void checkInnerSpecificMix( String role, Attribute adminPoint ) throws LdapUnwillingToPerformException
+    {
+        if ( isAccessControlInnerRole( role ) )
+        {
+            if ( hasAccessControlSpecificRole( adminPoint ) )
+            {
+                // This is inconsistent
+                String message = "Cannot add a specific Administrative Point and the same"
+                    + " inner Administrative point at the same time : " + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+            else
+            {
+                return;
+            }
+        }
+
+        if ( isCollectiveAttributeInnerRole( role ) )
+        {
+            if ( hasCollectiveAttributeSpecificRole( adminPoint ) )
+            {
+                // This is inconsistent
+                String message = "Cannot add a specific Administrative Point and the same"
+                    + " inner Administrative point at the same time : " + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+            else
+            {
+                return;
+            }
+        }
+
+        if ( isTriggerExecutionInnerRole( role ) )
+        {
+            if ( hasTriggerExecutionSpecificRole( adminPoint ) )
+            {
+                // This is inconsistent
+                String message = "Cannot add a specific Administrative Point and the same"
+                    + " inner Administrative point at the same time : " + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+            else
+            {
+                return;
+            }
+        }
+    }
+
+
+    /**
+     * Check that the IAPs (if any) have a parent. We will check for each kind or role :
+     * AC, CA and TE.
+     */
+    private void checkIAPHasParent( String role, Attribute adminPoint, Dn dn )
+        throws LdapUnwillingToPerformException
+    {
+        // Check for the AC role
+        if ( isAccessControlInnerRole( role ) )
+        {
+            DnNode<AccessControlAdministrativePoint> acCache = directoryService.getAccessControlAPCache();
+            
+            DnNode<AccessControlAdministrativePoint> parent =  acCache.getNode( dn );
+            
+            if ( parent == null )
+            {
+                // We don't have any AC administrativePoint in the tree, this is an error
+                String message = "Cannot add an IAP with no parent : " + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+        }
+        else if ( isCollectiveAttributeInnerRole( role ) )
+        {
+            DnNode<CollectiveAttributeAdministrativePoint> caCache = directoryService.getCollectiveAttributeAPCache();
+            
+            boolean hasAP = caCache.hasParentElement( dn );
+            
+            if ( !hasAP )
+            {
+                // We don't have any AC administrativePoint in the tree, this is an error
+                String message = "Cannot add an IAP with no parent : " + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+        }
+        else if ( isTriggerExecutionInnerRole( role ) )
+        {
+            DnNode<TriggerExecutionAdministrativePoint> caCache = directoryService.getTriggerExecutionAPCache();
+            
+            DnNode<TriggerExecutionAdministrativePoint> parent =  caCache.getNode( dn );
+            
+            if ( parent == null )
+            {
+                // We don't have any AC administrativePoint in the tree, this is an error
+                String message = "Cannot add an IAP with no parent : " + adminPoint;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+        }
+        else
+        {
+            // Wtf ? We *must* have an IAP here...
+            String message = "This is not an IAP : " + role;
+            LOG.error( message );
+            throw new LdapUnwillingToPerformException( message );
+        }
+    }
+
+
+    //-------------------------------------------------------------------------------------------
+    // Interceptor initialization
+    //-------------------------------------------------------------------------------------------
+    /**
+     * Registers and initializes all {@link Authenticator}s to this service.
+     */
+    public void init( DirectoryService directoryService ) throws LdapException
+    {
+        LOG.debug( "Initializing the AdministrativeInterceptor" );
+
+        super.init( directoryService );
+        nexus = directoryService.getPartitionNexus();
+
+        // Load all the AdministratvePoint :
+        // Autonomous Administrative Point first, then Specific
+        // administrative point, finally the Inner administrative Point
+        Dn adminDn = new Dn( schemaManager, ServerDNConstants.ADMIN_SYSTEM_DN );
+
+        SearchControls controls = new SearchControls();
+        controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
+        controls.setReturningAttributes( new String[]
+            { SchemaConstants.ADMINISTRATIVE_ROLE_AT } );
+
+        // get the list of all the AAPs
+        List<Entry> administrativePoints = getAdministrativePoints();
+        
+        lockWrite();
+        addAdminPointCache( administrativePoints );
+        unlock();
+    }
+
+
+    /**
+     * {@inheritDoc}
+     */
+    public void destroy()
+    {
+    }
+
+
+    private void updateAPEntries( Attribute adminPoint, String apUuid )
+    {
+        if ( isAAP( adminPoint ) )
+        {
+
+        }
+
+        return;
+    }
+
+
+    /**
+     * Add an administrative point into the DIT.
+     * 
+     * We have to deal with some specific cases :
+     * <ul>
+     * <li>If it's an AA, then the added role should be the only one</li>
+     * <li>It's not possible to add IA and SA at the same time</li>
+     * 
+     * @param next The next {@link Interceptor} in the chain
+     * @param addContext The {@link AddOperationContext} instance
+     * @throws LdapException If we had some error while processing the Add operation
+     */
+    public void add( NextInterceptor next, AddOperationContext addContext ) throws LdapException
+    {
+        LOG.debug( ">>> Entering into the Administrative Interceptor, addRequest" );
+        Entry entry = addContext.getEntry();
+        Dn dn = entry.getDn();
+
+        // Check if we are adding an Administrative Point
+        Attribute adminPoint = entry.get( ADMINISTRATIVE_ROLE_AT );
+
+        if ( adminPoint == null )
+        {
+            // Nope, go on.
+            next.add( addContext );
+
+            LOG.debug( "Exit from Administrative Interceptor, no AP in the added entry" );
+
+            return;
+        }
+
+        LOG.debug( "Addition of an administrative point at {} for the role {}", dn, adminPoint );
+
+        // Protect the AP caches against concurrent access
+        lockWrite();
+        
+        // Loop on all the added roles to check if they are valid
+        for ( Value<?> role : adminPoint )
+        {
+            checkAddRole( role, adminPoint, dn );
+        }
+
+        // Ok, we are golden.
+        next.add( addContext );
+
+        String apUuid = entry.get( ENTRY_UUID_AT ).getString();
+
+        // Now, update the AdminPoint cache
+        createAdministrativePoints( adminPoint, dn, apUuid );
+
+        // Release the APCaches lock
+        unlock();
+        
+        LOG.debug( "Added an Administrative Point at {}", dn );
+
+        return;
+    }
+
+
+    /**
+     * We have to check that we can remove the associated AdministrativePoint : <br/> 
+     * <ul>
+     * <li> if we remove an AAP, no descendant IAP should remain orphan</li>
+     * <li> If we remove a SAP, no descendant IAP should remain orphan</li>
+     * </ul> 
+     * {@inheritDoc}
+     */
+    public void delete( NextInterceptor next, DeleteOperationContext deleteContext ) throws LdapException
+    {
+        LOG.debug( ">>> Entering into the Administrative Interceptor, delRequest" );
+        Entry entry = deleteContext.getEntry();
+        Dn dn = entry.getDn();
+
+        // Check if we are deleting an Administrative Point
+        Attribute adminPoint = entry.get( ADMINISTRATIVE_ROLE_AT );
+
+        if ( adminPoint == null )
+        {
+            // Nope, go on.
+            next.delete( deleteContext );
+
+            LOG.debug( "Exit from Administrative Interceptor" );
+
+            return;
+        }
+
+        LOG.debug( "Deletion of an administrative point at {} for the role {}", dn, adminPoint );
+        
+        // Protect the AP caches against concurrent access
+        lockWrite();
+        
+        // Check that the removed AdministrativeRoles are valid. We don't have to do
+        // any other check, as the deleted entry has no children.
+        for ( Value<?> role : adminPoint )
+        {
+            if ( !isValidRole( role.getString() ) )
+            {
+                String message = "Cannot remove the given role, it's not a valid one :" + role;
+                LOG.error( message );
+                throw new LdapUnwillingToPerformException( message );
+            }
+        }
+
+        // Ok, we can remove the AP
+        next.delete( deleteContext );
+
+        // Now, update the AdminPoint cache
+        deleteAdminPointCache( adminPoint, deleteContext );
+
+        // Release the APCaches lock
+        unlock();
+        
+        LOG.debug( "Deleted an Administrative Point at {}", dn );
+
+        return;
+    }
+
+
+    /**
+     * Only the add and remove modifications are fully supported. We have to check that the
+     * underlying APs are still consistent.
+     * We first have to compute the final AdministrativeRole, then do a diff with the
+     * initial attribute, to determinate which roles have been added and which ones have
+     * been deleted.
+     * Once this is done, we have to check that when deleting or adding each of those roles
+     * the admin model remains consistent.
+     * 
+     * {@inheritDoc}
+     */
+    public void modify( NextInterceptor next, ModifyOperationContext modifyContext ) throws LdapException
+    {
+        LOG.debug( ">>> Entering into the Administrative Interceptor, modifyRequest" );
+        // We have to check that the modification is acceptable
+        List<Modification> modifications = modifyContext.getModItems();
+        Dn dn = modifyContext.getDn();
+        String uuid = modifyContext.getEntry().get( ENTRY_UUID_AT ).getString();
+
+        // Create a clone of the current AdminRole AT
+        Attribute modifiedAdminRole = ((ClonedServerEntry)modifyContext.getEntry() ).getOriginalEntry().get( ADMINISTRATIVE_ROLE_AT );
+
+        if ( modifiedAdminRole == null )
+        {
+            // Create the attribute
+            modifiedAdminRole = new DefaultAttribute( ADMINISTRATIVE_ROLE_AT );
+        }
+        else
+        {
+            modifiedAdminRole = modifiedAdminRole.clone();
+        }
+
+        // Clone the AP caches before applying modifications to them modify it
+        DnNode<AccessControlAdministrativePoint> acapCacheCopy = directoryService.getAccessControlAPCache().clone();
+        DnNode<CollectiveAttributeAdministrativePoint> caapCacheCopy = directoryService.getCollectiveAttributeAPCache().clone();
+        DnNode<TriggerExecutionAdministrativePoint> teapCacheCopy = directoryService.getTriggerExecutionAPCache().clone();
+        DnNode<SubschemaAdministrativePoint> ssapCacheCopy = directoryService.getSubschemaAPCache().clone();
+        
+        // Loop on the modification to select the AdministrativeRole and process it :
+        // we will create a new AT containing all the roles after having applied the modifications
+        // on it
+        for ( Modification modification : modifications )
+        {
+            Attribute attribute = modification.getAttribute();
+
+            // Skip all the attributes but AdministrativeRole
+            if ( attribute.getAttributeType() == ADMINISTRATIVE_ROLE_AT )
+            {
+                // Ok, we have a modification impacting the administrative role
+                // Apply it to a virtual AdministrativeRole attribute
+                switch ( modification.getOperation() )
+                {
+                    case ADD_ATTRIBUTE:
+                        if ( modifiedAdminRole == null )
+                        {
+                            // Create the attribute
+                            modifiedAdminRole = new DefaultAttribute( ADMINISTRATIVE_ROLE_AT, attribute.get() );
+                        }
+
+                        for ( Value<?> role : attribute )
+                        {
+                            addRole( role.getString(), dn, uuid, acapCacheCopy, caapCacheCopy, teapCacheCopy, ssapCacheCopy );
+
+                            // Add the role to the modified attribute
+                            modifiedAdminRole.add( role );
+                        }
+
+                        break;
+
+                    case REMOVE_ATTRIBUTE:
+                        if ( modifiedAdminRole == null )
+                        {
+                            // We can't remove a value when the attribute does not exist.
+                            String msg = "Cannot remove the administrative role, it does not exist";
+                            LOG.error( msg );
+                            throw new LdapNoSuchAttributeException( msg );
+                        }
+
+                        // It may be a complete removal
+                        if ( attribute.size() == 0 )
+                        {
+                            // Complete removal. Loop on all the existing roles and remove them
+                            for ( Value<?> role : modifiedAdminRole )
+                            {
+                                //checkDelRole( role, modifiedAdminRole, dn, directoryService.getAdministrativePoints() );
+                                delRole( role.getString(), dn, uuid, acapCacheCopy, caapCacheCopy, teapCacheCopy, ssapCacheCopy );
+                            }
+
+                            modifiedAdminRole.clear();
+                            break;
+                        }
+
+                        // Now deal with the values to remove
+                        for ( Value<?> value : attribute )
+                        {
+                            if ( !isValidRole( value.getString() ) )
+                            {
+                                // Not a valid role : we will throw an exception
+                                String msg = "Invalid role : " + value.getString();
+                                LOG.error( msg );
+                                throw new LdapInvalidAttributeValueException( ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX,
+                                    msg );
+                            }
+
+                            if ( !modifiedAdminRole.contains( value ) )
+                            {
+                                // We can't remove a value if it does not exist !
+                                String msg = "Cannot remove the administrative role value" + value
+                                    + ", it does not exist";
+                                LOG.error( msg );
+                                throw new LdapNoSuchAttributeException( msg );
+                            }
+
+                            modifiedAdminRole.remove( value );
+                            delRole( value.getString(), dn, uuid, acapCacheCopy, caapCacheCopy, teapCacheCopy,
+                                ssapCacheCopy );
+
+                        }
+
+                        break;
+
+                    case REPLACE_ATTRIBUTE:
+                        // Not supported
+                        String msg = "Cannot replace an administrative role, the opertion is not supported";
+                        LOG.error( msg );
+                        throw new LdapUnwillingToPerformException( msg );
+                }
+            }
+        }
+
+        // At this point, we have a new AdministrativeRole AT, and we need to get the lists of
+        // added roles and removed roles, in order to process them
+
+        next.modify( modifyContext );
+    }
+
+
+    /**
+     * {@inheritDoc}
+     */
+    public void move( NextInterceptor next, MoveOperationContext moveContext ) throws LdapException
+    {
+        LOG.debug( ">>> Entering into the Administrative Interceptor, moveRequest" );
+        Entry entry = moveContext.getOriginalEntry();
+
+        // Check if we are moving an Administrative Point
+        Attribute adminPoint = entry.get( ADMINISTRATIVE_ROLE_AT );
+
+        if ( adminPoint == null )
+        {
+            // Nope, go on.
+            next.move( moveContext );
+
+            LOG.debug( "Exit from Administrative Interceptor" );
+
+            return;
+        }
+
+        // Else throw an UnwillingToPerform exception ATM
+        String message = "Cannot move an Administrative Point in the current version";
+        LOG.error( message );
+        throw new LdapUnwillingToPerformException( message );
+    }
+
+
+    /**
+     * {@inheritDoc}
+     */
+    public void moveAndRename( NextInterceptor next, MoveAndRenameOperationContext moveAndRenameContext )
+        throws LdapException
+    {
+        LOG.debug( ">>> Entering into the Administrative Interceptor, moveAndRenameRequest" );
+        Entry entry = moveAndRenameContext.getOriginalEntry();
+
+        // Check if we are moving and renaming an Administrative Point
+        Attribute adminPoint = entry.get( ADMINISTRATIVE_ROLE_AT );
+
+        if ( adminPoint == null )
+        {
+            // Nope, go on.
+            next.moveAndRename( moveAndRenameContext );
+
+            LOG.debug( "Exit from Administrative Interceptor" );
+
+            return;
+        }
+
+        // Else throw an UnwillingToPerform exception ATM
+        String message = "Cannot move and rename an Administrative Point in the current version";
+        LOG.error( message );
+        throw new LdapUnwillingToPerformException( message );
+    }
+
+
+    /**
+     * {@inheritDoc}
+     */
+    public void rename( NextInterceptor next, RenameOperationContext renameContext ) throws LdapException
+    {
+        LOG.debug( ">>> Entering into the Administrative Interceptor, renameRequest" );
+        Entry entry = renameContext.getEntry();
+
+        // Check if we are renaming an Administrative Point
+        Attribute adminPoint = entry.get( ADMINISTRATIVE_ROLE_AT );
+
+        if ( adminPoint == null )
+        {
+            // Nope, go on.
+            next.rename( renameContext );
+
+            LOG.debug( "Exit from Administrative Interceptor" );
+
+            return;
+        }
+
+        // Else throw an UnwillingToPerform exception ATM
+        String message = "Cannot rename an Administrative Point in the current version";
+        LOG.error( message );
+        throw new LdapUnwillingToPerformException( message );
+    }
+}

Added: directory/apacheds/trunk/interceptors/admin/target/.plxarc
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/target/.plxarc?rev=1183434&view=auto
==============================================================================
--- directory/apacheds/trunk/interceptors/admin/target/.plxarc (added)
+++ directory/apacheds/trunk/interceptors/admin/target/.plxarc Fri Oct 14 17:17:00 2011
@@ -0,0 +1 @@
+maven-shared-archive-resources
\ No newline at end of file

Added: directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT-sources.jar
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT-sources.jar?rev=1183434&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT-sources.jar
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT.jar
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT.jar?rev=1183434&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/apacheds/trunk/interceptors/admin/target/apacheds-interceptors-admin-2.0.0-M4-SNAPSHOT.jar
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream



Mime
View raw message