Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6C48E97A1 for ; Wed, 19 Oct 2011 16:58:50 +0000 (UTC) Received: (qmail 59839 invoked by uid 500); 19 Oct 2011 16:58:50 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 59786 invoked by uid 500); 19 Oct 2011 16:58:50 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 59779 invoked by uid 99); 19 Oct 2011 16:58:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Oct 2011 16:58:50 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Oct 2011 16:58:36 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id EA78B2388AB9 for ; Wed, 19 Oct 2011 16:58:13 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1186334 [4/4] - in /directory/documentation/ldap-api-manuals/trunk: ./ src/ src/docbkx-stylesheet/ src/docbkx-stylesheet/fo/ src/docbkx-stylesheet/html/ src/ldap-api-user-guide-confluence/ src/ldap-api-user-guide-confluence/chapter-2/ src/... Date: Wed, 19 Oct 2011 16:58:09 -0000 To: commits@directory.apache.org From: elecharny@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20111019165813.EA78B2388AB9@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-15-LdapResult.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-15-LdapResult.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-15-LdapResult.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-15-LdapResult.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1,621 @@ +h2. LdapResult + +This data structure contains some information about the result of an operation. + +It's defined following the *LDAP* RFC 4511 definition : + +{code} + LDAPResult ::= SEQUENCE { + resultCode ENUMERATED { + success (0), + operationsError (1), + protocolError (2), + timeLimitExceeded (3), + sizeLimitExceeded (4), + compareFalse (5), + compareTrue (6), + authMethodNotSupported (7), + strongerAuthRequired (8), + -- 9 reserved -- + referral (10), + adminLimitExceeded (11), + unavailableCriticalExtension (12), + confidentialityRequired (13), + saslBindInProgress (14), + noSuchAttribute (16), + undefinedAttributeType (17), + inappropriateMatching (18), + constraintViolation (19), + attributeOrValueExists (20), + invalidAttributeSyntax (21), + -- 22-31 unused -- + noSuchObject (32), + aliasProblem (33), + invalidDNSyntax (34), + -- 35 reserved for undefined isLeaf -- + aliasDereferencingProblem (36), + -- 37-47 unused -- + inappropriateAuthentication (48), + invalidCredentials (49), + insufficientAccessRights (50), + busy (51), + unavailable (52), + unwillingToPerform (53), + loopDetect (54), + -- 55-63 unused -- + namingViolation (64), + objectClassViolation (65), + notAllowedOnNonLeaf (66), + notAllowedOnRDN (67), + entryAlreadyExists (68), + objectClassModsProhibited (69), + -- 70 reserved for CLDAP -- + affectsMultipleDSAs (71), + -- 72-79 unused -- + other (80), + ... }, + matchedDN LDAPDN, + diagnosticMessage LDAPString, + referral [3] Referral OPTIONAL } +{code} + +In other words, it holds : +* a _resultCode_ (a ResultCodeEnum) +* a _matchedDN_ (*[DIRAPI:Dn]*) +* an _diagnosticMessage_ (String) +* an optional _referral_ (list of *[LdapUrl]s*) if the result code is _referral_ + +This data structure is usually created using the information returned by the server. Usually, one just access those information to know if the operation has been successful or not. + +h3. API +The *API* is pretty obvious : we have setters and getters. + +h4. Getters +We have five of them : +* _getDiagnosticMessage()_ : Returns the diagnostic message. This message may vary from one server to another, it's purely informative +* _getMatchedDn()_ : Get the *[DIRAPI:Dn]* of the last entry that matches this *[DIRAPI:Dn]* +* _getReferral()_ : If the _resultCode_ is *Referral*, a list of *[LdapUrl]s* +* _getResultCode()_ : The operation result +* _isReferral()_ : tells if the response is a *Referral* + +h4. Setters +Again, we have a setter per field : +* _setDiagnosticMessage( String message )_ : Sets the diagnostic message +* _setMatchedDn(Dn)_ : Sets the *[DIRAPI:Dn]* of the last entry that matches this *[DIRAPI:Dn]*; +* _setReferral(Referral)_ : If the _resultCode_ is *Referral*, sets a list of *[LdapUrl]s*; +* _setResultCode(ResultCodeEnum)_ : The operation result + +h4. ResultCodeEnum +We use an *enum* to list all the error codes. Here is the possible values : + +{code:java} + /** + * It is returned when the client operation completed successfully without + * errors. This code is one of 5 result codes that may be returned in the + * LDAPResult which are not used to indicate an error. Applicable + * operations: all except for Compare. Result code type: Non-Erroneous + */ + SUCCESS( 0, "success" ), + + /** + * Servers sends this result code to LDAP v2 clients to refer them to + * another LDAP server. When sending this code to a client, the server + * includes a newline-delimited list of LDAP URLs that identify another LDAP + * server. If the client identifies itself as an LDAP v3 client in the + * request, servers send an REFERRAL result code instead of this result + * code. + */ + PARTIAL_RESULTS( 9, "partialResults" ), + + /** + * It is used to indicate that the result of a Compare operation is FALSE + * and does not indicate an error. 1 of 5 codes that do not indicate an + * error condition. Applicable operations: Compare. Result code type: + * Non-Erroneous + */ + COMPARE_FALSE( 5, "compareFalse" ), + + /** + * It is used to indicate that the result of a Compare operation is TRUE and + * does not indicate an error. 1 of 5 codes that do not indicate an error + * condition. Applicable operations: Compare. Result code type: + * Non-Erroneous + */ + COMPARE_TRUE( 6, "compareTrue" ), + + /** + * Rather than indicating an error, this result code is used to indicate + * that the server does not hold the target entry of the request but is able + * to provide alternative servers that may. A set of server(s) URLs may be + * returned in the referral field, which the client may subsequently query + * to attempt to complete their operation. 1 of 5 codes that do not indicate + * an error condition yet requires further action on behalf of the client to + * complete the request. This result code is new in LDAPv3. Applicable + * operations: all. Result code type: Non-Erroneous + */ + REFERRAL( 10, "referral" ), + + /** + * This result code is not an error response from the server, but rather, is + * a request for bind continuation. The server requires the client to send a + * new bind request, with the same SASL mechanism, to continue the + * authentication process [RFC2251, Section 4.2.3]. This result code is new + * in LDAPv3. Applicable operations: Bind. Result code type: Non-Erroneous + */ + SASL_BIND_IN_PROGRESS( 14, "saslBindInProgress" ), + + // ------------------------------------------------------------------------ + // Problem Specific Error Codes: + // + // Specific errors are used to indicate that a particular type of error + // has occurred. These error types are Name, Update, Attribute, Security, + // and Service. + // ------------------------------------------------------------------------ + // ------------------------------------------------------------------------ + // Security Problem Specific Error Codes: + // + // A security error reports a problem in carrying out an operation for + // security reasons [X511, Section 12.7]. + // ------------------------------------------------------------------------ + + /** + * This error code should be returned if the client requests, in a Bind + * request, an authentication method which is not supported or recognized by + * the server. Applicable operations: Bind. Result code type: Specific + * (Security) + */ + AUTH_METHOD_NOT_SUPPORTED( 7, "authMethodNotSupported" ), + + /** + * This error may be returned on a bind request if the server only accepts + * strong authentication or it may be returned when a client attempts an + * operation which requires the client to be strongly authenticated - for + * example Delete. This result code may also be returned in an unsolicited + * notice of disconnection if the server detects that an established + * underlying security association protecting communication between the + * client and server has unexpectedly failed or been compromised. [RFC2251, + * Section 4.4.1] Applicable operations: all. Result code type: Specific + * (Security) + */ + STRONG_AUTH_REQUIRED( 8, "strongAuthRequired" ), + + /** + * This error code may be returned if the session is not protected by a + * protocol which provides session confidentiality. For example, if the + * client did not establish a TLS connection using a cipher suite which + * provides confidentiality of the session before sending any other + * requests, and the server requires session confidentiality then the server + * may reject that request with a result code of confidentialityRequired. + * This error code is new in LDAPv3. Applicable operations: all. Result code + * type: Specific (Security) + */ + CONFIDENTIALITY_REQUIRED( 13, "confidentialityRequired" ), + + /** + * An alias was encountered in a situation where it was not allowed or where + * access was denied [X511, Section 12.5]. For example, if the client does + * not have read permission for the aliasedObjectName attribute and its + * value then the error aliasDereferencingProblem should be returned. [X511, + * Section 7.11.1.1] Notice that this error has similar meaning to + * INSUFFICIENT_ACCESS_RIGHTS (50), but is specific to Searching on an alias. + * Applicable operations: Search. Result code type: Specific (Security) + */ + ALIAS_DEREFERENCING_PROBLEM( 36, "aliasDereferencingProblem" ), + + /** + * This error should be returned by the server when the client has tried to + * use a method of authentication that is inappropriate, that is a method of + * authentication which the client is unable to use correctly. In other + * words, the level of security associated with the requestor's credentials + * is inconsistent with the level of protection requested, e.g. simple + * credentials were supplied while strong credentials were required [X511, + * Section 12.7]. Applicable operations: Bind. Result code type: Specific + * (Security) + */ + INAPPROPRIATE_AUTHENTICATION( 48, "inappropriateAuthentication" ), + + /** + * This error code is returned if the Dn or password used in a simple bind + * operation is incorrect, or if the Dn or password is incorrect for some + * other reason, e.g. the password has expired. This result code only + * applies to Bind operations -- it should not be returned for other + * operations if the client does not have sufficient permission to perform + * the requested operation - in this case the return code should be + * insufficientAccessRights. Applicable operations: Bind. Result code type: + * Specific (Security) + */ + INVALID_CREDENTIALS( 49, "invalidCredentials" ), + + /** + * The requestor does not have the right to carry out the requested + * operation [X511, Section 12.7]. Note that the more specific + * aliasDereferencingProblem is returned in case of a Search on an alias + * where the requestor has insufficientAccessRights. Applicable operations: + * all except for Bind. Result code type: Specific (Security) + */ + INSUFFICIENT_ACCESS_RIGHTS( 50, "insufficientAccessRights" ), + + // ------------------------------------------------------------------------ + // Service Problem Specific Error Codes: + // + // A service error reports a problem related to the provision of the + // service [X511, Section 12.8]. + // ------------------------------------------------------------------------ + + /** + * If the server requires that the client bind before browsing or modifying + * the directory, the server MAY reject a request other than binding, + * unbinding or an extended request with the "operationsError" result. + * [RFC2251, Section 4.2.1] Applicable operations: all except Bind. Result + * code type: Specific (Service) + */ + OPERATIONS_ERROR( 1, "operationsError" ), + + /** + * A protocol error should be returned by the server when an invalid or + * malformed request is received from the client. This may be a request that + * is not recognized as an LDAP request, for example, if a nonexistent + * operation were specified in LDAPMessage. As well, it may be the result of + * a request that is missing a required parameter, such as a search filter + * in a search request. If the server can return an error, which is more + * specific than protocolError, then this error should be returned instead. + * For example if the server does not recognize the authentication method + * requested by the client then the error authMethodNotSupported should be + * returned instead of protocolError. The server may return details of the + * error in the error string. Applicable operations: all. Result code type: + * Specific (Service) + */ + PROTOCOL_ERROR( 2, "protocolError" ), + + /** + * This error should be returned when the time to perform an operation has + * exceeded either the time limit specified by the client (which may only be + * set by the client in a search operation) or the limit specified by the + * server. If the time limit is exceeded on a search operation then the + * result is an arbitrary selection of the accumulated results [X511, + * Section 7.5]. Note that an arbitrary selection of results may mean that + * no results are returned to the client. If the LDAP server is a front end + * for an X.500 server, any operation that is chained may exceed the + * timelimit, therefore clients can expect to receive timelimitExceeded for + * all operations. For stand alone LDAP- Servers that do not implement + * chaining it is unlikely that operations other than search operations will + * exceed the defined timelimit. Applicable operations: all. Result code + * type: Specific (Service) + */ + TIME_LIMIT_EXCEEDED( 3, "timeLimitExceeded" ), + + /** + * This error should be returned when the number of results generated by a + * search exceeds the maximum number of results specified by either the + * client or the server. If the size limit is exceeded then the results of a + * search operation will be an arbitrary selection of the accumulated + * results, equal in number to the size limit [X511, Section 7.5]. + * Applicable operations: Search. Result code type: Specific (Service) + */ + SIZE_LIMIT_EXCEEDED( 4, "sizeLimitExceeded" ), + + /** + * The server has reached some limit set by an administrative authority, and + * no partial results are available to return to the user [X511, Section + * 12.8]. For example, there may be an administrative limit to the number of + * entries a server will check when gathering potential search result + * candidates [Net]. This error code is new in LDAPv3. Applicable + * operations: all. Result code type: Specific (Service) + */ + ADMIN_LIMIT_EXCEEDED( 11, "adminLimitExceeded" ), + + /** + * The server was unable to satisfy the request because one or more critical + * extensions were not available [X511, Section 12.8]. This error is + * returned, for example, when a control submitted with a request is marked + * critical but is not recognized by a server or when such a control is not + * appropriate for the operation type. [RFC2251 section 4.1.12]. This error + * code is new in LDAPv3. Applicable operations: all. Result code type: + * Specific (Service) + */ + UNAVAILABLE_CRITICAL_EXTENSION( 12, "unavailableCriticalExtension" ), + + /** + * This error code may be returned if the server is unable to process the + * client's request at this time. This implies that if the client retries + * the request shortly the server will be able to process it then. + * Applicable operations: all. Result code type: Specific (Service) + */ + BUSY( 51, "busy" ), + + /** + * This error code is returned when the server is unavailable to process the + * client's request. This usually means that the LDAP server is shutting + * down [RFC2251, Section 4.2.3]. Applicable operations: all. Result code + * type: Specific (Service) + */ + UNAVAILABLE( 52, "unavailable" ), + + /** + * This error code should be returned by the server when a client request is + * properly formed but which the server is unable to complete due to + * server-defined restrictions. For example, the server, or some part of it, + * is not prepared to execute this request, e.g. because it would lead to + * excessive consumption of resources or violates the policy of an + * Administrative Authority involved [X511, Section 12.8]. If the server is + * able to return a more specific error code such as adminLimitExceeded it + * should. This error may also be returned if the client attempts to modify + * attributes which can not be modified by users, e.g., operational + * attributes such as creatorsName or createTimestamp [X511, Section 7.12]. + * If appropriate, details of the error should be provided in the error + * message. Applicable operations: all. Result code type: Specific (Service) + */ + UNWILLING_TO_PERFORM( 53, "unwillingToPerform" ), + + /** + * This error may be returned by the server if it detects an alias or + * referral loop, and is unable to satisfy the client's request. Applicable + * operations: all. Result code type: Specific (Service) + */ + LOOP_DETECT( 54, "loopDetect" ), + + // ------------------------------------------------------------------------ + // Attribute Problem Specific Error Codes: + // + // An attribute error reports a problem related to an attribute specified + // by the client in their request message. + // ------------------------------------------------------------------------ + + /** + * This error may be returned if the attribute specified as an argument of + * the operation does not exist in the entry. Applicable operations: Modify, + * Compare. Result code type: Specific (Attribute) + */ + NO_SUCH_ATTRIBUTE( 16, "noSuchAttribute" ), + + /** + * This error may be returned if the specified attribute is unrecognized by + * the server, since it is not present in the server's defined schema. If + * the server doesn't recognize an attribute specified in a search request + * as the attribute to be returned the server should not return an error in + * this case - it should just return values for the requested attributes it + * does recognize. Note that this result code only applies to the Add and + * Modify operations [X.511, Section 12.4]. Applicable operations: Modify, + * Add. Result code type: Specific (Attribute) + */ + UNDEFINED_ATTRIBUTE_TYPE( 17, "undefinedAttributeType" ), + + /** + * An attempt was made, e.g., in a filter, to use a matching rule not + * defined for the attribute type concerned [X511, Section 12.4]. Applicable + * operations: Search. Result code type: Specific (Attribute) + */ + INAPPROPRIATE_MATCHING( 18, "inappropriateMatching" ), + + /** + * This error should be returned by the server if an attribute value + * specified by the client violates the constraints placed on the attribute + * as it was defined in the DSA - this may be a size constraint or a + * constraint on the content. Applicable operations: Modify, Add, ModifyDN. + * Result code type: Specific (Attribute) + */ + CONSTRAINT_VIOLATION( 19, "constraintViolation" ), + + /** + * This error should be returned by the server if the value specified by the + * client already exists within the attribute. Applicable operations: + * Modify, Add. Result code type: Specific (Attribute) + */ + ATTRIBUTE_OR_VALUE_EXISTS( 20, "attributeOrValueExists" ), + + /** + * This error should be returned by the server if the attribute syntax for + * the attribute value, specified as an argument of the operation, is + * unrecognized or invalid. Applicable operations: Modify, Add. Result code + * type: Specific (Attribute) + */ + INVALID_ATTRIBUTE_SYNTAX( 21, "invalidAttributeSyntax" ), + + // ------------------------------------------------------------------------ + // Name Problem Specific Error Codes: + // + // A name error reports a problem related to the distinguished name + // provided as an argument to an operation [X511, Section 12.5]. + // + // For result codes of NO_SUCH_OBJECT, aliasProblem, invalidDNSyntax and + // aliasDereferencingProblem (see Section 5.2.2.3.7), the matchedDN + // field is set to the name of the lowest entry (object or alias) in the + // directory that was matched. If no aliases were dereferenced while + // attempting to locate the entry, this will be a truncated form of the + // name provided, or if aliases were dereferenced, of the resulting + // name, as defined in section 12.5 of X.511 [X511]. The matchedDN field + // is to be set to a zero length string with all other result codes + // [RFC2251, Section 4.1.10]. + // ------------------------------------------------------------------------ + + /** + * This error should only be returned if the target object cannot be found. + * For example, in a search operation if the search base can not be located + * in the DSA the server should return NO_SUCH_OBJECT. If, however, the search + * base is found but does not match the search filter, success, with no + * resultant objects, should be returned instead of NO_SUCH_OBJECT. If the + * LDAP server is a front end for an X.500 DSA then NO_SUCH_OBJECT may also be + * returned if discloseOnError is not granted for an entry and the client + * does not have permission to view or modify the entry. Applicable + * operations: all except for Bind. Result code type: Specific (Name) + */ + NO_SUCH_OBJECT( 32, "NO_SUCH_OBJECT" ), + + /** + * An alias has been dereferenced which names no object [X511, Section 12.5] + * Applicable operations: Search. Result code type: Specific (Name) + */ + ALIAS_PROBLEM( 33, "aliasProblem" ), + + /** + * This error should be returned by the server if the Dn syntax is + * incorrect. It should not be returned if the Dn is correctly formed but + * represents an entry which is not permitted by the structure rules at the + * DSA ; in this case namingViolation should be returned instead. Applicable + * operations: all. Result code type: Specific (Name) + */ + INVALID_DN_SYNTAX( 34, "invalidDNSyntax" ), + + // ------------------------------------------------------------------------ + // Update Problem Specific Error Codes: + // + // An update error reports problems related to attempts to add, delete, or + // modify information in the DIB [X511, Section 12.9]. + // ------------------------------------------------------------------------ + + /** + * The attempted addition or modification would violate the structure rules + * of the DIT as defined in the directory schema and X.501. That is, it + * would place an entry as the subordinate of an alias entry, or in a region + * of the DIT not permitted to a member of its object class, or would define + * an Rdn for an entry to include a forbidden attribute type [X511, Section + * 12.9]. Applicable operations: Add, ModifyDN. Result code type: Specific + * (Update) + */ + NAMING_VIOLATION( 64, "namingViolation" ), + + /** + * This error should be returned if the operation requested by the user + * would violate the objectClass requirements for the entry if carried out. + * On an add or modify operation this would result from trying to add an + * object class without a required attribute, or by trying to add an + * attribute which is not permitted by the current object class set in the + * entry. On a modify operation this may result from trying to remove a + * required attribute without removing the associated auxiliary object + * class, or by attempting to remove an object class while the attributes it + * permits are still present. Applicable operations: Add, Modify, ModifyDN. + * Result code type: Specific (Update) + */ + OBJECT_CLASS_VIOLATION( 65, "objectClassViolation" ), + + /** + * This error should be returned if the client attempts to perform an + * operation which is permitted only on leaf entries - e.g., if the client + * attempts to delete a non-leaf entry. If the directory does not permit + * ModifyDN for non-leaf entries then this error may be returned if the + * client attempts to change the Dn of a non-leaf entry. (Note that 1988 + * edition X.500 servers only permitted change of the Rdn of an entry's Dn + * [X.511, Section 11.4.1]). Applicable operations: Delete, ModifyDN. Result + * code type: Specific (Update) + */ + NOT_ALLOWED_ON_NON_LEAF( 66, "notAllowedOnNonLeaf" ), + + /** + * The attempted operation would affect the Rdn (e.g., removal of an + * attribute which is a part of the Rdn) [X511, Section 12.9]. If the client + * attempts to remove from an entry any of its distinguished values, those + * values which form the entry's relative distinguished name the server + * should return the error notAllowedOnRDN. [RFC2251, Section 4.6] + * Applicable operations: Modify. Result code type: Specific (Update) + */ + NOT_ALLOWED_ON_RDN( 67, "notAllowedOnRDN" ), + + /** + * This error should be returned by the server when the client attempts to + * add an entry which already exists, or if the client attempts to rename an + * entry with the name of an entry which exists. Applicable operations: Add, + * ModifyDN. Result code type: Specific (Update) + */ + ENTRY_ALREADY_EXISTS( 68, "entryAlreadyExists" ), + + /** + * An operation attempted to modify an object class that should not be + * modified, e.g., the structural object class of an entry. Some servers may + * not permit object class modifications, especially modifications to the + * structural object class since this may change the entry entirely, name + * forms, structure rules etc. [X.511, Section 12.9]. Applicable operations: + * Modify. Result code type: Specific (Update) + */ + OBJECT_CLASS_MODS_PROHIBITED( 69, "objectClassModsProhibited" ), + + /** + * This error code should be returned to indicate that the operation could + * not be performed since it affects more than one DSA. This error code is + * new for LDAPv3. X.500 restricts the ModifyDN operation to only affect + * entries that are contained within a single server. If the LDAP server is + * mapped onto DAP, then this restriction will apply, and the resultCode + * affectsMultipleDSAs will be returned if this error occurred. In general + * clients MUST NOT expect to be able to perform arbitrary movements of + * entries and subtrees between servers [RFC2251, Section 4.9]. Applicable + * operations: ModifyDN. Result code type: Specific (Update) + */ + AFFECTS_MULTIPLE_DSAS( 71, "affectsMultipleDSAs" ), + + // ------------------------------------------------------------------------ + // General Error Codes: + // + // A general error code typically specifies an error condition for which + // there is no suitable specific error code. If the server can return an + // error, which is more specific than the following general errors, then + // the specific error should be returned instead. + // ------------------------------------------------------------------------ + + /** + * This error code should be returned only if no other error code is + * suitable. Use of this error code should be avoided if possible. Details + * of the error should be provided in the error message. Applicable + * operations: all. Result code type: General + */ + OTHER( 80, "other" ), + + /** + * This error code is returned when an operation has been canceled using + * the Cancel extended operation. + */ + CANCELED( 118, "canceled" ), + + + /** + * This error code is returned if the server has no knowledge of + * the operation requested for cancelation. + */ + NO_SUCH_OPERATION( 119, "noSuchOperation" ), + + + /** + * The tooLate resultCode is returned to indicate that it is too late to + * cancel the outstanding operation. For example, the server may return + * tooLate for a request to cancel an outstanding modify operation which + * has already committed updates to the underlying data store. + */ + TOO_LATE( 120, "tooLate" ), + + /** + * The cannotCancel resultCode is returned if the identified operation + * does not support cancelation or the cancel operation could not be + * performed. The following classes of operations are not cancelable: + * + * - operations which have no response, + * + * - operations which create, alter, or destroy authentication and/or + * authorization associations, + * + * - operations which establish, alter, or tear-down security services, + * and + * + * - operations which abandon or cancel other operations. + */ + CANNOT_CANCEL( 121, "cannotCancel" ), + + /** + * The server may return this result code on the initial content poll + * if it is safe to do so when it is unable to perform the operation + * due to various reasons. For more detailed explanation refer + * RFC 4533 (a.k.a syncrepl) + */ + E_SYNC_REFRESH_REQUIRED( 4096, "eSyncRefreshRequired" ), + + /** + * A unknown result code to cover all the other cases + */ + // -- 15 unused -- + // -- 22-31 unused -- + // -- 35 reserved for undefined isLeaf -- + // -- 37-47 unused -- + // -- 55-63 unused -- + // -- 70 reserved for CLDAP -- + // -- 72-79 unused -- + // -- 81-90 reserved for APIs -- + UNKNOWN( 122, "unknown" ); + +{code} Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-16-Referral.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-16-Referral.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-16-Referral.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-16-Referral.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. Referral Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-17-Node.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-17-Node.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-17-Node.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-17-Node.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. Node Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-18-LdapUrl.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-18-LdapUrl.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-18-LdapUrl.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-18-LdapUrl.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1,24 @@ +h2. The SchemaManager + +{scrollbar} + +The *LdapUrl* data structure is used to store an LDAP URL, as defined in [RFC 4516|http://www.faqs.org/rfcs/rfc4516.html]. Basically, *LdapUrl* are mainly used in referrals. + +Creating a *LdapUrl* is straight forward, it's just a matter of passing the Url as a String o the constructor. + +The class also provides accessors allowing the user to get back the following pieces of information : +* the scheme (*ldap* or *ldaps*) : _getScheme()_ +* the host : _getHost()_ +* the port : _getPort()_ +* the *[DIRAPI:Dn]* : _getDn()_ +* the list of attributes : _getAttributes()_ +* the scope (*base*, *one* or *sub*) : _getScope()_ +* the filter : _getFilter()_ +* the extensions, as defined in the RFC : _getExtensions()_ + +We also have the symmetric methods, to set the same properties into a *LdapUrl*. + +Usually, a *LdapUrl* is created when parsing a text representation of an *URL* like in this example : + +{code:java} +{code} \ No newline at end of file Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-19-Cursor.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-19-Cursor.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-19-Cursor.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-19-Cursor.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. Cursor Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-20-AdministrativePoint.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-20-AdministrativePoint.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-20-AdministrativePoint.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-20-AdministrativePoint.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. AdministrativePoint Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-21-Refinment.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-21-Refinment.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-21-Refinment.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-21-Refinment.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. Refinement Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-22-SubtreeSpecification.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-22-SubtreeSpecification.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-22-SubtreeSpecification.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-22-SubtreeSpecification.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. SubtreeSpecification Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-23-AttributeType.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-23-AttributeType.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-23-AttributeType.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-23-AttributeType.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1,35 @@ +h2. AttributeType + +The *AttributeType* is one of the most important schema element. It describes what can be stored into an *[DIRAPI:Entry]*, its syntax, and the various rules that are to be followed when searching for an associated value. + +*AttributeType* are immutable objects, created from the schema, and never changed. One can add a new *AttributeType*, or delete itfrom the schema, but once it's added to the schema, it can't be modified. + +Usually, we just use them. + +h3. Description + +!images/error.png! : mandatory +!images/check.png! : optional +!images/warning.png! : warning + + +An *AttributeType* contains the following informations : + +|| Value || Description || optional || +| OID | An unique *[DIRAPI:Oid]* for the *AttributeType* | !images/error.png! | +| NAME | some names, the fist one being considered as the _short name_. | !images/check.png! | +| DESCR | A textual description describing the *AttributeType* role. | !images/check.png! | +| OBSOLETE | A flag indicating if the *AttributeType* is deprecated | !images/check.png! | +| SUP | The *AttributeType* it inherit from | !images/warning.png! If SYNTAX is null, can't be null | +| EQUALITY | The EQUALITY *[MatchingRule (e)]* | !images/check.png! if null, and if SUP is not null, takes its SUP's value | +| ORDERING | The ORDERING *[MatchingRule (e)]* | !images/check.png! if null, and if SUP is not null, takes its SUP's value | +| SUBSTR | The SUBSTR *[MatchingRule (e)]* | !images/check.png! if null, and if SUP is not null, takes its SUP's value | +| SYNTAX | The Syntax to follow | !images/warning.png! If SUP is null, can't be null | +| SINGLE-VALUE| Tells that the *AttributeType* does not allow more than one value | !images/check.png! | +| COLLECTIVE | Define a collective attribute. The *AttributeType* USAGE must be _userApplications_ | !images/check.png! | +| NO-USER-MODIFICATION | Tells that the values can't be modified by the user. The *AttributeType* USAGE must be operational | !images/check.png! | +| USAGE | The kind of *AttributeType* : one of \{ _userApplications_, _directoryOperation_, _directoryOperation_, _directoryOperation_\}| !images/check.png! | +| extensions | Server specific parameters | !images/check.png! | + +An *AttributeType* has some default elements : it's not OBSOLETE, has no SUP, is not SINGLE-VALUE, is not COLLECTIVE, can be modified by the user, and has an _userApplications_ USAGE. + Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-24-DITContentRule.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-24-DITContentRule.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-24-DITContentRule.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-24-DITContentRule.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. DITContentRule Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-25-DITStructureRule.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-25-DITStructureRule.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-25-DITStructureRule.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-25-DITStructureRule.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. DITStructureRule Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-26-LdapSyntax.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-26-LdapSyntax.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-26-LdapSyntax.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-26-LdapSyntax.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. LdapSyntax Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-27-LdapComparator.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-27-LdapComparator.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-27-LdapComparator.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-27-LdapComparator.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. LdapComparator Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-28-Normalizer.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-28-Normalizer.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-28-Normalizer.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-28-Normalizer.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. Normalizer Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-29-SyntaxChecker.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-29-SyntaxChecker.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-29-SyntaxChecker.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-29-SyntaxChecker.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. SyntaxChecker Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-30-MatchingRule.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-30-MatchingRule.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-30-MatchingRule.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-30-MatchingRule.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. MatchingRule Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-31-MatchingRuleUse.confluence URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-31-MatchingRuleUse.confluence?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-31-MatchingRuleUse.confluence (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/chapter-7/7-31-MatchingRuleUse.confluence Wed Oct 19 16:58:05 2011 @@ -0,0 +1 @@ +h2. MatchingRuleUse Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/apache_ds_tutorial.ldif URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/apache_ds_tutorial.ldif?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/apache_ds_tutorial.ldif (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/apache_ds_tutorial.ldif Wed Oct 19 16:58:05 2011 @@ -0,0 +1,225 @@ +# Sample LDIF data for the ApacheDS Basic User's Guide +# +# Some sailors and their ships +# userpassword for all persons is "pass" +# +version: 1 + +dn: o=sevenSeas +objectclass: organization +objectclass: top +description: Sample data for the ApacheDS Basic User's Guide +o: sevenSeas + +dn: ou=people,o=sevenSeas +objectclass: organizationalUnit +objectclass: top +description: Contains entries which describe persons (seamen) +ou: people + +dn: ou=groups,o=sevenSeas +objectclass: organizationalUnit +objectclass: top +description: Contains entries which describe groups (crews, for instance) +ou: groups + +dn: ou=crews,ou=groups,o=sevenSeas +objectclass: organizationalUnit +objectclass: top +description: Contains entries which describe ship crews +ou: crews + +dn: ou=ranks,ou=groups,o=sevenSeas +objectclass: organizationalUnit +objectclass: top +description: Contains entries which describe naval ranks (e.g. captain) +ou: ranks + +# HMS Lydia Crew +# -------------- + +dn: cn=Horatio Hornblower,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Horatio Hornblower +description: Capt. Horatio Hornblower, R.N +givenname: Horatio +sn: Hornblower +uid: hhornblo +mail: hhornblo@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=William Bush,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: William Bush +description: Lt. William Bush +givenname: William +manager: cn=Horatio Hornblower,ou=people,o=sevenSeas +sn: Bush +uid: wbush +mail: wbush@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=Thomas Quist,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Thomas Quist +description: Seaman Quist +givenname: Thomas +manager: cn=Horatio Hornblower,ou=people,o=sevenSeas +sn: Quist +uid: tquist +mail: tquist@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=Moultrie Crystal,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Moultrie Crystal +description: Lt. Crystal +givenname: Moultrie +manager: cn=Horatio Hornblower,ou=people,o=sevenSeas +sn: Crystal +uid: mchrysta +mail: mchrysta@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=HMS Lydia,ou=crews,ou=groups,o=sevenSeas +objectclass: groupOfUniqueNames +objectclass: top +cn: HMS Lydia +uniquemember: cn=Horatio Hornblower,ou=people,o=sevenSeas +uniquemember: cn=William Bush,ou=people,o=sevenSeas +uniquemember: cn=Thomas Quist,ou=people,o=sevenSeas +uniquemember: cn=Moultrie Crystal,ou=people,o=sevenSeas + +# HMS Victory Crew +# ---------------- + +dn: cn=Horatio Nelson,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Horatio Nelson +description: Lord Horatio Nelson +givenname: Horatio +sn: Nelson +uid: hnelson +mail: hnelson@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=Thomas Masterman Hardy,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Thomas Masterman Hardy +description: Sir Thomas Masterman Hardy +givenname: Thomas +manager: cn=Horatio Nelson,ou=people,o=sevenSeas +sn: Hardy +uid: thardy +mail: thardy@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=Cornelius Buckley,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Cornelius Buckley +description: LM Cornelius Buckley +givenname: Cornelius +manager: cn=Horatio Nelson,ou=people,o=sevenSeas +sn: Buckley +uid: cbuckley +mail: cbuckley@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=HMS Victory,ou=crews,ou=groups,o=sevenSeas +objectclass: groupOfUniqueNames +objectclass: top +cn: HMS Victory +uniquemember: cn=Horatio Nelson,ou=people,o=sevenSeas +uniquemember: cn=Thomas Masterman Hardy,ou=people,o=sevenSeas +uniquemember: cn=Cornelius Buckley,ou=people,o=sevenSeas + +# HMS Bounty Crew +# --------------- + +dn: cn=William Bligh,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: William Bligh +description: Captain William Bligh +givenname: William +sn: Bligh +uid: wbligh +mail: wbligh@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=Fletcher Christian,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: Fletcher Christian +description: Lieutenant Fletcher Christian +givenname: Fletcher +manager: cn=William Bligh,ou=people,o=sevenSeas +sn: Christian +uid: fchristi +mail: fchristi@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=John Fryer,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: John Fryer +description: Master John Fryer +givenname: John +manager: cn=William Bligh,ou=people,o=sevenSeas +sn: Fryer +uid: jfryer +mail: jfryer@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=John Hallett,ou=people,o=sevenSeas +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: top +cn: John Hallett +description: Midshipman John Hallett +givenname: John +manager: cn=William Bligh,ou=people,o=sevenSeas +sn: Hallett +uid: jhallett +mail: jhallett@royalnavy.mod.uk +userpassword: {SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ= + +dn: cn=HMS Bounty,ou=crews,ou=groups,o=sevenSeas +objectclass: groupOfUniqueNames +objectclass: top +cn: HMS Bounty +uniquemember: cn=William Bligh,ou=people,o=sevenSeas +uniquemember: cn=Fletcher Christian,ou=people,o=sevenSeas +uniquemember: cn=John Fryer,ou=people,o=sevenSeas +uniquemember: cn=John Hallett,ou=people,o=sevenSeas + + + Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/authz_sevenSeas.ldif URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/authz_sevenSeas.ldif?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/authz_sevenSeas.ldif (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/authz_sevenSeas.ldif Wed Oct 19 16:58:05 2011 @@ -0,0 +1,76 @@ +# ApacheDS 1.0 Basic User's Guide +# Section "Basic authorization" +# File authz_sevenSeas.ldif +# +# Create an operational attribute "administrativeRole" +# with value "accessControlSpecificArea" in the entry "o=sevenSeas". +# +dn: o=sevenSeas +changetype: modify +add: administrativeRole +administrativeRole: accessControlSpecificArea + +# Create a subentry subordinate to "o=sevenSeas" to grant all operations' permissions +# to "cn=Horatio Nelson,ou=people,o=sevenSeas", to grant search and compare permissions +# to all users (even anonymous ones) and to deny search and compare permissions for +# userPassword attribute to all users. +# +dn: cn=sevenSeasAuthorizationRequirementsACISubentry,o=sevenSeas +changetype: add +objectclass: top +objectclass: subentry +objectclass: accessControlSubentry +cn: sevenSeasAuthorizationRequirementsACISubentry +subtreeSpecification: {} +prescriptiveACI: { + identificationTag "directoryManagerFullAccessACI", + precedence 11, + authenticationLevel simple, + itemOrUserFirst userFirst: + { + userClasses + { + name { "cn=Horatio Nelson,ou=people,o=sevenSeas" } + }, + userPermissions + { + { + protectedItems + { + entry, allUserAttributeTypesAndValues + }, + grantsAndDenials + { + grantAdd, grantDiscloseOnError, grantRead, + grantRemove, grantBrowse, grantExport, grantImport, + grantModify, grantRename, grantReturnDN, + grantCompare, grantFilterMatch, grantInvoke + } + } + } + } + } +prescriptiveACI: { + identificationTag "allUsersACI", + precedence 10, + authenticationLevel none, + itemOrUserFirst userFirst: + { + userClasses + { + allUsers + }, + userPermissions + { + { + protectedItems { entry, allUserAttributeTypesAndValues }, + grantsAndDenials { grantRead, grantBrowse, grantReturnDN, + grantCompare, grantFilterMatch, grantDiscloseOnError } + }, + { + protectedItems { attributeType { userPassword } }, + grantsAndDenials { denyRead, denyCompare, denyFilterMatch } + } + } + } + } Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook.ldif URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook.ldif?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook.ldif (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook.ldif Wed Oct 19 16:58:05 2011 @@ -0,0 +1,10 @@ +dn: cn=James Hook,ou=people,o=sevenSeas +objectclass: inetOrgPerson +objectclass: organizationalPerson +objectclass: person +objectclass: top +cn: James Hook +description: A pirate captain and Peter Pan's nemesis +sn: Hook +mail: jhook@neverland +userpassword: peterPan Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_delete.ldif URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_delete.ldif?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_delete.ldif (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_delete.ldif Wed Oct 19 16:58:05 2011 @@ -0,0 +1,6 @@ +# ApacheDS 1.0 Basic User's Guide +# Section "Basic authorization" +# File captain_hook_delete.ldif +dn: cn=James Hook,ou=people,o=sevenSeas +changetype: delete + Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_modify.ldif URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_modify.ldif?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_modify.ldif (added) +++ directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/data/captain_hook_modify.ldif Wed Oct 19 16:58:05 2011 @@ -0,0 +1,8 @@ +# ApacheDS 1.0 Basic User's Guide +# Section "Basic authorization" +# File captain_hook_modify.ldif +dn: cn=James Hook,ou=people,o=sevenSeas +changetype: modify +add: description +description: Wears an iron hook in place of his right hand +- Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/check.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/check.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/check.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/email.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/email.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/email.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/error.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/error.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/error.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/information.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/information.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/information.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/lightbulb.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/lightbulb.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/lightbulb.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/lightbulb_on.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/lightbulb_on.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/lightbulb_on.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/server-icon_16x16.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/server-icon_16x16.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/server-icon_16x16.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/thumbs_up.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/thumbs_up.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/thumbs_up.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/warning.png URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/warning.png?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/ldap-api-user-guide-confluence/images/warning.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/main/assembly/.ldap-api-user-guide.xml.swp URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/main/assembly/.ldap-api-user-guide.xml.swp?rev=1186334&view=auto ============================================================================== Binary file - no diff available. Propchange: directory/documentation/ldap-api-manuals/trunk/src/main/assembly/.ldap-api-user-guide.xml.swp ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: directory/documentation/ldap-api-manuals/trunk/src/main/assembly/ldap-api-user-guide.xml URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/main/assembly/ldap-api-user-guide.xml?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/main/assembly/ldap-api-user-guide.xml (added) +++ directory/documentation/ldap-api-manuals/trunk/src/main/assembly/ldap-api-user-guide.xml Wed Oct 19 16:58:05 2011 @@ -0,0 +1,35 @@ + + + ldap-api-user-guide + + zip + + + + ${project.build.directory}/docbook/ldpa-api-manuals/ldap-api-user-guide-${project.version}/html + / + + ** + + + + Added: directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/common_20091029.css URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/common_20091029.css?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/common_20091029.css (added) +++ directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/common_20091029.css Wed Oct 19 16:58:05 2011 @@ -0,0 +1,530 @@ +html +{ + overflow-y: scroll; +} + +body +{ + padding: 0; + margin: 0; + font-family: 'Lucida Sans', 'Helvetica', 'Sans-serif', 'sans'; + font-size: 77%; + color: #777777; + background-color: white; + background-image: url('images/body-bg.png'); + background-repeat: repeat-x; + background-position: bottom; + background-attachment: fixed; + height: 99%; +} + +h1, h2, h3, h4, h5, h6 +{ + font-weight: bold; + margin: 0.67em 0px 0.67em 0px; +} + +h1 +{ + font-size: 197%; + +/* 26px equivalent */ +} + +h2 +{ + font-size: 153.9%; + +/* 20px equivalent */ +} + +h3 +{ + font-size: 131%; + +/* 17px equivalent */ +} + +h4 +{ + font-size: 93%; + +/* 12px equivalent */ +} + +h5 +{ + font-size: 85%; + +/* 11px equivalent */ +} + +h6 +{ + font-size: 77%; + +/* 10px equivalent */ +} + +body +{ + position: absolute; + width: 1005px; + margin-left: -502px; + left: 50%; +} + +body>div.navheader>table +{ + float:left; + border-width: 0px; + background-color: transparent; + font-size:12px; + margin:0; + margin-top:175; + padding:140px 20px 2px; + text-align:right; +} + +body>div.navfooter>table +{ + border-width: 0px; + background-color: transparent; + font-size:12px; + margin:0; + margin-top:0; + padding:140px 20px 2px; + text-align:right; +} + +body>div>table th +{ + border-width: 0px; + background-color: transparent; + font-size:12px; +} + +body>div>table td +{ + border-width: 0px; + background-color: transparent; + font-size:12px; +} + +body>table.copyrightfooter +{ + border-width: 0px; + background-color: transparent; + font-size:12px; +} + +body>table.copyrightfooter td +{ + border-width: 0px; + background-color: transparent; + font-size:12px; +} + +.navheader +{ + width: 1005px; + height: 250px; + background-repeat: no-repeat; + vertical-align:bottom; +} + +#subProjectsNavBar +{ + color: white; + text-align: right; + margin: 0px; + color: #ffffff; + font-size: 12px; + padding: 140px 20px 2px; +} + +#subProjectsNavBar a, #subProjectsNavBar a:link, #subProjectsNavBar a:visited +{ + color: #ffffff; + text-decoration: none; +} + +#subProjectsNavBar a:hover +{ + color: #ffffff; + border-bottom: solid #ffffff 1px; +} + +#subProjectsNavBar a strong +{ + font-size: 14px; + font-weight: bold; + color: #ffffff; + border-bottom: solid #ffffff 1px; +} + +#content +{ + background: url('images/content-backgound_20091029.png') repeat-y; +} + +#endContent +{ + clear: both; +} + +#leftColumn +{ + float: left; + width: 193px; + padding-top: 10px; + margin-left: 10px; + line-height: 1.8em; +} + +#rightColumn +{ + float: left; + margin-left: 15px; + width: 762px; + text-align: left; + line-height: 1.5em; +} + +#editZone +{ + + +/* Netscape 4, IE 4.x-5.0/Win and other lesser browsers will use this */ + position: absolute; + right: 0; + top: 0; + height: 60px; + width: 60px; + z-index: 1000; +} + +body > div#editZone +{ + + +/* used by Opera 5+, Netscape6+/Mozilla, Konqueror, Safari, OmniWeb 4.5+, iCab, ICEbrowser */ + position: fixed; +} + +a +{ + color: #777777; + text-decoration: underline; +} + +a:hover +{ + color: #000000; +} + +a.none +{ + background: transparent; + padding-right: 0px; +} + +#navigation +{ + padding-left: 12px; + font-weight: bold; +} + +#navigation ul +{ + margin: 0px; + padding: 0px; + margin-bottom: 10px; +} + +#navigation li +{ + list-style-type: none; + margin-left: 15px; + padding-left: 0px; +} + +#navigation li ul +{ + margin-left: 1.5em; +} + +#navigation a +{ + text-decoration: none; + color: #777777; +} + +#navigation a:hover +{ + color: #000000; + font-weight: bolder; +} + +#navigation div +{ + line-height: 1.5em; + margin-bottom: 2em; +} + +#navigation h5 +{ + font-size: 1em; + margin-bottom: 0px; + padding-bottom: 0px; +} + +#navigation strong +{ + color: #000000; +} + +.blogSurtitle +{ + padding-bottom: 10px; +} + +.blogSurtitle img +{ + display: none; +} + +.endsection, .pagesubheading +{ + display: none; +} + +.blogpost .wiki-content +{ + padding-left: 25px; +} + +.blogDate +{ + text-decoration: none; + font-weight: bolder; + padding: 1px; + padding-left: 20px; +} + +a.blogHeading +{ + text-decoration: none; + font-weight: bolder; + padding-left: 20px; + margin: 10px; +} + +#footer +{ + font-size: 11px; + padding-left: 203px; + height: 40px; + text-align: center; + background: url('images/footer_20091029.png') no-repeat; +} + +.nobr sup img +{ + display: none; +} + +.preformattedContent pre +{ + padding: 5px 10px; + border: 1px dashed #1a6c0b; + background-color: #f0f0f0; +} + +blockquote +{ + margin: 10px; + padding: 0px 10px; + border-left: 1px solid #1a6c0b; +} + +table +{ + margin: 5px; + border-collapse: collapse; +} + +/* Added as a temporary fix for CONF-4223. The table elements appear to be inheriting the border: none attribute from the sectionMacro class */ + +table td +{ + border-width: 1px; + border-style: solid; + border-color: #ccc; + padding: 3px 4px 3px 4px; +} + +/* Added as a temporary fix for CONF-4223. The table elements appear to be inheriting the border: none attribute from the sectionMacro class */ + +table th +{ + border-width: 1px; + border-style: solid; + border-color: #ccc; + padding: 3px 4px 3px 4px; + background-color: #f0f0f0; + text-align: center; +} + +td +{ + border-width: 1px; + border-style: solid; + border-color: #ccc; + padding: 3px 4px 3px 4px; +} + +th +{ + border-width: 1px; + border-style: solid; + border-color: #ccc; + padding: 3px 4px 3px 4px; + background-color: #f0f0f0; + text-align: center; +} + +.important +{ + border: 1px solid #f0c000; + background-color: #ffffce; + margin-top: 5px; + margin-bottom: 5px +} + +.warning +{ + border: 1px solid #c00; + background-color: #fcc; + text-align: left; + margin-top: 5px; + margin-bottom: 5px +} + +.note +{ + border: 1px solid #3c78b5; + background-color: #D8E4F1; + text-align: left; + margin-top: 5px; + margin-bottom: 5px +} + +.literallayout +{ + border: 1px dashed #1a6c0b; + font-size: 11px; + font-family: Courier; + margin: 10px; + line-height: 13px; + text-align: left; + background-color: #f0f0f0; + padding: 3px; +} + +.tip +{ + border: 1px solid #090; + background-color: #dfd; + text-align: left; + margin-top: 5px; + margin-bottom: 5px +} + +/* +.code +{ + border: 1px dashed #1a6c0b; + font-size: 11px; + font-family: Courier; + margin: 10px; + line-height: 13px; +} +*/ + +.programlisting +{ + border: 1px dashed #1a6c0b; + font-size: 11px; + font-family: Courier; + margin: 10px; + line-height: 13px; + text-align: left; + background-color: #f0f0f0; + padding: 3px; +} + +.screen +{ + border: 1px dashed #1a6c0b; + font-size: 11px; + font-family: Courier; + margin: 10px; + line-height: 13px; + text-align: left; + background-color: #f0f0f0; + padding: 3px; +} + +.codeHeader +{ + background-color: #f0f0f0; + border-bottom: 1px dashed #1a6c0b; + padding: 3px; + text-align: center; +} + +/* +.codeContent +{ + text-align: left; + background-color: #f0f0f0; + padding: 3px; +} +*/ + +.code-keyword +{ + color: #000091; + background-color: inherit; +} + +.code-object +{ + color: #910091; + background-color: inherit; +} + +.code-quote +{ + color: #009100; + background-color: inherit; +} + +.code-comment +{ + color: #808080; + background-color: inherit; +} + +.code-xml .code-keyword +{ + color: inherit; + font-weight: bold; +} + +.code-tag +{ + color: #000091; + background-color: inherit; +} \ No newline at end of file Added: directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/green_20091029.css URL: http://svn.apache.org/viewvc/directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/green_20091029.css?rev=1186334&view=auto ============================================================================== --- directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/green_20091029.css (added) +++ directory/documentation/ldap-api-manuals/trunk/src/main/resources/css/green_20091029.css Wed Oct 19 16:58:05 2011 @@ -0,0 +1,21 @@ +h1, h2, h3, h4, h5, h6 +{ + color: #196e0b; +} + +.navheader +{ + background-image: url('images/header-green_20091029.png'); +} + +.blogDate +{ + color: #1a6c0b; + background: url('images/news-green.png') no-repeat; +} + +a.blogHeading +{ + color: #1a6c0b; + background: url('images/post-green.png') no-repeat; +} \ No newline at end of file