com.unboundid.ldap.sdk.unboundidds.tasks.AuditDataSecurityTask Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of unboundid-ldapsdk-commercial-edition Show documentation
Show all versions of unboundid-ldapsdk-commercial-edition Show documentation
The UnboundID LDAP SDK for Java is a fast, comprehensive, and easy-to-use
Java API for communicating with LDAP directory servers and performing
related tasks like reading and writing LDIF, encoding and decoding data
using base64 and ASN.1 BER, and performing secure communication. This
package contains the Commercial Edition of the LDAP SDK, which includes
all of the general-purpose functionality contained in the Standard
Edition, plus additional functionality specific to UnboundID server
products.
/*
* Copyright 2011-2016 UnboundID Corp.
* All Rights Reserved.
*/
/*
* Copyright (C) 2015-2016 UnboundID Corp.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License (GPLv2 only)
* or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
package com.unboundid.ldap.sdk.unboundidds.tasks;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import com.unboundid.ldap.sdk.Attribute;
import com.unboundid.ldap.sdk.Entry;
import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.util.NotMutable;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import static com.unboundid.ldap.sdk.unboundidds.tasks.TaskMessages.*;
import static com.unboundid.util.Validator.*;
/**
*
* NOTE: This class is part of the Commercial Edition of the UnboundID
* LDAP SDK for Java. It is not available for use in applications that
* include only the Standard Edition of the LDAP SDK, and is not supported for
* use in conjunction with non-UnboundID products.
*
* This class defines a Directory Server task that can be used to cause the
* server to initiate a data security audit, which can look for potential
* issues in the environment that can impact the security of the directory
* environment.
*
* The properties that are available for use with this type of task include:
*
* - The names of the auditors to include or exclude from the audit. This
* is optional, and if it is not provided, then all enabled auditors will
* be used.
* - The backend IDs for the backends containing the data to be audited.
* This is optional, and if it is not provided then the server will run
* the audit in all backends that support this capability.
* - A set of filters which identify the entries that should be examined by
* the audit. This is optional, and if it is not provided, then all
* entries in the selected backends will be included.
* - The path to the directory in which the output files should be
* generated. This is optional, and if it is not provided then the server
* will use a default output directory.
*
*/
@NotMutable()
@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
public final class AuditDataSecurityTask
extends Task
{
/**
* The fully-qualified name of the Java class that is used for the audit data
* security task.
*/
static final String AUDIT_DATA_SECURITY_TASK_CLASS =
"com.unboundid.directory.server.tasks.AuditDataSecurityTask";
/**
* The name of the attribute used to specify the set of auditors to use to
* examine the data.
*/
private static final String ATTR_INCLUDE_AUDITOR =
"ds-task-audit-data-security-include-auditor";
/**
* The name of the attribute used to specify the set of auditors that should
* not be used when examining the data.
*/
private static final String ATTR_EXCLUDE_AUDITOR =
"ds-task-audit-data-security-exclude-auditor";
/**
* The name of the attribute used to the backend IDs for the backends in which
* the audit should be performed.
*/
private static final String ATTR_BACKEND_ID =
"ds-task-audit-data-security-backend-id";
/**
* The name of the attribute used to specify a set of filters that should be
* used to identify entries to include in the audit.
*/
private static final String ATTR_REPORT_FILTER =
"ds-task-audit-data-security-report-filter";
/**
* The name of the attribute used to specify the directory in which the report
* output files should be written.
*/
private static final String ATTR_OUTPUT_DIRECTORY =
"ds-task-audit-data-security-output-directory";
/**
* The name of the object class used in audit data security task entries.
*/
private static final String OC_AUDIT_DATA_SECURITY_TASK =
"ds-task-audit-data-security";
/**
* The task property that will be used for the included set of auditors.
*/
private static final TaskProperty PROPERTY_INCLUDE_AUDITOR =
new TaskProperty(ATTR_INCLUDE_AUDITOR,
INFO_AUDIT_DATA_SECURITY_DISPLAY_NAME_INCLUDE_AUDITOR.get(),
INFO_AUDIT_DATA_SECURITY_DESCRIPTION_INCLUDE_AUDITOR.get(),
String.class, false, true, false);
/**
* The task property that will be used for the excluded set of auditors.
*/
private static final TaskProperty PROPERTY_EXCLUDE_AUDITOR =
new TaskProperty(ATTR_EXCLUDE_AUDITOR,
INFO_AUDIT_DATA_SECURITY_DISPLAY_NAME_EXCLUDE_AUDITOR.get(),
INFO_AUDIT_DATA_SECURITY_DESCRIPTION_EXCLUDE_AUDITOR.get(),
String.class, false, true, false);
/**
* The task property that will be used for the backend IDs.
*/
private static final TaskProperty PROPERTY_BACKEND_ID =
new TaskProperty(ATTR_BACKEND_ID,
INFO_AUDIT_DATA_SECURITY_DISPLAY_NAME_BACKEND_ID.get(),
INFO_AUDIT_DATA_SECURITY_DESCRIPTION_BACKEND_ID.get(),
String.class, false, true, false);
/**
* The task property that will be used for the report filters.
*/
private static final TaskProperty PROPERTY_REPORT_FILTER =
new TaskProperty(ATTR_REPORT_FILTER,
INFO_AUDIT_DATA_SECURITY_DISPLAY_NAME_REPORT_FILTER.get(),
INFO_AUDIT_DATA_SECURITY_DESCRIPTION_REPORT_FILTER.get(),
String.class, false, true, false);
/**
* The task property that will be used for the output directory.
*/
private static final TaskProperty PROPERTY_OUTPUT_DIRECTORY =
new TaskProperty(ATTR_OUTPUT_DIRECTORY,
INFO_AUDIT_DATA_SECURITY_DISPLAY_NAME_OUTPUT_DIR.get(),
INFO_AUDIT_DATA_SECURITY_DESCRIPTION_OUTPUT_DIR.get(),
String.class, false, false, false);
/**
* The serial version UID for this serializable class.
*/
private static final long serialVersionUID = -4994621474763299632L;
// The backend IDs of the backends in which the audit should be performed.
private final List backendIDs;
// The names of the excluded auditors to use in the audit.
private final List excludeAuditors;
// The names of the included auditors to use in the audit.
private final List includeAuditors;
// The report filters to select entries to audit.
private final List reportFilters;
// The path of the output directory to use for report data files.
private final String outputDirectory;
/**
* Creates a new uninitialized audit data security task instance which should
* only be used for obtaining general information about this task, including
* the task name, description, and supported properties. Attempts to use a
* task created with this constructor for any other reason will likely fail.
*/
public AuditDataSecurityTask()
{
excludeAuditors = null;
includeAuditors = null;
backendIDs = null;
reportFilters = null;
outputDirectory = null;
}
/**
* Creates a new audit data security task with the provided information and
* default settings for all general task properties.
*
* @param includeAuditors The names of the auditors that should be used to
* examine the data. It may be {@code null} or empty
* if an exclude list should be provided, or if all
* enabled auditors should be invoked. You must not
* provide both include and exclude auditors.
* @param excludeAuditors The names of the auditors that should be excluded
* when examining the data. It may be {@code null}
* or empty if an include list should be provided, or
* if all enabled auditors should be invoked. You
* must not provide both include and exclude
* auditors.
* @param backendIDs The backend IDs of the backends containing the
* data to examine. It may be {@code null} or empty
* if all supported backends should be selected.
* @param reportFilters A set of filters which identify entries that
* should be examined. It may be {@code null} or
* empty if all entries should be examined.
* @param outputDirectory The path to the output directory (on the server
* filesystem) in which report data files should be
* written. It may be {@code null} if a default
* output directory should be used.
*/
public AuditDataSecurityTask(final List includeAuditors,
final List excludeAuditors,
final List backendIDs,
final List reportFilters,
final String outputDirectory)
{
this(null, includeAuditors, excludeAuditors, backendIDs, reportFilters,
outputDirectory, null, null, null, null, null);
}
/**
* Creates a new audit data security task with the provided information.
*
* @param taskID The task ID to use for this task. If it is
* {@code null} then a UUID will be generated
* for use as the task ID.
* @param includeAuditors The names of the auditors that should be
* used to examine the data. It may be
* {@code null} or empty if an exclude list
* should be provided, or if all enabled
* auditors should be invoked. You must not
* provide both include and exclude auditors.
* @param excludeAuditors The names of the auditors that should be
* excluded when examining the data. It may
* be {@code null} or empty if an include list
* should be provided, or if all enabled
* auditors should be invoked. You must not
* provide both include and exclude auditors.
* @param backendIDs The backend IDs of the backends containing
* the data to examine. It may be
* {@code null} or empty if all supported
* backends should be selected.
* @param reportFilters A set of filters which identify entries
* that should be examined. It may be
* {@code null} or empty if all entries should
* be examined.
* @param outputDirectory The path to the output directory (on the
* server filesystem) in which report data
* files should be written. It may be
* {@code null} if a default output directory
* should be used.
* @param scheduledStartTime The time that this task should start
* running.
* @param dependencyIDs The list of task IDs that will be required
* to complete before this task will be
* eligible to start.
* @param failedDependencyAction Indicates what action should be taken if
* any of the dependencies for this task do
* not complete successfully.
* @param notifyOnCompletion The list of e-mail addresses of individuals
* that should be notified when this task
* completes.
* @param notifyOnError The list of e-mail addresses of individuals
* that should be notified if this task does
* not complete successfully.
*/
public AuditDataSecurityTask(final String taskID,
final List includeAuditors,
final List excludeAuditors, final List backendIDs,
final List reportFilters, final String outputDirectory,
final Date scheduledStartTime, final List dependencyIDs,
final FailedDependencyAction failedDependencyAction,
final List notifyOnCompletion,
final List notifyOnError)
{
super(taskID, AUDIT_DATA_SECURITY_TASK_CLASS, scheduledStartTime,
dependencyIDs, failedDependencyAction, notifyOnCompletion,
notifyOnError);
this.includeAuditors = getStringList(includeAuditors);
this.excludeAuditors = getStringList(excludeAuditors);
this.backendIDs = getStringList(backendIDs);
this.reportFilters = getStringList(reportFilters);
this.outputDirectory = outputDirectory;
ensureTrue(
(this.includeAuditors.isEmpty() || this.excludeAuditors.isEmpty()),
"You cannot request both include and exclude auditors.");
}
/**
* Creates a new audit data security task from the provided entry.
*
* @param entry The entry to use to create this audit data security task.
*
* @throws TaskException If the provided entry cannot be parsed as an audit
* data security task entry.
*/
public AuditDataSecurityTask(final Entry entry)
throws TaskException
{
super(entry);
includeAuditors = Collections.unmodifiableList(StaticUtils.toNonNullList(
entry.getAttributeValues(ATTR_INCLUDE_AUDITOR)));
excludeAuditors = Collections.unmodifiableList(StaticUtils.toNonNullList(
entry.getAttributeValues(ATTR_EXCLUDE_AUDITOR)));
backendIDs = Collections.unmodifiableList(StaticUtils.toNonNullList(
entry.getAttributeValues(ATTR_BACKEND_ID)));
reportFilters = Collections.unmodifiableList(StaticUtils.toNonNullList(
entry.getAttributeValues(ATTR_REPORT_FILTER)));
outputDirectory = entry.getAttributeValue(ATTR_OUTPUT_DIRECTORY);
}
/**
* Creates a new audit data security task from the provided set of task
* properties.
*
* @param properties The set of task properties and their corresponding
* values to use for the task. It must not be
* {@code null}.
*
* @throws TaskException If the provided set of properties cannot be used to
* create a valid audit data security task.
*/
public AuditDataSecurityTask(final Map> properties)
throws TaskException
{
super(AUDIT_DATA_SECURITY_TASK_CLASS, properties);
String outputDir = null;
final LinkedList includeAuditorsList = new LinkedList();
final LinkedList excludeAuditorsList = new LinkedList();
final LinkedList backendIDList = new LinkedList();
final LinkedList reportFilterList = new LinkedList();
for (final Map.Entry> entry :
properties.entrySet())
{
final TaskProperty p = entry.getKey();
final String attrName = StaticUtils.toLowerCase(p.getAttributeName());
final List © 2015 - 2025 Weber Informatics LLC | Privacy Policy