Source code

001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008-2010 Sun Microsystems, Inc.
015 * Portions Copyright 2014-2016 ForgeRock AS.
016 */
017package org.opends.server.tasks;
018import org.forgerock.i18n.LocalizableMessage;
019
020
021
022import java.net.InetAddress;
023
024import org.opends.server.backends.task.Task;
025import org.opends.server.backends.task.TaskState;
026import org.opends.server.core.DirectoryServer;
027import org.opends.server.types.*;
028import org.forgerock.opendj.ldap.DN;
029import org.forgerock.opendj.ldap.ResultCode;
030import static org.opends.messages.TaskMessages.*;
031
032
033
034/**
035 * This class provides an implementation of a Directory Server task that can be
036 * used to place the server in lockdown mode.
037 */
038public class EnterLockdownModeTask
039       extends Task
040{
041
042  /** {@inheritDoc} */
043  public LocalizableMessage getDisplayName() {
044    return INFO_TASK_ENTER_LOCKDOWN_MODE_NAME.get();
045  }
046
047  /** {@inheritDoc} */
048  @Override
049  public void initializeTask()
050         throws DirectoryException
051  {
052    // If the client connection is available, then make sure it is authorized
053    // as a root user.
054    Operation operation = getOperation();
055    if (operation != null)
056    {
057      DN authzDN = operation.getAuthorizationDN();
058      if (authzDN == null || !operation.getClientConnection().hasPrivilege(
059          Privilege.SERVER_LOCKDOWN, operation))
060      {
061        LocalizableMessage message = ERR_TASK_ENTERLOCKDOWN_NOT_ROOT.get();
062        throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message);
063      }
064
065      InetAddress clientAddress = operation.getClientConnection().getRemoteAddress();
066      if (clientAddress != null && !clientAddress.isLoopbackAddress())
067      {
068        LocalizableMessage message = ERR_TASK_ENTERLOCKDOWN_NOT_LOOPBACK.get();
069        throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, message);
070      }
071    }
072  }
073
074
075
076  /** {@inheritDoc} */
077  protected TaskState runTask()
078  {
079    DirectoryServer.setLockdownMode(true);
080    return TaskState.COMPLETED_SUCCESSFULLY;
081  }
082}
083