001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import org.forgerock.opendj.config.AdministratorAction; 021import org.forgerock.opendj.config.BooleanPropertyDefinition; 022import org.forgerock.opendj.config.ClassPropertyDefinition; 023import org.forgerock.opendj.config.client.ConcurrentModificationException; 024import org.forgerock.opendj.config.client.ManagedObject; 025import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 026import org.forgerock.opendj.config.client.OperationRejectedException; 027import org.forgerock.opendj.config.DefaultBehaviorProvider; 028import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 029import org.forgerock.opendj.config.IntegerPropertyDefinition; 030import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 031import org.forgerock.opendj.config.ManagedObjectDefinition; 032import org.forgerock.opendj.config.PropertyOption; 033import org.forgerock.opendj.config.PropertyProvider; 034import org.forgerock.opendj.config.server.ConfigurationChangeListener; 035import org.forgerock.opendj.config.server.ServerManagedObject; 036import org.forgerock.opendj.config.Tag; 037import org.forgerock.opendj.ldap.DN; 038import org.forgerock.opendj.ldap.LdapException; 039import org.forgerock.opendj.server.config.client.BcryptPasswordStorageSchemeCfgClient; 040import org.forgerock.opendj.server.config.server.BcryptPasswordStorageSchemeCfg; 041import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 042 043 044 045/** 046 * An interface for querying the Bcrypt Password Storage Scheme 047 * managed object definition meta information. 048 * <p> 049 * The Bcrypt Password Storage Scheme provides a mechanism for 050 * encoding user passwords using the bcrypt message digest algorithm. 051 */ 052public final class BcryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<BcryptPasswordStorageSchemeCfgClient, BcryptPasswordStorageSchemeCfg> { 053 054 /** The singleton configuration definition instance. */ 055 private static final BcryptPasswordStorageSchemeCfgDefn INSTANCE = new BcryptPasswordStorageSchemeCfgDefn(); 056 057 058 059 /** The "bcrypt-cost" property definition. */ 060 private static final IntegerPropertyDefinition PD_BCRYPT_COST; 061 062 063 064 /** The "java-class" property definition. */ 065 private static final ClassPropertyDefinition PD_JAVA_CLASS; 066 067 068 069 /** Build the "bcrypt-cost" property definition. */ 070 static { 071 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "bcrypt-cost"); 072 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "bcrypt-cost")); 073 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("12"); 074 builder.setDefaultBehaviorProvider(provider); 075 builder.setUpperLimit(30); 076 builder.setLowerLimit(1); 077 PD_BCRYPT_COST = builder.getInstance(); 078 INSTANCE.registerPropertyDefinition(PD_BCRYPT_COST); 079 } 080 081 082 083 /** Build the "java-class" property definition. */ 084 static { 085 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 086 builder.setOption(PropertyOption.MANDATORY); 087 builder.setOption(PropertyOption.ADVANCED); 088 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 089 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.BCryptPasswordStorageScheme"); 090 builder.setDefaultBehaviorProvider(provider); 091 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 092 PD_JAVA_CLASS = builder.getInstance(); 093 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 094 } 095 096 097 098 // Register the tags associated with this managed object definition. 099 static { 100 INSTANCE.registerTag(Tag.valueOf("user-management")); 101 } 102 103 104 105 /** 106 * Get the Bcrypt Password Storage Scheme configuration definition 107 * singleton. 108 * 109 * @return Returns the Bcrypt Password Storage Scheme configuration 110 * definition singleton. 111 */ 112 public static BcryptPasswordStorageSchemeCfgDefn getInstance() { 113 return INSTANCE; 114 } 115 116 117 118 /** 119 * Private constructor. 120 */ 121 private BcryptPasswordStorageSchemeCfgDefn() { 122 super("bcrypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 123 } 124 125 126 127 /** {@inheritDoc} */ 128 public BcryptPasswordStorageSchemeCfgClient createClientConfiguration( 129 ManagedObject<? extends BcryptPasswordStorageSchemeCfgClient> impl) { 130 return new BcryptPasswordStorageSchemeCfgClientImpl(impl); 131 } 132 133 134 135 /** {@inheritDoc} */ 136 public BcryptPasswordStorageSchemeCfg createServerConfiguration( 137 ServerManagedObject<? extends BcryptPasswordStorageSchemeCfg> impl) { 138 return new BcryptPasswordStorageSchemeCfgServerImpl(impl); 139 } 140 141 142 143 /** {@inheritDoc} */ 144 public Class<BcryptPasswordStorageSchemeCfg> getServerConfigurationClass() { 145 return BcryptPasswordStorageSchemeCfg.class; 146 } 147 148 149 150 /** 151 * Get the "bcrypt-cost" property definition. 152 * <p> 153 * The cost parameter specifies a key expansion iteration count as a 154 * power of two. A default value of 12 (2^12 iterations) is 155 * considered in 2016 as a reasonable balance between responsiveness 156 * and security for regular users. 157 * 158 * @return Returns the "bcrypt-cost" property definition. 159 */ 160 public IntegerPropertyDefinition getBcryptCostPropertyDefinition() { 161 return PD_BCRYPT_COST; 162 } 163 164 165 166 /** 167 * Get the "enabled" property definition. 168 * <p> 169 * Indicates whether the Bcrypt Password Storage Scheme is enabled 170 * for use. 171 * 172 * @return Returns the "enabled" property definition. 173 */ 174 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 175 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 176 } 177 178 179 180 /** 181 * Get the "java-class" property definition. 182 * <p> 183 * Specifies the fully-qualified name of the Java class that 184 * provides the Bcrypt Password Storage Scheme implementation. 185 * 186 * @return Returns the "java-class" property definition. 187 */ 188 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 189 return PD_JAVA_CLASS; 190 } 191 192 193 194 /** 195 * Managed object client implementation. 196 */ 197 private static class BcryptPasswordStorageSchemeCfgClientImpl implements 198 BcryptPasswordStorageSchemeCfgClient { 199 200 /** Private implementation. */ 201 private ManagedObject<? extends BcryptPasswordStorageSchemeCfgClient> impl; 202 203 204 205 /** Private constructor. */ 206 private BcryptPasswordStorageSchemeCfgClientImpl( 207 ManagedObject<? extends BcryptPasswordStorageSchemeCfgClient> impl) { 208 this.impl = impl; 209 } 210 211 212 213 /** {@inheritDoc} */ 214 public int getBcryptCost() { 215 return impl.getPropertyValue(INSTANCE.getBcryptCostPropertyDefinition()); 216 } 217 218 219 220 /** {@inheritDoc} */ 221 public void setBcryptCost(Integer value) { 222 impl.setPropertyValue(INSTANCE.getBcryptCostPropertyDefinition(), value); 223 } 224 225 226 227 /** {@inheritDoc} */ 228 public Boolean isEnabled() { 229 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 230 } 231 232 233 234 /** {@inheritDoc} */ 235 public void setEnabled(boolean value) { 236 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 237 } 238 239 240 241 /** {@inheritDoc} */ 242 public String getJavaClass() { 243 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 244 } 245 246 247 248 /** {@inheritDoc} */ 249 public void setJavaClass(String value) { 250 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 251 } 252 253 254 255 /** {@inheritDoc} */ 256 public ManagedObjectDefinition<? extends BcryptPasswordStorageSchemeCfgClient, ? extends BcryptPasswordStorageSchemeCfg> definition() { 257 return INSTANCE; 258 } 259 260 261 262 /** {@inheritDoc} */ 263 public PropertyProvider properties() { 264 return impl; 265 } 266 267 268 269 /** {@inheritDoc} */ 270 public void commit() throws ManagedObjectAlreadyExistsException, 271 MissingMandatoryPropertiesException, ConcurrentModificationException, 272 OperationRejectedException, LdapException { 273 impl.commit(); 274 } 275 276 277 278 /** {@inheritDoc} */ 279 public String toString() { 280 return impl.toString(); 281 } 282 } 283 284 285 286 /** 287 * Managed object server implementation. 288 */ 289 private static class BcryptPasswordStorageSchemeCfgServerImpl implements 290 BcryptPasswordStorageSchemeCfg { 291 292 /** Private implementation. */ 293 private ServerManagedObject<? extends BcryptPasswordStorageSchemeCfg> impl; 294 295 /** The value of the "bcrypt-cost" property. */ 296 private final int pBcryptCost; 297 298 /** The value of the "enabled" property. */ 299 private final boolean pEnabled; 300 301 /** The value of the "java-class" property. */ 302 private final String pJavaClass; 303 304 305 306 /** Private constructor. */ 307 private BcryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends BcryptPasswordStorageSchemeCfg> impl) { 308 this.impl = impl; 309 this.pBcryptCost = impl.getPropertyValue(INSTANCE.getBcryptCostPropertyDefinition()); 310 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 311 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 312 } 313 314 315 316 /** {@inheritDoc} */ 317 public void addBcryptChangeListener( 318 ConfigurationChangeListener<BcryptPasswordStorageSchemeCfg> listener) { 319 impl.registerChangeListener(listener); 320 } 321 322 323 324 /** {@inheritDoc} */ 325 public void removeBcryptChangeListener( 326 ConfigurationChangeListener<BcryptPasswordStorageSchemeCfg> listener) { 327 impl.deregisterChangeListener(listener); 328 } 329 /** {@inheritDoc} */ 330 public void addChangeListener( 331 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 332 impl.registerChangeListener(listener); 333 } 334 335 336 337 /** {@inheritDoc} */ 338 public void removeChangeListener( 339 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 340 impl.deregisterChangeListener(listener); 341 } 342 343 344 345 /** {@inheritDoc} */ 346 public int getBcryptCost() { 347 return pBcryptCost; 348 } 349 350 351 352 /** {@inheritDoc} */ 353 public boolean isEnabled() { 354 return pEnabled; 355 } 356 357 358 359 /** {@inheritDoc} */ 360 public String getJavaClass() { 361 return pJavaClass; 362 } 363 364 365 366 /** {@inheritDoc} */ 367 public Class<? extends BcryptPasswordStorageSchemeCfg> configurationClass() { 368 return BcryptPasswordStorageSchemeCfg.class; 369 } 370 371 372 373 /** {@inheritDoc} */ 374 public DN dn() { 375 return impl.getDN(); 376 } 377 378 379 380 /** {@inheritDoc} */ 381 public String toString() { 382 return impl.toString(); 383 } 384 } 385}