001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import java.net.InetAddress; 021import java.util.Collection; 022import java.util.SortedSet; 023import org.forgerock.opendj.config.AdministratorAction; 024import org.forgerock.opendj.config.AggregationPropertyDefinition; 025import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 026import org.forgerock.opendj.config.BooleanPropertyDefinition; 027import org.forgerock.opendj.config.ClassPropertyDefinition; 028import org.forgerock.opendj.config.client.ConcurrentModificationException; 029import org.forgerock.opendj.config.client.ManagedObject; 030import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 031import org.forgerock.opendj.config.client.OperationRejectedException; 032import org.forgerock.opendj.config.conditions.Conditions; 033import org.forgerock.opendj.config.DefaultBehaviorProvider; 034import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 035import org.forgerock.opendj.config.DurationPropertyDefinition; 036import org.forgerock.opendj.config.EnumPropertyDefinition; 037import org.forgerock.opendj.config.GenericConstraint; 038import org.forgerock.opendj.config.IntegerPropertyDefinition; 039import org.forgerock.opendj.config.IPAddressMaskPropertyDefinition; 040import org.forgerock.opendj.config.IPAddressPropertyDefinition; 041import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 042import org.forgerock.opendj.config.ManagedObjectDefinition; 043import org.forgerock.opendj.config.PropertyOption; 044import org.forgerock.opendj.config.PropertyProvider; 045import org.forgerock.opendj.config.server.ConfigurationChangeListener; 046import org.forgerock.opendj.config.server.ServerManagedObject; 047import org.forgerock.opendj.config.SizePropertyDefinition; 048import org.forgerock.opendj.config.StringPropertyDefinition; 049import org.forgerock.opendj.config.Tag; 050import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 051import org.forgerock.opendj.ldap.AddressMask; 052import org.forgerock.opendj.ldap.DN; 053import org.forgerock.opendj.ldap.LdapException; 054import org.forgerock.opendj.server.config.client.KeyManagerProviderCfgClient; 055import org.forgerock.opendj.server.config.client.LDAPConnectionHandlerCfgClient; 056import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient; 057import org.forgerock.opendj.server.config.server.ConnectionHandlerCfg; 058import org.forgerock.opendj.server.config.server.KeyManagerProviderCfg; 059import org.forgerock.opendj.server.config.server.LDAPConnectionHandlerCfg; 060import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg; 061 062 063 064/** 065 * An interface for querying the LDAP Connection Handler managed 066 * object definition meta information. 067 * <p> 068 * The LDAP Connection Handler is used to interact with clients using 069 * LDAP. 070 */ 071public final class LDAPConnectionHandlerCfgDefn extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient, LDAPConnectionHandlerCfg> { 072 073 /** The singleton configuration definition instance. */ 074 private static final LDAPConnectionHandlerCfgDefn INSTANCE = new LDAPConnectionHandlerCfgDefn(); 075 076 077 078 /** 079 * Defines the set of permissable values for the "ssl-client-auth-policy" property. 080 * <p> 081 * Specifies the policy that the LDAP Connection Handler should use 082 * regarding client SSL certificates. Clients can use the SASL 083 * EXTERNAL mechanism only if the policy is set to "optional" or 084 * "required". 085 * <p> 086 * This is only applicable if clients are allowed to use SSL. 087 */ 088 public static enum SSLClientAuthPolicy { 089 090 /** 091 * Clients must not provide their own certificates when performing 092 * SSL negotiation. 093 */ 094 DISABLED("disabled"), 095 096 097 098 /** 099 * Clients are requested to provide their own certificates when 100 * performing SSL negotiation. The connection is nevertheless 101 * accepted if the client does not provide a certificate. 102 */ 103 OPTIONAL("optional"), 104 105 106 107 /** 108 * Clients are required to provide their own certificates when 109 * performing SSL negotiation and are refused access if they do not 110 * provide a certificate. 111 */ 112 REQUIRED("required"); 113 114 115 116 /** String representation of the value. */ 117 private final String name; 118 119 120 121 /** Private constructor. */ 122 private SSLClientAuthPolicy(String name) { this.name = name; } 123 124 125 126 /** {@inheritDoc} */ 127 public String toString() { return name; } 128 129 } 130 131 132 133 /** The "accept-backlog" property definition. */ 134 private static final IntegerPropertyDefinition PD_ACCEPT_BACKLOG; 135 136 137 138 /** The "allow-ldap-v2" property definition. */ 139 private static final BooleanPropertyDefinition PD_ALLOW_LDAP_V2; 140 141 142 143 /** The "allow-start-tls" property definition. */ 144 private static final BooleanPropertyDefinition PD_ALLOW_START_TLS; 145 146 147 148 /** The "allow-tcp-reuse-address" property definition. */ 149 private static final BooleanPropertyDefinition PD_ALLOW_TCP_REUSE_ADDRESS; 150 151 152 153 /** The "buffer-size" property definition. */ 154 private static final SizePropertyDefinition PD_BUFFER_SIZE; 155 156 157 158 /** The "java-class" property definition. */ 159 private static final ClassPropertyDefinition PD_JAVA_CLASS; 160 161 162 163 /** The "keep-stats" property definition. */ 164 private static final BooleanPropertyDefinition PD_KEEP_STATS; 165 166 167 168 /** The "key-manager-provider" property definition. */ 169 private static final AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> PD_KEY_MANAGER_PROVIDER; 170 171 172 173 /** The "listen-address" property definition. */ 174 private static final IPAddressPropertyDefinition PD_LISTEN_ADDRESS; 175 176 177 178 /** The "listen-port" property definition. */ 179 private static final IntegerPropertyDefinition PD_LISTEN_PORT; 180 181 182 183 /** The "max-blocked-write-time-limit" property definition. */ 184 private static final DurationPropertyDefinition PD_MAX_BLOCKED_WRITE_TIME_LIMIT; 185 186 187 188 /** The "max-request-size" property definition. */ 189 private static final SizePropertyDefinition PD_MAX_REQUEST_SIZE; 190 191 192 193 /** The "num-request-handlers" property definition. */ 194 private static final IntegerPropertyDefinition PD_NUM_REQUEST_HANDLERS; 195 196 197 198 /** The "send-rejection-notice" property definition. */ 199 private static final BooleanPropertyDefinition PD_SEND_REJECTION_NOTICE; 200 201 202 203 /** The "ssl-cert-nickname" property definition. */ 204 private static final StringPropertyDefinition PD_SSL_CERT_NICKNAME; 205 206 207 208 /** The "ssl-cipher-suite" property definition. */ 209 private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE; 210 211 212 213 /** The "ssl-client-auth-policy" property definition. */ 214 private static final EnumPropertyDefinition<SSLClientAuthPolicy> PD_SSL_CLIENT_AUTH_POLICY; 215 216 217 218 /** The "ssl-protocol" property definition. */ 219 private static final StringPropertyDefinition PD_SSL_PROTOCOL; 220 221 222 223 /** The "trust-manager-provider" property definition. */ 224 private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER; 225 226 227 228 /** The "use-ssl" property definition. */ 229 private static final BooleanPropertyDefinition PD_USE_SSL; 230 231 232 233 /** The "use-tcp-keep-alive" property definition. */ 234 private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE; 235 236 237 238 /** The "use-tcp-no-delay" property definition. */ 239 private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY; 240 241 242 243 /** Build the "accept-backlog" property definition. */ 244 static { 245 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "accept-backlog"); 246 builder.setOption(PropertyOption.ADVANCED); 247 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "accept-backlog")); 248 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("128"); 249 builder.setDefaultBehaviorProvider(provider); 250 builder.setLowerLimit(1); 251 PD_ACCEPT_BACKLOG = builder.getInstance(); 252 INSTANCE.registerPropertyDefinition(PD_ACCEPT_BACKLOG); 253 } 254 255 256 257 /** Build the "allow-ldap-v2" property definition. */ 258 static { 259 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-ldap-v2"); 260 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-ldap-v2")); 261 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 262 builder.setDefaultBehaviorProvider(provider); 263 PD_ALLOW_LDAP_V2 = builder.getInstance(); 264 INSTANCE.registerPropertyDefinition(PD_ALLOW_LDAP_V2); 265 } 266 267 268 269 /** Build the "allow-start-tls" property definition. */ 270 static { 271 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-start-tls"); 272 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-start-tls")); 273 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 274 builder.setDefaultBehaviorProvider(provider); 275 PD_ALLOW_START_TLS = builder.getInstance(); 276 INSTANCE.registerPropertyDefinition(PD_ALLOW_START_TLS); 277 } 278 279 280 281 /** Build the "allow-tcp-reuse-address" property definition. */ 282 static { 283 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-tcp-reuse-address"); 284 builder.setOption(PropertyOption.ADVANCED); 285 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "allow-tcp-reuse-address")); 286 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 287 builder.setDefaultBehaviorProvider(provider); 288 PD_ALLOW_TCP_REUSE_ADDRESS = builder.getInstance(); 289 INSTANCE.registerPropertyDefinition(PD_ALLOW_TCP_REUSE_ADDRESS); 290 } 291 292 293 294 /** Build the "buffer-size" property definition. */ 295 static { 296 SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "buffer-size"); 297 builder.setOption(PropertyOption.ADVANCED); 298 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "buffer-size")); 299 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("4096 bytes"); 300 builder.setDefaultBehaviorProvider(provider); 301 builder.setUpperLimit("2147483647b"); 302 builder.setLowerLimit("1b"); 303 PD_BUFFER_SIZE = builder.getInstance(); 304 INSTANCE.registerPropertyDefinition(PD_BUFFER_SIZE); 305 } 306 307 308 309 /** Build the "java-class" property definition. */ 310 static { 311 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 312 builder.setOption(PropertyOption.MANDATORY); 313 builder.setOption(PropertyOption.ADVANCED); 314 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 315 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.ldap.LDAPConnectionHandler"); 316 builder.setDefaultBehaviorProvider(provider); 317 builder.addInstanceOf("org.opends.server.api.ConnectionHandler"); 318 PD_JAVA_CLASS = builder.getInstance(); 319 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 320 } 321 322 323 324 /** Build the "keep-stats" property definition. */ 325 static { 326 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "keep-stats"); 327 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keep-stats")); 328 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 329 builder.setDefaultBehaviorProvider(provider); 330 PD_KEEP_STATS = builder.getInstance(); 331 INSTANCE.registerPropertyDefinition(PD_KEEP_STATS); 332 } 333 334 335 336 /** Build the "key-manager-provider" property definition. */ 337 static { 338 AggregationPropertyDefinition.Builder<KeyManagerProviderCfgClient, KeyManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "key-manager-provider"); 339 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-manager-provider")); 340 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 341 builder.setParentPath("/"); 342 builder.setRelationDefinition("key-manager-provider"); 343 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))); 344 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 345 PD_KEY_MANAGER_PROVIDER = builder.getInstance(); 346 INSTANCE.registerPropertyDefinition(PD_KEY_MANAGER_PROVIDER); 347 INSTANCE.registerConstraint(PD_KEY_MANAGER_PROVIDER.getSourceConstraint()); 348 } 349 350 351 352 /** Build the "listen-address" property definition. */ 353 static { 354 IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "listen-address"); 355 builder.setOption(PropertyOption.MULTI_VALUED); 356 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-address")); 357 DefaultBehaviorProvider<InetAddress> provider = new DefinedDefaultBehaviorProvider<InetAddress>("0.0.0.0"); 358 builder.setDefaultBehaviorProvider(provider); 359 PD_LISTEN_ADDRESS = builder.getInstance(); 360 INSTANCE.registerPropertyDefinition(PD_LISTEN_ADDRESS); 361 } 362 363 364 365 /** Build the "listen-port" property definition. */ 366 static { 367 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "listen-port"); 368 builder.setOption(PropertyOption.MANDATORY); 369 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-port")); 370 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Integer>()); 371 builder.setUpperLimit(65535); 372 builder.setLowerLimit(1); 373 PD_LISTEN_PORT = builder.getInstance(); 374 INSTANCE.registerPropertyDefinition(PD_LISTEN_PORT); 375 } 376 377 378 379 /** Build the "max-blocked-write-time-limit" property definition. */ 380 static { 381 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-blocked-write-time-limit"); 382 builder.setOption(PropertyOption.ADVANCED); 383 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-blocked-write-time-limit")); 384 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("2 minutes"); 385 builder.setDefaultBehaviorProvider(provider); 386 builder.setBaseUnit("ms"); 387 builder.setLowerLimit("0"); 388 PD_MAX_BLOCKED_WRITE_TIME_LIMIT = builder.getInstance(); 389 INSTANCE.registerPropertyDefinition(PD_MAX_BLOCKED_WRITE_TIME_LIMIT); 390 } 391 392 393 394 /** Build the "max-request-size" property definition. */ 395 static { 396 SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "max-request-size"); 397 builder.setOption(PropertyOption.ADVANCED); 398 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-request-size")); 399 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 megabytes"); 400 builder.setDefaultBehaviorProvider(provider); 401 builder.setUpperLimit("2147483647b"); 402 PD_MAX_REQUEST_SIZE = builder.getInstance(); 403 INSTANCE.registerPropertyDefinition(PD_MAX_REQUEST_SIZE); 404 } 405 406 407 408 /** Build the "num-request-handlers" property definition. */ 409 static { 410 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "num-request-handlers"); 411 builder.setOption(PropertyOption.ADVANCED); 412 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "num-request-handlers")); 413 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Integer>(INSTANCE, "num-request-handlers")); 414 builder.setLowerLimit(1); 415 PD_NUM_REQUEST_HANDLERS = builder.getInstance(); 416 INSTANCE.registerPropertyDefinition(PD_NUM_REQUEST_HANDLERS); 417 } 418 419 420 421 /** Build the "send-rejection-notice" property definition. */ 422 static { 423 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "send-rejection-notice"); 424 builder.setOption(PropertyOption.ADVANCED); 425 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "send-rejection-notice")); 426 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 427 builder.setDefaultBehaviorProvider(provider); 428 PD_SEND_REJECTION_NOTICE = builder.getInstance(); 429 INSTANCE.registerPropertyDefinition(PD_SEND_REJECTION_NOTICE); 430 } 431 432 433 434 /** Build the "ssl-cert-nickname" property definition. */ 435 static { 436 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cert-nickname"); 437 builder.setOption(PropertyOption.MULTI_VALUED); 438 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-cert-nickname")); 439 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cert-nickname")); 440 PD_SSL_CERT_NICKNAME = builder.getInstance(); 441 INSTANCE.registerPropertyDefinition(PD_SSL_CERT_NICKNAME); 442 } 443 444 445 446 /** Build the "ssl-cipher-suite" property definition. */ 447 static { 448 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite"); 449 builder.setOption(PropertyOption.MULTI_VALUED); 450 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite")); 451 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite")); 452 PD_SSL_CIPHER_SUITE = builder.getInstance(); 453 INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE); 454 } 455 456 457 458 /** Build the "ssl-client-auth-policy" property definition. */ 459 static { 460 EnumPropertyDefinition.Builder<SSLClientAuthPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "ssl-client-auth-policy"); 461 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-client-auth-policy")); 462 DefaultBehaviorProvider<SSLClientAuthPolicy> provider = new DefinedDefaultBehaviorProvider<SSLClientAuthPolicy>("optional"); 463 builder.setDefaultBehaviorProvider(provider); 464 builder.setEnumClass(SSLClientAuthPolicy.class); 465 PD_SSL_CLIENT_AUTH_POLICY = builder.getInstance(); 466 INSTANCE.registerPropertyDefinition(PD_SSL_CLIENT_AUTH_POLICY); 467 } 468 469 470 471 /** Build the "ssl-protocol" property definition. */ 472 static { 473 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol"); 474 builder.setOption(PropertyOption.MULTI_VALUED); 475 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol")); 476 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol")); 477 PD_SSL_PROTOCOL = builder.getInstance(); 478 INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL); 479 } 480 481 482 483 /** Build the "trust-manager-provider" property definition. */ 484 static { 485 AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider"); 486 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider")); 487 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 488 builder.setParentPath("/"); 489 builder.setRelationDefinition("trust-manager-provider"); 490 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))); 491 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 492 PD_TRUST_MANAGER_PROVIDER = builder.getInstance(); 493 INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER); 494 INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint()); 495 } 496 497 498 499 /** Build the "use-ssl" property definition. */ 500 static { 501 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl"); 502 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl")); 503 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 504 builder.setDefaultBehaviorProvider(provider); 505 PD_USE_SSL = builder.getInstance(); 506 INSTANCE.registerPropertyDefinition(PD_USE_SSL); 507 } 508 509 510 511 /** Build the "use-tcp-keep-alive" property definition. */ 512 static { 513 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive"); 514 builder.setOption(PropertyOption.ADVANCED); 515 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive")); 516 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 517 builder.setDefaultBehaviorProvider(provider); 518 PD_USE_TCP_KEEP_ALIVE = builder.getInstance(); 519 INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE); 520 } 521 522 523 524 /** Build the "use-tcp-no-delay" property definition. */ 525 static { 526 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay"); 527 builder.setOption(PropertyOption.ADVANCED); 528 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay")); 529 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 530 builder.setDefaultBehaviorProvider(provider); 531 PD_USE_TCP_NO_DELAY = builder.getInstance(); 532 INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY); 533 } 534 535 536 537 // Register the tags associated with this managed object definition. 538 static { 539 INSTANCE.registerTag(Tag.valueOf("core-server")); 540 } 541 542 543 544 // Register the constraints associated with this managed object definition. 545 static { 546 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("key-manager-provider"))))); 547 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("trust-manager-provider"))))); 548 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.not(Conditions.and(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))))); 549 } 550 551 552 553 /** 554 * Get the LDAP Connection Handler configuration definition 555 * singleton. 556 * 557 * @return Returns the LDAP Connection Handler configuration 558 * definition singleton. 559 */ 560 public static LDAPConnectionHandlerCfgDefn getInstance() { 561 return INSTANCE; 562 } 563 564 565 566 /** 567 * Private constructor. 568 */ 569 private LDAPConnectionHandlerCfgDefn() { 570 super("ldap-connection-handler", ConnectionHandlerCfgDefn.getInstance()); 571 } 572 573 574 575 /** {@inheritDoc} */ 576 public LDAPConnectionHandlerCfgClient createClientConfiguration( 577 ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) { 578 return new LDAPConnectionHandlerCfgClientImpl(impl); 579 } 580 581 582 583 /** {@inheritDoc} */ 584 public LDAPConnectionHandlerCfg createServerConfiguration( 585 ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) { 586 return new LDAPConnectionHandlerCfgServerImpl(impl); 587 } 588 589 590 591 /** {@inheritDoc} */ 592 public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass() { 593 return LDAPConnectionHandlerCfg.class; 594 } 595 596 597 598 /** 599 * Get the "accept-backlog" property definition. 600 * <p> 601 * Specifies the maximum number of pending connection attempts that 602 * are allowed to queue up in the accept backlog before the server 603 * starts rejecting new connection attempts. 604 * <p> 605 * This is primarily an issue for cases in which a large number of 606 * connections are established to the server in a very short period 607 * of time (for example, a benchmark utility that creates a large 608 * number of client threads that each have their own connection to 609 * the server) and the connection handler is unable to keep up with 610 * the rate at which the new connections are established. 611 * 612 * @return Returns the "accept-backlog" property definition. 613 */ 614 public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition() { 615 return PD_ACCEPT_BACKLOG; 616 } 617 618 619 620 /** 621 * Get the "allowed-client" property definition. 622 * <p> 623 * Specifies a set of host names or address masks that determine the 624 * clients that are allowed to establish connections to this LDAP 625 * Connection Handler. 626 * <p> 627 * Valid values include a host name, a fully qualified domain name, 628 * a domain name, an IP address, or a subnetwork with subnetwork 629 * mask. 630 * 631 * @return Returns the "allowed-client" property definition. 632 */ 633 public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition() { 634 return ConnectionHandlerCfgDefn.getInstance().getAllowedClientPropertyDefinition(); 635 } 636 637 638 639 /** 640 * Get the "allow-ldap-v2" property definition. 641 * <p> 642 * Indicates whether connections from LDAPv2 clients are allowed. 643 * <p> 644 * If LDAPv2 clients are allowed, then only a minimal degree of 645 * special support are provided for them to ensure that 646 * LDAPv3-specific protocol elements (for example, Configuration 647 * Guide 25 controls, extended response messages, intermediate 648 * response messages, referrals) are not sent to an LDAPv2 client. 649 * 650 * @return Returns the "allow-ldap-v2" property definition. 651 */ 652 public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition() { 653 return PD_ALLOW_LDAP_V2; 654 } 655 656 657 658 /** 659 * Get the "allow-start-tls" property definition. 660 * <p> 661 * Indicates whether clients are allowed to use StartTLS. 662 * <p> 663 * If enabled, the LDAP Connection Handler allows clients to use the 664 * StartTLS extended operation to initiate secure communication over 665 * an otherwise insecure channel. Note that this is only allowed if 666 * the LDAP Connection Handler is not configured to use SSL, and if 667 * the server is configured with a valid key manager provider and a 668 * valid trust manager provider. 669 * 670 * @return Returns the "allow-start-tls" property definition. 671 */ 672 public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition() { 673 return PD_ALLOW_START_TLS; 674 } 675 676 677 678 /** 679 * Get the "allow-tcp-reuse-address" property definition. 680 * <p> 681 * Indicates whether the LDAP Connection Handler should reuse socket 682 * descriptors. 683 * <p> 684 * If enabled, the SO_REUSEADDR socket option is used on the server 685 * listen socket to potentially allow the reuse of socket descriptors 686 * for clients in a TIME_WAIT state. This may help the server avoid 687 * temporarily running out of socket descriptors in cases in which a 688 * very large number of short-lived connections have been established 689 * from the same client system. 690 * 691 * @return Returns the "allow-tcp-reuse-address" property definition. 692 */ 693 public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition() { 694 return PD_ALLOW_TCP_REUSE_ADDRESS; 695 } 696 697 698 699 /** 700 * Get the "buffer-size" property definition. 701 * <p> 702 * Specifies the size in bytes of the LDAP response message write 703 * buffer. 704 * <p> 705 * This property specifies write buffer size allocated by the server 706 * for each client connection and used to buffer LDAP response 707 * messages data when writing. 708 * 709 * @return Returns the "buffer-size" property definition. 710 */ 711 public SizePropertyDefinition getBufferSizePropertyDefinition() { 712 return PD_BUFFER_SIZE; 713 } 714 715 716 717 /** 718 * Get the "denied-client" property definition. 719 * <p> 720 * Specifies a set of host names or address masks that determine the 721 * clients that are not allowed to establish connections to this LDAP 722 * Connection Handler. 723 * <p> 724 * Valid values include a host name, a fully qualified domain name, 725 * a domain name, an IP address, or a subnetwork with subnetwork 726 * mask. If both allowed and denied client masks are defined and a 727 * client connection matches one or more masks in both lists, then 728 * the connection is denied. If only a denied list is specified, then 729 * any client not matching a mask in that list is allowed. 730 * 731 * @return Returns the "denied-client" property definition. 732 */ 733 public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition() { 734 return ConnectionHandlerCfgDefn.getInstance().getDeniedClientPropertyDefinition(); 735 } 736 737 738 739 /** 740 * Get the "enabled" property definition. 741 * <p> 742 * Indicates whether the LDAP Connection Handler is enabled. 743 * 744 * @return Returns the "enabled" property definition. 745 */ 746 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 747 return ConnectionHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 748 } 749 750 751 752 /** 753 * Get the "java-class" property definition. 754 * <p> 755 * Specifies the fully-qualified name of the Java class that 756 * provides the LDAP Connection Handler implementation. 757 * 758 * @return Returns the "java-class" property definition. 759 */ 760 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 761 return PD_JAVA_CLASS; 762 } 763 764 765 766 /** 767 * Get the "keep-stats" property definition. 768 * <p> 769 * Indicates whether the LDAP Connection Handler should keep 770 * statistics. 771 * <p> 772 * If enabled, the LDAP Connection Handler maintains statistics 773 * about the number and types of operations requested over LDAP and 774 * the amount of data sent and received. 775 * 776 * @return Returns the "keep-stats" property definition. 777 */ 778 public BooleanPropertyDefinition getKeepStatsPropertyDefinition() { 779 return PD_KEEP_STATS; 780 } 781 782 783 784 /** 785 * Get the "key-manager-provider" property definition. 786 * <p> 787 * Specifies the name of the key manager that should be used with 788 * this LDAP Connection Handler . 789 * 790 * @return Returns the "key-manager-provider" property definition. 791 */ 792 public AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition() { 793 return PD_KEY_MANAGER_PROVIDER; 794 } 795 796 797 798 /** 799 * Get the "listen-address" property definition. 800 * <p> 801 * Specifies the address or set of addresses on which this LDAP 802 * Connection Handler should listen for connections from LDAP 803 * clients. 804 * <p> 805 * Multiple addresses may be provided as separate values for this 806 * attribute. If no values are provided, then the LDAP Connection 807 * Handler listens on all interfaces. 808 * 809 * @return Returns the "listen-address" property definition. 810 */ 811 public IPAddressPropertyDefinition getListenAddressPropertyDefinition() { 812 return PD_LISTEN_ADDRESS; 813 } 814 815 816 817 /** 818 * Get the "listen-port" property definition. 819 * <p> 820 * Specifies the port number on which the LDAP Connection Handler 821 * will listen for connections from clients. 822 * <p> 823 * Only a single port number may be provided. 824 * 825 * @return Returns the "listen-port" property definition. 826 */ 827 public IntegerPropertyDefinition getListenPortPropertyDefinition() { 828 return PD_LISTEN_PORT; 829 } 830 831 832 833 /** 834 * Get the "max-blocked-write-time-limit" property definition. 835 * <p> 836 * Specifies the maximum length of time that attempts to write data 837 * to LDAP clients should be allowed to block. 838 * <p> 839 * If an attempt to write data to a client takes longer than this 840 * length of time, then the client connection is terminated. 841 * 842 * @return Returns the "max-blocked-write-time-limit" property definition. 843 */ 844 public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition() { 845 return PD_MAX_BLOCKED_WRITE_TIME_LIMIT; 846 } 847 848 849 850 /** 851 * Get the "max-request-size" property definition. 852 * <p> 853 * Specifies the size in bytes of the largest LDAP request message 854 * that will be allowed by this LDAP Connection handler. 855 * <p> 856 * This property is analogous to the maxBERSize configuration 857 * attribute of the Sun Java System Directory Server. This can help 858 * prevent denial-of-service attacks by clients that indicate they 859 * send extremely large requests to the server causing it to attempt 860 * to allocate large amounts of memory. 861 * 862 * @return Returns the "max-request-size" property definition. 863 */ 864 public SizePropertyDefinition getMaxRequestSizePropertyDefinition() { 865 return PD_MAX_REQUEST_SIZE; 866 } 867 868 869 870 /** 871 * Get the "num-request-handlers" property definition. 872 * <p> 873 * Specifies the number of request handlers that are used to read 874 * requests from clients. 875 * <p> 876 * The LDAP Connection Handler uses one thread to accept new 877 * connections from clients, but uses one or more additional threads 878 * to read requests from existing client connections. This ensures 879 * that new requests are read efficiently and that the connection 880 * handler itself does not become a bottleneck when the server is 881 * under heavy load from many clients at the same time. 882 * 883 * @return Returns the "num-request-handlers" property definition. 884 */ 885 public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition() { 886 return PD_NUM_REQUEST_HANDLERS; 887 } 888 889 890 891 /** 892 * Get the "send-rejection-notice" property definition. 893 * <p> 894 * Indicates whether the LDAP Connection Handler should send a 895 * notice of disconnection extended response message to the client if 896 * a new connection is rejected for some reason. 897 * <p> 898 * The extended response message may provide an explanation 899 * indicating the reason that the connection was rejected. 900 * 901 * @return Returns the "send-rejection-notice" property definition. 902 */ 903 public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition() { 904 return PD_SEND_REJECTION_NOTICE; 905 } 906 907 908 909 /** 910 * Get the "ssl-cert-nickname" property definition. 911 * <p> 912 * Specifies the nicknames (also called the aliases) of the keys or 913 * key pairs that the LDAP Connection Handler should use when 914 * performing SSL communication. The property can be used multiple 915 * times (referencing different nicknames) when server certificates 916 * with different public key algorithms are used in parallel (for 917 * example, RSA, DSA, and ECC-based algorithms). When a nickname 918 * refers to an asymmetric (public/private) key pair, the nickname 919 * for the public key certificate and associated private key entry 920 * must match exactly. A single nickname is used to retrieve both the 921 * public key and the private key. 922 * <p> 923 * This is only applicable when the LDAP Connection Handler is 924 * configured to use SSL. 925 * 926 * @return Returns the "ssl-cert-nickname" property definition. 927 */ 928 public StringPropertyDefinition getSSLCertNicknamePropertyDefinition() { 929 return PD_SSL_CERT_NICKNAME; 930 } 931 932 933 934 /** 935 * Get the "ssl-cipher-suite" property definition. 936 * <p> 937 * Specifies the names of the SSL cipher suites that are allowed for 938 * use in SSL or StartTLS communication. 939 * 940 * @return Returns the "ssl-cipher-suite" property definition. 941 */ 942 public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() { 943 return PD_SSL_CIPHER_SUITE; 944 } 945 946 947 948 /** 949 * Get the "ssl-client-auth-policy" property definition. 950 * <p> 951 * Specifies the policy that the LDAP Connection Handler should use 952 * regarding client SSL certificates. Clients can use the SASL 953 * EXTERNAL mechanism only if the policy is set to "optional" or 954 * "required". 955 * <p> 956 * This is only applicable if clients are allowed to use SSL. 957 * 958 * @return Returns the "ssl-client-auth-policy" property definition. 959 */ 960 public EnumPropertyDefinition<SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition() { 961 return PD_SSL_CLIENT_AUTH_POLICY; 962 } 963 964 965 966 /** 967 * Get the "ssl-protocol" property definition. 968 * <p> 969 * Specifies the names of the SSL protocols that are allowed for use 970 * in SSL or StartTLS communication. 971 * 972 * @return Returns the "ssl-protocol" property definition. 973 */ 974 public StringPropertyDefinition getSSLProtocolPropertyDefinition() { 975 return PD_SSL_PROTOCOL; 976 } 977 978 979 980 /** 981 * Get the "trust-manager-provider" property definition. 982 * <p> 983 * Specifies the name of the trust manager that should be used with 984 * the LDAP Connection Handler . 985 * 986 * @return Returns the "trust-manager-provider" property definition. 987 */ 988 public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() { 989 return PD_TRUST_MANAGER_PROVIDER; 990 } 991 992 993 994 /** 995 * Get the "use-ssl" property definition. 996 * <p> 997 * Indicates whether the LDAP Connection Handler should use SSL. 998 * <p> 999 * If enabled, the LDAP Connection Handler will use SSL to encrypt 1000 * communication with the clients. 1001 * 1002 * @return Returns the "use-ssl" property definition. 1003 */ 1004 public BooleanPropertyDefinition getUseSSLPropertyDefinition() { 1005 return PD_USE_SSL; 1006 } 1007 1008 1009 1010 /** 1011 * Get the "use-tcp-keep-alive" property definition. 1012 * <p> 1013 * Indicates whether the LDAP Connection Handler should use TCP 1014 * keep-alive. 1015 * <p> 1016 * If enabled, the SO_KEEPALIVE socket option is used to indicate 1017 * that TCP keepalive messages should periodically be sent to the 1018 * client to verify that the associated connection is still valid. 1019 * This may also help prevent cases in which intermediate network 1020 * hardware could silently drop an otherwise idle client connection, 1021 * provided that the keepalive interval configured in the underlying 1022 * operating system is smaller than the timeout enforced by the 1023 * network hardware. 1024 * 1025 * @return Returns the "use-tcp-keep-alive" property definition. 1026 */ 1027 public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() { 1028 return PD_USE_TCP_KEEP_ALIVE; 1029 } 1030 1031 1032 1033 /** 1034 * Get the "use-tcp-no-delay" property definition. 1035 * <p> 1036 * Indicates whether the LDAP Connection Handler should use TCP 1037 * no-delay. 1038 * <p> 1039 * If enabled, the TCP_NODELAY socket option is used to ensure that 1040 * response messages to the client are sent immediately rather than 1041 * potentially waiting to determine whether additional response 1042 * messages can be sent in the same packet. In most cases, using the 1043 * TCP_NODELAY socket option provides better performance and lower 1044 * response times, but disabling it may help for some cases in which 1045 * the server sends a large number of entries to a client in response 1046 * to a search request. 1047 * 1048 * @return Returns the "use-tcp-no-delay" property definition. 1049 */ 1050 public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() { 1051 return PD_USE_TCP_NO_DELAY; 1052 } 1053 1054 1055 1056 /** 1057 * Managed object client implementation. 1058 */ 1059 private static class LDAPConnectionHandlerCfgClientImpl implements 1060 LDAPConnectionHandlerCfgClient { 1061 1062 /** Private implementation. */ 1063 private ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl; 1064 1065 1066 1067 /** Private constructor. */ 1068 private LDAPConnectionHandlerCfgClientImpl( 1069 ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) { 1070 this.impl = impl; 1071 } 1072 1073 1074 1075 /** {@inheritDoc} */ 1076 public int getAcceptBacklog() { 1077 return impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition()); 1078 } 1079 1080 1081 1082 /** {@inheritDoc} */ 1083 public void setAcceptBacklog(Integer value) { 1084 impl.setPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition(), value); 1085 } 1086 1087 1088 1089 /** {@inheritDoc} */ 1090 public SortedSet<AddressMask> getAllowedClient() { 1091 return impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition()); 1092 } 1093 1094 1095 1096 /** {@inheritDoc} */ 1097 public void setAllowedClient(Collection<AddressMask> values) { 1098 impl.setPropertyValues(INSTANCE.getAllowedClientPropertyDefinition(), values); 1099 } 1100 1101 1102 1103 /** {@inheritDoc} */ 1104 public boolean isAllowLDAPV2() { 1105 return impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition()); 1106 } 1107 1108 1109 1110 /** {@inheritDoc} */ 1111 public void setAllowLDAPV2(Boolean value) { 1112 impl.setPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition(), value); 1113 } 1114 1115 1116 1117 /** {@inheritDoc} */ 1118 public boolean isAllowStartTLS() { 1119 return impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition()); 1120 } 1121 1122 1123 1124 /** {@inheritDoc} */ 1125 public void setAllowStartTLS(Boolean value) { 1126 impl.setPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition(), value); 1127 } 1128 1129 1130 1131 /** {@inheritDoc} */ 1132 public boolean isAllowTCPReuseAddress() { 1133 return impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition()); 1134 } 1135 1136 1137 1138 /** {@inheritDoc} */ 1139 public void setAllowTCPReuseAddress(Boolean value) { 1140 impl.setPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition(), value); 1141 } 1142 1143 1144 1145 /** {@inheritDoc} */ 1146 public long getBufferSize() { 1147 return impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition()); 1148 } 1149 1150 1151 1152 /** {@inheritDoc} */ 1153 public void setBufferSize(Long value) { 1154 impl.setPropertyValue(INSTANCE.getBufferSizePropertyDefinition(), value); 1155 } 1156 1157 1158 1159 /** {@inheritDoc} */ 1160 public SortedSet<AddressMask> getDeniedClient() { 1161 return impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition()); 1162 } 1163 1164 1165 1166 /** {@inheritDoc} */ 1167 public void setDeniedClient(Collection<AddressMask> values) { 1168 impl.setPropertyValues(INSTANCE.getDeniedClientPropertyDefinition(), values); 1169 } 1170 1171 1172 1173 /** {@inheritDoc} */ 1174 public Boolean isEnabled() { 1175 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 1176 } 1177 1178 1179 1180 /** {@inheritDoc} */ 1181 public void setEnabled(boolean value) { 1182 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 1183 } 1184 1185 1186 1187 /** {@inheritDoc} */ 1188 public String getJavaClass() { 1189 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1190 } 1191 1192 1193 1194 /** {@inheritDoc} */ 1195 public void setJavaClass(String value) { 1196 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 1197 } 1198 1199 1200 1201 /** {@inheritDoc} */ 1202 public boolean isKeepStats() { 1203 return impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition()); 1204 } 1205 1206 1207 1208 /** {@inheritDoc} */ 1209 public void setKeepStats(Boolean value) { 1210 impl.setPropertyValue(INSTANCE.getKeepStatsPropertyDefinition(), value); 1211 } 1212 1213 1214 1215 /** {@inheritDoc} */ 1216 public String getKeyManagerProvider() { 1217 return impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition()); 1218 } 1219 1220 1221 1222 /** {@inheritDoc} */ 1223 public void setKeyManagerProvider(String value) { 1224 impl.setPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition(), value); 1225 } 1226 1227 1228 1229 /** {@inheritDoc} */ 1230 public SortedSet<InetAddress> getListenAddress() { 1231 return impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition()); 1232 } 1233 1234 1235 1236 /** {@inheritDoc} */ 1237 public void setListenAddress(Collection<InetAddress> values) { 1238 impl.setPropertyValues(INSTANCE.getListenAddressPropertyDefinition(), values); 1239 } 1240 1241 1242 1243 /** {@inheritDoc} */ 1244 public Integer getListenPort() { 1245 return impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition()); 1246 } 1247 1248 1249 1250 /** {@inheritDoc} */ 1251 public void setListenPort(int value) { 1252 impl.setPropertyValue(INSTANCE.getListenPortPropertyDefinition(), value); 1253 } 1254 1255 1256 1257 /** {@inheritDoc} */ 1258 public long getMaxBlockedWriteTimeLimit() { 1259 return impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition()); 1260 } 1261 1262 1263 1264 /** {@inheritDoc} */ 1265 public void setMaxBlockedWriteTimeLimit(Long value) { 1266 impl.setPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition(), value); 1267 } 1268 1269 1270 1271 /** {@inheritDoc} */ 1272 public long getMaxRequestSize() { 1273 return impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition()); 1274 } 1275 1276 1277 1278 /** {@inheritDoc} */ 1279 public void setMaxRequestSize(Long value) { 1280 impl.setPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition(), value); 1281 } 1282 1283 1284 1285 /** {@inheritDoc} */ 1286 public Integer getNumRequestHandlers() { 1287 return impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition()); 1288 } 1289 1290 1291 1292 /** {@inheritDoc} */ 1293 public void setNumRequestHandlers(Integer value) { 1294 impl.setPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition(), value); 1295 } 1296 1297 1298 1299 /** {@inheritDoc} */ 1300 public boolean isSendRejectionNotice() { 1301 return impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition()); 1302 } 1303 1304 1305 1306 /** {@inheritDoc} */ 1307 public void setSendRejectionNotice(Boolean value) { 1308 impl.setPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition(), value); 1309 } 1310 1311 1312 1313 /** {@inheritDoc} */ 1314 public SortedSet<String> getSSLCertNickname() { 1315 return impl.getPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition()); 1316 } 1317 1318 1319 1320 /** {@inheritDoc} */ 1321 public void setSSLCertNickname(Collection<String> values) { 1322 impl.setPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition(), values); 1323 } 1324 1325 1326 1327 /** {@inheritDoc} */ 1328 public SortedSet<String> getSSLCipherSuite() { 1329 return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1330 } 1331 1332 1333 1334 /** {@inheritDoc} */ 1335 public void setSSLCipherSuite(Collection<String> values) { 1336 impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values); 1337 } 1338 1339 1340 1341 /** {@inheritDoc} */ 1342 public SSLClientAuthPolicy getSSLClientAuthPolicy() { 1343 return impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition()); 1344 } 1345 1346 1347 1348 /** {@inheritDoc} */ 1349 public void setSSLClientAuthPolicy(SSLClientAuthPolicy value) { 1350 impl.setPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition(), value); 1351 } 1352 1353 1354 1355 /** {@inheritDoc} */ 1356 public SortedSet<String> getSSLProtocol() { 1357 return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1358 } 1359 1360 1361 1362 /** {@inheritDoc} */ 1363 public void setSSLProtocol(Collection<String> values) { 1364 impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values); 1365 } 1366 1367 1368 1369 /** {@inheritDoc} */ 1370 public String getTrustManagerProvider() { 1371 return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1372 } 1373 1374 1375 1376 /** {@inheritDoc} */ 1377 public void setTrustManagerProvider(String value) { 1378 impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value); 1379 } 1380 1381 1382 1383 /** {@inheritDoc} */ 1384 public boolean isUseSSL() { 1385 return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1386 } 1387 1388 1389 1390 /** {@inheritDoc} */ 1391 public void setUseSSL(Boolean value) { 1392 impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value); 1393 } 1394 1395 1396 1397 /** {@inheritDoc} */ 1398 public boolean isUseTCPKeepAlive() { 1399 return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1400 } 1401 1402 1403 1404 /** {@inheritDoc} */ 1405 public void setUseTCPKeepAlive(Boolean value) { 1406 impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value); 1407 } 1408 1409 1410 1411 /** {@inheritDoc} */ 1412 public boolean isUseTCPNoDelay() { 1413 return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1414 } 1415 1416 1417 1418 /** {@inheritDoc} */ 1419 public void setUseTCPNoDelay(Boolean value) { 1420 impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value); 1421 } 1422 1423 1424 1425 /** {@inheritDoc} */ 1426 public ManagedObjectDefinition<? extends LDAPConnectionHandlerCfgClient, ? extends LDAPConnectionHandlerCfg> definition() { 1427 return INSTANCE; 1428 } 1429 1430 1431 1432 /** {@inheritDoc} */ 1433 public PropertyProvider properties() { 1434 return impl; 1435 } 1436 1437 1438 1439 /** {@inheritDoc} */ 1440 public void commit() throws ManagedObjectAlreadyExistsException, 1441 MissingMandatoryPropertiesException, ConcurrentModificationException, 1442 OperationRejectedException, LdapException { 1443 impl.commit(); 1444 } 1445 1446 1447 1448 /** {@inheritDoc} */ 1449 public String toString() { 1450 return impl.toString(); 1451 } 1452 } 1453 1454 1455 1456 /** 1457 * Managed object server implementation. 1458 */ 1459 private static class LDAPConnectionHandlerCfgServerImpl implements 1460 LDAPConnectionHandlerCfg { 1461 1462 /** Private implementation. */ 1463 private ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl; 1464 1465 /** The value of the "accept-backlog" property. */ 1466 private final int pAcceptBacklog; 1467 1468 /** The value of the "allowed-client" property. */ 1469 private final SortedSet<AddressMask> pAllowedClient; 1470 1471 /** The value of the "allow-ldap-v2" property. */ 1472 private final boolean pAllowLDAPV2; 1473 1474 /** The value of the "allow-start-tls" property. */ 1475 private final boolean pAllowStartTLS; 1476 1477 /** The value of the "allow-tcp-reuse-address" property. */ 1478 private final boolean pAllowTCPReuseAddress; 1479 1480 /** The value of the "buffer-size" property. */ 1481 private final long pBufferSize; 1482 1483 /** The value of the "denied-client" property. */ 1484 private final SortedSet<AddressMask> pDeniedClient; 1485 1486 /** The value of the "enabled" property. */ 1487 private final boolean pEnabled; 1488 1489 /** The value of the "java-class" property. */ 1490 private final String pJavaClass; 1491 1492 /** The value of the "keep-stats" property. */ 1493 private final boolean pKeepStats; 1494 1495 /** The value of the "key-manager-provider" property. */ 1496 private final String pKeyManagerProvider; 1497 1498 /** The value of the "listen-address" property. */ 1499 private final SortedSet<InetAddress> pListenAddress; 1500 1501 /** The value of the "listen-port" property. */ 1502 private final int pListenPort; 1503 1504 /** The value of the "max-blocked-write-time-limit" property. */ 1505 private final long pMaxBlockedWriteTimeLimit; 1506 1507 /** The value of the "max-request-size" property. */ 1508 private final long pMaxRequestSize; 1509 1510 /** The value of the "num-request-handlers" property. */ 1511 private final Integer pNumRequestHandlers; 1512 1513 /** The value of the "send-rejection-notice" property. */ 1514 private final boolean pSendRejectionNotice; 1515 1516 /** The value of the "ssl-cert-nickname" property. */ 1517 private final SortedSet<String> pSSLCertNickname; 1518 1519 /** The value of the "ssl-cipher-suite" property. */ 1520 private final SortedSet<String> pSSLCipherSuite; 1521 1522 /** The value of the "ssl-client-auth-policy" property. */ 1523 private final SSLClientAuthPolicy pSSLClientAuthPolicy; 1524 1525 /** The value of the "ssl-protocol" property. */ 1526 private final SortedSet<String> pSSLProtocol; 1527 1528 /** The value of the "trust-manager-provider" property. */ 1529 private final String pTrustManagerProvider; 1530 1531 /** The value of the "use-ssl" property. */ 1532 private final boolean pUseSSL; 1533 1534 /** The value of the "use-tcp-keep-alive" property. */ 1535 private final boolean pUseTCPKeepAlive; 1536 1537 /** The value of the "use-tcp-no-delay" property. */ 1538 private final boolean pUseTCPNoDelay; 1539 1540 1541 1542 /** Private constructor. */ 1543 private LDAPConnectionHandlerCfgServerImpl(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) { 1544 this.impl = impl; 1545 this.pAcceptBacklog = impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition()); 1546 this.pAllowedClient = impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition()); 1547 this.pAllowLDAPV2 = impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition()); 1548 this.pAllowStartTLS = impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition()); 1549 this.pAllowTCPReuseAddress = impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition()); 1550 this.pBufferSize = impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition()); 1551 this.pDeniedClient = impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition()); 1552 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 1553 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1554 this.pKeepStats = impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition()); 1555 this.pKeyManagerProvider = impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition()); 1556 this.pListenAddress = impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition()); 1557 this.pListenPort = impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition()); 1558 this.pMaxBlockedWriteTimeLimit = impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition()); 1559 this.pMaxRequestSize = impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition()); 1560 this.pNumRequestHandlers = impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition()); 1561 this.pSendRejectionNotice = impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition()); 1562 this.pSSLCertNickname = impl.getPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition()); 1563 this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1564 this.pSSLClientAuthPolicy = impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition()); 1565 this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1566 this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1567 this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1568 this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1569 this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1570 } 1571 1572 1573 1574 /** {@inheritDoc} */ 1575 public void addLDAPChangeListener( 1576 ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) { 1577 impl.registerChangeListener(listener); 1578 } 1579 1580 1581 1582 /** {@inheritDoc} */ 1583 public void removeLDAPChangeListener( 1584 ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) { 1585 impl.deregisterChangeListener(listener); 1586 } 1587 /** {@inheritDoc} */ 1588 public void addChangeListener( 1589 ConfigurationChangeListener<ConnectionHandlerCfg> listener) { 1590 impl.registerChangeListener(listener); 1591 } 1592 1593 1594 1595 /** {@inheritDoc} */ 1596 public void removeChangeListener( 1597 ConfigurationChangeListener<ConnectionHandlerCfg> listener) { 1598 impl.deregisterChangeListener(listener); 1599 } 1600 1601 1602 1603 /** {@inheritDoc} */ 1604 public int getAcceptBacklog() { 1605 return pAcceptBacklog; 1606 } 1607 1608 1609 1610 /** {@inheritDoc} */ 1611 public SortedSet<AddressMask> getAllowedClient() { 1612 return pAllowedClient; 1613 } 1614 1615 1616 1617 /** {@inheritDoc} */ 1618 public boolean isAllowLDAPV2() { 1619 return pAllowLDAPV2; 1620 } 1621 1622 1623 1624 /** {@inheritDoc} */ 1625 public boolean isAllowStartTLS() { 1626 return pAllowStartTLS; 1627 } 1628 1629 1630 1631 /** {@inheritDoc} */ 1632 public boolean isAllowTCPReuseAddress() { 1633 return pAllowTCPReuseAddress; 1634 } 1635 1636 1637 1638 /** {@inheritDoc} */ 1639 public long getBufferSize() { 1640 return pBufferSize; 1641 } 1642 1643 1644 1645 /** {@inheritDoc} */ 1646 public SortedSet<AddressMask> getDeniedClient() { 1647 return pDeniedClient; 1648 } 1649 1650 1651 1652 /** {@inheritDoc} */ 1653 public boolean isEnabled() { 1654 return pEnabled; 1655 } 1656 1657 1658 1659 /** {@inheritDoc} */ 1660 public String getJavaClass() { 1661 return pJavaClass; 1662 } 1663 1664 1665 1666 /** {@inheritDoc} */ 1667 public boolean isKeepStats() { 1668 return pKeepStats; 1669 } 1670 1671 1672 1673 /** {@inheritDoc} */ 1674 public String getKeyManagerProvider() { 1675 return pKeyManagerProvider; 1676 } 1677 1678 1679 1680 /** 1681 * {@inheritDoc} 1682 */ 1683 public DN getKeyManagerProviderDN() { 1684 String value = getKeyManagerProvider(); 1685 if (value == null) return null; 1686 return INSTANCE.getKeyManagerProviderPropertyDefinition().getChildDN(value); 1687 } 1688 1689 1690 1691 /** {@inheritDoc} */ 1692 public SortedSet<InetAddress> getListenAddress() { 1693 return pListenAddress; 1694 } 1695 1696 1697 1698 /** {@inheritDoc} */ 1699 public int getListenPort() { 1700 return pListenPort; 1701 } 1702 1703 1704 1705 /** {@inheritDoc} */ 1706 public long getMaxBlockedWriteTimeLimit() { 1707 return pMaxBlockedWriteTimeLimit; 1708 } 1709 1710 1711 1712 /** {@inheritDoc} */ 1713 public long getMaxRequestSize() { 1714 return pMaxRequestSize; 1715 } 1716 1717 1718 1719 /** {@inheritDoc} */ 1720 public Integer getNumRequestHandlers() { 1721 return pNumRequestHandlers; 1722 } 1723 1724 1725 1726 /** {@inheritDoc} */ 1727 public boolean isSendRejectionNotice() { 1728 return pSendRejectionNotice; 1729 } 1730 1731 1732 1733 /** {@inheritDoc} */ 1734 public SortedSet<String> getSSLCertNickname() { 1735 return pSSLCertNickname; 1736 } 1737 1738 1739 1740 /** {@inheritDoc} */ 1741 public SortedSet<String> getSSLCipherSuite() { 1742 return pSSLCipherSuite; 1743 } 1744 1745 1746 1747 /** {@inheritDoc} */ 1748 public SSLClientAuthPolicy getSSLClientAuthPolicy() { 1749 return pSSLClientAuthPolicy; 1750 } 1751 1752 1753 1754 /** {@inheritDoc} */ 1755 public SortedSet<String> getSSLProtocol() { 1756 return pSSLProtocol; 1757 } 1758 1759 1760 1761 /** {@inheritDoc} */ 1762 public String getTrustManagerProvider() { 1763 return pTrustManagerProvider; 1764 } 1765 1766 1767 1768 /** 1769 * {@inheritDoc} 1770 */ 1771 public DN getTrustManagerProviderDN() { 1772 String value = getTrustManagerProvider(); 1773 if (value == null) return null; 1774 return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value); 1775 } 1776 1777 1778 1779 /** {@inheritDoc} */ 1780 public boolean isUseSSL() { 1781 return pUseSSL; 1782 } 1783 1784 1785 1786 /** {@inheritDoc} */ 1787 public boolean isUseTCPKeepAlive() { 1788 return pUseTCPKeepAlive; 1789 } 1790 1791 1792 1793 /** {@inheritDoc} */ 1794 public boolean isUseTCPNoDelay() { 1795 return pUseTCPNoDelay; 1796 } 1797 1798 1799 1800 /** {@inheritDoc} */ 1801 public Class<? extends LDAPConnectionHandlerCfg> configurationClass() { 1802 return LDAPConnectionHandlerCfg.class; 1803 } 1804 1805 1806 1807 /** {@inheritDoc} */ 1808 public DN dn() { 1809 return impl.getDN(); 1810 } 1811 1812 1813 1814 /** {@inheritDoc} */ 1815 public String toString() { 1816 return impl.toString(); 1817 } 1818 } 1819}