001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2015 ForgeRock AS. 016 */ 017package org.opends.server.tools; 018 019 020import java.util.ArrayList; 021import java.util.HashMap; 022import java.util.List; 023import java.util.Map; 024 025 026 027 028/** 029 * This class defines options used while creating an LDAP connection 030 * to the server. 031 */ 032public class LDAPConnectionOptions 033{ 034 035 private boolean reportAuthzID; 036 private boolean useSSL; 037 private boolean startTLS; 038 private boolean saslExternal; 039 private boolean usePasswordPolicyControl; 040 private SSLConnectionFactory sslConnectionFactory; 041 private String saslMechanism; 042 private int versionNumber = 3; 043 private Map<String, List<String>> saslProperties = new HashMap<> (); 044 private boolean verbose; 045 046 /** Creates a the connection options instance. */ 047 public LDAPConnectionOptions() 048 { 049 } 050 051 /** 052 * Set whether to use SSL for the connection or not. 053 * 054 * @param useSSL True if SSL should be used, false otherwise. 055 */ 056 public void setUseSSL(boolean useSSL) 057 { 058 this.useSSL = useSSL; 059 } 060 061 /** 062 * Return the useSSL flag value. 063 * 064 * @return {@code true} if SSL should be used, or {@code false} if not. 065 */ 066 public boolean useSSL() 067 { 068 return useSSL; 069 } 070 071 /** 072 * Set whether to use startTLS for the connection or not. 073 * 074 * @param startTLS True if startTLS should be used, false otherwise. 075 * 076 */ 077 078 public void setStartTLS(boolean startTLS) 079 { 080 this.startTLS = startTLS; 081 } 082 083 /** 084 * Return the startTLS flag value. 085 * 086 * @return <CODE>true</CODE> if StartTLS should be used, or 087 * <CODE>false</CODE> if not. 088 */ 089 public boolean useStartTLS() 090 { 091 return startTLS; 092 } 093 094 /** 095 * Set whether to use SASL EXTERNAL for the connection or not. 096 * 097 * @param saslExternal True if SASL EXTERNAL should be used, 098 * false otherwise. 099 * 100 */ 101 102 public void setSASLExternal(boolean saslExternal) 103 { 104 this.saslExternal = saslExternal; 105 } 106 107 /** 108 * Return the saslExternal flag value. 109 * 110 * @return <CODE>true</CODE> if SASL EXTERNAL should be used, or 111 * <CODE>false</CODE> if not. 112 */ 113 public boolean useSASLExternal() 114 { 115 return saslExternal; 116 } 117 118 /** 119 * Set the SSL connection factory to use to create SSL connections. 120 * 121 * @param sslConnectionFactory The SSL connection factory. 122 * 123 */ 124 125 public void setSSLConnectionFactory(SSLConnectionFactory sslConnectionFactory) 126 { 127 this.sslConnectionFactory = sslConnectionFactory; 128 } 129 130 /** 131 * Return the SSLConnectionFactory instance. 132 * 133 * @return The SSL connection factory to use when establishing secure 134 * connections. 135 */ 136 public SSLConnectionFactory getSSLConnectionFactory() 137 { 138 return sslConnectionFactory; 139 } 140 141 /** 142 * Set the SASL mechanism used for authentication. 143 * 144 * @param mechanism The SASL mechanism string, in "name=value" form. 145 * 146 * @return <CODE>true</CODE> if the SASL mechanism was set, or 147 * <CODE>false</CODE> if not. 148 */ 149 public boolean setSASLMechanism(String mechanism) 150 { 151 int idx = mechanism.indexOf("="); 152 if(idx == -1) 153 { 154 System.err.println("Invalid SASL mechanism property:" + mechanism); 155 return false; 156 } 157 this.saslMechanism = mechanism.substring(idx+1, mechanism.length()); 158 if(saslMechanism.equalsIgnoreCase("EXTERNAL")) 159 { 160 setSASLExternal(true); 161 } 162 return true; 163 } 164 165 /** 166 * Get the SASL mechanism used for authentication. 167 * 168 * @return The SASL mechanism used for authentication. 169 */ 170 public String getSASLMechanism() 171 { 172 return saslMechanism; 173 } 174 175 /** 176 * Get the SASL options used for authentication. 177 * 178 * @return The SASL options used for authentication. 179 */ 180 public Map<String, List<String>> getSASLProperties() 181 { 182 return saslProperties; 183 } 184 185 /** 186 * Add a property to the list of SASL properties. 187 * 188 * @param property The property (in name=value form) to add to the set of 189 * SASL properties. 190 * 191 * @return <CODE>true</CODE> if the property was set properly, or 192 * <CODE>false</CODE> if not. 193 */ 194 195 public boolean addSASLProperty(String property) 196 { 197 int idx = property.indexOf("="); 198 if(idx == -1) 199 { 200 System.err.println("Invalid SASL property format:" + property); 201 return false; 202 } 203 String key = property.substring(0, idx); 204 String value = property.substring(idx+1, property.length()); 205 List<String> valList = saslProperties.get(key); 206 if(valList == null) 207 { 208 valList = new ArrayList<>(); 209 } 210 valList.add(value); 211 212 saslProperties.put(key, valList); 213 return true; 214 } 215 216 /** 217 * Set the LDAP version number. 218 * 219 * @param version The LDAP version number. 220 */ 221 public void setVersionNumber(int version) 222 { 223 this.versionNumber = version; 224 } 225 226 /** 227 * Get the LDAP version number. 228 * 229 * @return The LDAP version number. 230 */ 231 public int getVersionNumber() 232 { 233 return this.versionNumber; 234 } 235 236 237 238 /** 239 * Indicates whether to request that the server return the authorization ID in 240 * the bind response. 241 * 242 * @return <CODE>true</CODE> if the server should include the authorization 243 * ID in the bind response, or <CODE>false</CODE> if not. 244 */ 245 public boolean getReportAuthzID() 246 { 247 return reportAuthzID; 248 } 249 250 251 252 /** 253 * Specifies whether to request that the server return the authorization ID in 254 * the bind response. 255 * 256 * @param reportAuthzID Specifies whether to request that the server return 257 * the authorization ID in the bind response. 258 */ 259 public void setReportAuthzID(boolean reportAuthzID) 260 { 261 this.reportAuthzID = reportAuthzID; 262 } 263 264 265 266 /** 267 * Indicates whether to use the password policy control in the bind request. 268 * 269 * @return <CODE>true</CODE> if the password policy control should be 270 * included in the bind request, or <CODE>false</CODE> if not. 271 */ 272 public boolean usePasswordPolicyControl() 273 { 274 return usePasswordPolicyControl; 275 } 276 277 278 279 /** 280 * Specifies whether to use the password policy control in the bind request. 281 * 282 * @param usePasswordPolicyControl Specifies whether to use the password 283 * policy control in the bind request. 284 */ 285 public void setUsePasswordPolicyControl(boolean usePasswordPolicyControl) 286 { 287 this.usePasswordPolicyControl = usePasswordPolicyControl; 288 } 289 290 /** 291 * Indicates whether verbose tracing is enabled. 292 * 293 * @return <CODE>true</CODE> if verbose tracing is enabled. 294 */ 295 public boolean isVerbose() 296 { 297 return verbose; 298 } 299 300 /** 301 * Specifies whether verbose tracing should be enabled. 302 * @param verbose Specifies whether verbose tracing should be enabled. 303 */ 304 public void setVerbose(boolean verbose) 305 { 306 this.verbose = verbose; 307 } 308} 309