001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import org.forgerock.opendj.config.AdministratorAction;
021import org.forgerock.opendj.config.BooleanPropertyDefinition;
022import org.forgerock.opendj.config.ClassPropertyDefinition;
023import org.forgerock.opendj.config.client.ConcurrentModificationException;
024import org.forgerock.opendj.config.client.ManagedObject;
025import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
026import org.forgerock.opendj.config.client.OperationRejectedException;
027import org.forgerock.opendj.config.DefaultBehaviorProvider;
028import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
029import org.forgerock.opendj.config.EnumPropertyDefinition;
030import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
031import org.forgerock.opendj.config.ManagedObjectDefinition;
032import org.forgerock.opendj.config.PropertyOption;
033import org.forgerock.opendj.config.PropertyProvider;
034import org.forgerock.opendj.config.server.ConfigurationChangeListener;
035import org.forgerock.opendj.config.server.ServerManagedObject;
036import org.forgerock.opendj.config.Tag;
037import org.forgerock.opendj.ldap.DN;
038import org.forgerock.opendj.ldap.LdapException;
039import org.forgerock.opendj.server.config.client.CryptPasswordStorageSchemeCfgClient;
040import org.forgerock.opendj.server.config.server.CryptPasswordStorageSchemeCfg;
041import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg;
042
043
044
045/**
046 * An interface for querying the Crypt Password Storage Scheme managed
047 * object definition meta information.
048 * <p>
049 * The Crypt Password Storage Scheme provides a mechanism for encoding
050 * user passwords like Unix crypt does. Like on most Unix systems, the
051 * password may be encrypted using different algorithms, either Unix
052 * crypt, md5, sha256 or sha512.
053 */
054public final class CryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<CryptPasswordStorageSchemeCfgClient, CryptPasswordStorageSchemeCfg> {
055
056  /** The singleton configuration definition instance. */
057  private static final CryptPasswordStorageSchemeCfgDefn INSTANCE = new CryptPasswordStorageSchemeCfgDefn();
058
059
060
061  /**
062   * Defines the set of permissable values for the "crypt-password-storage-encryption-algorithm" property.
063   * <p>
064   * Specifies the algorithm to use to encrypt new passwords.
065   * <p>
066   * Select the crypt algorithm to use to encrypt new passwords. The
067   * value can either be "unix", which means the password is encrypted
068   * with the weak Unix crypt algorithm, or "md5" which means the
069   * password is encrypted with the BSD MD5 algorithm and has a $1$
070   * prefix, or "sha256" which means the password is encrypted with the
071   * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the
072   * password is encrypted with the SHA512 algorithm and has a $6$
073   * prefix.
074   */
075  public static enum CryptPasswordStorageEncryptionAlgorithm {
076
077    /**
078     * New passwords are encrypted with the BSD MD5 algorithm.
079     */
080    MD5("md5"),
081
082
083
084    /**
085     * New passwords are encrypted with the Unix crypt SHA256
086     * algorithm.
087     */
088    SHA256("sha256"),
089
090
091
092    /**
093     * New passwords are encrypted with the Unix crypt SHA512
094     * algorithm.
095     */
096    SHA512("sha512"),
097
098
099
100    /**
101     * New passwords are encrypted with the Unix crypt algorithm.
102     * Passwords are truncated at 8 characters and the top bit of each
103     * character is ignored.
104     */
105    UNIX("unix");
106
107
108
109    /** String representation of the value. */
110    private final String name;
111
112
113
114    /** Private constructor. */
115    private CryptPasswordStorageEncryptionAlgorithm(String name) { this.name = name; }
116
117
118
119    /** {@inheritDoc} */
120    public String toString() { return name; }
121
122  }
123
124
125
126  /** The "crypt-password-storage-encryption-algorithm" property definition. */
127  private static final EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM;
128
129
130
131  /** The "java-class" property definition. */
132  private static final ClassPropertyDefinition PD_JAVA_CLASS;
133
134
135
136  /** Build the "crypt-password-storage-encryption-algorithm" property definition. */
137  static {
138      EnumPropertyDefinition.Builder<CryptPasswordStorageEncryptionAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "crypt-password-storage-encryption-algorithm");
139      builder.setOption(PropertyOption.MANDATORY);
140      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "crypt-password-storage-encryption-algorithm"));
141      DefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm> provider = new DefinedDefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm>("unix");
142      builder.setDefaultBehaviorProvider(provider);
143      builder.setEnumClass(CryptPasswordStorageEncryptionAlgorithm.class);
144      PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM = builder.getInstance();
145      INSTANCE.registerPropertyDefinition(PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM);
146  }
147
148
149
150  /** Build the "java-class" property definition. */
151  static {
152      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
153      builder.setOption(PropertyOption.MANDATORY);
154      builder.setOption(PropertyOption.ADVANCED);
155      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class"));
156      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.CryptPasswordStorageScheme");
157      builder.setDefaultBehaviorProvider(provider);
158      builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme");
159      PD_JAVA_CLASS = builder.getInstance();
160      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
161  }
162
163
164
165  // Register the tags associated with this managed object definition.
166  static {
167    INSTANCE.registerTag(Tag.valueOf("user-management"));
168  }
169
170
171
172  /**
173   * Get the Crypt Password Storage Scheme configuration definition
174   * singleton.
175   *
176   * @return Returns the Crypt Password Storage Scheme configuration
177   *         definition singleton.
178   */
179  public static CryptPasswordStorageSchemeCfgDefn getInstance() {
180    return INSTANCE;
181  }
182
183
184
185  /**
186   * Private constructor.
187   */
188  private CryptPasswordStorageSchemeCfgDefn() {
189    super("crypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance());
190  }
191
192
193
194  /** {@inheritDoc} */
195  public CryptPasswordStorageSchemeCfgClient createClientConfiguration(
196      ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) {
197    return new CryptPasswordStorageSchemeCfgClientImpl(impl);
198  }
199
200
201
202  /** {@inheritDoc} */
203  public CryptPasswordStorageSchemeCfg createServerConfiguration(
204      ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) {
205    return new CryptPasswordStorageSchemeCfgServerImpl(impl);
206  }
207
208
209
210  /** {@inheritDoc} */
211  public Class<CryptPasswordStorageSchemeCfg> getServerConfigurationClass() {
212    return CryptPasswordStorageSchemeCfg.class;
213  }
214
215
216
217  /**
218   * Get the "crypt-password-storage-encryption-algorithm" property definition.
219   * <p>
220   * Specifies the algorithm to use to encrypt new passwords.
221   * <p>
222   * Select the crypt algorithm to use to encrypt new passwords. The
223   * value can either be "unix", which means the password is encrypted
224   * with the weak Unix crypt algorithm, or "md5" which means the
225   * password is encrypted with the BSD MD5 algorithm and has a $1$
226   * prefix, or "sha256" which means the password is encrypted with the
227   * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the
228   * password is encrypted with the SHA512 algorithm and has a $6$
229   * prefix.
230   *
231   * @return Returns the "crypt-password-storage-encryption-algorithm" property definition.
232   */
233  public EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition() {
234    return PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM;
235  }
236
237
238
239  /**
240   * Get the "enabled" property definition.
241   * <p>
242   * Indicates whether the Crypt Password Storage Scheme is enabled
243   * for use.
244   *
245   * @return Returns the "enabled" property definition.
246   */
247  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
248    return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition();
249  }
250
251
252
253  /**
254   * Get the "java-class" property definition.
255   * <p>
256   * Specifies the fully-qualified name of the Java class that
257   * provides the Crypt Password Storage Scheme implementation.
258   *
259   * @return Returns the "java-class" property definition.
260   */
261  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
262    return PD_JAVA_CLASS;
263  }
264
265
266
267  /**
268   * Managed object client implementation.
269   */
270  private static class CryptPasswordStorageSchemeCfgClientImpl implements
271    CryptPasswordStorageSchemeCfgClient {
272
273    /** Private implementation. */
274    private ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl;
275
276
277
278    /** Private constructor. */
279    private CryptPasswordStorageSchemeCfgClientImpl(
280        ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) {
281      this.impl = impl;
282    }
283
284
285
286    /** {@inheritDoc} */
287    public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() {
288      return impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition());
289    }
290
291
292
293    /** {@inheritDoc} */
294    public void setCryptPasswordStorageEncryptionAlgorithm(CryptPasswordStorageEncryptionAlgorithm value) {
295      impl.setPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition(), value);
296    }
297
298
299
300    /** {@inheritDoc} */
301    public Boolean isEnabled() {
302      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
303    }
304
305
306
307    /** {@inheritDoc} */
308    public void setEnabled(boolean value) {
309      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
310    }
311
312
313
314    /** {@inheritDoc} */
315    public String getJavaClass() {
316      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
317    }
318
319
320
321    /** {@inheritDoc} */
322    public void setJavaClass(String value) {
323      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
324    }
325
326
327
328    /** {@inheritDoc} */
329    public ManagedObjectDefinition<? extends CryptPasswordStorageSchemeCfgClient, ? extends CryptPasswordStorageSchemeCfg> definition() {
330      return INSTANCE;
331    }
332
333
334
335    /** {@inheritDoc} */
336    public PropertyProvider properties() {
337      return impl;
338    }
339
340
341
342    /** {@inheritDoc} */
343    public void commit() throws ManagedObjectAlreadyExistsException,
344        MissingMandatoryPropertiesException, ConcurrentModificationException,
345        OperationRejectedException, LdapException {
346      impl.commit();
347    }
348
349
350
351    /** {@inheritDoc} */
352    public String toString() {
353      return impl.toString();
354    }
355  }
356
357
358
359  /**
360   * Managed object server implementation.
361   */
362  private static class CryptPasswordStorageSchemeCfgServerImpl implements
363    CryptPasswordStorageSchemeCfg {
364
365    /** Private implementation. */
366    private ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl;
367
368    /** The value of the "crypt-password-storage-encryption-algorithm" property. */
369    private final CryptPasswordStorageEncryptionAlgorithm pCryptPasswordStorageEncryptionAlgorithm;
370
371    /** The value of the "enabled" property. */
372    private final boolean pEnabled;
373
374    /** The value of the "java-class" property. */
375    private final String pJavaClass;
376
377
378
379    /** Private constructor. */
380    private CryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) {
381      this.impl = impl;
382      this.pCryptPasswordStorageEncryptionAlgorithm = impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition());
383      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
384      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
385    }
386
387
388
389    /** {@inheritDoc} */
390    public void addCryptChangeListener(
391        ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) {
392      impl.registerChangeListener(listener);
393    }
394
395
396
397    /** {@inheritDoc} */
398    public void removeCryptChangeListener(
399        ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) {
400      impl.deregisterChangeListener(listener);
401    }
402    /** {@inheritDoc} */
403    public void addChangeListener(
404        ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) {
405      impl.registerChangeListener(listener);
406    }
407
408
409
410    /** {@inheritDoc} */
411    public void removeChangeListener(
412        ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) {
413      impl.deregisterChangeListener(listener);
414    }
415
416
417
418    /** {@inheritDoc} */
419    public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() {
420      return pCryptPasswordStorageEncryptionAlgorithm;
421    }
422
423
424
425    /** {@inheritDoc} */
426    public boolean isEnabled() {
427      return pEnabled;
428    }
429
430
431
432    /** {@inheritDoc} */
433    public String getJavaClass() {
434      return pJavaClass;
435    }
436
437
438
439    /** {@inheritDoc} */
440    public Class<? extends CryptPasswordStorageSchemeCfg> configurationClass() {
441      return CryptPasswordStorageSchemeCfg.class;
442    }
443
444
445
446    /** {@inheritDoc} */
447    public DN dn() {
448      return impl.getDN();
449    }
450
451
452
453    /** {@inheritDoc} */
454    public String toString() {
455      return impl.toString();
456    }
457  }
458}