001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import org.forgerock.opendj.config.AdministratorAction; 021import org.forgerock.opendj.config.BooleanPropertyDefinition; 022import org.forgerock.opendj.config.ClassPropertyDefinition; 023import org.forgerock.opendj.config.client.ConcurrentModificationException; 024import org.forgerock.opendj.config.client.ManagedObject; 025import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 026import org.forgerock.opendj.config.client.OperationRejectedException; 027import org.forgerock.opendj.config.DefaultBehaviorProvider; 028import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 029import org.forgerock.opendj.config.EnumPropertyDefinition; 030import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 031import org.forgerock.opendj.config.ManagedObjectDefinition; 032import org.forgerock.opendj.config.PropertyOption; 033import org.forgerock.opendj.config.PropertyProvider; 034import org.forgerock.opendj.config.server.ConfigurationChangeListener; 035import org.forgerock.opendj.config.server.ServerManagedObject; 036import org.forgerock.opendj.config.Tag; 037import org.forgerock.opendj.ldap.DN; 038import org.forgerock.opendj.ldap.LdapException; 039import org.forgerock.opendj.server.config.client.CryptPasswordStorageSchemeCfgClient; 040import org.forgerock.opendj.server.config.server.CryptPasswordStorageSchemeCfg; 041import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 042 043 044 045/** 046 * An interface for querying the Crypt Password Storage Scheme managed 047 * object definition meta information. 048 * <p> 049 * The Crypt Password Storage Scheme provides a mechanism for encoding 050 * user passwords like Unix crypt does. Like on most Unix systems, the 051 * password may be encrypted using different algorithms, either Unix 052 * crypt, md5, sha256 or sha512. 053 */ 054public final class CryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<CryptPasswordStorageSchemeCfgClient, CryptPasswordStorageSchemeCfg> { 055 056 /** The singleton configuration definition instance. */ 057 private static final CryptPasswordStorageSchemeCfgDefn INSTANCE = new CryptPasswordStorageSchemeCfgDefn(); 058 059 060 061 /** 062 * Defines the set of permissable values for the "crypt-password-storage-encryption-algorithm" property. 063 * <p> 064 * Specifies the algorithm to use to encrypt new passwords. 065 * <p> 066 * Select the crypt algorithm to use to encrypt new passwords. The 067 * value can either be "unix", which means the password is encrypted 068 * with the weak Unix crypt algorithm, or "md5" which means the 069 * password is encrypted with the BSD MD5 algorithm and has a $1$ 070 * prefix, or "sha256" which means the password is encrypted with the 071 * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the 072 * password is encrypted with the SHA512 algorithm and has a $6$ 073 * prefix. 074 */ 075 public static enum CryptPasswordStorageEncryptionAlgorithm { 076 077 /** 078 * New passwords are encrypted with the BSD MD5 algorithm. 079 */ 080 MD5("md5"), 081 082 083 084 /** 085 * New passwords are encrypted with the Unix crypt SHA256 086 * algorithm. 087 */ 088 SHA256("sha256"), 089 090 091 092 /** 093 * New passwords are encrypted with the Unix crypt SHA512 094 * algorithm. 095 */ 096 SHA512("sha512"), 097 098 099 100 /** 101 * New passwords are encrypted with the Unix crypt algorithm. 102 * Passwords are truncated at 8 characters and the top bit of each 103 * character is ignored. 104 */ 105 UNIX("unix"); 106 107 108 109 /** String representation of the value. */ 110 private final String name; 111 112 113 114 /** Private constructor. */ 115 private CryptPasswordStorageEncryptionAlgorithm(String name) { this.name = name; } 116 117 118 119 /** {@inheritDoc} */ 120 public String toString() { return name; } 121 122 } 123 124 125 126 /** The "crypt-password-storage-encryption-algorithm" property definition. */ 127 private static final EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM; 128 129 130 131 /** The "java-class" property definition. */ 132 private static final ClassPropertyDefinition PD_JAVA_CLASS; 133 134 135 136 /** Build the "crypt-password-storage-encryption-algorithm" property definition. */ 137 static { 138 EnumPropertyDefinition.Builder<CryptPasswordStorageEncryptionAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "crypt-password-storage-encryption-algorithm"); 139 builder.setOption(PropertyOption.MANDATORY); 140 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "crypt-password-storage-encryption-algorithm")); 141 DefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm> provider = new DefinedDefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm>("unix"); 142 builder.setDefaultBehaviorProvider(provider); 143 builder.setEnumClass(CryptPasswordStorageEncryptionAlgorithm.class); 144 PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM = builder.getInstance(); 145 INSTANCE.registerPropertyDefinition(PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM); 146 } 147 148 149 150 /** Build the "java-class" property definition. */ 151 static { 152 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 153 builder.setOption(PropertyOption.MANDATORY); 154 builder.setOption(PropertyOption.ADVANCED); 155 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 156 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.CryptPasswordStorageScheme"); 157 builder.setDefaultBehaviorProvider(provider); 158 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 159 PD_JAVA_CLASS = builder.getInstance(); 160 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 161 } 162 163 164 165 // Register the tags associated with this managed object definition. 166 static { 167 INSTANCE.registerTag(Tag.valueOf("user-management")); 168 } 169 170 171 172 /** 173 * Get the Crypt Password Storage Scheme configuration definition 174 * singleton. 175 * 176 * @return Returns the Crypt Password Storage Scheme configuration 177 * definition singleton. 178 */ 179 public static CryptPasswordStorageSchemeCfgDefn getInstance() { 180 return INSTANCE; 181 } 182 183 184 185 /** 186 * Private constructor. 187 */ 188 private CryptPasswordStorageSchemeCfgDefn() { 189 super("crypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 190 } 191 192 193 194 /** {@inheritDoc} */ 195 public CryptPasswordStorageSchemeCfgClient createClientConfiguration( 196 ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) { 197 return new CryptPasswordStorageSchemeCfgClientImpl(impl); 198 } 199 200 201 202 /** {@inheritDoc} */ 203 public CryptPasswordStorageSchemeCfg createServerConfiguration( 204 ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) { 205 return new CryptPasswordStorageSchemeCfgServerImpl(impl); 206 } 207 208 209 210 /** {@inheritDoc} */ 211 public Class<CryptPasswordStorageSchemeCfg> getServerConfigurationClass() { 212 return CryptPasswordStorageSchemeCfg.class; 213 } 214 215 216 217 /** 218 * Get the "crypt-password-storage-encryption-algorithm" property definition. 219 * <p> 220 * Specifies the algorithm to use to encrypt new passwords. 221 * <p> 222 * Select the crypt algorithm to use to encrypt new passwords. The 223 * value can either be "unix", which means the password is encrypted 224 * with the weak Unix crypt algorithm, or "md5" which means the 225 * password is encrypted with the BSD MD5 algorithm and has a $1$ 226 * prefix, or "sha256" which means the password is encrypted with the 227 * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the 228 * password is encrypted with the SHA512 algorithm and has a $6$ 229 * prefix. 230 * 231 * @return Returns the "crypt-password-storage-encryption-algorithm" property definition. 232 */ 233 public EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition() { 234 return PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM; 235 } 236 237 238 239 /** 240 * Get the "enabled" property definition. 241 * <p> 242 * Indicates whether the Crypt Password Storage Scheme is enabled 243 * for use. 244 * 245 * @return Returns the "enabled" property definition. 246 */ 247 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 248 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 249 } 250 251 252 253 /** 254 * Get the "java-class" property definition. 255 * <p> 256 * Specifies the fully-qualified name of the Java class that 257 * provides the Crypt Password Storage Scheme implementation. 258 * 259 * @return Returns the "java-class" property definition. 260 */ 261 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 262 return PD_JAVA_CLASS; 263 } 264 265 266 267 /** 268 * Managed object client implementation. 269 */ 270 private static class CryptPasswordStorageSchemeCfgClientImpl implements 271 CryptPasswordStorageSchemeCfgClient { 272 273 /** Private implementation. */ 274 private ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl; 275 276 277 278 /** Private constructor. */ 279 private CryptPasswordStorageSchemeCfgClientImpl( 280 ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) { 281 this.impl = impl; 282 } 283 284 285 286 /** {@inheritDoc} */ 287 public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() { 288 return impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition()); 289 } 290 291 292 293 /** {@inheritDoc} */ 294 public void setCryptPasswordStorageEncryptionAlgorithm(CryptPasswordStorageEncryptionAlgorithm value) { 295 impl.setPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition(), value); 296 } 297 298 299 300 /** {@inheritDoc} */ 301 public Boolean isEnabled() { 302 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 303 } 304 305 306 307 /** {@inheritDoc} */ 308 public void setEnabled(boolean value) { 309 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 310 } 311 312 313 314 /** {@inheritDoc} */ 315 public String getJavaClass() { 316 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 317 } 318 319 320 321 /** {@inheritDoc} */ 322 public void setJavaClass(String value) { 323 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 324 } 325 326 327 328 /** {@inheritDoc} */ 329 public ManagedObjectDefinition<? extends CryptPasswordStorageSchemeCfgClient, ? extends CryptPasswordStorageSchemeCfg> definition() { 330 return INSTANCE; 331 } 332 333 334 335 /** {@inheritDoc} */ 336 public PropertyProvider properties() { 337 return impl; 338 } 339 340 341 342 /** {@inheritDoc} */ 343 public void commit() throws ManagedObjectAlreadyExistsException, 344 MissingMandatoryPropertiesException, ConcurrentModificationException, 345 OperationRejectedException, LdapException { 346 impl.commit(); 347 } 348 349 350 351 /** {@inheritDoc} */ 352 public String toString() { 353 return impl.toString(); 354 } 355 } 356 357 358 359 /** 360 * Managed object server implementation. 361 */ 362 private static class CryptPasswordStorageSchemeCfgServerImpl implements 363 CryptPasswordStorageSchemeCfg { 364 365 /** Private implementation. */ 366 private ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl; 367 368 /** The value of the "crypt-password-storage-encryption-algorithm" property. */ 369 private final CryptPasswordStorageEncryptionAlgorithm pCryptPasswordStorageEncryptionAlgorithm; 370 371 /** The value of the "enabled" property. */ 372 private final boolean pEnabled; 373 374 /** The value of the "java-class" property. */ 375 private final String pJavaClass; 376 377 378 379 /** Private constructor. */ 380 private CryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) { 381 this.impl = impl; 382 this.pCryptPasswordStorageEncryptionAlgorithm = impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition()); 383 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 384 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 385 } 386 387 388 389 /** {@inheritDoc} */ 390 public void addCryptChangeListener( 391 ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) { 392 impl.registerChangeListener(listener); 393 } 394 395 396 397 /** {@inheritDoc} */ 398 public void removeCryptChangeListener( 399 ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) { 400 impl.deregisterChangeListener(listener); 401 } 402 /** {@inheritDoc} */ 403 public void addChangeListener( 404 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 405 impl.registerChangeListener(listener); 406 } 407 408 409 410 /** {@inheritDoc} */ 411 public void removeChangeListener( 412 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 413 impl.deregisterChangeListener(listener); 414 } 415 416 417 418 /** {@inheritDoc} */ 419 public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() { 420 return pCryptPasswordStorageEncryptionAlgorithm; 421 } 422 423 424 425 /** {@inheritDoc} */ 426 public boolean isEnabled() { 427 return pEnabled; 428 } 429 430 431 432 /** {@inheritDoc} */ 433 public String getJavaClass() { 434 return pJavaClass; 435 } 436 437 438 439 /** {@inheritDoc} */ 440 public Class<? extends CryptPasswordStorageSchemeCfg> configurationClass() { 441 return CryptPasswordStorageSchemeCfg.class; 442 } 443 444 445 446 /** {@inheritDoc} */ 447 public DN dn() { 448 return impl.getDN(); 449 } 450 451 452 453 /** {@inheritDoc} */ 454 public String toString() { 455 return impl.toString(); 456 } 457 } 458}