001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.net.InetAddress;
021import java.util.Collection;
022import java.util.SortedSet;
023import org.forgerock.opendj.config.AdministratorAction;
024import org.forgerock.opendj.config.AggregationPropertyDefinition;
025import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
026import org.forgerock.opendj.config.BooleanPropertyDefinition;
027import org.forgerock.opendj.config.ClassPropertyDefinition;
028import org.forgerock.opendj.config.client.ConcurrentModificationException;
029import org.forgerock.opendj.config.client.ManagedObject;
030import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
031import org.forgerock.opendj.config.client.OperationRejectedException;
032import org.forgerock.opendj.config.conditions.Conditions;
033import org.forgerock.opendj.config.DefaultBehaviorProvider;
034import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
035import org.forgerock.opendj.config.DurationPropertyDefinition;
036import org.forgerock.opendj.config.EnumPropertyDefinition;
037import org.forgerock.opendj.config.GenericConstraint;
038import org.forgerock.opendj.config.IntegerPropertyDefinition;
039import org.forgerock.opendj.config.IPAddressMaskPropertyDefinition;
040import org.forgerock.opendj.config.IPAddressPropertyDefinition;
041import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
042import org.forgerock.opendj.config.ManagedObjectDefinition;
043import org.forgerock.opendj.config.PropertyOption;
044import org.forgerock.opendj.config.PropertyProvider;
045import org.forgerock.opendj.config.server.ConfigurationChangeListener;
046import org.forgerock.opendj.config.server.ServerManagedObject;
047import org.forgerock.opendj.config.SizePropertyDefinition;
048import org.forgerock.opendj.config.StringPropertyDefinition;
049import org.forgerock.opendj.config.Tag;
050import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
051import org.forgerock.opendj.ldap.AddressMask;
052import org.forgerock.opendj.ldap.DN;
053import org.forgerock.opendj.ldap.LdapException;
054import org.forgerock.opendj.server.config.client.KeyManagerProviderCfgClient;
055import org.forgerock.opendj.server.config.client.LDAPConnectionHandlerCfgClient;
056import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient;
057import org.forgerock.opendj.server.config.server.ConnectionHandlerCfg;
058import org.forgerock.opendj.server.config.server.KeyManagerProviderCfg;
059import org.forgerock.opendj.server.config.server.LDAPConnectionHandlerCfg;
060import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg;
061
062
063
064/**
065 * An interface for querying the LDAP Connection Handler managed
066 * object definition meta information.
067 * <p>
068 * The LDAP Connection Handler is used to interact with clients using
069 * LDAP.
070 */
071public final class LDAPConnectionHandlerCfgDefn extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient, LDAPConnectionHandlerCfg> {
072
073  /** The singleton configuration definition instance. */
074  private static final LDAPConnectionHandlerCfgDefn INSTANCE = new LDAPConnectionHandlerCfgDefn();
075
076
077
078  /**
079   * Defines the set of permissable values for the "ssl-client-auth-policy" property.
080   * <p>
081   * Specifies the policy that the LDAP Connection Handler should use
082   * regarding client SSL certificates. Clients can use the SASL
083   * EXTERNAL mechanism only if the policy is set to "optional" or
084   * "required".
085   * <p>
086   * This is only applicable if clients are allowed to use SSL.
087   */
088  public static enum SSLClientAuthPolicy {
089
090    /**
091     * Clients must not provide their own certificates when performing
092     * SSL negotiation.
093     */
094    DISABLED("disabled"),
095
096
097
098    /**
099     * Clients are requested to provide their own certificates when
100     * performing SSL negotiation. The connection is nevertheless
101     * accepted if the client does not provide a certificate.
102     */
103    OPTIONAL("optional"),
104
105
106
107    /**
108     * Clients are required to provide their own certificates when
109     * performing SSL negotiation and are refused access if they do not
110     * provide a certificate.
111     */
112    REQUIRED("required");
113
114
115
116    /** String representation of the value. */
117    private final String name;
118
119
120
121    /** Private constructor. */
122    private SSLClientAuthPolicy(String name) { this.name = name; }
123
124
125
126    /** {@inheritDoc} */
127    public String toString() { return name; }
128
129  }
130
131
132
133  /** The "accept-backlog" property definition. */
134  private static final IntegerPropertyDefinition PD_ACCEPT_BACKLOG;
135
136
137
138  /** The "allow-ldap-v2" property definition. */
139  private static final BooleanPropertyDefinition PD_ALLOW_LDAP_V2;
140
141
142
143  /** The "allow-start-tls" property definition. */
144  private static final BooleanPropertyDefinition PD_ALLOW_START_TLS;
145
146
147
148  /** The "allow-tcp-reuse-address" property definition. */
149  private static final BooleanPropertyDefinition PD_ALLOW_TCP_REUSE_ADDRESS;
150
151
152
153  /** The "buffer-size" property definition. */
154  private static final SizePropertyDefinition PD_BUFFER_SIZE;
155
156
157
158  /** The "java-class" property definition. */
159  private static final ClassPropertyDefinition PD_JAVA_CLASS;
160
161
162
163  /** The "keep-stats" property definition. */
164  private static final BooleanPropertyDefinition PD_KEEP_STATS;
165
166
167
168  /** The "key-manager-provider" property definition. */
169  private static final AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> PD_KEY_MANAGER_PROVIDER;
170
171
172
173  /** The "listen-address" property definition. */
174  private static final IPAddressPropertyDefinition PD_LISTEN_ADDRESS;
175
176
177
178  /** The "listen-port" property definition. */
179  private static final IntegerPropertyDefinition PD_LISTEN_PORT;
180
181
182
183  /** The "max-blocked-write-time-limit" property definition. */
184  private static final DurationPropertyDefinition PD_MAX_BLOCKED_WRITE_TIME_LIMIT;
185
186
187
188  /** The "max-request-size" property definition. */
189  private static final SizePropertyDefinition PD_MAX_REQUEST_SIZE;
190
191
192
193  /** The "num-request-handlers" property definition. */
194  private static final IntegerPropertyDefinition PD_NUM_REQUEST_HANDLERS;
195
196
197
198  /** The "send-rejection-notice" property definition. */
199  private static final BooleanPropertyDefinition PD_SEND_REJECTION_NOTICE;
200
201
202
203  /** The "ssl-cert-nickname" property definition. */
204  private static final StringPropertyDefinition PD_SSL_CERT_NICKNAME;
205
206
207
208  /** The "ssl-cipher-suite" property definition. */
209  private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE;
210
211
212
213  /** The "ssl-client-auth-policy" property definition. */
214  private static final EnumPropertyDefinition<SSLClientAuthPolicy> PD_SSL_CLIENT_AUTH_POLICY;
215
216
217
218  /** The "ssl-protocol" property definition. */
219  private static final StringPropertyDefinition PD_SSL_PROTOCOL;
220
221
222
223  /** The "trust-manager-provider" property definition. */
224  private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER;
225
226
227
228  /** The "use-ssl" property definition. */
229  private static final BooleanPropertyDefinition PD_USE_SSL;
230
231
232
233  /** The "use-tcp-keep-alive" property definition. */
234  private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE;
235
236
237
238  /** The "use-tcp-no-delay" property definition. */
239  private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY;
240
241
242
243  /** Build the "accept-backlog" property definition. */
244  static {
245      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "accept-backlog");
246      builder.setOption(PropertyOption.ADVANCED);
247      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "accept-backlog"));
248      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("128");
249      builder.setDefaultBehaviorProvider(provider);
250      builder.setLowerLimit(1);
251      PD_ACCEPT_BACKLOG = builder.getInstance();
252      INSTANCE.registerPropertyDefinition(PD_ACCEPT_BACKLOG);
253  }
254
255
256
257  /** Build the "allow-ldap-v2" property definition. */
258  static {
259      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-ldap-v2");
260      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-ldap-v2"));
261      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
262      builder.setDefaultBehaviorProvider(provider);
263      PD_ALLOW_LDAP_V2 = builder.getInstance();
264      INSTANCE.registerPropertyDefinition(PD_ALLOW_LDAP_V2);
265  }
266
267
268
269  /** Build the "allow-start-tls" property definition. */
270  static {
271      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-start-tls");
272      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-start-tls"));
273      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
274      builder.setDefaultBehaviorProvider(provider);
275      PD_ALLOW_START_TLS = builder.getInstance();
276      INSTANCE.registerPropertyDefinition(PD_ALLOW_START_TLS);
277  }
278
279
280
281  /** Build the "allow-tcp-reuse-address" property definition. */
282  static {
283      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-tcp-reuse-address");
284      builder.setOption(PropertyOption.ADVANCED);
285      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "allow-tcp-reuse-address"));
286      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
287      builder.setDefaultBehaviorProvider(provider);
288      PD_ALLOW_TCP_REUSE_ADDRESS = builder.getInstance();
289      INSTANCE.registerPropertyDefinition(PD_ALLOW_TCP_REUSE_ADDRESS);
290  }
291
292
293
294  /** Build the "buffer-size" property definition. */
295  static {
296      SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "buffer-size");
297      builder.setOption(PropertyOption.ADVANCED);
298      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "buffer-size"));
299      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("4096 bytes");
300      builder.setDefaultBehaviorProvider(provider);
301      builder.setUpperLimit("2147483647b");
302      builder.setLowerLimit("1b");
303      PD_BUFFER_SIZE = builder.getInstance();
304      INSTANCE.registerPropertyDefinition(PD_BUFFER_SIZE);
305  }
306
307
308
309  /** Build the "java-class" property definition. */
310  static {
311      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
312      builder.setOption(PropertyOption.MANDATORY);
313      builder.setOption(PropertyOption.ADVANCED);
314      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
315      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.ldap.LDAPConnectionHandler");
316      builder.setDefaultBehaviorProvider(provider);
317      builder.addInstanceOf("org.opends.server.api.ConnectionHandler");
318      PD_JAVA_CLASS = builder.getInstance();
319      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
320  }
321
322
323
324  /** Build the "keep-stats" property definition. */
325  static {
326      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "keep-stats");
327      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keep-stats"));
328      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
329      builder.setDefaultBehaviorProvider(provider);
330      PD_KEEP_STATS = builder.getInstance();
331      INSTANCE.registerPropertyDefinition(PD_KEEP_STATS);
332  }
333
334
335
336  /** Build the "key-manager-provider" property definition. */
337  static {
338      AggregationPropertyDefinition.Builder<KeyManagerProviderCfgClient, KeyManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "key-manager-provider");
339      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-manager-provider"));
340      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
341      builder.setParentPath("/");
342      builder.setRelationDefinition("key-manager-provider");
343      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))));
344      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
345      PD_KEY_MANAGER_PROVIDER = builder.getInstance();
346      INSTANCE.registerPropertyDefinition(PD_KEY_MANAGER_PROVIDER);
347      INSTANCE.registerConstraint(PD_KEY_MANAGER_PROVIDER.getSourceConstraint());
348  }
349
350
351
352  /** Build the "listen-address" property definition. */
353  static {
354      IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "listen-address");
355      builder.setOption(PropertyOption.MULTI_VALUED);
356      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-address"));
357      DefaultBehaviorProvider<InetAddress> provider = new DefinedDefaultBehaviorProvider<InetAddress>("0.0.0.0");
358      builder.setDefaultBehaviorProvider(provider);
359      PD_LISTEN_ADDRESS = builder.getInstance();
360      INSTANCE.registerPropertyDefinition(PD_LISTEN_ADDRESS);
361  }
362
363
364
365  /** Build the "listen-port" property definition. */
366  static {
367      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "listen-port");
368      builder.setOption(PropertyOption.MANDATORY);
369      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-port"));
370      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Integer>());
371      builder.setUpperLimit(65535);
372      builder.setLowerLimit(1);
373      PD_LISTEN_PORT = builder.getInstance();
374      INSTANCE.registerPropertyDefinition(PD_LISTEN_PORT);
375  }
376
377
378
379  /** Build the "max-blocked-write-time-limit" property definition. */
380  static {
381      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-blocked-write-time-limit");
382      builder.setOption(PropertyOption.ADVANCED);
383      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-blocked-write-time-limit"));
384      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("2 minutes");
385      builder.setDefaultBehaviorProvider(provider);
386      builder.setBaseUnit("ms");
387      builder.setLowerLimit("0");
388      PD_MAX_BLOCKED_WRITE_TIME_LIMIT = builder.getInstance();
389      INSTANCE.registerPropertyDefinition(PD_MAX_BLOCKED_WRITE_TIME_LIMIT);
390  }
391
392
393
394  /** Build the "max-request-size" property definition. */
395  static {
396      SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "max-request-size");
397      builder.setOption(PropertyOption.ADVANCED);
398      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-request-size"));
399      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 megabytes");
400      builder.setDefaultBehaviorProvider(provider);
401      builder.setUpperLimit("2147483647b");
402      PD_MAX_REQUEST_SIZE = builder.getInstance();
403      INSTANCE.registerPropertyDefinition(PD_MAX_REQUEST_SIZE);
404  }
405
406
407
408  /** Build the "num-request-handlers" property definition. */
409  static {
410      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "num-request-handlers");
411      builder.setOption(PropertyOption.ADVANCED);
412      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "num-request-handlers"));
413      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Integer>(INSTANCE, "num-request-handlers"));
414      builder.setLowerLimit(1);
415      PD_NUM_REQUEST_HANDLERS = builder.getInstance();
416      INSTANCE.registerPropertyDefinition(PD_NUM_REQUEST_HANDLERS);
417  }
418
419
420
421  /** Build the "send-rejection-notice" property definition. */
422  static {
423      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "send-rejection-notice");
424      builder.setOption(PropertyOption.ADVANCED);
425      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "send-rejection-notice"));
426      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
427      builder.setDefaultBehaviorProvider(provider);
428      PD_SEND_REJECTION_NOTICE = builder.getInstance();
429      INSTANCE.registerPropertyDefinition(PD_SEND_REJECTION_NOTICE);
430  }
431
432
433
434  /** Build the "ssl-cert-nickname" property definition. */
435  static {
436      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cert-nickname");
437      builder.setOption(PropertyOption.MULTI_VALUED);
438      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-cert-nickname"));
439      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cert-nickname"));
440      PD_SSL_CERT_NICKNAME = builder.getInstance();
441      INSTANCE.registerPropertyDefinition(PD_SSL_CERT_NICKNAME);
442  }
443
444
445
446  /** Build the "ssl-cipher-suite" property definition. */
447  static {
448      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite");
449      builder.setOption(PropertyOption.MULTI_VALUED);
450      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite"));
451      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite"));
452      PD_SSL_CIPHER_SUITE = builder.getInstance();
453      INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE);
454  }
455
456
457
458  /** Build the "ssl-client-auth-policy" property definition. */
459  static {
460      EnumPropertyDefinition.Builder<SSLClientAuthPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "ssl-client-auth-policy");
461      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-client-auth-policy"));
462      DefaultBehaviorProvider<SSLClientAuthPolicy> provider = new DefinedDefaultBehaviorProvider<SSLClientAuthPolicy>("optional");
463      builder.setDefaultBehaviorProvider(provider);
464      builder.setEnumClass(SSLClientAuthPolicy.class);
465      PD_SSL_CLIENT_AUTH_POLICY = builder.getInstance();
466      INSTANCE.registerPropertyDefinition(PD_SSL_CLIENT_AUTH_POLICY);
467  }
468
469
470
471  /** Build the "ssl-protocol" property definition. */
472  static {
473      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol");
474      builder.setOption(PropertyOption.MULTI_VALUED);
475      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol"));
476      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol"));
477      PD_SSL_PROTOCOL = builder.getInstance();
478      INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL);
479  }
480
481
482
483  /** Build the "trust-manager-provider" property definition. */
484  static {
485      AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider");
486      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider"));
487      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
488      builder.setParentPath("/");
489      builder.setRelationDefinition("trust-manager-provider");
490      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))));
491      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
492      PD_TRUST_MANAGER_PROVIDER = builder.getInstance();
493      INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER);
494      INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint());
495  }
496
497
498
499  /** Build the "use-ssl" property definition. */
500  static {
501      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl");
502      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl"));
503      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
504      builder.setDefaultBehaviorProvider(provider);
505      PD_USE_SSL = builder.getInstance();
506      INSTANCE.registerPropertyDefinition(PD_USE_SSL);
507  }
508
509
510
511  /** Build the "use-tcp-keep-alive" property definition. */
512  static {
513      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive");
514      builder.setOption(PropertyOption.ADVANCED);
515      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive"));
516      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
517      builder.setDefaultBehaviorProvider(provider);
518      PD_USE_TCP_KEEP_ALIVE = builder.getInstance();
519      INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE);
520  }
521
522
523
524  /** Build the "use-tcp-no-delay" property definition. */
525  static {
526      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay");
527      builder.setOption(PropertyOption.ADVANCED);
528      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay"));
529      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
530      builder.setDefaultBehaviorProvider(provider);
531      PD_USE_TCP_NO_DELAY = builder.getInstance();
532      INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY);
533  }
534
535
536
537  // Register the tags associated with this managed object definition.
538  static {
539    INSTANCE.registerTag(Tag.valueOf("core-server"));
540  }
541
542
543
544  // Register the constraints associated with this managed object definition.
545  static {
546    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("key-manager-provider")))));
547    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("trust-manager-provider")))));
548    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.not(Conditions.and(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))))));
549  }
550
551
552
553  /**
554   * Get the LDAP Connection Handler configuration definition
555   * singleton.
556   *
557   * @return Returns the LDAP Connection Handler configuration
558   *         definition singleton.
559   */
560  public static LDAPConnectionHandlerCfgDefn getInstance() {
561    return INSTANCE;
562  }
563
564
565
566  /**
567   * Private constructor.
568   */
569  private LDAPConnectionHandlerCfgDefn() {
570    super("ldap-connection-handler", ConnectionHandlerCfgDefn.getInstance());
571  }
572
573
574
575  /** {@inheritDoc} */
576  public LDAPConnectionHandlerCfgClient createClientConfiguration(
577      ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) {
578    return new LDAPConnectionHandlerCfgClientImpl(impl);
579  }
580
581
582
583  /** {@inheritDoc} */
584  public LDAPConnectionHandlerCfg createServerConfiguration(
585      ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) {
586    return new LDAPConnectionHandlerCfgServerImpl(impl);
587  }
588
589
590
591  /** {@inheritDoc} */
592  public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass() {
593    return LDAPConnectionHandlerCfg.class;
594  }
595
596
597
598  /**
599   * Get the "accept-backlog" property definition.
600   * <p>
601   * Specifies the maximum number of pending connection attempts that
602   * are allowed to queue up in the accept backlog before the server
603   * starts rejecting new connection attempts.
604   * <p>
605   * This is primarily an issue for cases in which a large number of
606   * connections are established to the server in a very short period
607   * of time (for example, a benchmark utility that creates a large
608   * number of client threads that each have their own connection to
609   * the server) and the connection handler is unable to keep up with
610   * the rate at which the new connections are established.
611   *
612   * @return Returns the "accept-backlog" property definition.
613   */
614  public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition() {
615    return PD_ACCEPT_BACKLOG;
616  }
617
618
619
620  /**
621   * Get the "allowed-client" property definition.
622   * <p>
623   * Specifies a set of host names or address masks that determine the
624   * clients that are allowed to establish connections to this LDAP
625   * Connection Handler.
626   * <p>
627   * Valid values include a host name, a fully qualified domain name,
628   * a domain name, an IP address, or a subnetwork with subnetwork
629   * mask.
630   *
631   * @return Returns the "allowed-client" property definition.
632   */
633  public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition() {
634    return ConnectionHandlerCfgDefn.getInstance().getAllowedClientPropertyDefinition();
635  }
636
637
638
639  /**
640   * Get the "allow-ldap-v2" property definition.
641   * <p>
642   * Indicates whether connections from LDAPv2 clients are allowed.
643   * <p>
644   * If LDAPv2 clients are allowed, then only a minimal degree of
645   * special support are provided for them to ensure that
646   * LDAPv3-specific protocol elements (for example, Configuration
647   * Guide 25 controls, extended response messages, intermediate
648   * response messages, referrals) are not sent to an LDAPv2 client.
649   *
650   * @return Returns the "allow-ldap-v2" property definition.
651   */
652  public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition() {
653    return PD_ALLOW_LDAP_V2;
654  }
655
656
657
658  /**
659   * Get the "allow-start-tls" property definition.
660   * <p>
661   * Indicates whether clients are allowed to use StartTLS.
662   * <p>
663   * If enabled, the LDAP Connection Handler allows clients to use the
664   * StartTLS extended operation to initiate secure communication over
665   * an otherwise insecure channel. Note that this is only allowed if
666   * the LDAP Connection Handler is not configured to use SSL, and if
667   * the server is configured with a valid key manager provider and a
668   * valid trust manager provider.
669   *
670   * @return Returns the "allow-start-tls" property definition.
671   */
672  public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition() {
673    return PD_ALLOW_START_TLS;
674  }
675
676
677
678  /**
679   * Get the "allow-tcp-reuse-address" property definition.
680   * <p>
681   * Indicates whether the LDAP Connection Handler should reuse socket
682   * descriptors.
683   * <p>
684   * If enabled, the SO_REUSEADDR socket option is used on the server
685   * listen socket to potentially allow the reuse of socket descriptors
686   * for clients in a TIME_WAIT state. This may help the server avoid
687   * temporarily running out of socket descriptors in cases in which a
688   * very large number of short-lived connections have been established
689   * from the same client system.
690   *
691   * @return Returns the "allow-tcp-reuse-address" property definition.
692   */
693  public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition() {
694    return PD_ALLOW_TCP_REUSE_ADDRESS;
695  }
696
697
698
699  /**
700   * Get the "buffer-size" property definition.
701   * <p>
702   * Specifies the size in bytes of the LDAP response message write
703   * buffer.
704   * <p>
705   * This property specifies write buffer size allocated by the server
706   * for each client connection and used to buffer LDAP response
707   * messages data when writing.
708   *
709   * @return Returns the "buffer-size" property definition.
710   */
711  public SizePropertyDefinition getBufferSizePropertyDefinition() {
712    return PD_BUFFER_SIZE;
713  }
714
715
716
717  /**
718   * Get the "denied-client" property definition.
719   * <p>
720   * Specifies a set of host names or address masks that determine the
721   * clients that are not allowed to establish connections to this LDAP
722   * Connection Handler.
723   * <p>
724   * Valid values include a host name, a fully qualified domain name,
725   * a domain name, an IP address, or a subnetwork with subnetwork
726   * mask. If both allowed and denied client masks are defined and a
727   * client connection matches one or more masks in both lists, then
728   * the connection is denied. If only a denied list is specified, then
729   * any client not matching a mask in that list is allowed.
730   *
731   * @return Returns the "denied-client" property definition.
732   */
733  public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition() {
734    return ConnectionHandlerCfgDefn.getInstance().getDeniedClientPropertyDefinition();
735  }
736
737
738
739  /**
740   * Get the "enabled" property definition.
741   * <p>
742   * Indicates whether the LDAP Connection Handler is enabled.
743   *
744   * @return Returns the "enabled" property definition.
745   */
746  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
747    return ConnectionHandlerCfgDefn.getInstance().getEnabledPropertyDefinition();
748  }
749
750
751
752  /**
753   * Get the "java-class" property definition.
754   * <p>
755   * Specifies the fully-qualified name of the Java class that
756   * provides the LDAP Connection Handler implementation.
757   *
758   * @return Returns the "java-class" property definition.
759   */
760  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
761    return PD_JAVA_CLASS;
762  }
763
764
765
766  /**
767   * Get the "keep-stats" property definition.
768   * <p>
769   * Indicates whether the LDAP Connection Handler should keep
770   * statistics.
771   * <p>
772   * If enabled, the LDAP Connection Handler maintains statistics
773   * about the number and types of operations requested over LDAP and
774   * the amount of data sent and received.
775   *
776   * @return Returns the "keep-stats" property definition.
777   */
778  public BooleanPropertyDefinition getKeepStatsPropertyDefinition() {
779    return PD_KEEP_STATS;
780  }
781
782
783
784  /**
785   * Get the "key-manager-provider" property definition.
786   * <p>
787   * Specifies the name of the key manager that should be used with
788   * this LDAP Connection Handler .
789   *
790   * @return Returns the "key-manager-provider" property definition.
791   */
792  public AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition() {
793    return PD_KEY_MANAGER_PROVIDER;
794  }
795
796
797
798  /**
799   * Get the "listen-address" property definition.
800   * <p>
801   * Specifies the address or set of addresses on which this LDAP
802   * Connection Handler should listen for connections from LDAP
803   * clients.
804   * <p>
805   * Multiple addresses may be provided as separate values for this
806   * attribute. If no values are provided, then the LDAP Connection
807   * Handler listens on all interfaces.
808   *
809   * @return Returns the "listen-address" property definition.
810   */
811  public IPAddressPropertyDefinition getListenAddressPropertyDefinition() {
812    return PD_LISTEN_ADDRESS;
813  }
814
815
816
817  /**
818   * Get the "listen-port" property definition.
819   * <p>
820   * Specifies the port number on which the LDAP Connection Handler
821   * will listen for connections from clients.
822   * <p>
823   * Only a single port number may be provided.
824   *
825   * @return Returns the "listen-port" property definition.
826   */
827  public IntegerPropertyDefinition getListenPortPropertyDefinition() {
828    return PD_LISTEN_PORT;
829  }
830
831
832
833  /**
834   * Get the "max-blocked-write-time-limit" property definition.
835   * <p>
836   * Specifies the maximum length of time that attempts to write data
837   * to LDAP clients should be allowed to block.
838   * <p>
839   * If an attempt to write data to a client takes longer than this
840   * length of time, then the client connection is terminated.
841   *
842   * @return Returns the "max-blocked-write-time-limit" property definition.
843   */
844  public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition() {
845    return PD_MAX_BLOCKED_WRITE_TIME_LIMIT;
846  }
847
848
849
850  /**
851   * Get the "max-request-size" property definition.
852   * <p>
853   * Specifies the size in bytes of the largest LDAP request message
854   * that will be allowed by this LDAP Connection handler.
855   * <p>
856   * This property is analogous to the maxBERSize configuration
857   * attribute of the Sun Java System Directory Server. This can help
858   * prevent denial-of-service attacks by clients that indicate they
859   * send extremely large requests to the server causing it to attempt
860   * to allocate large amounts of memory.
861   *
862   * @return Returns the "max-request-size" property definition.
863   */
864  public SizePropertyDefinition getMaxRequestSizePropertyDefinition() {
865    return PD_MAX_REQUEST_SIZE;
866  }
867
868
869
870  /**
871   * Get the "num-request-handlers" property definition.
872   * <p>
873   * Specifies the number of request handlers that are used to read
874   * requests from clients.
875   * <p>
876   * The LDAP Connection Handler uses one thread to accept new
877   * connections from clients, but uses one or more additional threads
878   * to read requests from existing client connections. This ensures
879   * that new requests are read efficiently and that the connection
880   * handler itself does not become a bottleneck when the server is
881   * under heavy load from many clients at the same time.
882   *
883   * @return Returns the "num-request-handlers" property definition.
884   */
885  public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition() {
886    return PD_NUM_REQUEST_HANDLERS;
887  }
888
889
890
891  /**
892   * Get the "send-rejection-notice" property definition.
893   * <p>
894   * Indicates whether the LDAP Connection Handler should send a
895   * notice of disconnection extended response message to the client if
896   * a new connection is rejected for some reason.
897   * <p>
898   * The extended response message may provide an explanation
899   * indicating the reason that the connection was rejected.
900   *
901   * @return Returns the "send-rejection-notice" property definition.
902   */
903  public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition() {
904    return PD_SEND_REJECTION_NOTICE;
905  }
906
907
908
909  /**
910   * Get the "ssl-cert-nickname" property definition.
911   * <p>
912   * Specifies the nicknames (also called the aliases) of the keys or
913   * key pairs that the LDAP Connection Handler should use when
914   * performing SSL communication. The property can be used multiple
915   * times (referencing different nicknames) when server certificates
916   * with different public key algorithms are used in parallel (for
917   * example, RSA, DSA, and ECC-based algorithms). When a nickname
918   * refers to an asymmetric (public/private) key pair, the nickname
919   * for the public key certificate and associated private key entry
920   * must match exactly. A single nickname is used to retrieve both the
921   * public key and the private key.
922   * <p>
923   * This is only applicable when the LDAP Connection Handler is
924   * configured to use SSL.
925   *
926   * @return Returns the "ssl-cert-nickname" property definition.
927   */
928  public StringPropertyDefinition getSSLCertNicknamePropertyDefinition() {
929    return PD_SSL_CERT_NICKNAME;
930  }
931
932
933
934  /**
935   * Get the "ssl-cipher-suite" property definition.
936   * <p>
937   * Specifies the names of the SSL cipher suites that are allowed for
938   * use in SSL or StartTLS communication.
939   *
940   * @return Returns the "ssl-cipher-suite" property definition.
941   */
942  public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() {
943    return PD_SSL_CIPHER_SUITE;
944  }
945
946
947
948  /**
949   * Get the "ssl-client-auth-policy" property definition.
950   * <p>
951   * Specifies the policy that the LDAP Connection Handler should use
952   * regarding client SSL certificates. Clients can use the SASL
953   * EXTERNAL mechanism only if the policy is set to "optional" or
954   * "required".
955   * <p>
956   * This is only applicable if clients are allowed to use SSL.
957   *
958   * @return Returns the "ssl-client-auth-policy" property definition.
959   */
960  public EnumPropertyDefinition<SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition() {
961    return PD_SSL_CLIENT_AUTH_POLICY;
962  }
963
964
965
966  /**
967   * Get the "ssl-protocol" property definition.
968   * <p>
969   * Specifies the names of the SSL protocols that are allowed for use
970   * in SSL or StartTLS communication.
971   *
972   * @return Returns the "ssl-protocol" property definition.
973   */
974  public StringPropertyDefinition getSSLProtocolPropertyDefinition() {
975    return PD_SSL_PROTOCOL;
976  }
977
978
979
980  /**
981   * Get the "trust-manager-provider" property definition.
982   * <p>
983   * Specifies the name of the trust manager that should be used with
984   * the LDAP Connection Handler .
985   *
986   * @return Returns the "trust-manager-provider" property definition.
987   */
988  public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() {
989    return PD_TRUST_MANAGER_PROVIDER;
990  }
991
992
993
994  /**
995   * Get the "use-ssl" property definition.
996   * <p>
997   * Indicates whether the LDAP Connection Handler should use SSL.
998   * <p>
999   * If enabled, the LDAP Connection Handler will use SSL to encrypt
1000   * communication with the clients.
1001   *
1002   * @return Returns the "use-ssl" property definition.
1003   */
1004  public BooleanPropertyDefinition getUseSSLPropertyDefinition() {
1005    return PD_USE_SSL;
1006  }
1007
1008
1009
1010  /**
1011   * Get the "use-tcp-keep-alive" property definition.
1012   * <p>
1013   * Indicates whether the LDAP Connection Handler should use TCP
1014   * keep-alive.
1015   * <p>
1016   * If enabled, the SO_KEEPALIVE socket option is used to indicate
1017   * that TCP keepalive messages should periodically be sent to the
1018   * client to verify that the associated connection is still valid.
1019   * This may also help prevent cases in which intermediate network
1020   * hardware could silently drop an otherwise idle client connection,
1021   * provided that the keepalive interval configured in the underlying
1022   * operating system is smaller than the timeout enforced by the
1023   * network hardware.
1024   *
1025   * @return Returns the "use-tcp-keep-alive" property definition.
1026   */
1027  public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() {
1028    return PD_USE_TCP_KEEP_ALIVE;
1029  }
1030
1031
1032
1033  /**
1034   * Get the "use-tcp-no-delay" property definition.
1035   * <p>
1036   * Indicates whether the LDAP Connection Handler should use TCP
1037   * no-delay.
1038   * <p>
1039   * If enabled, the TCP_NODELAY socket option is used to ensure that
1040   * response messages to the client are sent immediately rather than
1041   * potentially waiting to determine whether additional response
1042   * messages can be sent in the same packet. In most cases, using the
1043   * TCP_NODELAY socket option provides better performance and lower
1044   * response times, but disabling it may help for some cases in which
1045   * the server sends a large number of entries to a client in response
1046   * to a search request.
1047   *
1048   * @return Returns the "use-tcp-no-delay" property definition.
1049   */
1050  public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() {
1051    return PD_USE_TCP_NO_DELAY;
1052  }
1053
1054
1055
1056  /**
1057   * Managed object client implementation.
1058   */
1059  private static class LDAPConnectionHandlerCfgClientImpl implements
1060    LDAPConnectionHandlerCfgClient {
1061
1062    /** Private implementation. */
1063    private ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl;
1064
1065
1066
1067    /** Private constructor. */
1068    private LDAPConnectionHandlerCfgClientImpl(
1069        ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) {
1070      this.impl = impl;
1071    }
1072
1073
1074
1075    /** {@inheritDoc} */
1076    public int getAcceptBacklog() {
1077      return impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition());
1078    }
1079
1080
1081
1082    /** {@inheritDoc} */
1083    public void setAcceptBacklog(Integer value) {
1084      impl.setPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition(), value);
1085    }
1086
1087
1088
1089    /** {@inheritDoc} */
1090    public SortedSet<AddressMask> getAllowedClient() {
1091      return impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition());
1092    }
1093
1094
1095
1096    /** {@inheritDoc} */
1097    public void setAllowedClient(Collection<AddressMask> values) {
1098      impl.setPropertyValues(INSTANCE.getAllowedClientPropertyDefinition(), values);
1099    }
1100
1101
1102
1103    /** {@inheritDoc} */
1104    public boolean isAllowLDAPV2() {
1105      return impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition());
1106    }
1107
1108
1109
1110    /** {@inheritDoc} */
1111    public void setAllowLDAPV2(Boolean value) {
1112      impl.setPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition(), value);
1113    }
1114
1115
1116
1117    /** {@inheritDoc} */
1118    public boolean isAllowStartTLS() {
1119      return impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition());
1120    }
1121
1122
1123
1124    /** {@inheritDoc} */
1125    public void setAllowStartTLS(Boolean value) {
1126      impl.setPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition(), value);
1127    }
1128
1129
1130
1131    /** {@inheritDoc} */
1132    public boolean isAllowTCPReuseAddress() {
1133      return impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition());
1134    }
1135
1136
1137
1138    /** {@inheritDoc} */
1139    public void setAllowTCPReuseAddress(Boolean value) {
1140      impl.setPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition(), value);
1141    }
1142
1143
1144
1145    /** {@inheritDoc} */
1146    public long getBufferSize() {
1147      return impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition());
1148    }
1149
1150
1151
1152    /** {@inheritDoc} */
1153    public void setBufferSize(Long value) {
1154      impl.setPropertyValue(INSTANCE.getBufferSizePropertyDefinition(), value);
1155    }
1156
1157
1158
1159    /** {@inheritDoc} */
1160    public SortedSet<AddressMask> getDeniedClient() {
1161      return impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition());
1162    }
1163
1164
1165
1166    /** {@inheritDoc} */
1167    public void setDeniedClient(Collection<AddressMask> values) {
1168      impl.setPropertyValues(INSTANCE.getDeniedClientPropertyDefinition(), values);
1169    }
1170
1171
1172
1173    /** {@inheritDoc} */
1174    public Boolean isEnabled() {
1175      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
1176    }
1177
1178
1179
1180    /** {@inheritDoc} */
1181    public void setEnabled(boolean value) {
1182      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
1183    }
1184
1185
1186
1187    /** {@inheritDoc} */
1188    public String getJavaClass() {
1189      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1190    }
1191
1192
1193
1194    /** {@inheritDoc} */
1195    public void setJavaClass(String value) {
1196      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
1197    }
1198
1199
1200
1201    /** {@inheritDoc} */
1202    public boolean isKeepStats() {
1203      return impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition());
1204    }
1205
1206
1207
1208    /** {@inheritDoc} */
1209    public void setKeepStats(Boolean value) {
1210      impl.setPropertyValue(INSTANCE.getKeepStatsPropertyDefinition(), value);
1211    }
1212
1213
1214
1215    /** {@inheritDoc} */
1216    public String getKeyManagerProvider() {
1217      return impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition());
1218    }
1219
1220
1221
1222    /** {@inheritDoc} */
1223    public void setKeyManagerProvider(String value) {
1224      impl.setPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition(), value);
1225    }
1226
1227
1228
1229    /** {@inheritDoc} */
1230    public SortedSet<InetAddress> getListenAddress() {
1231      return impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition());
1232    }
1233
1234
1235
1236    /** {@inheritDoc} */
1237    public void setListenAddress(Collection<InetAddress> values) {
1238      impl.setPropertyValues(INSTANCE.getListenAddressPropertyDefinition(), values);
1239    }
1240
1241
1242
1243    /** {@inheritDoc} */
1244    public Integer getListenPort() {
1245      return impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition());
1246    }
1247
1248
1249
1250    /** {@inheritDoc} */
1251    public void setListenPort(int value) {
1252      impl.setPropertyValue(INSTANCE.getListenPortPropertyDefinition(), value);
1253    }
1254
1255
1256
1257    /** {@inheritDoc} */
1258    public long getMaxBlockedWriteTimeLimit() {
1259      return impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition());
1260    }
1261
1262
1263
1264    /** {@inheritDoc} */
1265    public void setMaxBlockedWriteTimeLimit(Long value) {
1266      impl.setPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition(), value);
1267    }
1268
1269
1270
1271    /** {@inheritDoc} */
1272    public long getMaxRequestSize() {
1273      return impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition());
1274    }
1275
1276
1277
1278    /** {@inheritDoc} */
1279    public void setMaxRequestSize(Long value) {
1280      impl.setPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition(), value);
1281    }
1282
1283
1284
1285    /** {@inheritDoc} */
1286    public Integer getNumRequestHandlers() {
1287      return impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition());
1288    }
1289
1290
1291
1292    /** {@inheritDoc} */
1293    public void setNumRequestHandlers(Integer value) {
1294      impl.setPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition(), value);
1295    }
1296
1297
1298
1299    /** {@inheritDoc} */
1300    public boolean isSendRejectionNotice() {
1301      return impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition());
1302    }
1303
1304
1305
1306    /** {@inheritDoc} */
1307    public void setSendRejectionNotice(Boolean value) {
1308      impl.setPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition(), value);
1309    }
1310
1311
1312
1313    /** {@inheritDoc} */
1314    public SortedSet<String> getSSLCertNickname() {
1315      return impl.getPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition());
1316    }
1317
1318
1319
1320    /** {@inheritDoc} */
1321    public void setSSLCertNickname(Collection<String> values) {
1322      impl.setPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition(), values);
1323    }
1324
1325
1326
1327    /** {@inheritDoc} */
1328    public SortedSet<String> getSSLCipherSuite() {
1329      return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1330    }
1331
1332
1333
1334    /** {@inheritDoc} */
1335    public void setSSLCipherSuite(Collection<String> values) {
1336      impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values);
1337    }
1338
1339
1340
1341    /** {@inheritDoc} */
1342    public SSLClientAuthPolicy getSSLClientAuthPolicy() {
1343      return impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition());
1344    }
1345
1346
1347
1348    /** {@inheritDoc} */
1349    public void setSSLClientAuthPolicy(SSLClientAuthPolicy value) {
1350      impl.setPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition(), value);
1351    }
1352
1353
1354
1355    /** {@inheritDoc} */
1356    public SortedSet<String> getSSLProtocol() {
1357      return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1358    }
1359
1360
1361
1362    /** {@inheritDoc} */
1363    public void setSSLProtocol(Collection<String> values) {
1364      impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values);
1365    }
1366
1367
1368
1369    /** {@inheritDoc} */
1370    public String getTrustManagerProvider() {
1371      return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1372    }
1373
1374
1375
1376    /** {@inheritDoc} */
1377    public void setTrustManagerProvider(String value) {
1378      impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value);
1379    }
1380
1381
1382
1383    /** {@inheritDoc} */
1384    public boolean isUseSSL() {
1385      return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1386    }
1387
1388
1389
1390    /** {@inheritDoc} */
1391    public void setUseSSL(Boolean value) {
1392      impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value);
1393    }
1394
1395
1396
1397    /** {@inheritDoc} */
1398    public boolean isUseTCPKeepAlive() {
1399      return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1400    }
1401
1402
1403
1404    /** {@inheritDoc} */
1405    public void setUseTCPKeepAlive(Boolean value) {
1406      impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value);
1407    }
1408
1409
1410
1411    /** {@inheritDoc} */
1412    public boolean isUseTCPNoDelay() {
1413      return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1414    }
1415
1416
1417
1418    /** {@inheritDoc} */
1419    public void setUseTCPNoDelay(Boolean value) {
1420      impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value);
1421    }
1422
1423
1424
1425    /** {@inheritDoc} */
1426    public ManagedObjectDefinition<? extends LDAPConnectionHandlerCfgClient, ? extends LDAPConnectionHandlerCfg> definition() {
1427      return INSTANCE;
1428    }
1429
1430
1431
1432    /** {@inheritDoc} */
1433    public PropertyProvider properties() {
1434      return impl;
1435    }
1436
1437
1438
1439    /** {@inheritDoc} */
1440    public void commit() throws ManagedObjectAlreadyExistsException,
1441        MissingMandatoryPropertiesException, ConcurrentModificationException,
1442        OperationRejectedException, LdapException {
1443      impl.commit();
1444    }
1445
1446
1447
1448    /** {@inheritDoc} */
1449    public String toString() {
1450      return impl.toString();
1451    }
1452  }
1453
1454
1455
1456  /**
1457   * Managed object server implementation.
1458   */
1459  private static class LDAPConnectionHandlerCfgServerImpl implements
1460    LDAPConnectionHandlerCfg {
1461
1462    /** Private implementation. */
1463    private ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl;
1464
1465    /** The value of the "accept-backlog" property. */
1466    private final int pAcceptBacklog;
1467
1468    /** The value of the "allowed-client" property. */
1469    private final SortedSet<AddressMask> pAllowedClient;
1470
1471    /** The value of the "allow-ldap-v2" property. */
1472    private final boolean pAllowLDAPV2;
1473
1474    /** The value of the "allow-start-tls" property. */
1475    private final boolean pAllowStartTLS;
1476
1477    /** The value of the "allow-tcp-reuse-address" property. */
1478    private final boolean pAllowTCPReuseAddress;
1479
1480    /** The value of the "buffer-size" property. */
1481    private final long pBufferSize;
1482
1483    /** The value of the "denied-client" property. */
1484    private final SortedSet<AddressMask> pDeniedClient;
1485
1486    /** The value of the "enabled" property. */
1487    private final boolean pEnabled;
1488
1489    /** The value of the "java-class" property. */
1490    private final String pJavaClass;
1491
1492    /** The value of the "keep-stats" property. */
1493    private final boolean pKeepStats;
1494
1495    /** The value of the "key-manager-provider" property. */
1496    private final String pKeyManagerProvider;
1497
1498    /** The value of the "listen-address" property. */
1499    private final SortedSet<InetAddress> pListenAddress;
1500
1501    /** The value of the "listen-port" property. */
1502    private final int pListenPort;
1503
1504    /** The value of the "max-blocked-write-time-limit" property. */
1505    private final long pMaxBlockedWriteTimeLimit;
1506
1507    /** The value of the "max-request-size" property. */
1508    private final long pMaxRequestSize;
1509
1510    /** The value of the "num-request-handlers" property. */
1511    private final Integer pNumRequestHandlers;
1512
1513    /** The value of the "send-rejection-notice" property. */
1514    private final boolean pSendRejectionNotice;
1515
1516    /** The value of the "ssl-cert-nickname" property. */
1517    private final SortedSet<String> pSSLCertNickname;
1518
1519    /** The value of the "ssl-cipher-suite" property. */
1520    private final SortedSet<String> pSSLCipherSuite;
1521
1522    /** The value of the "ssl-client-auth-policy" property. */
1523    private final SSLClientAuthPolicy pSSLClientAuthPolicy;
1524
1525    /** The value of the "ssl-protocol" property. */
1526    private final SortedSet<String> pSSLProtocol;
1527
1528    /** The value of the "trust-manager-provider" property. */
1529    private final String pTrustManagerProvider;
1530
1531    /** The value of the "use-ssl" property. */
1532    private final boolean pUseSSL;
1533
1534    /** The value of the "use-tcp-keep-alive" property. */
1535    private final boolean pUseTCPKeepAlive;
1536
1537    /** The value of the "use-tcp-no-delay" property. */
1538    private final boolean pUseTCPNoDelay;
1539
1540
1541
1542    /** Private constructor. */
1543    private LDAPConnectionHandlerCfgServerImpl(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) {
1544      this.impl = impl;
1545      this.pAcceptBacklog = impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition());
1546      this.pAllowedClient = impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition());
1547      this.pAllowLDAPV2 = impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition());
1548      this.pAllowStartTLS = impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition());
1549      this.pAllowTCPReuseAddress = impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition());
1550      this.pBufferSize = impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition());
1551      this.pDeniedClient = impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition());
1552      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
1553      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1554      this.pKeepStats = impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition());
1555      this.pKeyManagerProvider = impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition());
1556      this.pListenAddress = impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition());
1557      this.pListenPort = impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition());
1558      this.pMaxBlockedWriteTimeLimit = impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition());
1559      this.pMaxRequestSize = impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition());
1560      this.pNumRequestHandlers = impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition());
1561      this.pSendRejectionNotice = impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition());
1562      this.pSSLCertNickname = impl.getPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition());
1563      this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1564      this.pSSLClientAuthPolicy = impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition());
1565      this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1566      this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1567      this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1568      this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1569      this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1570    }
1571
1572
1573
1574    /** {@inheritDoc} */
1575    public void addLDAPChangeListener(
1576        ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) {
1577      impl.registerChangeListener(listener);
1578    }
1579
1580
1581
1582    /** {@inheritDoc} */
1583    public void removeLDAPChangeListener(
1584        ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) {
1585      impl.deregisterChangeListener(listener);
1586    }
1587    /** {@inheritDoc} */
1588    public void addChangeListener(
1589        ConfigurationChangeListener<ConnectionHandlerCfg> listener) {
1590      impl.registerChangeListener(listener);
1591    }
1592
1593
1594
1595    /** {@inheritDoc} */
1596    public void removeChangeListener(
1597        ConfigurationChangeListener<ConnectionHandlerCfg> listener) {
1598      impl.deregisterChangeListener(listener);
1599    }
1600
1601
1602
1603    /** {@inheritDoc} */
1604    public int getAcceptBacklog() {
1605      return pAcceptBacklog;
1606    }
1607
1608
1609
1610    /** {@inheritDoc} */
1611    public SortedSet<AddressMask> getAllowedClient() {
1612      return pAllowedClient;
1613    }
1614
1615
1616
1617    /** {@inheritDoc} */
1618    public boolean isAllowLDAPV2() {
1619      return pAllowLDAPV2;
1620    }
1621
1622
1623
1624    /** {@inheritDoc} */
1625    public boolean isAllowStartTLS() {
1626      return pAllowStartTLS;
1627    }
1628
1629
1630
1631    /** {@inheritDoc} */
1632    public boolean isAllowTCPReuseAddress() {
1633      return pAllowTCPReuseAddress;
1634    }
1635
1636
1637
1638    /** {@inheritDoc} */
1639    public long getBufferSize() {
1640      return pBufferSize;
1641    }
1642
1643
1644
1645    /** {@inheritDoc} */
1646    public SortedSet<AddressMask> getDeniedClient() {
1647      return pDeniedClient;
1648    }
1649
1650
1651
1652    /** {@inheritDoc} */
1653    public boolean isEnabled() {
1654      return pEnabled;
1655    }
1656
1657
1658
1659    /** {@inheritDoc} */
1660    public String getJavaClass() {
1661      return pJavaClass;
1662    }
1663
1664
1665
1666    /** {@inheritDoc} */
1667    public boolean isKeepStats() {
1668      return pKeepStats;
1669    }
1670
1671
1672
1673    /** {@inheritDoc} */
1674    public String getKeyManagerProvider() {
1675      return pKeyManagerProvider;
1676    }
1677
1678
1679
1680    /**
1681     * {@inheritDoc}
1682     */
1683    public DN getKeyManagerProviderDN() {
1684      String value = getKeyManagerProvider();
1685      if (value == null) return null;
1686      return INSTANCE.getKeyManagerProviderPropertyDefinition().getChildDN(value);
1687    }
1688
1689
1690
1691    /** {@inheritDoc} */
1692    public SortedSet<InetAddress> getListenAddress() {
1693      return pListenAddress;
1694    }
1695
1696
1697
1698    /** {@inheritDoc} */
1699    public int getListenPort() {
1700      return pListenPort;
1701    }
1702
1703
1704
1705    /** {@inheritDoc} */
1706    public long getMaxBlockedWriteTimeLimit() {
1707      return pMaxBlockedWriteTimeLimit;
1708    }
1709
1710
1711
1712    /** {@inheritDoc} */
1713    public long getMaxRequestSize() {
1714      return pMaxRequestSize;
1715    }
1716
1717
1718
1719    /** {@inheritDoc} */
1720    public Integer getNumRequestHandlers() {
1721      return pNumRequestHandlers;
1722    }
1723
1724
1725
1726    /** {@inheritDoc} */
1727    public boolean isSendRejectionNotice() {
1728      return pSendRejectionNotice;
1729    }
1730
1731
1732
1733    /** {@inheritDoc} */
1734    public SortedSet<String> getSSLCertNickname() {
1735      return pSSLCertNickname;
1736    }
1737
1738
1739
1740    /** {@inheritDoc} */
1741    public SortedSet<String> getSSLCipherSuite() {
1742      return pSSLCipherSuite;
1743    }
1744
1745
1746
1747    /** {@inheritDoc} */
1748    public SSLClientAuthPolicy getSSLClientAuthPolicy() {
1749      return pSSLClientAuthPolicy;
1750    }
1751
1752
1753
1754    /** {@inheritDoc} */
1755    public SortedSet<String> getSSLProtocol() {
1756      return pSSLProtocol;
1757    }
1758
1759
1760
1761    /** {@inheritDoc} */
1762    public String getTrustManagerProvider() {
1763      return pTrustManagerProvider;
1764    }
1765
1766
1767
1768    /**
1769     * {@inheritDoc}
1770     */
1771    public DN getTrustManagerProviderDN() {
1772      String value = getTrustManagerProvider();
1773      if (value == null) return null;
1774      return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value);
1775    }
1776
1777
1778
1779    /** {@inheritDoc} */
1780    public boolean isUseSSL() {
1781      return pUseSSL;
1782    }
1783
1784
1785
1786    /** {@inheritDoc} */
1787    public boolean isUseTCPKeepAlive() {
1788      return pUseTCPKeepAlive;
1789    }
1790
1791
1792
1793    /** {@inheritDoc} */
1794    public boolean isUseTCPNoDelay() {
1795      return pUseTCPNoDelay;
1796    }
1797
1798
1799
1800    /** {@inheritDoc} */
1801    public Class<? extends LDAPConnectionHandlerCfg> configurationClass() {
1802      return LDAPConnectionHandlerCfg.class;
1803    }
1804
1805
1806
1807    /** {@inheritDoc} */
1808    public DN dn() {
1809      return impl.getDN();
1810    }
1811
1812
1813
1814    /** {@inheritDoc} */
1815    public String toString() {
1816      return impl.toString();
1817    }
1818  }
1819}