001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import java.util.Collection; 021import java.util.SortedSet; 022import org.forgerock.opendj.config.AdministratorAction; 023import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 024import org.forgerock.opendj.config.AttributeTypePropertyDefinition; 025import org.forgerock.opendj.config.BooleanPropertyDefinition; 026import org.forgerock.opendj.config.ClassPropertyDefinition; 027import org.forgerock.opendj.config.client.ConcurrentModificationException; 028import org.forgerock.opendj.config.client.ManagedObject; 029import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 030import org.forgerock.opendj.config.client.OperationRejectedException; 031import org.forgerock.opendj.config.DefaultBehaviorProvider; 032import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 033import org.forgerock.opendj.config.DNPropertyDefinition; 034import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 035import org.forgerock.opendj.config.ManagedObjectDefinition; 036import org.forgerock.opendj.config.PropertyOption; 037import org.forgerock.opendj.config.PropertyProvider; 038import org.forgerock.opendj.config.server.ConfigurationChangeListener; 039import org.forgerock.opendj.config.server.ServerManagedObject; 040import org.forgerock.opendj.config.Tag; 041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 042import org.forgerock.opendj.ldap.DN; 043import org.forgerock.opendj.ldap.LdapException; 044import org.forgerock.opendj.ldap.schema.AttributeType; 045import org.forgerock.opendj.server.config.client.SubjectDNToUserAttributeCertificateMapperCfgClient; 046import org.forgerock.opendj.server.config.server.CertificateMapperCfg; 047import org.forgerock.opendj.server.config.server.SubjectDNToUserAttributeCertificateMapperCfg; 048 049 050 051/** 052 * An interface for querying the Subject DN To User Attribute 053 * Certificate Mapper managed object definition meta information. 054 * <p> 055 * The Subject DN To User Attribute Certificate Mapper maps client 056 * certificates to user entries by looking for the certificate subject 057 * DN in a specified attribute of user entries. 058 */ 059public final class SubjectDNToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectDNToUserAttributeCertificateMapperCfgClient, SubjectDNToUserAttributeCertificateMapperCfg> { 060 061 /** The singleton configuration definition instance. */ 062 private static final SubjectDNToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectDNToUserAttributeCertificateMapperCfgDefn(); 063 064 065 066 /** The "java-class" property definition. */ 067 private static final ClassPropertyDefinition PD_JAVA_CLASS; 068 069 070 071 /** The "subject-attribute" property definition. */ 072 private static final AttributeTypePropertyDefinition PD_SUBJECT_ATTRIBUTE; 073 074 075 076 /** The "user-base-dn" property definition. */ 077 private static final DNPropertyDefinition PD_USER_BASE_DN; 078 079 080 081 /** Build the "java-class" property definition. */ 082 static { 083 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 084 builder.setOption(PropertyOption.MANDATORY); 085 builder.setOption(PropertyOption.ADVANCED); 086 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 087 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper"); 088 builder.setDefaultBehaviorProvider(provider); 089 builder.addInstanceOf("org.opends.server.api.CertificateMapper"); 090 PD_JAVA_CLASS = builder.getInstance(); 091 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 092 } 093 094 095 096 /** Build the "subject-attribute" property definition. */ 097 static { 098 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "subject-attribute"); 099 builder.setOption(PropertyOption.MANDATORY); 100 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute")); 101 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>()); 102 PD_SUBJECT_ATTRIBUTE = builder.getInstance(); 103 INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE); 104 } 105 106 107 108 /** Build the "user-base-dn" property definition. */ 109 static { 110 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn"); 111 builder.setOption(PropertyOption.MULTI_VALUED); 112 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn")); 113 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn")); 114 PD_USER_BASE_DN = builder.getInstance(); 115 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN); 116 } 117 118 119 120 // Register the tags associated with this managed object definition. 121 static { 122 INSTANCE.registerTag(Tag.valueOf("security")); 123 INSTANCE.registerTag(Tag.valueOf("user-management")); 124 } 125 126 127 128 /** 129 * Get the Subject DN To User Attribute Certificate Mapper 130 * configuration definition singleton. 131 * 132 * @return Returns the Subject DN To User Attribute Certificate 133 * Mapper configuration definition singleton. 134 */ 135 public static SubjectDNToUserAttributeCertificateMapperCfgDefn getInstance() { 136 return INSTANCE; 137 } 138 139 140 141 /** 142 * Private constructor. 143 */ 144 private SubjectDNToUserAttributeCertificateMapperCfgDefn() { 145 super("subject-dn-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance()); 146 } 147 148 149 150 /** {@inheritDoc} */ 151 public SubjectDNToUserAttributeCertificateMapperCfgClient createClientConfiguration( 152 ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) { 153 return new SubjectDNToUserAttributeCertificateMapperCfgClientImpl(impl); 154 } 155 156 157 158 /** {@inheritDoc} */ 159 public SubjectDNToUserAttributeCertificateMapperCfg createServerConfiguration( 160 ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) { 161 return new SubjectDNToUserAttributeCertificateMapperCfgServerImpl(impl); 162 } 163 164 165 166 /** {@inheritDoc} */ 167 public Class<SubjectDNToUserAttributeCertificateMapperCfg> getServerConfigurationClass() { 168 return SubjectDNToUserAttributeCertificateMapperCfg.class; 169 } 170 171 172 173 /** 174 * Get the "enabled" property definition. 175 * <p> 176 * Indicates whether the Subject DN To User Attribute Certificate 177 * Mapper is enabled. 178 * 179 * @return Returns the "enabled" property definition. 180 */ 181 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 182 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition(); 183 } 184 185 186 187 /** 188 * Get the "java-class" property definition. 189 * <p> 190 * Specifies the fully-qualified name of the Java class that 191 * provides the Subject DN To User Attribute Certificate Mapper 192 * implementation. 193 * 194 * @return Returns the "java-class" property definition. 195 */ 196 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 197 return PD_JAVA_CLASS; 198 } 199 200 201 202 /** 203 * Get the "subject-attribute" property definition. 204 * <p> 205 * Specifies the name or OID of the attribute whose value should 206 * exactly match the certificate subject DN. 207 * 208 * @return Returns the "subject-attribute" property definition. 209 */ 210 public AttributeTypePropertyDefinition getSubjectAttributePropertyDefinition() { 211 return PD_SUBJECT_ATTRIBUTE; 212 } 213 214 215 216 /** 217 * Get the "user-base-dn" property definition. 218 * <p> 219 * Specifies the base DNs that should be used when performing 220 * searches to map the client certificate to a user entry. 221 * 222 * @return Returns the "user-base-dn" property definition. 223 */ 224 public DNPropertyDefinition getUserBaseDNPropertyDefinition() { 225 return PD_USER_BASE_DN; 226 } 227 228 229 230 /** 231 * Managed object client implementation. 232 */ 233 private static class SubjectDNToUserAttributeCertificateMapperCfgClientImpl implements 234 SubjectDNToUserAttributeCertificateMapperCfgClient { 235 236 /** Private implementation. */ 237 private ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl; 238 239 240 241 /** Private constructor. */ 242 private SubjectDNToUserAttributeCertificateMapperCfgClientImpl( 243 ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) { 244 this.impl = impl; 245 } 246 247 248 249 /** {@inheritDoc} */ 250 public Boolean isEnabled() { 251 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 252 } 253 254 255 256 /** {@inheritDoc} */ 257 public void setEnabled(boolean value) { 258 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 259 } 260 261 262 263 /** {@inheritDoc} */ 264 public String getJavaClass() { 265 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 266 } 267 268 269 270 /** {@inheritDoc} */ 271 public void setJavaClass(String value) { 272 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 273 } 274 275 276 277 /** {@inheritDoc} */ 278 public AttributeType getSubjectAttribute() { 279 return impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition()); 280 } 281 282 283 284 /** {@inheritDoc} */ 285 public void setSubjectAttribute(AttributeType value) { 286 impl.setPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition(), value); 287 } 288 289 290 291 /** {@inheritDoc} */ 292 public SortedSet<DN> getUserBaseDN() { 293 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 294 } 295 296 297 298 /** {@inheritDoc} */ 299 public void setUserBaseDN(Collection<DN> values) { 300 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values); 301 } 302 303 304 305 /** {@inheritDoc} */ 306 public ManagedObjectDefinition<? extends SubjectDNToUserAttributeCertificateMapperCfgClient, ? extends SubjectDNToUserAttributeCertificateMapperCfg> definition() { 307 return INSTANCE; 308 } 309 310 311 312 /** {@inheritDoc} */ 313 public PropertyProvider properties() { 314 return impl; 315 } 316 317 318 319 /** {@inheritDoc} */ 320 public void commit() throws ManagedObjectAlreadyExistsException, 321 MissingMandatoryPropertiesException, ConcurrentModificationException, 322 OperationRejectedException, LdapException { 323 impl.commit(); 324 } 325 326 327 328 /** {@inheritDoc} */ 329 public String toString() { 330 return impl.toString(); 331 } 332 } 333 334 335 336 /** 337 * Managed object server implementation. 338 */ 339 private static class SubjectDNToUserAttributeCertificateMapperCfgServerImpl implements 340 SubjectDNToUserAttributeCertificateMapperCfg { 341 342 /** Private implementation. */ 343 private ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl; 344 345 /** The value of the "enabled" property. */ 346 private final boolean pEnabled; 347 348 /** The value of the "java-class" property. */ 349 private final String pJavaClass; 350 351 /** The value of the "subject-attribute" property. */ 352 private final AttributeType pSubjectAttribute; 353 354 /** The value of the "user-base-dn" property. */ 355 private final SortedSet<DN> pUserBaseDN; 356 357 358 359 /** Private constructor. */ 360 private SubjectDNToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) { 361 this.impl = impl; 362 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 363 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 364 this.pSubjectAttribute = impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition()); 365 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 366 } 367 368 369 370 /** {@inheritDoc} */ 371 public void addSubjectDNToUserAttributeChangeListener( 372 ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) { 373 impl.registerChangeListener(listener); 374 } 375 376 377 378 /** {@inheritDoc} */ 379 public void removeSubjectDNToUserAttributeChangeListener( 380 ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) { 381 impl.deregisterChangeListener(listener); 382 } 383 /** {@inheritDoc} */ 384 public void addChangeListener( 385 ConfigurationChangeListener<CertificateMapperCfg> listener) { 386 impl.registerChangeListener(listener); 387 } 388 389 390 391 /** {@inheritDoc} */ 392 public void removeChangeListener( 393 ConfigurationChangeListener<CertificateMapperCfg> listener) { 394 impl.deregisterChangeListener(listener); 395 } 396 397 398 399 /** {@inheritDoc} */ 400 public boolean isEnabled() { 401 return pEnabled; 402 } 403 404 405 406 /** {@inheritDoc} */ 407 public String getJavaClass() { 408 return pJavaClass; 409 } 410 411 412 413 /** {@inheritDoc} */ 414 public AttributeType getSubjectAttribute() { 415 return pSubjectAttribute; 416 } 417 418 419 420 /** {@inheritDoc} */ 421 public SortedSet<DN> getUserBaseDN() { 422 return pUserBaseDN; 423 } 424 425 426 427 /** {@inheritDoc} */ 428 public Class<? extends SubjectDNToUserAttributeCertificateMapperCfg> configurationClass() { 429 return SubjectDNToUserAttributeCertificateMapperCfg.class; 430 } 431 432 433 434 /** {@inheritDoc} */ 435 public DN dn() { 436 return impl.getDN(); 437 } 438 439 440 441 /** {@inheritDoc} */ 442 public String toString() { 443 return impl.toString(); 444 } 445 } 446}