001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2015-2016 ForgeRock AS. 016 */ 017package org.opends.server.types; 018 019/** 020 * This enumeration defines a policy that indicates how the server 021 * should deal with SSL/TLS-based client connections. It is used to 022 * determine whether the server should request that clients provide 023 * their own certificates, and whether to accept client connections 024 * in which the client did not provide a certificate. 025 */ 026@org.opends.server.types.PublicAPI( 027 stability=org.opends.server.types.StabilityLevel.UNCOMMITTED, 028 mayInstantiate=false, 029 mayExtend=false, 030 mayInvoke=true) 031public enum SSLClientAuthPolicy 032{ 033 /** Indicates that the server will not request a certificate from the client. */ 034 DISABLED("Disabled"), 035 /** 036 * Indicates that the server will request a certificate from the 037 * client but will not require that one be provided. 038 */ 039 OPTIONAL("Optional"), 040 /** 041 * Indicates that the server will request a certificate from the 042 * client and will reject any connection attempt in which the client 043 * did not provide one. 044 */ 045 REQUIRED("Required"); 046 047 /** The human-readable name for this policy. */ 048 private String policyName; 049 050 /** 051 * Creates a new SSL client auth policy with the provided name. 052 * 053 * @param policyName The human-readable name for this policy. 054 */ 055 private SSLClientAuthPolicy(String policyName) 056 { 057 this.policyName = policyName; 058 } 059 060 /** 061 * Retrieves the SSL client authentication policy for the specified 062 * name. 063 * 064 * @param policyName The name of the SSL client authentication 065 * policy to retrieve. 066 * 067 * @return The requested SSL client authentication policy, or 068 * <CODE>null</CODE> if the provided value is not the name 069 * of a valid client authentication policy. 070 */ 071 public static SSLClientAuthPolicy policyForName(String policyName) 072 { 073 String lowerName = policyName.toLowerCase(); 074 if (lowerName.equals("disabled") || lowerName.equals("off") || 075 lowerName.equals("never")) 076 { 077 return SSLClientAuthPolicy.DISABLED; 078 } 079 else if (lowerName.equals("optional") || 080 lowerName.equals("allowed")) 081 { 082 return SSLClientAuthPolicy.OPTIONAL; 083 } 084 else if (lowerName.equals("required") || 085 lowerName.equals("on") || 086 lowerName.equals("always")) 087 { 088 return SSLClientAuthPolicy.REQUIRED; 089 } 090 else 091 { 092 return null; 093 } 094 } 095 096 /** 097 * Retrieves the human-readable name for this SSL client auth 098 * policy. 099 * 100 * @return The human-readable name for this SSL client auth policy. 101 */ 102 @Override 103 public String toString() 104 { 105 return policyName; 106 } 107}