001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2015-2016 ForgeRock AS.
016 */
017package org.opends.server.types;
018
019/**
020 * This enumeration defines a policy that indicates how the server
021 * should deal with SSL/TLS-based client connections.  It is used to
022 * determine whether the server should request that clients provide
023 * their own certificates, and whether to accept client connections
024 * in which the client did not provide a certificate.
025 */
026@org.opends.server.types.PublicAPI(
027     stability=org.opends.server.types.StabilityLevel.UNCOMMITTED,
028     mayInstantiate=false,
029     mayExtend=false,
030     mayInvoke=true)
031public enum SSLClientAuthPolicy
032{
033  /** Indicates that the server will not request a certificate from the client. */
034  DISABLED("Disabled"),
035  /**
036   * Indicates that the server will request a certificate from the
037   * client but will not require that one be provided.
038   */
039  OPTIONAL("Optional"),
040  /**
041   * Indicates that the server will request a certificate from the
042   * client and will reject any connection attempt in which the client
043   * did not provide one.
044   */
045  REQUIRED("Required");
046
047  /** The human-readable name for this policy. */
048  private String policyName;
049
050  /**
051   * Creates a new SSL client auth policy with the provided name.
052   *
053   * @param  policyName  The human-readable name for this policy.
054   */
055  private SSLClientAuthPolicy(String policyName)
056  {
057    this.policyName = policyName;
058  }
059
060  /**
061   * Retrieves the SSL client authentication policy for the specified
062   * name.
063   *
064   * @param  policyName  The name of the SSL client authentication
065   *                     policy to retrieve.
066   *
067   * @return  The requested SSL client authentication policy, or
068   *          <CODE>null</CODE> if the provided value is not the name
069   *          of a valid client authentication policy.
070   */
071  public static SSLClientAuthPolicy policyForName(String policyName)
072  {
073    String lowerName = policyName.toLowerCase();
074    if (lowerName.equals("disabled") || lowerName.equals("off") ||
075        lowerName.equals("never"))
076    {
077      return SSLClientAuthPolicy.DISABLED;
078    }
079    else if (lowerName.equals("optional") ||
080             lowerName.equals("allowed"))
081    {
082      return SSLClientAuthPolicy.OPTIONAL;
083    }
084    else if (lowerName.equals("required") ||
085             lowerName.equals("on") ||
086             lowerName.equals("always"))
087    {
088      return SSLClientAuthPolicy.REQUIRED;
089    }
090    else
091    {
092      return null;
093    }
094  }
095
096  /**
097   * Retrieves the human-readable name for this SSL client auth
098   * policy.
099   *
100   * @return  The human-readable name for this SSL client auth policy.
101   */
102  @Override
103  public String toString()
104  {
105    return policyName;
106  }
107}