001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import java.net.InetAddress; 021import java.util.Collection; 022import java.util.SortedSet; 023import org.forgerock.opendj.config.AdministratorAction; 024import org.forgerock.opendj.config.AggregationPropertyDefinition; 025import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 026import org.forgerock.opendj.config.AttributeTypePropertyDefinition; 027import org.forgerock.opendj.config.BooleanPropertyDefinition; 028import org.forgerock.opendj.config.ClassPropertyDefinition; 029import org.forgerock.opendj.config.client.ConcurrentModificationException; 030import org.forgerock.opendj.config.client.ManagedObject; 031import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 032import org.forgerock.opendj.config.client.OperationRejectedException; 033import org.forgerock.opendj.config.conditions.Conditions; 034import org.forgerock.opendj.config.DefaultBehaviorProvider; 035import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 036import org.forgerock.opendj.config.DNPropertyDefinition; 037import org.forgerock.opendj.config.DurationPropertyDefinition; 038import org.forgerock.opendj.config.EnumPropertyDefinition; 039import org.forgerock.opendj.config.GenericConstraint; 040import org.forgerock.opendj.config.IPAddressPropertyDefinition; 041import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 042import org.forgerock.opendj.config.ManagedObjectDefinition; 043import org.forgerock.opendj.config.PropertyOption; 044import org.forgerock.opendj.config.PropertyProvider; 045import org.forgerock.opendj.config.server.ConfigurationChangeListener; 046import org.forgerock.opendj.config.server.ServerManagedObject; 047import org.forgerock.opendj.config.StringPropertyDefinition; 048import org.forgerock.opendj.config.Tag; 049import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 050import org.forgerock.opendj.ldap.DN; 051import org.forgerock.opendj.ldap.LdapException; 052import org.forgerock.opendj.ldap.schema.AttributeType; 053import org.forgerock.opendj.server.config.client.LDAPPassThroughAuthenticationPolicyCfgClient; 054import org.forgerock.opendj.server.config.client.PasswordStorageSchemeCfgClient; 055import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient; 056import org.forgerock.opendj.server.config.server.AuthenticationPolicyCfg; 057import org.forgerock.opendj.server.config.server.LDAPPassThroughAuthenticationPolicyCfg; 058import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 059import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg; 060 061 062 063/** 064 * An interface for querying the LDAP Pass Through Authentication 065 * Policy managed object definition meta information. 066 * <p> 067 * An authentication policy for users whose credentials are managed by 068 * a remote LDAP directory service. 069 */ 070public final class LDAPPassThroughAuthenticationPolicyCfgDefn extends ManagedObjectDefinition<LDAPPassThroughAuthenticationPolicyCfgClient, LDAPPassThroughAuthenticationPolicyCfg> { 071 072 /** The singleton configuration definition instance. */ 073 private static final LDAPPassThroughAuthenticationPolicyCfgDefn INSTANCE = new LDAPPassThroughAuthenticationPolicyCfgDefn(); 074 075 076 077 /** 078 * Defines the set of permissable values for the "mapping-policy" property. 079 * <p> 080 * Specifies the mapping algorithm for obtaining the bind DN from 081 * the user's entry. 082 */ 083 public static enum MappingPolicy { 084 085 /** 086 * Bind to the remote LDAP directory service using a DN obtained 087 * from an attribute in the user's entry. This policy will check 088 * each attribute named in the "mapped-attribute" property. If more 089 * than one attribute or value is present then the first one will 090 * be used. 091 */ 092 MAPPED_BIND("mapped-bind"), 093 094 095 096 /** 097 * Bind to the remote LDAP directory service using the DN of an 098 * entry obtained using a search against the remote LDAP directory 099 * service. The search filter will comprise of an equality matching 100 * filter whose attribute type is the "mapped-attribute" property, 101 * and whose assertion value is the attribute value obtained from 102 * the user's entry. If more than one attribute or value is present 103 * then the filter will be composed of multiple equality filters 104 * combined using a logical OR (union). 105 */ 106 MAPPED_SEARCH("mapped-search"), 107 108 109 110 /** 111 * Bind to the remote LDAP directory service using the DN of the 112 * user's entry in this directory server. 113 */ 114 UNMAPPED("unmapped"); 115 116 117 118 /** String representation of the value. */ 119 private final String name; 120 121 122 123 /** Private constructor. */ 124 private MappingPolicy(String name) { this.name = name; } 125 126 127 128 /** {@inheritDoc} */ 129 public String toString() { return name; } 130 131 } 132 133 134 135 /** The "cached-password-storage-scheme" property definition. */ 136 private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_CACHED_PASSWORD_STORAGE_SCHEME; 137 138 139 140 /** The "cached-password-ttl" property definition. */ 141 private static final DurationPropertyDefinition PD_CACHED_PASSWORD_TTL; 142 143 144 145 /** The "connection-timeout" property definition. */ 146 private static final DurationPropertyDefinition PD_CONNECTION_TIMEOUT; 147 148 149 150 /** The "java-class" property definition. */ 151 private static final ClassPropertyDefinition PD_JAVA_CLASS; 152 153 154 155 /** The "mapped-attribute" property definition. */ 156 private static final AttributeTypePropertyDefinition PD_MAPPED_ATTRIBUTE; 157 158 159 160 /** The "mapped-search-base-dn" property definition. */ 161 private static final DNPropertyDefinition PD_MAPPED_SEARCH_BASE_DN; 162 163 164 165 /** The "mapped-search-bind-dn" property definition. */ 166 private static final DNPropertyDefinition PD_MAPPED_SEARCH_BIND_DN; 167 168 169 170 /** The "mapped-search-bind-password" property definition. */ 171 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD; 172 173 174 175 /** The "mapped-search-bind-password-environment-variable" property definition. */ 176 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE; 177 178 179 180 /** The "mapped-search-bind-password-file" property definition. */ 181 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_FILE; 182 183 184 185 /** The "mapped-search-bind-password-property" property definition. */ 186 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY; 187 188 189 190 /** The "mapped-search-filter-template" property definition. */ 191 private static final StringPropertyDefinition PD_MAPPED_SEARCH_FILTER_TEMPLATE; 192 193 194 195 /** The "mapping-policy" property definition. */ 196 private static final EnumPropertyDefinition<MappingPolicy> PD_MAPPING_POLICY; 197 198 199 200 /** The "primary-remote-ldap-server" property definition. */ 201 private static final StringPropertyDefinition PD_PRIMARY_REMOTE_LDAP_SERVER; 202 203 204 205 /** The "secondary-remote-ldap-server" property definition. */ 206 private static final StringPropertyDefinition PD_SECONDARY_REMOTE_LDAP_SERVER; 207 208 209 210 /** The "source-address" property definition. */ 211 private static final IPAddressPropertyDefinition PD_SOURCE_ADDRESS; 212 213 214 215 /** The "ssl-cipher-suite" property definition. */ 216 private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE; 217 218 219 220 /** The "ssl-protocol" property definition. */ 221 private static final StringPropertyDefinition PD_SSL_PROTOCOL; 222 223 224 225 /** The "trust-manager-provider" property definition. */ 226 private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER; 227 228 229 230 /** The "use-password-caching" property definition. */ 231 private static final BooleanPropertyDefinition PD_USE_PASSWORD_CACHING; 232 233 234 235 /** The "use-ssl" property definition. */ 236 private static final BooleanPropertyDefinition PD_USE_SSL; 237 238 239 240 /** The "use-tcp-keep-alive" property definition. */ 241 private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE; 242 243 244 245 /** The "use-tcp-no-delay" property definition. */ 246 private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY; 247 248 249 250 /** Build the "cached-password-storage-scheme" property definition. */ 251 static { 252 AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "cached-password-storage-scheme"); 253 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-storage-scheme")); 254 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 255 builder.setParentPath("/"); 256 builder.setRelationDefinition("password-storage-scheme"); 257 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 258 PD_CACHED_PASSWORD_STORAGE_SCHEME = builder.getInstance(); 259 INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_STORAGE_SCHEME); 260 INSTANCE.registerConstraint(PD_CACHED_PASSWORD_STORAGE_SCHEME.getSourceConstraint()); 261 } 262 263 264 265 /** Build the "cached-password-ttl" property definition. */ 266 static { 267 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "cached-password-ttl"); 268 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-ttl")); 269 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("8 hours"); 270 builder.setDefaultBehaviorProvider(provider); 271 builder.setBaseUnit("s"); 272 PD_CACHED_PASSWORD_TTL = builder.getInstance(); 273 INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_TTL); 274 } 275 276 277 278 /** Build the "connection-timeout" property definition. */ 279 static { 280 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "connection-timeout"); 281 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "connection-timeout")); 282 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("3 seconds"); 283 builder.setDefaultBehaviorProvider(provider); 284 builder.setBaseUnit("ms"); 285 builder.setLowerLimit("0"); 286 PD_CONNECTION_TIMEOUT = builder.getInstance(); 287 INSTANCE.registerPropertyDefinition(PD_CONNECTION_TIMEOUT); 288 } 289 290 291 292 /** Build the "java-class" property definition. */ 293 static { 294 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 295 builder.setOption(PropertyOption.MANDATORY); 296 builder.setOption(PropertyOption.ADVANCED); 297 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 298 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.LDAPPassThroughAuthenticationPolicyFactory"); 299 builder.setDefaultBehaviorProvider(provider); 300 builder.addInstanceOf("org.opends.server.api.AuthenticationPolicyFactory"); 301 PD_JAVA_CLASS = builder.getInstance(); 302 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 303 } 304 305 306 307 /** Build the "mapped-attribute" property definition. */ 308 static { 309 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "mapped-attribute"); 310 builder.setOption(PropertyOption.MULTI_VALUED); 311 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-attribute")); 312 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>()); 313 PD_MAPPED_ATTRIBUTE = builder.getInstance(); 314 INSTANCE.registerPropertyDefinition(PD_MAPPED_ATTRIBUTE); 315 } 316 317 318 319 /** Build the "mapped-search-base-dn" property definition. */ 320 static { 321 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-base-dn"); 322 builder.setOption(PropertyOption.MULTI_VALUED); 323 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-base-dn")); 324 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<DN>()); 325 PD_MAPPED_SEARCH_BASE_DN = builder.getInstance(); 326 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BASE_DN); 327 } 328 329 330 331 /** Build the "mapped-search-bind-dn" property definition. */ 332 static { 333 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-dn"); 334 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-dn")); 335 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "mapped-search-bind-dn")); 336 PD_MAPPED_SEARCH_BIND_DN = builder.getInstance(); 337 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_DN); 338 } 339 340 341 342 /** Build the "mapped-search-bind-password" property definition. */ 343 static { 344 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password"); 345 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password")); 346 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 347 PD_MAPPED_SEARCH_BIND_PASSWORD = builder.getInstance(); 348 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD); 349 } 350 351 352 353 /** Build the "mapped-search-bind-password-environment-variable" property definition. */ 354 static { 355 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-environment-variable"); 356 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-environment-variable")); 357 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 358 PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE = builder.getInstance(); 359 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE); 360 } 361 362 363 364 /** Build the "mapped-search-bind-password-file" property definition. */ 365 static { 366 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-file"); 367 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-file")); 368 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 369 PD_MAPPED_SEARCH_BIND_PASSWORD_FILE = builder.getInstance(); 370 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_FILE); 371 } 372 373 374 375 /** Build the "mapped-search-bind-password-property" property definition. */ 376 static { 377 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-property"); 378 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-property")); 379 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 380 PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY = builder.getInstance(); 381 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY); 382 } 383 384 385 386 /** Build the "mapped-search-filter-template" property definition. */ 387 static { 388 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-filter-template"); 389 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-filter-template")); 390 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 391 PD_MAPPED_SEARCH_FILTER_TEMPLATE = builder.getInstance(); 392 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_FILTER_TEMPLATE); 393 } 394 395 396 397 /** Build the "mapping-policy" property definition. */ 398 static { 399 EnumPropertyDefinition.Builder<MappingPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "mapping-policy"); 400 builder.setOption(PropertyOption.MANDATORY); 401 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapping-policy")); 402 DefaultBehaviorProvider<MappingPolicy> provider = new DefinedDefaultBehaviorProvider<MappingPolicy>("unmapped"); 403 builder.setDefaultBehaviorProvider(provider); 404 builder.setEnumClass(MappingPolicy.class); 405 PD_MAPPING_POLICY = builder.getInstance(); 406 INSTANCE.registerPropertyDefinition(PD_MAPPING_POLICY); 407 } 408 409 410 411 /** Build the "primary-remote-ldap-server" property definition. */ 412 static { 413 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "primary-remote-ldap-server"); 414 builder.setOption(PropertyOption.MULTI_VALUED); 415 builder.setOption(PropertyOption.MANDATORY); 416 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "primary-remote-ldap-server")); 417 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 418 builder.setPattern("^.+:[0-9]+$", "HOST:PORT"); 419 PD_PRIMARY_REMOTE_LDAP_SERVER = builder.getInstance(); 420 INSTANCE.registerPropertyDefinition(PD_PRIMARY_REMOTE_LDAP_SERVER); 421 } 422 423 424 425 /** Build the "secondary-remote-ldap-server" property definition. */ 426 static { 427 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "secondary-remote-ldap-server"); 428 builder.setOption(PropertyOption.MULTI_VALUED); 429 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "secondary-remote-ldap-server")); 430 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "secondary-remote-ldap-server")); 431 builder.setPattern("^.+:[0-9]+$", "HOST:PORT"); 432 PD_SECONDARY_REMOTE_LDAP_SERVER = builder.getInstance(); 433 INSTANCE.registerPropertyDefinition(PD_SECONDARY_REMOTE_LDAP_SERVER); 434 } 435 436 437 438 /** Build the "source-address" property definition. */ 439 static { 440 IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "source-address"); 441 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "source-address")); 442 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<InetAddress>(INSTANCE, "source-address")); 443 PD_SOURCE_ADDRESS = builder.getInstance(); 444 INSTANCE.registerPropertyDefinition(PD_SOURCE_ADDRESS); 445 } 446 447 448 449 /** Build the "ssl-cipher-suite" property definition. */ 450 static { 451 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite"); 452 builder.setOption(PropertyOption.MULTI_VALUED); 453 builder.setOption(PropertyOption.ADVANCED); 454 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite")); 455 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite")); 456 PD_SSL_CIPHER_SUITE = builder.getInstance(); 457 INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE); 458 } 459 460 461 462 /** Build the "ssl-protocol" property definition. */ 463 static { 464 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol"); 465 builder.setOption(PropertyOption.MULTI_VALUED); 466 builder.setOption(PropertyOption.ADVANCED); 467 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol")); 468 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol")); 469 PD_SSL_PROTOCOL = builder.getInstance(); 470 INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL); 471 } 472 473 474 475 /** Build the "trust-manager-provider" property definition. */ 476 static { 477 AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider"); 478 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider")); 479 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "trust-manager-provider")); 480 builder.setParentPath("/"); 481 builder.setRelationDefinition("trust-manager-provider"); 482 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("use-ssl", "true"))); 483 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 484 PD_TRUST_MANAGER_PROVIDER = builder.getInstance(); 485 INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER); 486 INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint()); 487 } 488 489 490 491 /** Build the "use-password-caching" property definition. */ 492 static { 493 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-password-caching"); 494 builder.setOption(PropertyOption.MANDATORY); 495 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-password-caching")); 496 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 497 builder.setDefaultBehaviorProvider(provider); 498 PD_USE_PASSWORD_CACHING = builder.getInstance(); 499 INSTANCE.registerPropertyDefinition(PD_USE_PASSWORD_CACHING); 500 } 501 502 503 504 /** Build the "use-ssl" property definition. */ 505 static { 506 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl"); 507 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl")); 508 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 509 builder.setDefaultBehaviorProvider(provider); 510 PD_USE_SSL = builder.getInstance(); 511 INSTANCE.registerPropertyDefinition(PD_USE_SSL); 512 } 513 514 515 516 /** Build the "use-tcp-keep-alive" property definition. */ 517 static { 518 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive"); 519 builder.setOption(PropertyOption.ADVANCED); 520 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive")); 521 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 522 builder.setDefaultBehaviorProvider(provider); 523 PD_USE_TCP_KEEP_ALIVE = builder.getInstance(); 524 INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE); 525 } 526 527 528 529 /** Build the "use-tcp-no-delay" property definition. */ 530 static { 531 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay"); 532 builder.setOption(PropertyOption.ADVANCED); 533 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay")); 534 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 535 builder.setDefaultBehaviorProvider(provider); 536 PD_USE_TCP_NO_DELAY = builder.getInstance(); 537 INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY); 538 } 539 540 541 542 // Register the tags associated with this managed object definition. 543 static { 544 INSTANCE.registerTag(Tag.valueOf("user-management")); 545 } 546 547 548 549 // Register the constraints associated with this managed object definition. 550 static { 551 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.or(Conditions.contains("mapping-policy", "mapped-bind"), Conditions.contains("mapping-policy", "mapped-search")), Conditions.isPresent("mapped-attribute")))); 552 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-base-dn")))); 553 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.and(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-bind-dn")), Conditions.or(Conditions.isPresent("mapped-search-bind-password"), Conditions.isPresent("mapped-search-bind-password-property"), Conditions.isPresent("mapped-search-bind-password-environment-variable"), Conditions.isPresent("mapped-search-bind-password-file"))))); 554 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 4, Conditions.implies(Conditions.contains("use-password-caching", "true"), Conditions.isPresent("cached-password-storage-scheme")))); 555 } 556 557 558 559 /** 560 * Get the LDAP Pass Through Authentication Policy configuration 561 * definition singleton. 562 * 563 * @return Returns the LDAP Pass Through Authentication Policy 564 * configuration definition singleton. 565 */ 566 public static LDAPPassThroughAuthenticationPolicyCfgDefn getInstance() { 567 return INSTANCE; 568 } 569 570 571 572 /** 573 * Private constructor. 574 */ 575 private LDAPPassThroughAuthenticationPolicyCfgDefn() { 576 super("ldap-pass-through-authentication-policy", AuthenticationPolicyCfgDefn.getInstance()); 577 } 578 579 580 581 /** {@inheritDoc} */ 582 public LDAPPassThroughAuthenticationPolicyCfgClient createClientConfiguration( 583 ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) { 584 return new LDAPPassThroughAuthenticationPolicyCfgClientImpl(impl); 585 } 586 587 588 589 /** {@inheritDoc} */ 590 public LDAPPassThroughAuthenticationPolicyCfg createServerConfiguration( 591 ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) { 592 return new LDAPPassThroughAuthenticationPolicyCfgServerImpl(impl); 593 } 594 595 596 597 /** {@inheritDoc} */ 598 public Class<LDAPPassThroughAuthenticationPolicyCfg> getServerConfigurationClass() { 599 return LDAPPassThroughAuthenticationPolicyCfg.class; 600 } 601 602 603 604 /** 605 * Get the "cached-password-storage-scheme" property definition. 606 * <p> 607 * Specifies the name of a password storage scheme which should be 608 * used for encoding cached passwords. 609 * <p> 610 * Changing the password storage scheme will cause all existing 611 * cached passwords to be discarded. 612 * 613 * @return Returns the "cached-password-storage-scheme" property definition. 614 */ 615 public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getCachedPasswordStorageSchemePropertyDefinition() { 616 return PD_CACHED_PASSWORD_STORAGE_SCHEME; 617 } 618 619 620 621 /** 622 * Get the "cached-password-ttl" property definition. 623 * <p> 624 * Specifies the maximum length of time that a locally cached 625 * password may be used for authentication before it is refreshed 626 * from the remote LDAP service. 627 * <p> 628 * This property represents a cache timeout. Increasing the timeout 629 * period decreases the frequency that bind operations are delegated 630 * to the remote LDAP service, but increases the risk of users 631 * authenticating using stale passwords. Note that authentication 632 * attempts which fail because the provided password does not match 633 * the locally cached password will always be retried against the 634 * remote LDAP service. 635 * 636 * @return Returns the "cached-password-ttl" property definition. 637 */ 638 public DurationPropertyDefinition getCachedPasswordTTLPropertyDefinition() { 639 return PD_CACHED_PASSWORD_TTL; 640 } 641 642 643 644 /** 645 * Get the "connection-timeout" property definition. 646 * <p> 647 * Specifies the timeout used when connecting to remote LDAP 648 * directory servers, performing SSL negotiation, and for individual 649 * search and bind requests. 650 * <p> 651 * If the timeout expires then the current operation will be aborted 652 * and retried against another LDAP server if one is available. 653 * 654 * @return Returns the "connection-timeout" property definition. 655 */ 656 public DurationPropertyDefinition getConnectionTimeoutPropertyDefinition() { 657 return PD_CONNECTION_TIMEOUT; 658 } 659 660 661 662 /** 663 * Get the "java-class" property definition. 664 * <p> 665 * Specifies the fully-qualified name of the Java class which 666 * provides the LDAP Pass Through Authentication Policy 667 * implementation. 668 * 669 * @return Returns the "java-class" property definition. 670 */ 671 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 672 return PD_JAVA_CLASS; 673 } 674 675 676 677 /** 678 * Get the "mapped-attribute" property definition. 679 * <p> 680 * Specifies one or more attributes in the user's entry whose 681 * value(s) will determine the bind DN used when authenticating to 682 * the remote LDAP directory service. This property is mandatory when 683 * using the "mapped-bind" or "mapped-search" mapping policies. 684 * <p> 685 * At least one value must be provided. All values must refer to the 686 * name or OID of an attribute type defined in the directory server 687 * schema. At least one of the named attributes must exist in a 688 * user's local entry in order for authentication to proceed. When 689 * multiple attributes or values are found in the user's entry then 690 * the behavior is determined by the mapping policy. 691 * 692 * @return Returns the "mapped-attribute" property definition. 693 */ 694 public AttributeTypePropertyDefinition getMappedAttributePropertyDefinition() { 695 return PD_MAPPED_ATTRIBUTE; 696 } 697 698 699 700 /** 701 * Get the "mapped-search-base-dn" property definition. 702 * <p> 703 * Specifies the set of base DNs below which to search for users in 704 * the remote LDAP directory service. This property is mandatory when 705 * using the "mapped-search" mapping policy. 706 * <p> 707 * If multiple values are given, searches are performed below all 708 * specified base DNs. 709 * 710 * @return Returns the "mapped-search-base-dn" property definition. 711 */ 712 public DNPropertyDefinition getMappedSearchBaseDNPropertyDefinition() { 713 return PD_MAPPED_SEARCH_BASE_DN; 714 } 715 716 717 718 /** 719 * Get the "mapped-search-bind-dn" property definition. 720 * <p> 721 * Specifies the bind DN which should be used to perform user 722 * searches in the remote LDAP directory service. 723 * 724 * @return Returns the "mapped-search-bind-dn" property definition. 725 */ 726 public DNPropertyDefinition getMappedSearchBindDNPropertyDefinition() { 727 return PD_MAPPED_SEARCH_BIND_DN; 728 } 729 730 731 732 /** 733 * Get the "mapped-search-bind-password" property definition. 734 * <p> 735 * Specifies the bind password which should be used to perform user 736 * searches in the remote LDAP directory service. 737 * 738 * @return Returns the "mapped-search-bind-password" property definition. 739 */ 740 public StringPropertyDefinition getMappedSearchBindPasswordPropertyDefinition() { 741 return PD_MAPPED_SEARCH_BIND_PASSWORD; 742 } 743 744 745 746 /** 747 * Get the "mapped-search-bind-password-environment-variable" property definition. 748 * <p> 749 * Specifies the name of an environment variable containing the bind 750 * password which should be used to perform user searches in the 751 * remote LDAP directory service. 752 * 753 * @return Returns the "mapped-search-bind-password-environment-variable" property definition. 754 */ 755 public StringPropertyDefinition getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition() { 756 return PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE; 757 } 758 759 760 761 /** 762 * Get the "mapped-search-bind-password-file" property definition. 763 * <p> 764 * Specifies the name of a file containing the bind password which 765 * should be used to perform user searches in the remote LDAP 766 * directory service. 767 * 768 * @return Returns the "mapped-search-bind-password-file" property definition. 769 */ 770 public StringPropertyDefinition getMappedSearchBindPasswordFilePropertyDefinition() { 771 return PD_MAPPED_SEARCH_BIND_PASSWORD_FILE; 772 } 773 774 775 776 /** 777 * Get the "mapped-search-bind-password-property" property definition. 778 * <p> 779 * Specifies the name of a Java property containing the bind 780 * password which should be used to perform user searches in the 781 * remote LDAP directory service. 782 * 783 * @return Returns the "mapped-search-bind-password-property" property definition. 784 */ 785 public StringPropertyDefinition getMappedSearchBindPasswordPropertyPropertyDefinition() { 786 return PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY; 787 } 788 789 790 791 /** 792 * Get the "mapped-search-filter-template" property definition. 793 * <p> 794 * If defined, overrides the filter used when searching for the 795 * user, substituting %s with the value of the local entry's 796 * "mapped-attribute". 797 * <p> 798 * The filter-template may include ZERO or ONE %s substitutions. If 799 * multiple mapped-attributes are configured, multiple renditions of 800 * this template will be aggregated into one larger filter using an 801 * OR (|) operator. An example use-case for this property would be to 802 * use a different attribute type on the mapped search. For example, 803 * mapped-attribute could be set to "uid" and filter-template to 804 * "(samAccountName=%s)". 805 * 806 * @return Returns the "mapped-search-filter-template" property definition. 807 */ 808 public StringPropertyDefinition getMappedSearchFilterTemplatePropertyDefinition() { 809 return PD_MAPPED_SEARCH_FILTER_TEMPLATE; 810 } 811 812 813 814 /** 815 * Get the "mapping-policy" property definition. 816 * <p> 817 * Specifies the mapping algorithm for obtaining the bind DN from 818 * the user's entry. 819 * 820 * @return Returns the "mapping-policy" property definition. 821 */ 822 public EnumPropertyDefinition<MappingPolicy> getMappingPolicyPropertyDefinition() { 823 return PD_MAPPING_POLICY; 824 } 825 826 827 828 /** 829 * Get the "primary-remote-ldap-server" property definition. 830 * <p> 831 * Specifies the primary list of remote LDAP servers which should be 832 * used for pass through authentication. 833 * <p> 834 * If more than one LDAP server is specified then operations may be 835 * distributed across them. If all of the primary LDAP servers are 836 * unavailable then operations will fail-over to the set of secondary 837 * LDAP servers, if defined. 838 * 839 * @return Returns the "primary-remote-ldap-server" property definition. 840 */ 841 public StringPropertyDefinition getPrimaryRemoteLDAPServerPropertyDefinition() { 842 return PD_PRIMARY_REMOTE_LDAP_SERVER; 843 } 844 845 846 847 /** 848 * Get the "secondary-remote-ldap-server" property definition. 849 * <p> 850 * Specifies the secondary list of remote LDAP servers which should 851 * be used for pass through authentication in the event that the 852 * primary LDAP servers are unavailable. 853 * <p> 854 * If more than one LDAP server is specified then operations may be 855 * distributed across them. Operations will be rerouted to the 856 * primary LDAP servers as soon as they are determined to be 857 * available. 858 * 859 * @return Returns the "secondary-remote-ldap-server" property definition. 860 */ 861 public StringPropertyDefinition getSecondaryRemoteLDAPServerPropertyDefinition() { 862 return PD_SECONDARY_REMOTE_LDAP_SERVER; 863 } 864 865 866 867 /** 868 * Get the "source-address" property definition. 869 * <p> 870 * If specified, the server will bind to the address before 871 * connecting to the remote server. 872 * <p> 873 * The address must be one assigned to an existing network 874 * interface. 875 * 876 * @return Returns the "source-address" property definition. 877 */ 878 public IPAddressPropertyDefinition getSourceAddressPropertyDefinition() { 879 return PD_SOURCE_ADDRESS; 880 } 881 882 883 884 /** 885 * Get the "ssl-cipher-suite" property definition. 886 * <p> 887 * Specifies the names of the SSL cipher suites that are allowed for 888 * use in SSL based LDAP connections. 889 * 890 * @return Returns the "ssl-cipher-suite" property definition. 891 */ 892 public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() { 893 return PD_SSL_CIPHER_SUITE; 894 } 895 896 897 898 /** 899 * Get the "ssl-protocol" property definition. 900 * <p> 901 * Specifies the names of the SSL protocols which are allowed for 902 * use in SSL based LDAP connections. 903 * 904 * @return Returns the "ssl-protocol" property definition. 905 */ 906 public StringPropertyDefinition getSSLProtocolPropertyDefinition() { 907 return PD_SSL_PROTOCOL; 908 } 909 910 911 912 /** 913 * Get the "trust-manager-provider" property definition. 914 * <p> 915 * Specifies the name of the trust manager that should be used when 916 * negotiating SSL connections with remote LDAP directory servers. 917 * 918 * @return Returns the "trust-manager-provider" property definition. 919 */ 920 public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() { 921 return PD_TRUST_MANAGER_PROVIDER; 922 } 923 924 925 926 /** 927 * Get the "use-password-caching" property definition. 928 * <p> 929 * Indicates whether passwords should be cached locally within the 930 * user's entry. 931 * 932 * @return Returns the "use-password-caching" property definition. 933 */ 934 public BooleanPropertyDefinition getUsePasswordCachingPropertyDefinition() { 935 return PD_USE_PASSWORD_CACHING; 936 } 937 938 939 940 /** 941 * Get the "use-ssl" property definition. 942 * <p> 943 * Indicates whether the LDAP Pass Through Authentication Policy 944 * should use SSL. 945 * <p> 946 * If enabled, the LDAP Pass Through Authentication Policy will use 947 * SSL to encrypt communication with the clients. 948 * 949 * @return Returns the "use-ssl" property definition. 950 */ 951 public BooleanPropertyDefinition getUseSSLPropertyDefinition() { 952 return PD_USE_SSL; 953 } 954 955 956 957 /** 958 * Get the "use-tcp-keep-alive" property definition. 959 * <p> 960 * Indicates whether LDAP connections should use TCP keep-alive. 961 * <p> 962 * If enabled, the SO_KEEPALIVE socket option is used to indicate 963 * that TCP keepalive messages should periodically be sent to the 964 * client to verify that the associated connection is still valid. 965 * This may also help prevent cases in which intermediate network 966 * hardware could silently drop an otherwise idle client connection, 967 * provided that the keepalive interval configured in the underlying 968 * operating system is smaller than the timeout enforced by the 969 * network hardware. 970 * 971 * @return Returns the "use-tcp-keep-alive" property definition. 972 */ 973 public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() { 974 return PD_USE_TCP_KEEP_ALIVE; 975 } 976 977 978 979 /** 980 * Get the "use-tcp-no-delay" property definition. 981 * <p> 982 * Indicates whether LDAP connections should use TCP no-delay. 983 * <p> 984 * If enabled, the TCP_NODELAY socket option is used to ensure that 985 * response messages to the client are sent immediately rather than 986 * potentially waiting to determine whether additional response 987 * messages can be sent in the same packet. In most cases, using the 988 * TCP_NODELAY socket option provides better performance and lower 989 * response times, but disabling it may help for some cases in which 990 * the server sends a large number of entries to a client in response 991 * to a search request. 992 * 993 * @return Returns the "use-tcp-no-delay" property definition. 994 */ 995 public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() { 996 return PD_USE_TCP_NO_DELAY; 997 } 998 999 1000 1001 /** 1002 * Managed object client implementation. 1003 */ 1004 private static class LDAPPassThroughAuthenticationPolicyCfgClientImpl implements 1005 LDAPPassThroughAuthenticationPolicyCfgClient { 1006 1007 /** Private implementation. */ 1008 private ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl; 1009 1010 1011 1012 /** Private constructor. */ 1013 private LDAPPassThroughAuthenticationPolicyCfgClientImpl( 1014 ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) { 1015 this.impl = impl; 1016 } 1017 1018 1019 1020 /** {@inheritDoc} */ 1021 public String getCachedPasswordStorageScheme() { 1022 return impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition()); 1023 } 1024 1025 1026 1027 /** {@inheritDoc} */ 1028 public void setCachedPasswordStorageScheme(String value) { 1029 impl.setPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition(), value); 1030 } 1031 1032 1033 1034 /** {@inheritDoc} */ 1035 public long getCachedPasswordTTL() { 1036 return impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition()); 1037 } 1038 1039 1040 1041 /** {@inheritDoc} */ 1042 public void setCachedPasswordTTL(Long value) { 1043 impl.setPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition(), value); 1044 } 1045 1046 1047 1048 /** {@inheritDoc} */ 1049 public long getConnectionTimeout() { 1050 return impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition()); 1051 } 1052 1053 1054 1055 /** {@inheritDoc} */ 1056 public void setConnectionTimeout(Long value) { 1057 impl.setPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition(), value); 1058 } 1059 1060 1061 1062 /** {@inheritDoc} */ 1063 public String getJavaClass() { 1064 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1065 } 1066 1067 1068 1069 /** {@inheritDoc} */ 1070 public void setJavaClass(String value) { 1071 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 1072 } 1073 1074 1075 1076 /** {@inheritDoc} */ 1077 public SortedSet<AttributeType> getMappedAttribute() { 1078 return impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition()); 1079 } 1080 1081 1082 1083 /** {@inheritDoc} */ 1084 public void setMappedAttribute(Collection<AttributeType> values) { 1085 impl.setPropertyValues(INSTANCE.getMappedAttributePropertyDefinition(), values); 1086 } 1087 1088 1089 1090 /** {@inheritDoc} */ 1091 public SortedSet<DN> getMappedSearchBaseDN() { 1092 return impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition()); 1093 } 1094 1095 1096 1097 /** {@inheritDoc} */ 1098 public void setMappedSearchBaseDN(Collection<DN> values) { 1099 impl.setPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition(), values); 1100 } 1101 1102 1103 1104 /** {@inheritDoc} */ 1105 public DN getMappedSearchBindDN() { 1106 return impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition()); 1107 } 1108 1109 1110 1111 /** {@inheritDoc} */ 1112 public void setMappedSearchBindDN(DN value) { 1113 impl.setPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition(), value); 1114 } 1115 1116 1117 1118 /** {@inheritDoc} */ 1119 public String getMappedSearchBindPassword() { 1120 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition()); 1121 } 1122 1123 1124 1125 /** {@inheritDoc} */ 1126 public void setMappedSearchBindPassword(String value) { 1127 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition(), value); 1128 } 1129 1130 1131 1132 /** {@inheritDoc} */ 1133 public String getMappedSearchBindPasswordEnvironmentVariable() { 1134 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition()); 1135 } 1136 1137 1138 1139 /** {@inheritDoc} */ 1140 public void setMappedSearchBindPasswordEnvironmentVariable(String value) { 1141 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition(), value); 1142 } 1143 1144 1145 1146 /** {@inheritDoc} */ 1147 public String getMappedSearchBindPasswordFile() { 1148 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition()); 1149 } 1150 1151 1152 1153 /** {@inheritDoc} */ 1154 public void setMappedSearchBindPasswordFile(String value) { 1155 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition(), value); 1156 } 1157 1158 1159 1160 /** {@inheritDoc} */ 1161 public String getMappedSearchBindPasswordProperty() { 1162 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition()); 1163 } 1164 1165 1166 1167 /** {@inheritDoc} */ 1168 public void setMappedSearchBindPasswordProperty(String value) { 1169 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition(), value); 1170 } 1171 1172 1173 1174 /** {@inheritDoc} */ 1175 public String getMappedSearchFilterTemplate() { 1176 return impl.getPropertyValue(INSTANCE.getMappedSearchFilterTemplatePropertyDefinition()); 1177 } 1178 1179 1180 1181 /** {@inheritDoc} */ 1182 public void setMappedSearchFilterTemplate(String value) { 1183 impl.setPropertyValue(INSTANCE.getMappedSearchFilterTemplatePropertyDefinition(), value); 1184 } 1185 1186 1187 1188 /** {@inheritDoc} */ 1189 public MappingPolicy getMappingPolicy() { 1190 return impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition()); 1191 } 1192 1193 1194 1195 /** {@inheritDoc} */ 1196 public void setMappingPolicy(MappingPolicy value) { 1197 impl.setPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition(), value); 1198 } 1199 1200 1201 1202 /** {@inheritDoc} */ 1203 public SortedSet<String> getPrimaryRemoteLDAPServer() { 1204 return impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition()); 1205 } 1206 1207 1208 1209 /** {@inheritDoc} */ 1210 public void setPrimaryRemoteLDAPServer(Collection<String> values) { 1211 impl.setPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition(), values); 1212 } 1213 1214 1215 1216 /** {@inheritDoc} */ 1217 public SortedSet<String> getSecondaryRemoteLDAPServer() { 1218 return impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition()); 1219 } 1220 1221 1222 1223 /** {@inheritDoc} */ 1224 public void setSecondaryRemoteLDAPServer(Collection<String> values) { 1225 impl.setPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition(), values); 1226 } 1227 1228 1229 1230 /** {@inheritDoc} */ 1231 public InetAddress getSourceAddress() { 1232 return impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition()); 1233 } 1234 1235 1236 1237 /** {@inheritDoc} */ 1238 public void setSourceAddress(InetAddress value) { 1239 impl.setPropertyValue(INSTANCE.getSourceAddressPropertyDefinition(), value); 1240 } 1241 1242 1243 1244 /** {@inheritDoc} */ 1245 public SortedSet<String> getSSLCipherSuite() { 1246 return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1247 } 1248 1249 1250 1251 /** {@inheritDoc} */ 1252 public void setSSLCipherSuite(Collection<String> values) { 1253 impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values); 1254 } 1255 1256 1257 1258 /** {@inheritDoc} */ 1259 public SortedSet<String> getSSLProtocol() { 1260 return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1261 } 1262 1263 1264 1265 /** {@inheritDoc} */ 1266 public void setSSLProtocol(Collection<String> values) { 1267 impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values); 1268 } 1269 1270 1271 1272 /** {@inheritDoc} */ 1273 public String getTrustManagerProvider() { 1274 return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1275 } 1276 1277 1278 1279 /** {@inheritDoc} */ 1280 public void setTrustManagerProvider(String value) { 1281 impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value); 1282 } 1283 1284 1285 1286 /** {@inheritDoc} */ 1287 public boolean isUsePasswordCaching() { 1288 return impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition()); 1289 } 1290 1291 1292 1293 /** {@inheritDoc} */ 1294 public void setUsePasswordCaching(boolean value) { 1295 impl.setPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition(), value); 1296 } 1297 1298 1299 1300 /** {@inheritDoc} */ 1301 public boolean isUseSSL() { 1302 return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1303 } 1304 1305 1306 1307 /** {@inheritDoc} */ 1308 public void setUseSSL(Boolean value) { 1309 impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value); 1310 } 1311 1312 1313 1314 /** {@inheritDoc} */ 1315 public boolean isUseTCPKeepAlive() { 1316 return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1317 } 1318 1319 1320 1321 /** {@inheritDoc} */ 1322 public void setUseTCPKeepAlive(Boolean value) { 1323 impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value); 1324 } 1325 1326 1327 1328 /** {@inheritDoc} */ 1329 public boolean isUseTCPNoDelay() { 1330 return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1331 } 1332 1333 1334 1335 /** {@inheritDoc} */ 1336 public void setUseTCPNoDelay(Boolean value) { 1337 impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value); 1338 } 1339 1340 1341 1342 /** {@inheritDoc} */ 1343 public ManagedObjectDefinition<? extends LDAPPassThroughAuthenticationPolicyCfgClient, ? extends LDAPPassThroughAuthenticationPolicyCfg> definition() { 1344 return INSTANCE; 1345 } 1346 1347 1348 1349 /** {@inheritDoc} */ 1350 public PropertyProvider properties() { 1351 return impl; 1352 } 1353 1354 1355 1356 /** {@inheritDoc} */ 1357 public void commit() throws ManagedObjectAlreadyExistsException, 1358 MissingMandatoryPropertiesException, ConcurrentModificationException, 1359 OperationRejectedException, LdapException { 1360 impl.commit(); 1361 } 1362 1363 1364 1365 /** {@inheritDoc} */ 1366 public String toString() { 1367 return impl.toString(); 1368 } 1369 } 1370 1371 1372 1373 /** 1374 * Managed object server implementation. 1375 */ 1376 private static class LDAPPassThroughAuthenticationPolicyCfgServerImpl implements 1377 LDAPPassThroughAuthenticationPolicyCfg { 1378 1379 /** Private implementation. */ 1380 private ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl; 1381 1382 /** The value of the "cached-password-storage-scheme" property. */ 1383 private final String pCachedPasswordStorageScheme; 1384 1385 /** The value of the "cached-password-ttl" property. */ 1386 private final long pCachedPasswordTTL; 1387 1388 /** The value of the "connection-timeout" property. */ 1389 private final long pConnectionTimeout; 1390 1391 /** The value of the "java-class" property. */ 1392 private final String pJavaClass; 1393 1394 /** The value of the "mapped-attribute" property. */ 1395 private final SortedSet<AttributeType> pMappedAttribute; 1396 1397 /** The value of the "mapped-search-base-dn" property. */ 1398 private final SortedSet<DN> pMappedSearchBaseDN; 1399 1400 /** The value of the "mapped-search-bind-dn" property. */ 1401 private final DN pMappedSearchBindDN; 1402 1403 /** The value of the "mapped-search-bind-password" property. */ 1404 private final String pMappedSearchBindPassword; 1405 1406 /** The value of the "mapped-search-bind-password-environment-variable" property. */ 1407 private final String pMappedSearchBindPasswordEnvironmentVariable; 1408 1409 /** The value of the "mapped-search-bind-password-file" property. */ 1410 private final String pMappedSearchBindPasswordFile; 1411 1412 /** The value of the "mapped-search-bind-password-property" property. */ 1413 private final String pMappedSearchBindPasswordProperty; 1414 1415 /** The value of the "mapped-search-filter-template" property. */ 1416 private final String pMappedSearchFilterTemplate; 1417 1418 /** The value of the "mapping-policy" property. */ 1419 private final MappingPolicy pMappingPolicy; 1420 1421 /** The value of the "primary-remote-ldap-server" property. */ 1422 private final SortedSet<String> pPrimaryRemoteLDAPServer; 1423 1424 /** The value of the "secondary-remote-ldap-server" property. */ 1425 private final SortedSet<String> pSecondaryRemoteLDAPServer; 1426 1427 /** The value of the "source-address" property. */ 1428 private final InetAddress pSourceAddress; 1429 1430 /** The value of the "ssl-cipher-suite" property. */ 1431 private final SortedSet<String> pSSLCipherSuite; 1432 1433 /** The value of the "ssl-protocol" property. */ 1434 private final SortedSet<String> pSSLProtocol; 1435 1436 /** The value of the "trust-manager-provider" property. */ 1437 private final String pTrustManagerProvider; 1438 1439 /** The value of the "use-password-caching" property. */ 1440 private final boolean pUsePasswordCaching; 1441 1442 /** The value of the "use-ssl" property. */ 1443 private final boolean pUseSSL; 1444 1445 /** The value of the "use-tcp-keep-alive" property. */ 1446 private final boolean pUseTCPKeepAlive; 1447 1448 /** The value of the "use-tcp-no-delay" property. */ 1449 private final boolean pUseTCPNoDelay; 1450 1451 1452 1453 /** Private constructor. */ 1454 private LDAPPassThroughAuthenticationPolicyCfgServerImpl(ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) { 1455 this.impl = impl; 1456 this.pCachedPasswordStorageScheme = impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition()); 1457 this.pCachedPasswordTTL = impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition()); 1458 this.pConnectionTimeout = impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition()); 1459 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1460 this.pMappedAttribute = impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition()); 1461 this.pMappedSearchBaseDN = impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition()); 1462 this.pMappedSearchBindDN = impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition()); 1463 this.pMappedSearchBindPassword = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition()); 1464 this.pMappedSearchBindPasswordEnvironmentVariable = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition()); 1465 this.pMappedSearchBindPasswordFile = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition()); 1466 this.pMappedSearchBindPasswordProperty = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition()); 1467 this.pMappedSearchFilterTemplate = impl.getPropertyValue(INSTANCE.getMappedSearchFilterTemplatePropertyDefinition()); 1468 this.pMappingPolicy = impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition()); 1469 this.pPrimaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition()); 1470 this.pSecondaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition()); 1471 this.pSourceAddress = impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition()); 1472 this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1473 this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1474 this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1475 this.pUsePasswordCaching = impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition()); 1476 this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1477 this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1478 this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1479 } 1480 1481 1482 1483 /** {@inheritDoc} */ 1484 public void addLDAPPassThroughChangeListener( 1485 ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) { 1486 impl.registerChangeListener(listener); 1487 } 1488 1489 1490 1491 /** {@inheritDoc} */ 1492 public void removeLDAPPassThroughChangeListener( 1493 ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) { 1494 impl.deregisterChangeListener(listener); 1495 } 1496 /** {@inheritDoc} */ 1497 public void addChangeListener( 1498 ConfigurationChangeListener<AuthenticationPolicyCfg> listener) { 1499 impl.registerChangeListener(listener); 1500 } 1501 1502 1503 1504 /** {@inheritDoc} */ 1505 public void removeChangeListener( 1506 ConfigurationChangeListener<AuthenticationPolicyCfg> listener) { 1507 impl.deregisterChangeListener(listener); 1508 } 1509 1510 1511 1512 /** {@inheritDoc} */ 1513 public String getCachedPasswordStorageScheme() { 1514 return pCachedPasswordStorageScheme; 1515 } 1516 1517 1518 1519 /** 1520 * {@inheritDoc} 1521 */ 1522 public DN getCachedPasswordStorageSchemeDN() { 1523 String value = getCachedPasswordStorageScheme(); 1524 if (value == null) return null; 1525 return INSTANCE.getCachedPasswordStorageSchemePropertyDefinition().getChildDN(value); 1526 } 1527 1528 1529 1530 /** {@inheritDoc} */ 1531 public long getCachedPasswordTTL() { 1532 return pCachedPasswordTTL; 1533 } 1534 1535 1536 1537 /** {@inheritDoc} */ 1538 public long getConnectionTimeout() { 1539 return pConnectionTimeout; 1540 } 1541 1542 1543 1544 /** {@inheritDoc} */ 1545 public String getJavaClass() { 1546 return pJavaClass; 1547 } 1548 1549 1550 1551 /** {@inheritDoc} */ 1552 public SortedSet<AttributeType> getMappedAttribute() { 1553 return pMappedAttribute; 1554 } 1555 1556 1557 1558 /** {@inheritDoc} */ 1559 public SortedSet<DN> getMappedSearchBaseDN() { 1560 return pMappedSearchBaseDN; 1561 } 1562 1563 1564 1565 /** {@inheritDoc} */ 1566 public DN getMappedSearchBindDN() { 1567 return pMappedSearchBindDN; 1568 } 1569 1570 1571 1572 /** {@inheritDoc} */ 1573 public String getMappedSearchBindPassword() { 1574 return pMappedSearchBindPassword; 1575 } 1576 1577 1578 1579 /** {@inheritDoc} */ 1580 public String getMappedSearchBindPasswordEnvironmentVariable() { 1581 return pMappedSearchBindPasswordEnvironmentVariable; 1582 } 1583 1584 1585 1586 /** {@inheritDoc} */ 1587 public String getMappedSearchBindPasswordFile() { 1588 return pMappedSearchBindPasswordFile; 1589 } 1590 1591 1592 1593 /** {@inheritDoc} */ 1594 public String getMappedSearchBindPasswordProperty() { 1595 return pMappedSearchBindPasswordProperty; 1596 } 1597 1598 1599 1600 /** {@inheritDoc} */ 1601 public String getMappedSearchFilterTemplate() { 1602 return pMappedSearchFilterTemplate; 1603 } 1604 1605 1606 1607 /** {@inheritDoc} */ 1608 public MappingPolicy getMappingPolicy() { 1609 return pMappingPolicy; 1610 } 1611 1612 1613 1614 /** {@inheritDoc} */ 1615 public SortedSet<String> getPrimaryRemoteLDAPServer() { 1616 return pPrimaryRemoteLDAPServer; 1617 } 1618 1619 1620 1621 /** {@inheritDoc} */ 1622 public SortedSet<String> getSecondaryRemoteLDAPServer() { 1623 return pSecondaryRemoteLDAPServer; 1624 } 1625 1626 1627 1628 /** {@inheritDoc} */ 1629 public InetAddress getSourceAddress() { 1630 return pSourceAddress; 1631 } 1632 1633 1634 1635 /** {@inheritDoc} */ 1636 public SortedSet<String> getSSLCipherSuite() { 1637 return pSSLCipherSuite; 1638 } 1639 1640 1641 1642 /** {@inheritDoc} */ 1643 public SortedSet<String> getSSLProtocol() { 1644 return pSSLProtocol; 1645 } 1646 1647 1648 1649 /** {@inheritDoc} */ 1650 public String getTrustManagerProvider() { 1651 return pTrustManagerProvider; 1652 } 1653 1654 1655 1656 /** 1657 * {@inheritDoc} 1658 */ 1659 public DN getTrustManagerProviderDN() { 1660 String value = getTrustManagerProvider(); 1661 if (value == null) return null; 1662 return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value); 1663 } 1664 1665 1666 1667 /** {@inheritDoc} */ 1668 public boolean isUsePasswordCaching() { 1669 return pUsePasswordCaching; 1670 } 1671 1672 1673 1674 /** {@inheritDoc} */ 1675 public boolean isUseSSL() { 1676 return pUseSSL; 1677 } 1678 1679 1680 1681 /** {@inheritDoc} */ 1682 public boolean isUseTCPKeepAlive() { 1683 return pUseTCPKeepAlive; 1684 } 1685 1686 1687 1688 /** {@inheritDoc} */ 1689 public boolean isUseTCPNoDelay() { 1690 return pUseTCPNoDelay; 1691 } 1692 1693 1694 1695 /** {@inheritDoc} */ 1696 public Class<? extends LDAPPassThroughAuthenticationPolicyCfg> configurationClass() { 1697 return LDAPPassThroughAuthenticationPolicyCfg.class; 1698 } 1699 1700 1701 1702 /** {@inheritDoc} */ 1703 public DN dn() { 1704 return impl.getDN(); 1705 } 1706 1707 1708 1709 /** {@inheritDoc} */ 1710 public String toString() { 1711 return impl.toString(); 1712 } 1713 } 1714}