001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import org.forgerock.opendj.config.AdministratorAction; 021import org.forgerock.opendj.config.BooleanPropertyDefinition; 022import org.forgerock.opendj.config.ClassPropertyDefinition; 023import org.forgerock.opendj.config.client.ConcurrentModificationException; 024import org.forgerock.opendj.config.client.ManagedObject; 025import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 026import org.forgerock.opendj.config.client.OperationRejectedException; 027import org.forgerock.opendj.config.DefaultBehaviorProvider; 028import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 029import org.forgerock.opendj.config.IntegerPropertyDefinition; 030import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 031import org.forgerock.opendj.config.ManagedObjectDefinition; 032import org.forgerock.opendj.config.PropertyOption; 033import org.forgerock.opendj.config.PropertyProvider; 034import org.forgerock.opendj.config.server.ConfigurationChangeListener; 035import org.forgerock.opendj.config.server.ServerManagedObject; 036import org.forgerock.opendj.config.Tag; 037import org.forgerock.opendj.ldap.DN; 038import org.forgerock.opendj.ldap.LdapException; 039import org.forgerock.opendj.server.config.client.PBKDF2PasswordStorageSchemeCfgClient; 040import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 041import org.forgerock.opendj.server.config.server.PBKDF2PasswordStorageSchemeCfg; 042 043 044 045/** 046 * An interface for querying the PBKDF2 Password Storage Scheme 047 * managed object definition meta information. 048 * <p> 049 * The PBKDF2 Password Storage Scheme provides a mechanism for 050 * encoding user passwords using the PBKDF2 message digest algorithm. 051 */ 052public final class PBKDF2PasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<PBKDF2PasswordStorageSchemeCfgClient, PBKDF2PasswordStorageSchemeCfg> { 053 054 /** The singleton configuration definition instance. */ 055 private static final PBKDF2PasswordStorageSchemeCfgDefn INSTANCE = new PBKDF2PasswordStorageSchemeCfgDefn(); 056 057 058 059 /** The "java-class" property definition. */ 060 private static final ClassPropertyDefinition PD_JAVA_CLASS; 061 062 063 064 /** The "pbkdf2-iterations" property definition. */ 065 private static final IntegerPropertyDefinition PD_PBKDF2_ITERATIONS; 066 067 068 069 /** Build the "java-class" property definition. */ 070 static { 071 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 072 builder.setOption(PropertyOption.MANDATORY); 073 builder.setOption(PropertyOption.ADVANCED); 074 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 075 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.PBKDF2PasswordStorageScheme"); 076 builder.setDefaultBehaviorProvider(provider); 077 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 078 PD_JAVA_CLASS = builder.getInstance(); 079 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 080 } 081 082 083 084 /** Build the "pbkdf2-iterations" property definition. */ 085 static { 086 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "pbkdf2-iterations"); 087 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "pbkdf2-iterations")); 088 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("10000"); 089 builder.setDefaultBehaviorProvider(provider); 090 builder.setLowerLimit(1); 091 PD_PBKDF2_ITERATIONS = builder.getInstance(); 092 INSTANCE.registerPropertyDefinition(PD_PBKDF2_ITERATIONS); 093 } 094 095 096 097 // Register the tags associated with this managed object definition. 098 static { 099 INSTANCE.registerTag(Tag.valueOf("user-management")); 100 } 101 102 103 104 /** 105 * Get the PBKDF2 Password Storage Scheme configuration definition 106 * singleton. 107 * 108 * @return Returns the PBKDF2 Password Storage Scheme configuration 109 * definition singleton. 110 */ 111 public static PBKDF2PasswordStorageSchemeCfgDefn getInstance() { 112 return INSTANCE; 113 } 114 115 116 117 /** 118 * Private constructor. 119 */ 120 private PBKDF2PasswordStorageSchemeCfgDefn() { 121 super("pbkdf2-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 122 } 123 124 125 126 /** {@inheritDoc} */ 127 public PBKDF2PasswordStorageSchemeCfgClient createClientConfiguration( 128 ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl) { 129 return new PBKDF2PasswordStorageSchemeCfgClientImpl(impl); 130 } 131 132 133 134 /** {@inheritDoc} */ 135 public PBKDF2PasswordStorageSchemeCfg createServerConfiguration( 136 ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl) { 137 return new PBKDF2PasswordStorageSchemeCfgServerImpl(impl); 138 } 139 140 141 142 /** {@inheritDoc} */ 143 public Class<PBKDF2PasswordStorageSchemeCfg> getServerConfigurationClass() { 144 return PBKDF2PasswordStorageSchemeCfg.class; 145 } 146 147 148 149 /** 150 * Get the "enabled" property definition. 151 * <p> 152 * Indicates whether the PBKDF2 Password Storage Scheme is enabled 153 * for use. 154 * 155 * @return Returns the "enabled" property definition. 156 */ 157 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 158 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 159 } 160 161 162 163 /** 164 * Get the "java-class" property definition. 165 * <p> 166 * Specifies the fully-qualified name of the Java class that 167 * provides the PBKDF2 Password Storage Scheme implementation. 168 * 169 * @return Returns the "java-class" property definition. 170 */ 171 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 172 return PD_JAVA_CLASS; 173 } 174 175 176 177 /** 178 * Get the "pbkdf2-iterations" property definition. 179 * <p> 180 * The number of algorithm iterations to make. NIST recommends at 181 * least 1000. 182 * 183 * @return Returns the "pbkdf2-iterations" property definition. 184 */ 185 public IntegerPropertyDefinition getPBKDF2IterationsPropertyDefinition() { 186 return PD_PBKDF2_ITERATIONS; 187 } 188 189 190 191 /** 192 * Managed object client implementation. 193 */ 194 private static class PBKDF2PasswordStorageSchemeCfgClientImpl implements 195 PBKDF2PasswordStorageSchemeCfgClient { 196 197 /** Private implementation. */ 198 private ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl; 199 200 201 202 /** Private constructor. */ 203 private PBKDF2PasswordStorageSchemeCfgClientImpl( 204 ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl) { 205 this.impl = impl; 206 } 207 208 209 210 /** {@inheritDoc} */ 211 public Boolean isEnabled() { 212 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 213 } 214 215 216 217 /** {@inheritDoc} */ 218 public void setEnabled(boolean value) { 219 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 220 } 221 222 223 224 /** {@inheritDoc} */ 225 public String getJavaClass() { 226 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 227 } 228 229 230 231 /** {@inheritDoc} */ 232 public void setJavaClass(String value) { 233 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 234 } 235 236 237 238 /** {@inheritDoc} */ 239 public int getPBKDF2Iterations() { 240 return impl.getPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition()); 241 } 242 243 244 245 /** {@inheritDoc} */ 246 public void setPBKDF2Iterations(Integer value) { 247 impl.setPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition(), value); 248 } 249 250 251 252 /** {@inheritDoc} */ 253 public ManagedObjectDefinition<? extends PBKDF2PasswordStorageSchemeCfgClient, ? extends PBKDF2PasswordStorageSchemeCfg> definition() { 254 return INSTANCE; 255 } 256 257 258 259 /** {@inheritDoc} */ 260 public PropertyProvider properties() { 261 return impl; 262 } 263 264 265 266 /** {@inheritDoc} */ 267 public void commit() throws ManagedObjectAlreadyExistsException, 268 MissingMandatoryPropertiesException, ConcurrentModificationException, 269 OperationRejectedException, LdapException { 270 impl.commit(); 271 } 272 273 274 275 /** {@inheritDoc} */ 276 public String toString() { 277 return impl.toString(); 278 } 279 } 280 281 282 283 /** 284 * Managed object server implementation. 285 */ 286 private static class PBKDF2PasswordStorageSchemeCfgServerImpl implements 287 PBKDF2PasswordStorageSchemeCfg { 288 289 /** Private implementation. */ 290 private ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl; 291 292 /** The value of the "enabled" property. */ 293 private final boolean pEnabled; 294 295 /** The value of the "java-class" property. */ 296 private final String pJavaClass; 297 298 /** The value of the "pbkdf2-iterations" property. */ 299 private final int pPBKDF2Iterations; 300 301 302 303 /** Private constructor. */ 304 private PBKDF2PasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl) { 305 this.impl = impl; 306 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 307 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 308 this.pPBKDF2Iterations = impl.getPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition()); 309 } 310 311 312 313 /** {@inheritDoc} */ 314 public void addPBKDF2ChangeListener( 315 ConfigurationChangeListener<PBKDF2PasswordStorageSchemeCfg> listener) { 316 impl.registerChangeListener(listener); 317 } 318 319 320 321 /** {@inheritDoc} */ 322 public void removePBKDF2ChangeListener( 323 ConfigurationChangeListener<PBKDF2PasswordStorageSchemeCfg> listener) { 324 impl.deregisterChangeListener(listener); 325 } 326 /** {@inheritDoc} */ 327 public void addChangeListener( 328 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 329 impl.registerChangeListener(listener); 330 } 331 332 333 334 /** {@inheritDoc} */ 335 public void removeChangeListener( 336 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 337 impl.deregisterChangeListener(listener); 338 } 339 340 341 342 /** {@inheritDoc} */ 343 public boolean isEnabled() { 344 return pEnabled; 345 } 346 347 348 349 /** {@inheritDoc} */ 350 public String getJavaClass() { 351 return pJavaClass; 352 } 353 354 355 356 /** {@inheritDoc} */ 357 public int getPBKDF2Iterations() { 358 return pPBKDF2Iterations; 359 } 360 361 362 363 /** {@inheritDoc} */ 364 public Class<? extends PBKDF2PasswordStorageSchemeCfg> configurationClass() { 365 return PBKDF2PasswordStorageSchemeCfg.class; 366 } 367 368 369 370 /** {@inheritDoc} */ 371 public DN dn() { 372 return impl.getDN(); 373 } 374 375 376 377 /** {@inheritDoc} */ 378 public String toString() { 379 return impl.toString(); 380 } 381 } 382}