001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import org.forgerock.opendj.config.AdministratorAction; 021import org.forgerock.opendj.config.AggregationPropertyDefinition; 022import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 023import org.forgerock.opendj.config.BooleanPropertyDefinition; 024import org.forgerock.opendj.config.ClassPropertyDefinition; 025import org.forgerock.opendj.config.client.ConcurrentModificationException; 026import org.forgerock.opendj.config.client.ManagedObject; 027import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 028import org.forgerock.opendj.config.client.OperationRejectedException; 029import org.forgerock.opendj.config.conditions.Conditions; 030import org.forgerock.opendj.config.DefaultBehaviorProvider; 031import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 032import org.forgerock.opendj.config.EnumPropertyDefinition; 033import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 034import org.forgerock.opendj.config.ManagedObjectDefinition; 035import org.forgerock.opendj.config.PropertyOption; 036import org.forgerock.opendj.config.PropertyProvider; 037import org.forgerock.opendj.config.server.ConfigurationChangeListener; 038import org.forgerock.opendj.config.server.ServerManagedObject; 039import org.forgerock.opendj.config.StringPropertyDefinition; 040import org.forgerock.opendj.config.Tag; 041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 042import org.forgerock.opendj.ldap.DN; 043import org.forgerock.opendj.ldap.LdapException; 044import org.forgerock.opendj.server.config.client.DigestMD5SASLMechanismHandlerCfgClient; 045import org.forgerock.opendj.server.config.client.IdentityMapperCfgClient; 046import org.forgerock.opendj.server.config.server.DigestMD5SASLMechanismHandlerCfg; 047import org.forgerock.opendj.server.config.server.IdentityMapperCfg; 048import org.forgerock.opendj.server.config.server.SASLMechanismHandlerCfg; 049 050 051 052/** 053 * An interface for querying the Digest MD5 SASL Mechanism Handler 054 * managed object definition meta information. 055 * <p> 056 * The DIGEST-MD5 SASL mechanism is used to perform all processing 057 * related to SASL DIGEST-MD5 authentication. 058 */ 059public final class DigestMD5SASLMechanismHandlerCfgDefn extends ManagedObjectDefinition<DigestMD5SASLMechanismHandlerCfgClient, DigestMD5SASLMechanismHandlerCfg> { 060 061 /** The singleton configuration definition instance. */ 062 private static final DigestMD5SASLMechanismHandlerCfgDefn INSTANCE = new DigestMD5SASLMechanismHandlerCfgDefn(); 063 064 065 066 /** 067 * Defines the set of permissable values for the "quality-of-protection" property. 068 * <p> 069 * The name of a property that specifies the quality of protection 070 * the server will support. 071 */ 072 public static enum QualityOfProtection { 073 074 /** 075 * Quality of protection equals authentication with integrity and 076 * confidentiality protection. 077 */ 078 CONFIDENTIALITY("confidentiality"), 079 080 081 082 /** 083 * Quality of protection equals authentication with integrity 084 * protection. 085 */ 086 INTEGRITY("integrity"), 087 088 089 090 /** 091 * QOP equals authentication only. 092 */ 093 NONE("none"); 094 095 096 097 /** String representation of the value. */ 098 private final String name; 099 100 101 102 /** Private constructor. */ 103 private QualityOfProtection(String name) { this.name = name; } 104 105 106 107 /** {@inheritDoc} */ 108 public String toString() { return name; } 109 110 } 111 112 113 114 /** The "identity-mapper" property definition. */ 115 private static final AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> PD_IDENTITY_MAPPER; 116 117 118 119 /** The "java-class" property definition. */ 120 private static final ClassPropertyDefinition PD_JAVA_CLASS; 121 122 123 124 /** The "quality-of-protection" property definition. */ 125 private static final EnumPropertyDefinition<QualityOfProtection> PD_QUALITY_OF_PROTECTION; 126 127 128 129 /** The "realm" property definition. */ 130 private static final StringPropertyDefinition PD_REALM; 131 132 133 134 /** The "server-fqdn" property definition. */ 135 private static final StringPropertyDefinition PD_SERVER_FQDN; 136 137 138 139 /** Build the "identity-mapper" property definition. */ 140 static { 141 AggregationPropertyDefinition.Builder<IdentityMapperCfgClient, IdentityMapperCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "identity-mapper"); 142 builder.setOption(PropertyOption.MANDATORY); 143 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "identity-mapper")); 144 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 145 builder.setParentPath("/"); 146 builder.setRelationDefinition("identity-mapper"); 147 builder.setTargetNeedsEnablingCondition(Conditions.contains("enabled", "true")); 148 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 149 PD_IDENTITY_MAPPER = builder.getInstance(); 150 INSTANCE.registerPropertyDefinition(PD_IDENTITY_MAPPER); 151 INSTANCE.registerConstraint(PD_IDENTITY_MAPPER.getSourceConstraint()); 152 } 153 154 155 156 /** Build the "java-class" property definition. */ 157 static { 158 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 159 builder.setOption(PropertyOption.MANDATORY); 160 builder.setOption(PropertyOption.ADVANCED); 161 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 162 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.DigestMD5SASLMechanismHandler"); 163 builder.setDefaultBehaviorProvider(provider); 164 builder.addInstanceOf("org.opends.server.api.SASLMechanismHandler"); 165 PD_JAVA_CLASS = builder.getInstance(); 166 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 167 } 168 169 170 171 /** Build the "quality-of-protection" property definition. */ 172 static { 173 EnumPropertyDefinition.Builder<QualityOfProtection> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "quality-of-protection"); 174 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "quality-of-protection")); 175 DefaultBehaviorProvider<QualityOfProtection> provider = new DefinedDefaultBehaviorProvider<QualityOfProtection>("none"); 176 builder.setDefaultBehaviorProvider(provider); 177 builder.setEnumClass(QualityOfProtection.class); 178 PD_QUALITY_OF_PROTECTION = builder.getInstance(); 179 INSTANCE.registerPropertyDefinition(PD_QUALITY_OF_PROTECTION); 180 } 181 182 183 184 /** Build the "realm" property definition. */ 185 static { 186 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "realm"); 187 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "realm")); 188 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "realm")); 189 builder.setPattern(".*", "STRING"); 190 PD_REALM = builder.getInstance(); 191 INSTANCE.registerPropertyDefinition(PD_REALM); 192 } 193 194 195 196 /** Build the "server-fqdn" property definition. */ 197 static { 198 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "server-fqdn"); 199 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "server-fqdn")); 200 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "server-fqdn")); 201 builder.setPattern(".*", "STRING"); 202 PD_SERVER_FQDN = builder.getInstance(); 203 INSTANCE.registerPropertyDefinition(PD_SERVER_FQDN); 204 } 205 206 207 208 // Register the tags associated with this managed object definition. 209 static { 210 INSTANCE.registerTag(Tag.valueOf("security")); 211 } 212 213 214 215 /** 216 * Get the Digest MD5 SASL Mechanism Handler configuration 217 * definition singleton. 218 * 219 * @return Returns the Digest MD5 SASL Mechanism Handler 220 * configuration definition singleton. 221 */ 222 public static DigestMD5SASLMechanismHandlerCfgDefn getInstance() { 223 return INSTANCE; 224 } 225 226 227 228 /** 229 * Private constructor. 230 */ 231 private DigestMD5SASLMechanismHandlerCfgDefn() { 232 super("digest-md5-sasl-mechanism-handler", SASLMechanismHandlerCfgDefn.getInstance()); 233 } 234 235 236 237 /** {@inheritDoc} */ 238 public DigestMD5SASLMechanismHandlerCfgClient createClientConfiguration( 239 ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl) { 240 return new DigestMD5SASLMechanismHandlerCfgClientImpl(impl); 241 } 242 243 244 245 /** {@inheritDoc} */ 246 public DigestMD5SASLMechanismHandlerCfg createServerConfiguration( 247 ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl) { 248 return new DigestMD5SASLMechanismHandlerCfgServerImpl(impl); 249 } 250 251 252 253 /** {@inheritDoc} */ 254 public Class<DigestMD5SASLMechanismHandlerCfg> getServerConfigurationClass() { 255 return DigestMD5SASLMechanismHandlerCfg.class; 256 } 257 258 259 260 /** 261 * Get the "enabled" property definition. 262 * <p> 263 * Indicates whether the SASL mechanism handler is enabled for use. 264 * 265 * @return Returns the "enabled" property definition. 266 */ 267 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 268 return SASLMechanismHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 269 } 270 271 272 273 /** 274 * Get the "identity-mapper" property definition. 275 * <p> 276 * Specifies the name of the identity mapper that is to be used with 277 * this SASL mechanism handler to match the authentication or 278 * authorization ID included in the SASL bind request to the 279 * corresponding user in the directory. 280 * 281 * @return Returns the "identity-mapper" property definition. 282 */ 283 public AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> getIdentityMapperPropertyDefinition() { 284 return PD_IDENTITY_MAPPER; 285 } 286 287 288 289 /** 290 * Get the "java-class" property definition. 291 * <p> 292 * Specifies the fully-qualified name of the Java class that 293 * provides the SASL mechanism handler implementation. 294 * 295 * @return Returns the "java-class" property definition. 296 */ 297 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 298 return PD_JAVA_CLASS; 299 } 300 301 302 303 /** 304 * Get the "quality-of-protection" property definition. 305 * <p> 306 * The name of a property that specifies the quality of protection 307 * the server will support. 308 * 309 * @return Returns the "quality-of-protection" property definition. 310 */ 311 public EnumPropertyDefinition<QualityOfProtection> getQualityOfProtectionPropertyDefinition() { 312 return PD_QUALITY_OF_PROTECTION; 313 } 314 315 316 317 /** 318 * Get the "realm" property definition. 319 * <p> 320 * Specifies the realms that is to be used by the server for 321 * DIGEST-MD5 authentication. 322 * <p> 323 * If this value is not provided, then the server defaults to use 324 * the fully qualified hostname of the machine. 325 * 326 * @return Returns the "realm" property definition. 327 */ 328 public StringPropertyDefinition getRealmPropertyDefinition() { 329 return PD_REALM; 330 } 331 332 333 334 /** 335 * Get the "server-fqdn" property definition. 336 * <p> 337 * Specifies the DNS-resolvable fully-qualified domain name for the 338 * server that is used when validating the digest-uri parameter 339 * during the authentication process. 340 * <p> 341 * If this configuration attribute is present, then the server 342 * expects that clients use a digest-uri equal to "ldap/" followed by 343 * the value of this attribute. For example, if the attribute has a 344 * value of "directory.example.com", then the server expects clients 345 * to use a digest-uri of "ldap/directory.example.com". If no value 346 * is provided, then the server does not attempt to validate the 347 * digest-uri provided by the client and accepts any value. 348 * 349 * @return Returns the "server-fqdn" property definition. 350 */ 351 public StringPropertyDefinition getServerFqdnPropertyDefinition() { 352 return PD_SERVER_FQDN; 353 } 354 355 356 357 /** 358 * Managed object client implementation. 359 */ 360 private static class DigestMD5SASLMechanismHandlerCfgClientImpl implements 361 DigestMD5SASLMechanismHandlerCfgClient { 362 363 /** Private implementation. */ 364 private ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl; 365 366 367 368 /** Private constructor. */ 369 private DigestMD5SASLMechanismHandlerCfgClientImpl( 370 ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl) { 371 this.impl = impl; 372 } 373 374 375 376 /** {@inheritDoc} */ 377 public Boolean isEnabled() { 378 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 379 } 380 381 382 383 /** {@inheritDoc} */ 384 public void setEnabled(boolean value) { 385 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 386 } 387 388 389 390 /** {@inheritDoc} */ 391 public String getIdentityMapper() { 392 return impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition()); 393 } 394 395 396 397 /** {@inheritDoc} */ 398 public void setIdentityMapper(String value) { 399 impl.setPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition(), value); 400 } 401 402 403 404 /** {@inheritDoc} */ 405 public String getJavaClass() { 406 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 407 } 408 409 410 411 /** {@inheritDoc} */ 412 public void setJavaClass(String value) { 413 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 414 } 415 416 417 418 /** {@inheritDoc} */ 419 public QualityOfProtection getQualityOfProtection() { 420 return impl.getPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition()); 421 } 422 423 424 425 /** {@inheritDoc} */ 426 public void setQualityOfProtection(QualityOfProtection value) { 427 impl.setPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition(), value); 428 } 429 430 431 432 /** {@inheritDoc} */ 433 public String getRealm() { 434 return impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition()); 435 } 436 437 438 439 /** {@inheritDoc} */ 440 public void setRealm(String value) { 441 impl.setPropertyValue(INSTANCE.getRealmPropertyDefinition(), value); 442 } 443 444 445 446 /** {@inheritDoc} */ 447 public String getServerFqdn() { 448 return impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition()); 449 } 450 451 452 453 /** {@inheritDoc} */ 454 public void setServerFqdn(String value) { 455 impl.setPropertyValue(INSTANCE.getServerFqdnPropertyDefinition(), value); 456 } 457 458 459 460 /** {@inheritDoc} */ 461 public ManagedObjectDefinition<? extends DigestMD5SASLMechanismHandlerCfgClient, ? extends DigestMD5SASLMechanismHandlerCfg> definition() { 462 return INSTANCE; 463 } 464 465 466 467 /** {@inheritDoc} */ 468 public PropertyProvider properties() { 469 return impl; 470 } 471 472 473 474 /** {@inheritDoc} */ 475 public void commit() throws ManagedObjectAlreadyExistsException, 476 MissingMandatoryPropertiesException, ConcurrentModificationException, 477 OperationRejectedException, LdapException { 478 impl.commit(); 479 } 480 481 482 483 /** {@inheritDoc} */ 484 public String toString() { 485 return impl.toString(); 486 } 487 } 488 489 490 491 /** 492 * Managed object server implementation. 493 */ 494 private static class DigestMD5SASLMechanismHandlerCfgServerImpl implements 495 DigestMD5SASLMechanismHandlerCfg { 496 497 /** Private implementation. */ 498 private ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl; 499 500 /** The value of the "enabled" property. */ 501 private final boolean pEnabled; 502 503 /** The value of the "identity-mapper" property. */ 504 private final String pIdentityMapper; 505 506 /** The value of the "java-class" property. */ 507 private final String pJavaClass; 508 509 /** The value of the "quality-of-protection" property. */ 510 private final QualityOfProtection pQualityOfProtection; 511 512 /** The value of the "realm" property. */ 513 private final String pRealm; 514 515 /** The value of the "server-fqdn" property. */ 516 private final String pServerFqdn; 517 518 519 520 /** Private constructor. */ 521 private DigestMD5SASLMechanismHandlerCfgServerImpl(ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl) { 522 this.impl = impl; 523 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 524 this.pIdentityMapper = impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition()); 525 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 526 this.pQualityOfProtection = impl.getPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition()); 527 this.pRealm = impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition()); 528 this.pServerFqdn = impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition()); 529 } 530 531 532 533 /** {@inheritDoc} */ 534 public void addDigestMD5ChangeListener( 535 ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener) { 536 impl.registerChangeListener(listener); 537 } 538 539 540 541 /** {@inheritDoc} */ 542 public void removeDigestMD5ChangeListener( 543 ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener) { 544 impl.deregisterChangeListener(listener); 545 } 546 /** {@inheritDoc} */ 547 public void addChangeListener( 548 ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) { 549 impl.registerChangeListener(listener); 550 } 551 552 553 554 /** {@inheritDoc} */ 555 public void removeChangeListener( 556 ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) { 557 impl.deregisterChangeListener(listener); 558 } 559 560 561 562 /** {@inheritDoc} */ 563 public boolean isEnabled() { 564 return pEnabled; 565 } 566 567 568 569 /** {@inheritDoc} */ 570 public String getIdentityMapper() { 571 return pIdentityMapper; 572 } 573 574 575 576 /** 577 * {@inheritDoc} 578 */ 579 public DN getIdentityMapperDN() { 580 String value = getIdentityMapper(); 581 if (value == null) return null; 582 return INSTANCE.getIdentityMapperPropertyDefinition().getChildDN(value); 583 } 584 585 586 587 /** {@inheritDoc} */ 588 public String getJavaClass() { 589 return pJavaClass; 590 } 591 592 593 594 /** {@inheritDoc} */ 595 public QualityOfProtection getQualityOfProtection() { 596 return pQualityOfProtection; 597 } 598 599 600 601 /** {@inheritDoc} */ 602 public String getRealm() { 603 return pRealm; 604 } 605 606 607 608 /** {@inheritDoc} */ 609 public String getServerFqdn() { 610 return pServerFqdn; 611 } 612 613 614 615 /** {@inheritDoc} */ 616 public Class<? extends DigestMD5SASLMechanismHandlerCfg> configurationClass() { 617 return DigestMD5SASLMechanismHandlerCfg.class; 618 } 619 620 621 622 /** {@inheritDoc} */ 623 public DN dn() { 624 return impl.getDN(); 625 } 626 627 628 629 /** {@inheritDoc} */ 630 public String toString() { 631 return impl.toString(); 632 } 633 } 634}