001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2015-2016 ForgeRock AS.
016 */
017package org.opends.server.extensions;
018
019
020
021/**
022 * This class implements an enumeration that may be used to indicate if/how a
023 * client's certificate should be validated against the corresponding user entry
024 * in the Directory Server.
025 */
026public enum CertificateValidationPolicy
027{
028  /**
029   * Indicates that the server should always attempt to validate the client
030   * certificate against the version in the corresponding user's entry.  If no
031   * certificates exist in the user's entry, then the validation will fail.
032   */
033  ALWAYS("always"),
034
035
036
037  /**
038   * Indicates that the server should not attempt to validate the client
039   * certificate against the version in the corresponding user's entry.
040   */
041  NEVER("never"),
042
043
044
045  /**
046   * Indicates that the server should attempt to validate the client certificate
047   * against the version in the corresponding user's entry if there are any
048   * certificates in that user's entry.  If the user's entry does not contain
049   * any certificates, then no validation will be attempted.
050   */
051  IFPRESENT("ifpresent");
052
053
054
055  /** The human-readable name for this policy. */
056  private String policyName;
057
058
059
060  /**
061   * Creates a new certificate validation policy with the provided name.
062   *
063   * @param  policyName  The human-readable name for this policy.
064   */
065  private CertificateValidationPolicy(String policyName)
066  {
067    this.policyName = policyName;
068  }
069
070
071
072  /**
073   * Retrieves the certificate validation policy for the specified name.
074   *
075   * @param  policyName  The name of the policy to retrieve.
076   *
077   * @return  The requested certificate validation policy, or <CODE>null</CODE>
078   *          if the provided value is not the name of a valid policy.
079   */
080  public static CertificateValidationPolicy policyForName(String policyName)
081  {
082    String lowerName = policyName.toLowerCase();
083    if (lowerName.equals("always"))
084    {
085      return CertificateValidationPolicy.ALWAYS;
086    }
087    else if (lowerName.equals("never"))
088    {
089      return CertificateValidationPolicy.NEVER;
090    }
091    else if (lowerName.equals("ifpresent"))
092    {
093      return CertificateValidationPolicy.IFPRESENT;
094    }
095    else
096    {
097      return null;
098    }
099  }
100
101
102
103  /**
104   * Retrieves the human-readable name for this certificate validation policy.
105   *
106   * @return  The human-readable name for this certificate validation policy.
107   */
108  @Override
109  public String toString()
110  {
111    return policyName;
112  }
113}
114