001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import java.util.Collection; 021import java.util.SortedSet; 022import org.forgerock.opendj.config.AdministratorAction; 023import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 024import org.forgerock.opendj.config.AttributeTypePropertyDefinition; 025import org.forgerock.opendj.config.BooleanPropertyDefinition; 026import org.forgerock.opendj.config.ClassPropertyDefinition; 027import org.forgerock.opendj.config.client.ConcurrentModificationException; 028import org.forgerock.opendj.config.client.ManagedObject; 029import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 030import org.forgerock.opendj.config.client.OperationRejectedException; 031import org.forgerock.opendj.config.DefaultBehaviorProvider; 032import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 033import org.forgerock.opendj.config.IntegerPropertyDefinition; 034import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 035import org.forgerock.opendj.config.ManagedObjectDefinition; 036import org.forgerock.opendj.config.PropertyOption; 037import org.forgerock.opendj.config.PropertyProvider; 038import org.forgerock.opendj.config.server.ConfigurationChangeListener; 039import org.forgerock.opendj.config.server.ServerManagedObject; 040import org.forgerock.opendj.config.Tag; 041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 042import org.forgerock.opendj.ldap.DN; 043import org.forgerock.opendj.ldap.LdapException; 044import org.forgerock.opendj.ldap.schema.AttributeType; 045import org.forgerock.opendj.server.config.client.AttributeValuePasswordValidatorCfgClient; 046import org.forgerock.opendj.server.config.server.AttributeValuePasswordValidatorCfg; 047import org.forgerock.opendj.server.config.server.PasswordValidatorCfg; 048 049 050 051/** 052 * An interface for querying the Attribute Value Password Validator 053 * managed object definition meta information. 054 * <p> 055 * The Attribute Value Password Validator attempts to determine 056 * whether a proposed password is acceptable for use by determining 057 * whether that password is contained in any attribute within the 058 * user's entry. 059 */ 060public final class AttributeValuePasswordValidatorCfgDefn extends ManagedObjectDefinition<AttributeValuePasswordValidatorCfgClient, AttributeValuePasswordValidatorCfg> { 061 062 /** The singleton configuration definition instance. */ 063 private static final AttributeValuePasswordValidatorCfgDefn INSTANCE = new AttributeValuePasswordValidatorCfgDefn(); 064 065 066 067 /** The "check-substrings" property definition. */ 068 private static final BooleanPropertyDefinition PD_CHECK_SUBSTRINGS; 069 070 071 072 /** The "java-class" property definition. */ 073 private static final ClassPropertyDefinition PD_JAVA_CLASS; 074 075 076 077 /** The "match-attribute" property definition. */ 078 private static final AttributeTypePropertyDefinition PD_MATCH_ATTRIBUTE; 079 080 081 082 /** The "min-substring-length" property definition. */ 083 private static final IntegerPropertyDefinition PD_MIN_SUBSTRING_LENGTH; 084 085 086 087 /** The "test-reversed-password" property definition. */ 088 private static final BooleanPropertyDefinition PD_TEST_REVERSED_PASSWORD; 089 090 091 092 /** Build the "check-substrings" property definition. */ 093 static { 094 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "check-substrings"); 095 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "check-substrings")); 096 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 097 builder.setDefaultBehaviorProvider(provider); 098 PD_CHECK_SUBSTRINGS = builder.getInstance(); 099 INSTANCE.registerPropertyDefinition(PD_CHECK_SUBSTRINGS); 100 } 101 102 103 104 /** Build the "java-class" property definition. */ 105 static { 106 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 107 builder.setOption(PropertyOption.MANDATORY); 108 builder.setOption(PropertyOption.ADVANCED); 109 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 110 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.AttributeValuePasswordValidator"); 111 builder.setDefaultBehaviorProvider(provider); 112 builder.addInstanceOf("org.opends.server.api.PasswordValidator"); 113 PD_JAVA_CLASS = builder.getInstance(); 114 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 115 } 116 117 118 119 /** Build the "match-attribute" property definition. */ 120 static { 121 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "match-attribute"); 122 builder.setOption(PropertyOption.MULTI_VALUED); 123 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "match-attribute")); 124 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<AttributeType>(INSTANCE, "match-attribute")); 125 PD_MATCH_ATTRIBUTE = builder.getInstance(); 126 INSTANCE.registerPropertyDefinition(PD_MATCH_ATTRIBUTE); 127 } 128 129 130 131 /** Build the "min-substring-length" property definition. */ 132 static { 133 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "min-substring-length"); 134 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-substring-length")); 135 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("5"); 136 builder.setDefaultBehaviorProvider(provider); 137 PD_MIN_SUBSTRING_LENGTH = builder.getInstance(); 138 INSTANCE.registerPropertyDefinition(PD_MIN_SUBSTRING_LENGTH); 139 } 140 141 142 143 /** Build the "test-reversed-password" property definition. */ 144 static { 145 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "test-reversed-password"); 146 builder.setOption(PropertyOption.MANDATORY); 147 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "test-reversed-password")); 148 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Boolean>()); 149 PD_TEST_REVERSED_PASSWORD = builder.getInstance(); 150 INSTANCE.registerPropertyDefinition(PD_TEST_REVERSED_PASSWORD); 151 } 152 153 154 155 // Register the tags associated with this managed object definition. 156 static { 157 INSTANCE.registerTag(Tag.valueOf("user-management")); 158 } 159 160 161 162 /** 163 * Get the Attribute Value Password Validator configuration 164 * definition singleton. 165 * 166 * @return Returns the Attribute Value Password Validator 167 * configuration definition singleton. 168 */ 169 public static AttributeValuePasswordValidatorCfgDefn getInstance() { 170 return INSTANCE; 171 } 172 173 174 175 /** 176 * Private constructor. 177 */ 178 private AttributeValuePasswordValidatorCfgDefn() { 179 super("attribute-value-password-validator", PasswordValidatorCfgDefn.getInstance()); 180 } 181 182 183 184 /** {@inheritDoc} */ 185 public AttributeValuePasswordValidatorCfgClient createClientConfiguration( 186 ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl) { 187 return new AttributeValuePasswordValidatorCfgClientImpl(impl); 188 } 189 190 191 192 /** {@inheritDoc} */ 193 public AttributeValuePasswordValidatorCfg createServerConfiguration( 194 ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl) { 195 return new AttributeValuePasswordValidatorCfgServerImpl(impl); 196 } 197 198 199 200 /** {@inheritDoc} */ 201 public Class<AttributeValuePasswordValidatorCfg> getServerConfigurationClass() { 202 return AttributeValuePasswordValidatorCfg.class; 203 } 204 205 206 207 /** 208 * Get the "check-substrings" property definition. 209 * <p> 210 * Indicates whether this password validator is to match portions of 211 * the password string against attribute values. 212 * <p> 213 * If "false" then only match the entire password against attribute 214 * values otherwise ("true") check whether the password contains 215 * attribute values. 216 * 217 * @return Returns the "check-substrings" property definition. 218 */ 219 public BooleanPropertyDefinition getCheckSubstringsPropertyDefinition() { 220 return PD_CHECK_SUBSTRINGS; 221 } 222 223 224 225 /** 226 * Get the "enabled" property definition. 227 * <p> 228 * Indicates whether the password validator is enabled for use. 229 * 230 * @return Returns the "enabled" property definition. 231 */ 232 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 233 return PasswordValidatorCfgDefn.getInstance().getEnabledPropertyDefinition(); 234 } 235 236 237 238 /** 239 * Get the "java-class" property definition. 240 * <p> 241 * Specifies the fully-qualified name of the Java class that 242 * provides the password validator implementation. 243 * 244 * @return Returns the "java-class" property definition. 245 */ 246 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 247 return PD_JAVA_CLASS; 248 } 249 250 251 252 /** 253 * Get the "match-attribute" property definition. 254 * <p> 255 * Specifies the name(s) of the attribute(s) whose values should be 256 * checked to determine whether they match the provided password. If 257 * no values are provided, then the server checks if the proposed 258 * password matches the value of any attribute in the user's entry. 259 * 260 * @return Returns the "match-attribute" property definition. 261 */ 262 public AttributeTypePropertyDefinition getMatchAttributePropertyDefinition() { 263 return PD_MATCH_ATTRIBUTE; 264 } 265 266 267 268 /** 269 * Get the "min-substring-length" property definition. 270 * <p> 271 * Indicates the minimal length of the substring within the password 272 * in case substring checking is enabled. 273 * <p> 274 * If "check-substrings" option is set to true, then this parameter 275 * defines the length of the smallest word which should be used for 276 * substring matching. Use with caution because values below 3 might 277 * disqualify valid passwords. 278 * 279 * @return Returns the "min-substring-length" property definition. 280 */ 281 public IntegerPropertyDefinition getMinSubstringLengthPropertyDefinition() { 282 return PD_MIN_SUBSTRING_LENGTH; 283 } 284 285 286 287 /** 288 * Get the "test-reversed-password" property definition. 289 * <p> 290 * Indicates whether this password validator should test the 291 * reversed value of the provided password as well as the order in 292 * which it was given. 293 * 294 * @return Returns the "test-reversed-password" property definition. 295 */ 296 public BooleanPropertyDefinition getTestReversedPasswordPropertyDefinition() { 297 return PD_TEST_REVERSED_PASSWORD; 298 } 299 300 301 302 /** 303 * Managed object client implementation. 304 */ 305 private static class AttributeValuePasswordValidatorCfgClientImpl implements 306 AttributeValuePasswordValidatorCfgClient { 307 308 /** Private implementation. */ 309 private ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl; 310 311 312 313 /** Private constructor. */ 314 private AttributeValuePasswordValidatorCfgClientImpl( 315 ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl) { 316 this.impl = impl; 317 } 318 319 320 321 /** {@inheritDoc} */ 322 public boolean isCheckSubstrings() { 323 return impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition()); 324 } 325 326 327 328 /** {@inheritDoc} */ 329 public void setCheckSubstrings(Boolean value) { 330 impl.setPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition(), value); 331 } 332 333 334 335 /** {@inheritDoc} */ 336 public Boolean isEnabled() { 337 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 338 } 339 340 341 342 /** {@inheritDoc} */ 343 public void setEnabled(boolean value) { 344 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 345 } 346 347 348 349 /** {@inheritDoc} */ 350 public String getJavaClass() { 351 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 352 } 353 354 355 356 /** {@inheritDoc} */ 357 public void setJavaClass(String value) { 358 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 359 } 360 361 362 363 /** {@inheritDoc} */ 364 public SortedSet<AttributeType> getMatchAttribute() { 365 return impl.getPropertyValues(INSTANCE.getMatchAttributePropertyDefinition()); 366 } 367 368 369 370 /** {@inheritDoc} */ 371 public void setMatchAttribute(Collection<AttributeType> values) { 372 impl.setPropertyValues(INSTANCE.getMatchAttributePropertyDefinition(), values); 373 } 374 375 376 377 /** {@inheritDoc} */ 378 public int getMinSubstringLength() { 379 return impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition()); 380 } 381 382 383 384 /** {@inheritDoc} */ 385 public void setMinSubstringLength(Integer value) { 386 impl.setPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition(), value); 387 } 388 389 390 391 /** {@inheritDoc} */ 392 public Boolean isTestReversedPassword() { 393 return impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition()); 394 } 395 396 397 398 /** {@inheritDoc} */ 399 public void setTestReversedPassword(boolean value) { 400 impl.setPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition(), value); 401 } 402 403 404 405 /** {@inheritDoc} */ 406 public ManagedObjectDefinition<? extends AttributeValuePasswordValidatorCfgClient, ? extends AttributeValuePasswordValidatorCfg> definition() { 407 return INSTANCE; 408 } 409 410 411 412 /** {@inheritDoc} */ 413 public PropertyProvider properties() { 414 return impl; 415 } 416 417 418 419 /** {@inheritDoc} */ 420 public void commit() throws ManagedObjectAlreadyExistsException, 421 MissingMandatoryPropertiesException, ConcurrentModificationException, 422 OperationRejectedException, LdapException { 423 impl.commit(); 424 } 425 426 427 428 /** {@inheritDoc} */ 429 public String toString() { 430 return impl.toString(); 431 } 432 } 433 434 435 436 /** 437 * Managed object server implementation. 438 */ 439 private static class AttributeValuePasswordValidatorCfgServerImpl implements 440 AttributeValuePasswordValidatorCfg { 441 442 /** Private implementation. */ 443 private ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl; 444 445 /** The value of the "check-substrings" property. */ 446 private final boolean pCheckSubstrings; 447 448 /** The value of the "enabled" property. */ 449 private final boolean pEnabled; 450 451 /** The value of the "java-class" property. */ 452 private final String pJavaClass; 453 454 /** The value of the "match-attribute" property. */ 455 private final SortedSet<AttributeType> pMatchAttribute; 456 457 /** The value of the "min-substring-length" property. */ 458 private final int pMinSubstringLength; 459 460 /** The value of the "test-reversed-password" property. */ 461 private final boolean pTestReversedPassword; 462 463 464 465 /** Private constructor. */ 466 private AttributeValuePasswordValidatorCfgServerImpl(ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl) { 467 this.impl = impl; 468 this.pCheckSubstrings = impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition()); 469 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 470 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 471 this.pMatchAttribute = impl.getPropertyValues(INSTANCE.getMatchAttributePropertyDefinition()); 472 this.pMinSubstringLength = impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition()); 473 this.pTestReversedPassword = impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition()); 474 } 475 476 477 478 /** {@inheritDoc} */ 479 public void addAttributeValueChangeListener( 480 ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener) { 481 impl.registerChangeListener(listener); 482 } 483 484 485 486 /** {@inheritDoc} */ 487 public void removeAttributeValueChangeListener( 488 ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener) { 489 impl.deregisterChangeListener(listener); 490 } 491 /** {@inheritDoc} */ 492 public void addChangeListener( 493 ConfigurationChangeListener<PasswordValidatorCfg> listener) { 494 impl.registerChangeListener(listener); 495 } 496 497 498 499 /** {@inheritDoc} */ 500 public void removeChangeListener( 501 ConfigurationChangeListener<PasswordValidatorCfg> listener) { 502 impl.deregisterChangeListener(listener); 503 } 504 505 506 507 /** {@inheritDoc} */ 508 public boolean isCheckSubstrings() { 509 return pCheckSubstrings; 510 } 511 512 513 514 /** {@inheritDoc} */ 515 public boolean isEnabled() { 516 return pEnabled; 517 } 518 519 520 521 /** {@inheritDoc} */ 522 public String getJavaClass() { 523 return pJavaClass; 524 } 525 526 527 528 /** {@inheritDoc} */ 529 public SortedSet<AttributeType> getMatchAttribute() { 530 return pMatchAttribute; 531 } 532 533 534 535 /** {@inheritDoc} */ 536 public int getMinSubstringLength() { 537 return pMinSubstringLength; 538 } 539 540 541 542 /** {@inheritDoc} */ 543 public boolean isTestReversedPassword() { 544 return pTestReversedPassword; 545 } 546 547 548 549 /** {@inheritDoc} */ 550 public Class<? extends AttributeValuePasswordValidatorCfg> configurationClass() { 551 return AttributeValuePasswordValidatorCfg.class; 552 } 553 554 555 556 /** {@inheritDoc} */ 557 public DN dn() { 558 return impl.getDN(); 559 } 560 561 562 563 /** {@inheritDoc} */ 564 public String toString() { 565 return impl.toString(); 566 } 567 } 568}