001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import java.util.Collection; 021import java.util.SortedSet; 022import org.forgerock.opendj.config.ACIPropertyDefinition; 023import org.forgerock.opendj.config.AdministratorAction; 024import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 025import org.forgerock.opendj.config.BooleanPropertyDefinition; 026import org.forgerock.opendj.config.ClassPropertyDefinition; 027import org.forgerock.opendj.config.client.ConcurrentModificationException; 028import org.forgerock.opendj.config.client.ManagedObject; 029import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 030import org.forgerock.opendj.config.client.OperationRejectedException; 031import org.forgerock.opendj.config.DefaultBehaviorProvider; 032import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 033import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 034import org.forgerock.opendj.config.ManagedObjectDefinition; 035import org.forgerock.opendj.config.PropertyOption; 036import org.forgerock.opendj.config.PropertyProvider; 037import org.forgerock.opendj.config.server.ConfigurationChangeListener; 038import org.forgerock.opendj.config.server.ServerManagedObject; 039import org.forgerock.opendj.config.Tag; 040import org.forgerock.opendj.ldap.DN; 041import org.forgerock.opendj.ldap.LdapException; 042import org.forgerock.opendj.server.config.client.DseeCompatAccessControlHandlerCfgClient; 043import org.forgerock.opendj.server.config.server.AccessControlHandlerCfg; 044import org.forgerock.opendj.server.config.server.DseeCompatAccessControlHandlerCfg; 045 046 047 048/** 049 * An interface for querying the Dsee Compat Access Control Handler 050 * managed object definition meta information. 051 * <p> 052 * The Dsee Compat Access Control Handler provides an implementation 053 * that uses syntax compatible with the Sun Java System Directory 054 * Server Enterprise Edition access control handlers. 055 */ 056public final class DseeCompatAccessControlHandlerCfgDefn extends ManagedObjectDefinition<DseeCompatAccessControlHandlerCfgClient, DseeCompatAccessControlHandlerCfg> { 057 058 /** The singleton configuration definition instance. */ 059 private static final DseeCompatAccessControlHandlerCfgDefn INSTANCE = new DseeCompatAccessControlHandlerCfgDefn(); 060 061 062 063 /** The "global-aci" property definition. */ 064 private static final ACIPropertyDefinition PD_GLOBAL_ACI; 065 066 067 068 /** The "java-class" property definition. */ 069 private static final ClassPropertyDefinition PD_JAVA_CLASS; 070 071 072 073 /** Build the "global-aci" property definition. */ 074 static { 075 ACIPropertyDefinition.Builder builder = ACIPropertyDefinition.createBuilder(INSTANCE, "global-aci"); 076 builder.setOption(PropertyOption.MULTI_VALUED); 077 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "global-aci")); 078 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "global-aci")); 079 PD_GLOBAL_ACI = builder.getInstance(); 080 INSTANCE.registerPropertyDefinition(PD_GLOBAL_ACI); 081 } 082 083 084 085 /** Build the "java-class" property definition. */ 086 static { 087 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 088 builder.setOption(PropertyOption.MANDATORY); 089 builder.setOption(PropertyOption.ADVANCED); 090 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 091 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.authorization.dseecompat.AciHandler"); 092 builder.setDefaultBehaviorProvider(provider); 093 builder.addInstanceOf("org.opends.server.api.AccessControlHandler"); 094 PD_JAVA_CLASS = builder.getInstance(); 095 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 096 } 097 098 099 100 // Register the tags associated with this managed object definition. 101 static { 102 INSTANCE.registerTag(Tag.valueOf("security")); 103 } 104 105 106 107 /** 108 * Get the Dsee Compat Access Control Handler configuration 109 * definition singleton. 110 * 111 * @return Returns the Dsee Compat Access Control Handler 112 * configuration definition singleton. 113 */ 114 public static DseeCompatAccessControlHandlerCfgDefn getInstance() { 115 return INSTANCE; 116 } 117 118 119 120 /** 121 * Private constructor. 122 */ 123 private DseeCompatAccessControlHandlerCfgDefn() { 124 super("dsee-compat-access-control-handler", AccessControlHandlerCfgDefn.getInstance()); 125 } 126 127 128 129 /** {@inheritDoc} */ 130 public DseeCompatAccessControlHandlerCfgClient createClientConfiguration( 131 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 132 return new DseeCompatAccessControlHandlerCfgClientImpl(impl); 133 } 134 135 136 137 /** {@inheritDoc} */ 138 public DseeCompatAccessControlHandlerCfg createServerConfiguration( 139 ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 140 return new DseeCompatAccessControlHandlerCfgServerImpl(impl); 141 } 142 143 144 145 /** {@inheritDoc} */ 146 public Class<DseeCompatAccessControlHandlerCfg> getServerConfigurationClass() { 147 return DseeCompatAccessControlHandlerCfg.class; 148 } 149 150 151 152 /** 153 * Get the "enabled" property definition. 154 * <p> 155 * Indicates whether the Dsee Compat Access Control Handler is 156 * enabled. If set to FALSE, then no access control is enforced, and 157 * any client (including unauthenticated or anonymous clients) could 158 * be allowed to perform any operation if not subject to other 159 * restrictions, such as those enforced by the privilege subsystem. 160 * 161 * @return Returns the "enabled" property definition. 162 */ 163 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 164 return AccessControlHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 165 } 166 167 168 169 /** 170 * Get the "global-aci" property definition. 171 * <p> 172 * Defines global access control rules. 173 * <p> 174 * Global access control rules apply to all entries anywhere in the 175 * data managed by the OpenDJ directory server. The global access 176 * control rules may be overridden by more specific access control 177 * rules placed in the data. 178 * 179 * @return Returns the "global-aci" property definition. 180 */ 181 public ACIPropertyDefinition getGlobalACIPropertyDefinition() { 182 return PD_GLOBAL_ACI; 183 } 184 185 186 187 /** 188 * Get the "java-class" property definition. 189 * <p> 190 * Specifies the fully-qualified name of the Java class that 191 * provides the Dsee Compat Access Control Handler implementation. 192 * 193 * @return Returns the "java-class" property definition. 194 */ 195 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 196 return PD_JAVA_CLASS; 197 } 198 199 200 201 /** 202 * Managed object client implementation. 203 */ 204 private static class DseeCompatAccessControlHandlerCfgClientImpl implements 205 DseeCompatAccessControlHandlerCfgClient { 206 207 /** Private implementation. */ 208 private ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl; 209 210 211 212 /** Private constructor. */ 213 private DseeCompatAccessControlHandlerCfgClientImpl( 214 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 215 this.impl = impl; 216 } 217 218 219 220 /** {@inheritDoc} */ 221 public Boolean isEnabled() { 222 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 223 } 224 225 226 227 /** {@inheritDoc} */ 228 public void setEnabled(boolean value) { 229 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 230 } 231 232 233 234 /** {@inheritDoc} */ 235 public SortedSet<String> getGlobalACI() { 236 return impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 237 } 238 239 240 241 /** {@inheritDoc} */ 242 public void setGlobalACI(Collection<String> values) { 243 impl.setPropertyValues(INSTANCE.getGlobalACIPropertyDefinition(), values); 244 } 245 246 247 248 /** {@inheritDoc} */ 249 public String getJavaClass() { 250 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 251 } 252 253 254 255 /** {@inheritDoc} */ 256 public void setJavaClass(String value) { 257 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 258 } 259 260 261 262 /** {@inheritDoc} */ 263 public ManagedObjectDefinition<? extends DseeCompatAccessControlHandlerCfgClient, ? extends DseeCompatAccessControlHandlerCfg> definition() { 264 return INSTANCE; 265 } 266 267 268 269 /** {@inheritDoc} */ 270 public PropertyProvider properties() { 271 return impl; 272 } 273 274 275 276 /** {@inheritDoc} */ 277 public void commit() throws ManagedObjectAlreadyExistsException, 278 MissingMandatoryPropertiesException, ConcurrentModificationException, 279 OperationRejectedException, LdapException { 280 impl.commit(); 281 } 282 283 284 285 /** {@inheritDoc} */ 286 public String toString() { 287 return impl.toString(); 288 } 289 } 290 291 292 293 /** 294 * Managed object server implementation. 295 */ 296 private static class DseeCompatAccessControlHandlerCfgServerImpl implements 297 DseeCompatAccessControlHandlerCfg { 298 299 /** Private implementation. */ 300 private ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl; 301 302 /** The value of the "enabled" property. */ 303 private final boolean pEnabled; 304 305 /** The value of the "global-aci" property. */ 306 private final SortedSet<String> pGlobalACI; 307 308 /** The value of the "java-class" property. */ 309 private final String pJavaClass; 310 311 312 313 /** Private constructor. */ 314 private DseeCompatAccessControlHandlerCfgServerImpl(ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 315 this.impl = impl; 316 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 317 this.pGlobalACI = impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 318 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 319 } 320 321 322 323 /** {@inheritDoc} */ 324 public void addDseeCompatChangeListener( 325 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 326 impl.registerChangeListener(listener); 327 } 328 329 330 331 /** {@inheritDoc} */ 332 public void removeDseeCompatChangeListener( 333 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 334 impl.deregisterChangeListener(listener); 335 } 336 /** {@inheritDoc} */ 337 public void addChangeListener( 338 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 339 impl.registerChangeListener(listener); 340 } 341 342 343 344 /** {@inheritDoc} */ 345 public void removeChangeListener( 346 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 347 impl.deregisterChangeListener(listener); 348 } 349 350 351 352 /** {@inheritDoc} */ 353 public boolean isEnabled() { 354 return pEnabled; 355 } 356 357 358 359 /** {@inheritDoc} */ 360 public SortedSet<String> getGlobalACI() { 361 return pGlobalACI; 362 } 363 364 365 366 /** {@inheritDoc} */ 367 public String getJavaClass() { 368 return pJavaClass; 369 } 370 371 372 373 /** {@inheritDoc} */ 374 public Class<? extends DseeCompatAccessControlHandlerCfg> configurationClass() { 375 return DseeCompatAccessControlHandlerCfg.class; 376 } 377 378 379 380 /** {@inheritDoc} */ 381 public DN dn() { 382 return impl.getDN(); 383 } 384 385 386 387 /** {@inheritDoc} */ 388 public String toString() { 389 return impl.toString(); 390 } 391 } 392}