001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.AdministratorAction;
023import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
024import org.forgerock.opendj.config.AttributeTypePropertyDefinition;
025import org.forgerock.opendj.config.BooleanPropertyDefinition;
026import org.forgerock.opendj.config.ClassPropertyDefinition;
027import org.forgerock.opendj.config.client.ConcurrentModificationException;
028import org.forgerock.opendj.config.client.ManagedObject;
029import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
030import org.forgerock.opendj.config.client.OperationRejectedException;
031import org.forgerock.opendj.config.DefaultBehaviorProvider;
032import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
033import org.forgerock.opendj.config.DNPropertyDefinition;
034import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
035import org.forgerock.opendj.config.ManagedObjectDefinition;
036import org.forgerock.opendj.config.PropertyOption;
037import org.forgerock.opendj.config.PropertyProvider;
038import org.forgerock.opendj.config.server.ConfigurationChangeListener;
039import org.forgerock.opendj.config.server.ServerManagedObject;
040import org.forgerock.opendj.config.Tag;
041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
042import org.forgerock.opendj.ldap.DN;
043import org.forgerock.opendj.ldap.LdapException;
044import org.forgerock.opendj.ldap.schema.AttributeType;
045import org.forgerock.opendj.server.config.client.SubjectDNToUserAttributeCertificateMapperCfgClient;
046import org.forgerock.opendj.server.config.server.CertificateMapperCfg;
047import org.forgerock.opendj.server.config.server.SubjectDNToUserAttributeCertificateMapperCfg;
048
049
050
051/**
052 * An interface for querying the Subject DN To User Attribute
053 * Certificate Mapper managed object definition meta information.
054 * <p>
055 * The Subject DN To User Attribute Certificate Mapper maps client
056 * certificates to user entries by looking for the certificate subject
057 * DN in a specified attribute of user entries.
058 */
059public final class SubjectDNToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectDNToUserAttributeCertificateMapperCfgClient, SubjectDNToUserAttributeCertificateMapperCfg> {
060
061  /** The singleton configuration definition instance. */
062  private static final SubjectDNToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectDNToUserAttributeCertificateMapperCfgDefn();
063
064
065
066  /** The "java-class" property definition. */
067  private static final ClassPropertyDefinition PD_JAVA_CLASS;
068
069
070
071  /** The "subject-attribute" property definition. */
072  private static final AttributeTypePropertyDefinition PD_SUBJECT_ATTRIBUTE;
073
074
075
076  /** The "user-base-dn" property definition. */
077  private static final DNPropertyDefinition PD_USER_BASE_DN;
078
079
080
081  /** Build the "java-class" property definition. */
082  static {
083      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
084      builder.setOption(PropertyOption.MANDATORY);
085      builder.setOption(PropertyOption.ADVANCED);
086      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
087      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper");
088      builder.setDefaultBehaviorProvider(provider);
089      builder.addInstanceOf("org.opends.server.api.CertificateMapper");
090      PD_JAVA_CLASS = builder.getInstance();
091      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
092  }
093
094
095
096  /** Build the "subject-attribute" property definition. */
097  static {
098      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "subject-attribute");
099      builder.setOption(PropertyOption.MANDATORY);
100      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute"));
101      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
102      PD_SUBJECT_ATTRIBUTE = builder.getInstance();
103      INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE);
104  }
105
106
107
108  /** Build the "user-base-dn" property definition. */
109  static {
110      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn");
111      builder.setOption(PropertyOption.MULTI_VALUED);
112      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn"));
113      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn"));
114      PD_USER_BASE_DN = builder.getInstance();
115      INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN);
116  }
117
118
119
120  // Register the tags associated with this managed object definition.
121  static {
122    INSTANCE.registerTag(Tag.valueOf("security"));
123    INSTANCE.registerTag(Tag.valueOf("user-management"));
124  }
125
126
127
128  /**
129   * Get the Subject DN To User Attribute Certificate Mapper
130   * configuration definition singleton.
131   *
132   * @return Returns the Subject DN To User Attribute Certificate
133   *         Mapper configuration definition singleton.
134   */
135  public static SubjectDNToUserAttributeCertificateMapperCfgDefn getInstance() {
136    return INSTANCE;
137  }
138
139
140
141  /**
142   * Private constructor.
143   */
144  private SubjectDNToUserAttributeCertificateMapperCfgDefn() {
145    super("subject-dn-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance());
146  }
147
148
149
150  /** {@inheritDoc} */
151  public SubjectDNToUserAttributeCertificateMapperCfgClient createClientConfiguration(
152      ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) {
153    return new SubjectDNToUserAttributeCertificateMapperCfgClientImpl(impl);
154  }
155
156
157
158  /** {@inheritDoc} */
159  public SubjectDNToUserAttributeCertificateMapperCfg createServerConfiguration(
160      ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) {
161    return new SubjectDNToUserAttributeCertificateMapperCfgServerImpl(impl);
162  }
163
164
165
166  /** {@inheritDoc} */
167  public Class<SubjectDNToUserAttributeCertificateMapperCfg> getServerConfigurationClass() {
168    return SubjectDNToUserAttributeCertificateMapperCfg.class;
169  }
170
171
172
173  /**
174   * Get the "enabled" property definition.
175   * <p>
176   * Indicates whether the Subject DN To User Attribute Certificate
177   * Mapper is enabled.
178   *
179   * @return Returns the "enabled" property definition.
180   */
181  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
182    return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition();
183  }
184
185
186
187  /**
188   * Get the "java-class" property definition.
189   * <p>
190   * Specifies the fully-qualified name of the Java class that
191   * provides the Subject DN To User Attribute Certificate Mapper
192   * implementation.
193   *
194   * @return Returns the "java-class" property definition.
195   */
196  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
197    return PD_JAVA_CLASS;
198  }
199
200
201
202  /**
203   * Get the "subject-attribute" property definition.
204   * <p>
205   * Specifies the name or OID of the attribute whose value should
206   * exactly match the certificate subject DN.
207   *
208   * @return Returns the "subject-attribute" property definition.
209   */
210  public AttributeTypePropertyDefinition getSubjectAttributePropertyDefinition() {
211    return PD_SUBJECT_ATTRIBUTE;
212  }
213
214
215
216  /**
217   * Get the "user-base-dn" property definition.
218   * <p>
219   * Specifies the base DNs that should be used when performing
220   * searches to map the client certificate to a user entry.
221   *
222   * @return Returns the "user-base-dn" property definition.
223   */
224  public DNPropertyDefinition getUserBaseDNPropertyDefinition() {
225    return PD_USER_BASE_DN;
226  }
227
228
229
230  /**
231   * Managed object client implementation.
232   */
233  private static class SubjectDNToUserAttributeCertificateMapperCfgClientImpl implements
234    SubjectDNToUserAttributeCertificateMapperCfgClient {
235
236    /** Private implementation. */
237    private ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl;
238
239
240
241    /** Private constructor. */
242    private SubjectDNToUserAttributeCertificateMapperCfgClientImpl(
243        ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) {
244      this.impl = impl;
245    }
246
247
248
249    /** {@inheritDoc} */
250    public Boolean isEnabled() {
251      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
252    }
253
254
255
256    /** {@inheritDoc} */
257    public void setEnabled(boolean value) {
258      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
259    }
260
261
262
263    /** {@inheritDoc} */
264    public String getJavaClass() {
265      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
266    }
267
268
269
270    /** {@inheritDoc} */
271    public void setJavaClass(String value) {
272      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
273    }
274
275
276
277    /** {@inheritDoc} */
278    public AttributeType getSubjectAttribute() {
279      return impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition());
280    }
281
282
283
284    /** {@inheritDoc} */
285    public void setSubjectAttribute(AttributeType value) {
286      impl.setPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition(), value);
287    }
288
289
290
291    /** {@inheritDoc} */
292    public SortedSet<DN> getUserBaseDN() {
293      return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
294    }
295
296
297
298    /** {@inheritDoc} */
299    public void setUserBaseDN(Collection<DN> values) {
300      impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values);
301    }
302
303
304
305    /** {@inheritDoc} */
306    public ManagedObjectDefinition<? extends SubjectDNToUserAttributeCertificateMapperCfgClient, ? extends SubjectDNToUserAttributeCertificateMapperCfg> definition() {
307      return INSTANCE;
308    }
309
310
311
312    /** {@inheritDoc} */
313    public PropertyProvider properties() {
314      return impl;
315    }
316
317
318
319    /** {@inheritDoc} */
320    public void commit() throws ManagedObjectAlreadyExistsException,
321        MissingMandatoryPropertiesException, ConcurrentModificationException,
322        OperationRejectedException, LdapException {
323      impl.commit();
324    }
325
326
327
328    /** {@inheritDoc} */
329    public String toString() {
330      return impl.toString();
331    }
332  }
333
334
335
336  /**
337   * Managed object server implementation.
338   */
339  private static class SubjectDNToUserAttributeCertificateMapperCfgServerImpl implements
340    SubjectDNToUserAttributeCertificateMapperCfg {
341
342    /** Private implementation. */
343    private ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl;
344
345    /** The value of the "enabled" property. */
346    private final boolean pEnabled;
347
348    /** The value of the "java-class" property. */
349    private final String pJavaClass;
350
351    /** The value of the "subject-attribute" property. */
352    private final AttributeType pSubjectAttribute;
353
354    /** The value of the "user-base-dn" property. */
355    private final SortedSet<DN> pUserBaseDN;
356
357
358
359    /** Private constructor. */
360    private SubjectDNToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) {
361      this.impl = impl;
362      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
363      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
364      this.pSubjectAttribute = impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition());
365      this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
366    }
367
368
369
370    /** {@inheritDoc} */
371    public void addSubjectDNToUserAttributeChangeListener(
372        ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) {
373      impl.registerChangeListener(listener);
374    }
375
376
377
378    /** {@inheritDoc} */
379    public void removeSubjectDNToUserAttributeChangeListener(
380        ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) {
381      impl.deregisterChangeListener(listener);
382    }
383    /** {@inheritDoc} */
384    public void addChangeListener(
385        ConfigurationChangeListener<CertificateMapperCfg> listener) {
386      impl.registerChangeListener(listener);
387    }
388
389
390
391    /** {@inheritDoc} */
392    public void removeChangeListener(
393        ConfigurationChangeListener<CertificateMapperCfg> listener) {
394      impl.deregisterChangeListener(listener);
395    }
396
397
398
399    /** {@inheritDoc} */
400    public boolean isEnabled() {
401      return pEnabled;
402    }
403
404
405
406    /** {@inheritDoc} */
407    public String getJavaClass() {
408      return pJavaClass;
409    }
410
411
412
413    /** {@inheritDoc} */
414    public AttributeType getSubjectAttribute() {
415      return pSubjectAttribute;
416    }
417
418
419
420    /** {@inheritDoc} */
421    public SortedSet<DN> getUserBaseDN() {
422      return pUserBaseDN;
423    }
424
425
426
427    /** {@inheritDoc} */
428    public Class<? extends SubjectDNToUserAttributeCertificateMapperCfg> configurationClass() {
429      return SubjectDNToUserAttributeCertificateMapperCfg.class;
430    }
431
432
433
434    /** {@inheritDoc} */
435    public DN dn() {
436      return impl.getDN();
437    }
438
439
440
441    /** {@inheritDoc} */
442    public String toString() {
443      return impl.toString();
444    }
445  }
446}