001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.meta; 017 018 019 020import java.util.Collection; 021import java.util.SortedSet; 022import org.forgerock.opendj.config.AdministratorAction; 023import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 024import org.forgerock.opendj.config.BooleanPropertyDefinition; 025import org.forgerock.opendj.config.ClassPropertyDefinition; 026import org.forgerock.opendj.config.client.ConcurrentModificationException; 027import org.forgerock.opendj.config.client.ManagedObject; 028import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 029import org.forgerock.opendj.config.client.OperationRejectedException; 030import org.forgerock.opendj.config.DefaultBehaviorProvider; 031import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 032import org.forgerock.opendj.config.DNPropertyDefinition; 033import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 034import org.forgerock.opendj.config.ManagedObjectDefinition; 035import org.forgerock.opendj.config.PropertyOption; 036import org.forgerock.opendj.config.PropertyProvider; 037import org.forgerock.opendj.config.server.ConfigurationChangeListener; 038import org.forgerock.opendj.config.server.ServerManagedObject; 039import org.forgerock.opendj.config.StringPropertyDefinition; 040import org.forgerock.opendj.config.Tag; 041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 042import org.forgerock.opendj.ldap.DN; 043import org.forgerock.opendj.ldap.LdapException; 044import org.forgerock.opendj.server.config.client.SubjectAttributeToUserAttributeCertificateMapperCfgClient; 045import org.forgerock.opendj.server.config.server.CertificateMapperCfg; 046import org.forgerock.opendj.server.config.server.SubjectAttributeToUserAttributeCertificateMapperCfg; 047 048 049 050/** 051 * An interface for querying the Subject Attribute To User Attribute 052 * Certificate Mapper managed object definition meta information. 053 * <p> 054 * The Subject Attribute To User Attribute Certificate Mapper maps 055 * client certificates to user entries by mapping the values of 056 * attributes contained in the certificate subject to attributes 057 * contained in user entries. 058 */ 059public final class SubjectAttributeToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectAttributeToUserAttributeCertificateMapperCfgClient, SubjectAttributeToUserAttributeCertificateMapperCfg> { 060 061 /** The singleton configuration definition instance. */ 062 private static final SubjectAttributeToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectAttributeToUserAttributeCertificateMapperCfgDefn(); 063 064 065 066 /** The "java-class" property definition. */ 067 private static final ClassPropertyDefinition PD_JAVA_CLASS; 068 069 070 071 /** The "subject-attribute-mapping" property definition. */ 072 private static final StringPropertyDefinition PD_SUBJECT_ATTRIBUTE_MAPPING; 073 074 075 076 /** The "user-base-dn" property definition. */ 077 private static final DNPropertyDefinition PD_USER_BASE_DN; 078 079 080 081 /** Build the "java-class" property definition. */ 082 static { 083 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 084 builder.setOption(PropertyOption.MANDATORY); 085 builder.setOption(PropertyOption.ADVANCED); 086 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 087 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper"); 088 builder.setDefaultBehaviorProvider(provider); 089 builder.addInstanceOf("org.opends.server.api.CertificateMapper"); 090 PD_JAVA_CLASS = builder.getInstance(); 091 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 092 } 093 094 095 096 /** Build the "subject-attribute-mapping" property definition. */ 097 static { 098 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "subject-attribute-mapping"); 099 builder.setOption(PropertyOption.MULTI_VALUED); 100 builder.setOption(PropertyOption.MANDATORY); 101 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute-mapping")); 102 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 103 PD_SUBJECT_ATTRIBUTE_MAPPING = builder.getInstance(); 104 INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE_MAPPING); 105 } 106 107 108 109 /** Build the "user-base-dn" property definition. */ 110 static { 111 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn"); 112 builder.setOption(PropertyOption.MULTI_VALUED); 113 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn")); 114 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn")); 115 PD_USER_BASE_DN = builder.getInstance(); 116 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN); 117 } 118 119 120 121 // Register the tags associated with this managed object definition. 122 static { 123 INSTANCE.registerTag(Tag.valueOf("security")); 124 INSTANCE.registerTag(Tag.valueOf("user-management")); 125 } 126 127 128 129 /** 130 * Get the Subject Attribute To User Attribute Certificate Mapper 131 * configuration definition singleton. 132 * 133 * @return Returns the Subject Attribute To User Attribute 134 * Certificate Mapper configuration definition singleton. 135 */ 136 public static SubjectAttributeToUserAttributeCertificateMapperCfgDefn getInstance() { 137 return INSTANCE; 138 } 139 140 141 142 /** 143 * Private constructor. 144 */ 145 private SubjectAttributeToUserAttributeCertificateMapperCfgDefn() { 146 super("subject-attribute-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance()); 147 } 148 149 150 151 /** {@inheritDoc} */ 152 public SubjectAttributeToUserAttributeCertificateMapperCfgClient createClientConfiguration( 153 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 154 return new SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl(impl); 155 } 156 157 158 159 /** {@inheritDoc} */ 160 public SubjectAttributeToUserAttributeCertificateMapperCfg createServerConfiguration( 161 ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 162 return new SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(impl); 163 } 164 165 166 167 /** {@inheritDoc} */ 168 public Class<SubjectAttributeToUserAttributeCertificateMapperCfg> getServerConfigurationClass() { 169 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 170 } 171 172 173 174 /** 175 * Get the "enabled" property definition. 176 * <p> 177 * Indicates whether the Subject Attribute To User Attribute 178 * Certificate Mapper is enabled. 179 * 180 * @return Returns the "enabled" property definition. 181 */ 182 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 183 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition(); 184 } 185 186 187 188 /** 189 * Get the "java-class" property definition. 190 * <p> 191 * Specifies the fully-qualified name of the Java class that 192 * provides the Subject Attribute To User Attribute Certificate 193 * Mapper implementation. 194 * 195 * @return Returns the "java-class" property definition. 196 */ 197 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 198 return PD_JAVA_CLASS; 199 } 200 201 202 203 /** 204 * Get the "subject-attribute-mapping" property definition. 205 * <p> 206 * Specifies a mapping between certificate attributes and user 207 * attributes. 208 * <p> 209 * Each value should be in the form "certattr:userattr" where 210 * certattr is the name of the attribute in the certificate subject 211 * and userattr is the name of the corresponding attribute in user 212 * entries. There may be multiple mappings defined, and when 213 * performing the mapping values for all attributes present in the 214 * certificate subject that have mappings defined must be present in 215 * the corresponding user entries. 216 * 217 * @return Returns the "subject-attribute-mapping" property definition. 218 */ 219 public StringPropertyDefinition getSubjectAttributeMappingPropertyDefinition() { 220 return PD_SUBJECT_ATTRIBUTE_MAPPING; 221 } 222 223 224 225 /** 226 * Get the "user-base-dn" property definition. 227 * <p> 228 * Specifies the base DNs that should be used when performing 229 * searches to map the client certificate to a user entry. 230 * 231 * @return Returns the "user-base-dn" property definition. 232 */ 233 public DNPropertyDefinition getUserBaseDNPropertyDefinition() { 234 return PD_USER_BASE_DN; 235 } 236 237 238 239 /** 240 * Managed object client implementation. 241 */ 242 private static class SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl implements 243 SubjectAttributeToUserAttributeCertificateMapperCfgClient { 244 245 /** Private implementation. */ 246 private ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl; 247 248 249 250 /** Private constructor. */ 251 private SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl( 252 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 253 this.impl = impl; 254 } 255 256 257 258 /** {@inheritDoc} */ 259 public Boolean isEnabled() { 260 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 261 } 262 263 264 265 /** {@inheritDoc} */ 266 public void setEnabled(boolean value) { 267 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 268 } 269 270 271 272 /** {@inheritDoc} */ 273 public String getJavaClass() { 274 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 275 } 276 277 278 279 /** {@inheritDoc} */ 280 public void setJavaClass(String value) { 281 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 282 } 283 284 285 286 /** {@inheritDoc} */ 287 public SortedSet<String> getSubjectAttributeMapping() { 288 return impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 289 } 290 291 292 293 /** {@inheritDoc} */ 294 public void setSubjectAttributeMapping(Collection<String> values) { 295 impl.setPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition(), values); 296 } 297 298 299 300 /** {@inheritDoc} */ 301 public SortedSet<DN> getUserBaseDN() { 302 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 303 } 304 305 306 307 /** {@inheritDoc} */ 308 public void setUserBaseDN(Collection<DN> values) { 309 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values); 310 } 311 312 313 314 /** {@inheritDoc} */ 315 public ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient, ? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition() { 316 return INSTANCE; 317 } 318 319 320 321 /** {@inheritDoc} */ 322 public PropertyProvider properties() { 323 return impl; 324 } 325 326 327 328 /** {@inheritDoc} */ 329 public void commit() throws ManagedObjectAlreadyExistsException, 330 MissingMandatoryPropertiesException, ConcurrentModificationException, 331 OperationRejectedException, LdapException { 332 impl.commit(); 333 } 334 335 336 337 /** {@inheritDoc} */ 338 public String toString() { 339 return impl.toString(); 340 } 341 } 342 343 344 345 /** 346 * Managed object server implementation. 347 */ 348 private static class SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl implements 349 SubjectAttributeToUserAttributeCertificateMapperCfg { 350 351 /** Private implementation. */ 352 private ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl; 353 354 /** The value of the "enabled" property. */ 355 private final boolean pEnabled; 356 357 /** The value of the "java-class" property. */ 358 private final String pJavaClass; 359 360 /** The value of the "subject-attribute-mapping" property. */ 361 private final SortedSet<String> pSubjectAttributeMapping; 362 363 /** The value of the "user-base-dn" property. */ 364 private final SortedSet<DN> pUserBaseDN; 365 366 367 368 /** Private constructor. */ 369 private SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 370 this.impl = impl; 371 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 372 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 373 this.pSubjectAttributeMapping = impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 374 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 375 } 376 377 378 379 /** {@inheritDoc} */ 380 public void addSubjectAttributeToUserAttributeChangeListener( 381 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 382 impl.registerChangeListener(listener); 383 } 384 385 386 387 /** {@inheritDoc} */ 388 public void removeSubjectAttributeToUserAttributeChangeListener( 389 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 390 impl.deregisterChangeListener(listener); 391 } 392 /** {@inheritDoc} */ 393 public void addChangeListener( 394 ConfigurationChangeListener<CertificateMapperCfg> listener) { 395 impl.registerChangeListener(listener); 396 } 397 398 399 400 /** {@inheritDoc} */ 401 public void removeChangeListener( 402 ConfigurationChangeListener<CertificateMapperCfg> listener) { 403 impl.deregisterChangeListener(listener); 404 } 405 406 407 408 /** {@inheritDoc} */ 409 public boolean isEnabled() { 410 return pEnabled; 411 } 412 413 414 415 /** {@inheritDoc} */ 416 public String getJavaClass() { 417 return pJavaClass; 418 } 419 420 421 422 /** {@inheritDoc} */ 423 public SortedSet<String> getSubjectAttributeMapping() { 424 return pSubjectAttributeMapping; 425 } 426 427 428 429 /** {@inheritDoc} */ 430 public SortedSet<DN> getUserBaseDN() { 431 return pUserBaseDN; 432 } 433 434 435 436 /** {@inheritDoc} */ 437 public Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass() { 438 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 439 } 440 441 442 443 /** {@inheritDoc} */ 444 public DN dn() { 445 return impl.getDN(); 446 } 447 448 449 450 /** {@inheritDoc} */ 451 public String toString() { 452 return impl.toString(); 453 } 454 } 455}