001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2015-2016 ForgeRock AS. 016 */ 017package org.opends.server.extensions; 018 019 020 021/** 022 * This class implements an enumeration that may be used to indicate if/how a 023 * client's certificate should be validated against the corresponding user entry 024 * in the Directory Server. 025 */ 026public enum CertificateValidationPolicy 027{ 028 /** 029 * Indicates that the server should always attempt to validate the client 030 * certificate against the version in the corresponding user's entry. If no 031 * certificates exist in the user's entry, then the validation will fail. 032 */ 033 ALWAYS("always"), 034 035 036 037 /** 038 * Indicates that the server should not attempt to validate the client 039 * certificate against the version in the corresponding user's entry. 040 */ 041 NEVER("never"), 042 043 044 045 /** 046 * Indicates that the server should attempt to validate the client certificate 047 * against the version in the corresponding user's entry if there are any 048 * certificates in that user's entry. If the user's entry does not contain 049 * any certificates, then no validation will be attempted. 050 */ 051 IFPRESENT("ifpresent"); 052 053 054 055 /** The human-readable name for this policy. */ 056 private String policyName; 057 058 059 060 /** 061 * Creates a new certificate validation policy with the provided name. 062 * 063 * @param policyName The human-readable name for this policy. 064 */ 065 private CertificateValidationPolicy(String policyName) 066 { 067 this.policyName = policyName; 068 } 069 070 071 072 /** 073 * Retrieves the certificate validation policy for the specified name. 074 * 075 * @param policyName The name of the policy to retrieve. 076 * 077 * @return The requested certificate validation policy, or <CODE>null</CODE> 078 * if the provided value is not the name of a valid policy. 079 */ 080 public static CertificateValidationPolicy policyForName(String policyName) 081 { 082 String lowerName = policyName.toLowerCase(); 083 if (lowerName.equals("always")) 084 { 085 return CertificateValidationPolicy.ALWAYS; 086 } 087 else if (lowerName.equals("never")) 088 { 089 return CertificateValidationPolicy.NEVER; 090 } 091 else if (lowerName.equals("ifpresent")) 092 { 093 return CertificateValidationPolicy.IFPRESENT; 094 } 095 else 096 { 097 return null; 098 } 099 } 100 101 102 103 /** 104 * Retrieves the human-readable name for this certificate validation policy. 105 * 106 * @return The human-readable name for this certificate validation policy. 107 */ 108 @Override 109 public String toString() 110 { 111 return policyName; 112 } 113} 114