001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 * Portions Copyright 2013-2016 ForgeRock AS. 016 */ 017package org.opends.server.authorization.dseecompat; 018 019import static org.opends.messages.AccessControlMessages.*; 020 021import org.forgerock.i18n.slf4j.LocalizedLogger; 022import org.opends.server.core.DirectoryServer; 023 024/** The AuthMethod class represents an authmethod bind rule keyword expression. */ 025public class AuthMethod implements KeywordBindRule { 026 private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass(); 027 028 /** Enumeration representing the authentication method. */ 029 private final EnumAuthMethod authMethod; 030 /** The SASL mechanism if the authentication method is SASL. */ 031 private final String saslMech; 032 /** Enumeration representing the bind rule operation type. */ 033 private final EnumBindRuleType type; 034 035 /** 036 * Create a class representing an authmethod bind rule keyword from the 037 * provided method and bind rule type. 038 * @param type An enumeration representing the type of the expression. 039 * @param saslMech The string representation of the SASL Mechanism. 040 * @param method An Enumeration of the authentication method. 041 */ 042 private AuthMethod(EnumAuthMethod method, String saslMech, 043 EnumBindRuleType type) { 044 this.authMethod=method; 045 this.saslMech = saslMech; 046 this.type=type; 047 } 048 049 /** 050 * Decode a string representing an authmethod bind rule. 051 * @param expr The string representing the bind rule. 052 * @param type An enumeration representing the bind rule type. 053 * @return A keyword bind rule class that can be used to evaluate the 054 * bind rule. 055 * @throws AciException If the expression string is invalid. 056 */ 057 public static KeywordBindRule decode(String expr, EnumBindRuleType type) 058 throws AciException { 059 String lowerExpr = expr.toLowerCase(); 060 if ("none".equals(lowerExpr)) 061 { 062 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_NONE, null, type); 063 } 064 else if ("simple".equals(lowerExpr)) 065 { 066 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SIMPLE, null, type); 067 } 068 else if ("ssl".equals(lowerExpr)) 069 { 070 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SSL, "EXTERNAL", type); 071 } 072 else if (expr.length() > 5 && lowerExpr.startsWith("sasl ")) 073 { 074 String saslMech = expr.substring(5); 075 if (DirectoryServer.getSASLMechanismHandler(saslMech) == null) { 076 logger.info(NOTE_ACI_SYNTAX_DUBIOUS_AUTHMETHOD_SASL_MECHANISM, saslMech); 077 } 078 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SASL, saslMech, type); 079 } 080 081 throw new AciException(WARN_ACI_SYNTAX_INVALID_AUTHMETHOD_EXPRESSION.get(expr)); 082 } 083 084 /** 085 * Evaluate authmethod bind rule using the provided evaluation context. 086 * @param evalCtx An evaluation context to use. 087 * @return An enumeration evaluation result. 088 */ 089 @Override 090 public EnumEvalResult evaluate(AciEvalContext evalCtx) { 091 EnumEvalResult matched = 092 evalCtx.hasAuthenticationMethod(authMethod, saslMech); 093 return matched.getRet(type, false); 094 } 095 096 @Override 097 public String toString() 098 { 099 final StringBuilder sb = new StringBuilder(); 100 toString(sb); 101 return sb.toString(); 102 } 103 104 @Override 105 public final void toString(StringBuilder buffer) 106 { 107 buffer.append(super.toString()); 108 } 109}