001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.AdministratorAction;
023import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
024import org.forgerock.opendj.config.BooleanPropertyDefinition;
025import org.forgerock.opendj.config.ClassPropertyDefinition;
026import org.forgerock.opendj.config.client.ConcurrentModificationException;
027import org.forgerock.opendj.config.client.ManagedObject;
028import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
029import org.forgerock.opendj.config.client.OperationRejectedException;
030import org.forgerock.opendj.config.DefaultBehaviorProvider;
031import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
032import org.forgerock.opendj.config.DNPropertyDefinition;
033import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
034import org.forgerock.opendj.config.ManagedObjectDefinition;
035import org.forgerock.opendj.config.PropertyOption;
036import org.forgerock.opendj.config.PropertyProvider;
037import org.forgerock.opendj.config.server.ConfigurationChangeListener;
038import org.forgerock.opendj.config.server.ServerManagedObject;
039import org.forgerock.opendj.config.StringPropertyDefinition;
040import org.forgerock.opendj.config.Tag;
041import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
042import org.forgerock.opendj.ldap.DN;
043import org.forgerock.opendj.ldap.LdapException;
044import org.forgerock.opendj.server.config.client.SubjectAttributeToUserAttributeCertificateMapperCfgClient;
045import org.forgerock.opendj.server.config.server.CertificateMapperCfg;
046import org.forgerock.opendj.server.config.server.SubjectAttributeToUserAttributeCertificateMapperCfg;
047
048
049
050/**
051 * An interface for querying the Subject Attribute To User Attribute
052 * Certificate Mapper managed object definition meta information.
053 * <p>
054 * The Subject Attribute To User Attribute Certificate Mapper maps
055 * client certificates to user entries by mapping the values of
056 * attributes contained in the certificate subject to attributes
057 * contained in user entries.
058 */
059public final class SubjectAttributeToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectAttributeToUserAttributeCertificateMapperCfgClient, SubjectAttributeToUserAttributeCertificateMapperCfg> {
060
061  /** The singleton configuration definition instance. */
062  private static final SubjectAttributeToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectAttributeToUserAttributeCertificateMapperCfgDefn();
063
064
065
066  /** The "java-class" property definition. */
067  private static final ClassPropertyDefinition PD_JAVA_CLASS;
068
069
070
071  /** The "subject-attribute-mapping" property definition. */
072  private static final StringPropertyDefinition PD_SUBJECT_ATTRIBUTE_MAPPING;
073
074
075
076  /** The "user-base-dn" property definition. */
077  private static final DNPropertyDefinition PD_USER_BASE_DN;
078
079
080
081  /** Build the "java-class" property definition. */
082  static {
083      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
084      builder.setOption(PropertyOption.MANDATORY);
085      builder.setOption(PropertyOption.ADVANCED);
086      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
087      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper");
088      builder.setDefaultBehaviorProvider(provider);
089      builder.addInstanceOf("org.opends.server.api.CertificateMapper");
090      PD_JAVA_CLASS = builder.getInstance();
091      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
092  }
093
094
095
096  /** Build the "subject-attribute-mapping" property definition. */
097  static {
098      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "subject-attribute-mapping");
099      builder.setOption(PropertyOption.MULTI_VALUED);
100      builder.setOption(PropertyOption.MANDATORY);
101      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute-mapping"));
102      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
103      PD_SUBJECT_ATTRIBUTE_MAPPING = builder.getInstance();
104      INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE_MAPPING);
105  }
106
107
108
109  /** Build the "user-base-dn" property definition. */
110  static {
111      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn");
112      builder.setOption(PropertyOption.MULTI_VALUED);
113      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn"));
114      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn"));
115      PD_USER_BASE_DN = builder.getInstance();
116      INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN);
117  }
118
119
120
121  // Register the tags associated with this managed object definition.
122  static {
123    INSTANCE.registerTag(Tag.valueOf("security"));
124    INSTANCE.registerTag(Tag.valueOf("user-management"));
125  }
126
127
128
129  /**
130   * Get the Subject Attribute To User Attribute Certificate Mapper
131   * configuration definition singleton.
132   *
133   * @return Returns the Subject Attribute To User Attribute
134   *         Certificate Mapper configuration definition singleton.
135   */
136  public static SubjectAttributeToUserAttributeCertificateMapperCfgDefn getInstance() {
137    return INSTANCE;
138  }
139
140
141
142  /**
143   * Private constructor.
144   */
145  private SubjectAttributeToUserAttributeCertificateMapperCfgDefn() {
146    super("subject-attribute-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance());
147  }
148
149
150
151  /** {@inheritDoc} */
152  public SubjectAttributeToUserAttributeCertificateMapperCfgClient createClientConfiguration(
153      ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) {
154    return new SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl(impl);
155  }
156
157
158
159  /** {@inheritDoc} */
160  public SubjectAttributeToUserAttributeCertificateMapperCfg createServerConfiguration(
161      ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) {
162    return new SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(impl);
163  }
164
165
166
167  /** {@inheritDoc} */
168  public Class<SubjectAttributeToUserAttributeCertificateMapperCfg> getServerConfigurationClass() {
169    return SubjectAttributeToUserAttributeCertificateMapperCfg.class;
170  }
171
172
173
174  /**
175   * Get the "enabled" property definition.
176   * <p>
177   * Indicates whether the Subject Attribute To User Attribute
178   * Certificate Mapper is enabled.
179   *
180   * @return Returns the "enabled" property definition.
181   */
182  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
183    return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition();
184  }
185
186
187
188  /**
189   * Get the "java-class" property definition.
190   * <p>
191   * Specifies the fully-qualified name of the Java class that
192   * provides the Subject Attribute To User Attribute Certificate
193   * Mapper implementation.
194   *
195   * @return Returns the "java-class" property definition.
196   */
197  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
198    return PD_JAVA_CLASS;
199  }
200
201
202
203  /**
204   * Get the "subject-attribute-mapping" property definition.
205   * <p>
206   * Specifies a mapping between certificate attributes and user
207   * attributes.
208   * <p>
209   * Each value should be in the form "certattr:userattr" where
210   * certattr is the name of the attribute in the certificate subject
211   * and userattr is the name of the corresponding attribute in user
212   * entries. There may be multiple mappings defined, and when
213   * performing the mapping values for all attributes present in the
214   * certificate subject that have mappings defined must be present in
215   * the corresponding user entries.
216   *
217   * @return Returns the "subject-attribute-mapping" property definition.
218   */
219  public StringPropertyDefinition getSubjectAttributeMappingPropertyDefinition() {
220    return PD_SUBJECT_ATTRIBUTE_MAPPING;
221  }
222
223
224
225  /**
226   * Get the "user-base-dn" property definition.
227   * <p>
228   * Specifies the base DNs that should be used when performing
229   * searches to map the client certificate to a user entry.
230   *
231   * @return Returns the "user-base-dn" property definition.
232   */
233  public DNPropertyDefinition getUserBaseDNPropertyDefinition() {
234    return PD_USER_BASE_DN;
235  }
236
237
238
239  /**
240   * Managed object client implementation.
241   */
242  private static class SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl implements
243    SubjectAttributeToUserAttributeCertificateMapperCfgClient {
244
245    /** Private implementation. */
246    private ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl;
247
248
249
250    /** Private constructor. */
251    private SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl(
252        ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) {
253      this.impl = impl;
254    }
255
256
257
258    /** {@inheritDoc} */
259    public Boolean isEnabled() {
260      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
261    }
262
263
264
265    /** {@inheritDoc} */
266    public void setEnabled(boolean value) {
267      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
268    }
269
270
271
272    /** {@inheritDoc} */
273    public String getJavaClass() {
274      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
275    }
276
277
278
279    /** {@inheritDoc} */
280    public void setJavaClass(String value) {
281      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
282    }
283
284
285
286    /** {@inheritDoc} */
287    public SortedSet<String> getSubjectAttributeMapping() {
288      return impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition());
289    }
290
291
292
293    /** {@inheritDoc} */
294    public void setSubjectAttributeMapping(Collection<String> values) {
295      impl.setPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition(), values);
296    }
297
298
299
300    /** {@inheritDoc} */
301    public SortedSet<DN> getUserBaseDN() {
302      return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
303    }
304
305
306
307    /** {@inheritDoc} */
308    public void setUserBaseDN(Collection<DN> values) {
309      impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values);
310    }
311
312
313
314    /** {@inheritDoc} */
315    public ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient, ? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition() {
316      return INSTANCE;
317    }
318
319
320
321    /** {@inheritDoc} */
322    public PropertyProvider properties() {
323      return impl;
324    }
325
326
327
328    /** {@inheritDoc} */
329    public void commit() throws ManagedObjectAlreadyExistsException,
330        MissingMandatoryPropertiesException, ConcurrentModificationException,
331        OperationRejectedException, LdapException {
332      impl.commit();
333    }
334
335
336
337    /** {@inheritDoc} */
338    public String toString() {
339      return impl.toString();
340    }
341  }
342
343
344
345  /**
346   * Managed object server implementation.
347   */
348  private static class SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl implements
349    SubjectAttributeToUserAttributeCertificateMapperCfg {
350
351    /** Private implementation. */
352    private ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl;
353
354    /** The value of the "enabled" property. */
355    private final boolean pEnabled;
356
357    /** The value of the "java-class" property. */
358    private final String pJavaClass;
359
360    /** The value of the "subject-attribute-mapping" property. */
361    private final SortedSet<String> pSubjectAttributeMapping;
362
363    /** The value of the "user-base-dn" property. */
364    private final SortedSet<DN> pUserBaseDN;
365
366
367
368    /** Private constructor. */
369    private SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) {
370      this.impl = impl;
371      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
372      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
373      this.pSubjectAttributeMapping = impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition());
374      this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
375    }
376
377
378
379    /** {@inheritDoc} */
380    public void addSubjectAttributeToUserAttributeChangeListener(
381        ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) {
382      impl.registerChangeListener(listener);
383    }
384
385
386
387    /** {@inheritDoc} */
388    public void removeSubjectAttributeToUserAttributeChangeListener(
389        ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) {
390      impl.deregisterChangeListener(listener);
391    }
392    /** {@inheritDoc} */
393    public void addChangeListener(
394        ConfigurationChangeListener<CertificateMapperCfg> listener) {
395      impl.registerChangeListener(listener);
396    }
397
398
399
400    /** {@inheritDoc} */
401    public void removeChangeListener(
402        ConfigurationChangeListener<CertificateMapperCfg> listener) {
403      impl.deregisterChangeListener(listener);
404    }
405
406
407
408    /** {@inheritDoc} */
409    public boolean isEnabled() {
410      return pEnabled;
411    }
412
413
414
415    /** {@inheritDoc} */
416    public String getJavaClass() {
417      return pJavaClass;
418    }
419
420
421
422    /** {@inheritDoc} */
423    public SortedSet<String> getSubjectAttributeMapping() {
424      return pSubjectAttributeMapping;
425    }
426
427
428
429    /** {@inheritDoc} */
430    public SortedSet<DN> getUserBaseDN() {
431      return pUserBaseDN;
432    }
433
434
435
436    /** {@inheritDoc} */
437    public Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass() {
438      return SubjectAttributeToUserAttributeCertificateMapperCfg.class;
439    }
440
441
442
443    /** {@inheritDoc} */
444    public DN dn() {
445      return impl.getDN();
446    }
447
448
449
450    /** {@inheritDoc} */
451    public String toString() {
452      return impl.toString();
453    }
454  }
455}