001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.meta;
017
018
019
020import java.net.InetAddress;
021import java.util.Collection;
022import java.util.SortedSet;
023import org.forgerock.opendj.config.AdministratorAction;
024import org.forgerock.opendj.config.AggregationPropertyDefinition;
025import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
026import org.forgerock.opendj.config.AttributeTypePropertyDefinition;
027import org.forgerock.opendj.config.BooleanPropertyDefinition;
028import org.forgerock.opendj.config.ClassPropertyDefinition;
029import org.forgerock.opendj.config.client.ConcurrentModificationException;
030import org.forgerock.opendj.config.client.ManagedObject;
031import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
032import org.forgerock.opendj.config.client.OperationRejectedException;
033import org.forgerock.opendj.config.conditions.Conditions;
034import org.forgerock.opendj.config.DefaultBehaviorProvider;
035import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
036import org.forgerock.opendj.config.DNPropertyDefinition;
037import org.forgerock.opendj.config.DurationPropertyDefinition;
038import org.forgerock.opendj.config.EnumPropertyDefinition;
039import org.forgerock.opendj.config.GenericConstraint;
040import org.forgerock.opendj.config.IPAddressPropertyDefinition;
041import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
042import org.forgerock.opendj.config.ManagedObjectDefinition;
043import org.forgerock.opendj.config.PropertyOption;
044import org.forgerock.opendj.config.PropertyProvider;
045import org.forgerock.opendj.config.server.ConfigurationChangeListener;
046import org.forgerock.opendj.config.server.ServerManagedObject;
047import org.forgerock.opendj.config.StringPropertyDefinition;
048import org.forgerock.opendj.config.Tag;
049import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
050import org.forgerock.opendj.ldap.DN;
051import org.forgerock.opendj.ldap.LdapException;
052import org.forgerock.opendj.ldap.schema.AttributeType;
053import org.forgerock.opendj.server.config.client.LDAPPassThroughAuthenticationPolicyCfgClient;
054import org.forgerock.opendj.server.config.client.PasswordStorageSchemeCfgClient;
055import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient;
056import org.forgerock.opendj.server.config.server.AuthenticationPolicyCfg;
057import org.forgerock.opendj.server.config.server.LDAPPassThroughAuthenticationPolicyCfg;
058import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg;
059import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg;
060
061
062
063/**
064 * An interface for querying the LDAP Pass Through Authentication
065 * Policy managed object definition meta information.
066 * <p>
067 * An authentication policy for users whose credentials are managed by
068 * a remote LDAP directory service.
069 */
070public final class LDAPPassThroughAuthenticationPolicyCfgDefn extends ManagedObjectDefinition<LDAPPassThroughAuthenticationPolicyCfgClient, LDAPPassThroughAuthenticationPolicyCfg> {
071
072  /** The singleton configuration definition instance. */
073  private static final LDAPPassThroughAuthenticationPolicyCfgDefn INSTANCE = new LDAPPassThroughAuthenticationPolicyCfgDefn();
074
075
076
077  /**
078   * Defines the set of permissable values for the "mapping-policy" property.
079   * <p>
080   * Specifies the mapping algorithm for obtaining the bind DN from
081   * the user's entry.
082   */
083  public static enum MappingPolicy {
084
085    /**
086     * Bind to the remote LDAP directory service using a DN obtained
087     * from an attribute in the user's entry. This policy will check
088     * each attribute named in the "mapped-attribute" property. If more
089     * than one attribute or value is present then the first one will
090     * be used.
091     */
092    MAPPED_BIND("mapped-bind"),
093
094
095
096    /**
097     * Bind to the remote LDAP directory service using the DN of an
098     * entry obtained using a search against the remote LDAP directory
099     * service. The search filter will comprise of an equality matching
100     * filter whose attribute type is the "mapped-attribute" property,
101     * and whose assertion value is the attribute value obtained from
102     * the user's entry. If more than one attribute or value is present
103     * then the filter will be composed of multiple equality filters
104     * combined using a logical OR (union).
105     */
106    MAPPED_SEARCH("mapped-search"),
107
108
109
110    /**
111     * Bind to the remote LDAP directory service using the DN of the
112     * user's entry in this directory server.
113     */
114    UNMAPPED("unmapped");
115
116
117
118    /** String representation of the value. */
119    private final String name;
120
121
122
123    /** Private constructor. */
124    private MappingPolicy(String name) { this.name = name; }
125
126
127
128    /** {@inheritDoc} */
129    public String toString() { return name; }
130
131  }
132
133
134
135  /** The "cached-password-storage-scheme" property definition. */
136  private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_CACHED_PASSWORD_STORAGE_SCHEME;
137
138
139
140  /** The "cached-password-ttl" property definition. */
141  private static final DurationPropertyDefinition PD_CACHED_PASSWORD_TTL;
142
143
144
145  /** The "connection-timeout" property definition. */
146  private static final DurationPropertyDefinition PD_CONNECTION_TIMEOUT;
147
148
149
150  /** The "java-class" property definition. */
151  private static final ClassPropertyDefinition PD_JAVA_CLASS;
152
153
154
155  /** The "mapped-attribute" property definition. */
156  private static final AttributeTypePropertyDefinition PD_MAPPED_ATTRIBUTE;
157
158
159
160  /** The "mapped-search-base-dn" property definition. */
161  private static final DNPropertyDefinition PD_MAPPED_SEARCH_BASE_DN;
162
163
164
165  /** The "mapped-search-bind-dn" property definition. */
166  private static final DNPropertyDefinition PD_MAPPED_SEARCH_BIND_DN;
167
168
169
170  /** The "mapped-search-bind-password" property definition. */
171  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD;
172
173
174
175  /** The "mapped-search-bind-password-environment-variable" property definition. */
176  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE;
177
178
179
180  /** The "mapped-search-bind-password-file" property definition. */
181  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_FILE;
182
183
184
185  /** The "mapped-search-bind-password-property" property definition. */
186  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY;
187
188
189
190  /** The "mapped-search-filter-template" property definition. */
191  private static final StringPropertyDefinition PD_MAPPED_SEARCH_FILTER_TEMPLATE;
192
193
194
195  /** The "mapping-policy" property definition. */
196  private static final EnumPropertyDefinition<MappingPolicy> PD_MAPPING_POLICY;
197
198
199
200  /** The "primary-remote-ldap-server" property definition. */
201  private static final StringPropertyDefinition PD_PRIMARY_REMOTE_LDAP_SERVER;
202
203
204
205  /** The "secondary-remote-ldap-server" property definition. */
206  private static final StringPropertyDefinition PD_SECONDARY_REMOTE_LDAP_SERVER;
207
208
209
210  /** The "source-address" property definition. */
211  private static final IPAddressPropertyDefinition PD_SOURCE_ADDRESS;
212
213
214
215  /** The "ssl-cipher-suite" property definition. */
216  private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE;
217
218
219
220  /** The "ssl-protocol" property definition. */
221  private static final StringPropertyDefinition PD_SSL_PROTOCOL;
222
223
224
225  /** The "trust-manager-provider" property definition. */
226  private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER;
227
228
229
230  /** The "use-password-caching" property definition. */
231  private static final BooleanPropertyDefinition PD_USE_PASSWORD_CACHING;
232
233
234
235  /** The "use-ssl" property definition. */
236  private static final BooleanPropertyDefinition PD_USE_SSL;
237
238
239
240  /** The "use-tcp-keep-alive" property definition. */
241  private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE;
242
243
244
245  /** The "use-tcp-no-delay" property definition. */
246  private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY;
247
248
249
250  /** Build the "cached-password-storage-scheme" property definition. */
251  static {
252      AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "cached-password-storage-scheme");
253      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-storage-scheme"));
254      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
255      builder.setParentPath("/");
256      builder.setRelationDefinition("password-storage-scheme");
257      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
258      PD_CACHED_PASSWORD_STORAGE_SCHEME = builder.getInstance();
259      INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_STORAGE_SCHEME);
260      INSTANCE.registerConstraint(PD_CACHED_PASSWORD_STORAGE_SCHEME.getSourceConstraint());
261  }
262
263
264
265  /** Build the "cached-password-ttl" property definition. */
266  static {
267      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "cached-password-ttl");
268      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-ttl"));
269      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("8 hours");
270      builder.setDefaultBehaviorProvider(provider);
271      builder.setBaseUnit("s");
272      PD_CACHED_PASSWORD_TTL = builder.getInstance();
273      INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_TTL);
274  }
275
276
277
278  /** Build the "connection-timeout" property definition. */
279  static {
280      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "connection-timeout");
281      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "connection-timeout"));
282      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("3 seconds");
283      builder.setDefaultBehaviorProvider(provider);
284      builder.setBaseUnit("ms");
285      builder.setLowerLimit("0");
286      PD_CONNECTION_TIMEOUT = builder.getInstance();
287      INSTANCE.registerPropertyDefinition(PD_CONNECTION_TIMEOUT);
288  }
289
290
291
292  /** Build the "java-class" property definition. */
293  static {
294      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
295      builder.setOption(PropertyOption.MANDATORY);
296      builder.setOption(PropertyOption.ADVANCED);
297      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
298      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.LDAPPassThroughAuthenticationPolicyFactory");
299      builder.setDefaultBehaviorProvider(provider);
300      builder.addInstanceOf("org.opends.server.api.AuthenticationPolicyFactory");
301      PD_JAVA_CLASS = builder.getInstance();
302      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
303  }
304
305
306
307  /** Build the "mapped-attribute" property definition. */
308  static {
309      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "mapped-attribute");
310      builder.setOption(PropertyOption.MULTI_VALUED);
311      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-attribute"));
312      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
313      PD_MAPPED_ATTRIBUTE = builder.getInstance();
314      INSTANCE.registerPropertyDefinition(PD_MAPPED_ATTRIBUTE);
315  }
316
317
318
319  /** Build the "mapped-search-base-dn" property definition. */
320  static {
321      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-base-dn");
322      builder.setOption(PropertyOption.MULTI_VALUED);
323      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-base-dn"));
324      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<DN>());
325      PD_MAPPED_SEARCH_BASE_DN = builder.getInstance();
326      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BASE_DN);
327  }
328
329
330
331  /** Build the "mapped-search-bind-dn" property definition. */
332  static {
333      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-dn");
334      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-dn"));
335      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "mapped-search-bind-dn"));
336      PD_MAPPED_SEARCH_BIND_DN = builder.getInstance();
337      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_DN);
338  }
339
340
341
342  /** Build the "mapped-search-bind-password" property definition. */
343  static {
344      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password");
345      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password"));
346      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
347      PD_MAPPED_SEARCH_BIND_PASSWORD = builder.getInstance();
348      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD);
349  }
350
351
352
353  /** Build the "mapped-search-bind-password-environment-variable" property definition. */
354  static {
355      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-environment-variable");
356      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-environment-variable"));
357      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
358      PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE = builder.getInstance();
359      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE);
360  }
361
362
363
364  /** Build the "mapped-search-bind-password-file" property definition. */
365  static {
366      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-file");
367      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-file"));
368      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
369      PD_MAPPED_SEARCH_BIND_PASSWORD_FILE = builder.getInstance();
370      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_FILE);
371  }
372
373
374
375  /** Build the "mapped-search-bind-password-property" property definition. */
376  static {
377      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-property");
378      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-property"));
379      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
380      PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY = builder.getInstance();
381      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY);
382  }
383
384
385
386  /** Build the "mapped-search-filter-template" property definition. */
387  static {
388      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-filter-template");
389      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-filter-template"));
390      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
391      PD_MAPPED_SEARCH_FILTER_TEMPLATE = builder.getInstance();
392      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_FILTER_TEMPLATE);
393  }
394
395
396
397  /** Build the "mapping-policy" property definition. */
398  static {
399      EnumPropertyDefinition.Builder<MappingPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "mapping-policy");
400      builder.setOption(PropertyOption.MANDATORY);
401      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapping-policy"));
402      DefaultBehaviorProvider<MappingPolicy> provider = new DefinedDefaultBehaviorProvider<MappingPolicy>("unmapped");
403      builder.setDefaultBehaviorProvider(provider);
404      builder.setEnumClass(MappingPolicy.class);
405      PD_MAPPING_POLICY = builder.getInstance();
406      INSTANCE.registerPropertyDefinition(PD_MAPPING_POLICY);
407  }
408
409
410
411  /** Build the "primary-remote-ldap-server" property definition. */
412  static {
413      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "primary-remote-ldap-server");
414      builder.setOption(PropertyOption.MULTI_VALUED);
415      builder.setOption(PropertyOption.MANDATORY);
416      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "primary-remote-ldap-server"));
417      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
418      builder.setPattern("^.+:[0-9]+$", "HOST:PORT");
419      PD_PRIMARY_REMOTE_LDAP_SERVER = builder.getInstance();
420      INSTANCE.registerPropertyDefinition(PD_PRIMARY_REMOTE_LDAP_SERVER);
421  }
422
423
424
425  /** Build the "secondary-remote-ldap-server" property definition. */
426  static {
427      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "secondary-remote-ldap-server");
428      builder.setOption(PropertyOption.MULTI_VALUED);
429      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "secondary-remote-ldap-server"));
430      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "secondary-remote-ldap-server"));
431      builder.setPattern("^.+:[0-9]+$", "HOST:PORT");
432      PD_SECONDARY_REMOTE_LDAP_SERVER = builder.getInstance();
433      INSTANCE.registerPropertyDefinition(PD_SECONDARY_REMOTE_LDAP_SERVER);
434  }
435
436
437
438  /** Build the "source-address" property definition. */
439  static {
440      IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "source-address");
441      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "source-address"));
442      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<InetAddress>(INSTANCE, "source-address"));
443      PD_SOURCE_ADDRESS = builder.getInstance();
444      INSTANCE.registerPropertyDefinition(PD_SOURCE_ADDRESS);
445  }
446
447
448
449  /** Build the "ssl-cipher-suite" property definition. */
450  static {
451      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite");
452      builder.setOption(PropertyOption.MULTI_VALUED);
453      builder.setOption(PropertyOption.ADVANCED);
454      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite"));
455      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite"));
456      PD_SSL_CIPHER_SUITE = builder.getInstance();
457      INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE);
458  }
459
460
461
462  /** Build the "ssl-protocol" property definition. */
463  static {
464      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol");
465      builder.setOption(PropertyOption.MULTI_VALUED);
466      builder.setOption(PropertyOption.ADVANCED);
467      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol"));
468      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol"));
469      PD_SSL_PROTOCOL = builder.getInstance();
470      INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL);
471  }
472
473
474
475  /** Build the "trust-manager-provider" property definition. */
476  static {
477      AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider");
478      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider"));
479      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "trust-manager-provider"));
480      builder.setParentPath("/");
481      builder.setRelationDefinition("trust-manager-provider");
482      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("use-ssl", "true")));
483      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
484      PD_TRUST_MANAGER_PROVIDER = builder.getInstance();
485      INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER);
486      INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint());
487  }
488
489
490
491  /** Build the "use-password-caching" property definition. */
492  static {
493      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-password-caching");
494      builder.setOption(PropertyOption.MANDATORY);
495      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-password-caching"));
496      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
497      builder.setDefaultBehaviorProvider(provider);
498      PD_USE_PASSWORD_CACHING = builder.getInstance();
499      INSTANCE.registerPropertyDefinition(PD_USE_PASSWORD_CACHING);
500  }
501
502
503
504  /** Build the "use-ssl" property definition. */
505  static {
506      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl");
507      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl"));
508      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
509      builder.setDefaultBehaviorProvider(provider);
510      PD_USE_SSL = builder.getInstance();
511      INSTANCE.registerPropertyDefinition(PD_USE_SSL);
512  }
513
514
515
516  /** Build the "use-tcp-keep-alive" property definition. */
517  static {
518      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive");
519      builder.setOption(PropertyOption.ADVANCED);
520      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive"));
521      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
522      builder.setDefaultBehaviorProvider(provider);
523      PD_USE_TCP_KEEP_ALIVE = builder.getInstance();
524      INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE);
525  }
526
527
528
529  /** Build the "use-tcp-no-delay" property definition. */
530  static {
531      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay");
532      builder.setOption(PropertyOption.ADVANCED);
533      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay"));
534      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
535      builder.setDefaultBehaviorProvider(provider);
536      PD_USE_TCP_NO_DELAY = builder.getInstance();
537      INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY);
538  }
539
540
541
542  // Register the tags associated with this managed object definition.
543  static {
544    INSTANCE.registerTag(Tag.valueOf("user-management"));
545  }
546
547
548
549  // Register the constraints associated with this managed object definition.
550  static {
551    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.or(Conditions.contains("mapping-policy", "mapped-bind"), Conditions.contains("mapping-policy", "mapped-search")), Conditions.isPresent("mapped-attribute"))));
552    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-base-dn"))));
553    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.and(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-bind-dn")), Conditions.or(Conditions.isPresent("mapped-search-bind-password"), Conditions.isPresent("mapped-search-bind-password-property"), Conditions.isPresent("mapped-search-bind-password-environment-variable"), Conditions.isPresent("mapped-search-bind-password-file")))));
554    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 4, Conditions.implies(Conditions.contains("use-password-caching", "true"), Conditions.isPresent("cached-password-storage-scheme"))));
555  }
556
557
558
559  /**
560   * Get the LDAP Pass Through Authentication Policy configuration
561   * definition singleton.
562   *
563   * @return Returns the LDAP Pass Through Authentication Policy
564   *         configuration definition singleton.
565   */
566  public static LDAPPassThroughAuthenticationPolicyCfgDefn getInstance() {
567    return INSTANCE;
568  }
569
570
571
572  /**
573   * Private constructor.
574   */
575  private LDAPPassThroughAuthenticationPolicyCfgDefn() {
576    super("ldap-pass-through-authentication-policy", AuthenticationPolicyCfgDefn.getInstance());
577  }
578
579
580
581  /** {@inheritDoc} */
582  public LDAPPassThroughAuthenticationPolicyCfgClient createClientConfiguration(
583      ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) {
584    return new LDAPPassThroughAuthenticationPolicyCfgClientImpl(impl);
585  }
586
587
588
589  /** {@inheritDoc} */
590  public LDAPPassThroughAuthenticationPolicyCfg createServerConfiguration(
591      ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) {
592    return new LDAPPassThroughAuthenticationPolicyCfgServerImpl(impl);
593  }
594
595
596
597  /** {@inheritDoc} */
598  public Class<LDAPPassThroughAuthenticationPolicyCfg> getServerConfigurationClass() {
599    return LDAPPassThroughAuthenticationPolicyCfg.class;
600  }
601
602
603
604  /**
605   * Get the "cached-password-storage-scheme" property definition.
606   * <p>
607   * Specifies the name of a password storage scheme which should be
608   * used for encoding cached passwords.
609   * <p>
610   * Changing the password storage scheme will cause all existing
611   * cached passwords to be discarded.
612   *
613   * @return Returns the "cached-password-storage-scheme" property definition.
614   */
615  public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getCachedPasswordStorageSchemePropertyDefinition() {
616    return PD_CACHED_PASSWORD_STORAGE_SCHEME;
617  }
618
619
620
621  /**
622   * Get the "cached-password-ttl" property definition.
623   * <p>
624   * Specifies the maximum length of time that a locally cached
625   * password may be used for authentication before it is refreshed
626   * from the remote LDAP service.
627   * <p>
628   * This property represents a cache timeout. Increasing the timeout
629   * period decreases the frequency that bind operations are delegated
630   * to the remote LDAP service, but increases the risk of users
631   * authenticating using stale passwords. Note that authentication
632   * attempts which fail because the provided password does not match
633   * the locally cached password will always be retried against the
634   * remote LDAP service.
635   *
636   * @return Returns the "cached-password-ttl" property definition.
637   */
638  public DurationPropertyDefinition getCachedPasswordTTLPropertyDefinition() {
639    return PD_CACHED_PASSWORD_TTL;
640  }
641
642
643
644  /**
645   * Get the "connection-timeout" property definition.
646   * <p>
647   * Specifies the timeout used when connecting to remote LDAP
648   * directory servers, performing SSL negotiation, and for individual
649   * search and bind requests.
650   * <p>
651   * If the timeout expires then the current operation will be aborted
652   * and retried against another LDAP server if one is available.
653   *
654   * @return Returns the "connection-timeout" property definition.
655   */
656  public DurationPropertyDefinition getConnectionTimeoutPropertyDefinition() {
657    return PD_CONNECTION_TIMEOUT;
658  }
659
660
661
662  /**
663   * Get the "java-class" property definition.
664   * <p>
665   * Specifies the fully-qualified name of the Java class which
666   * provides the LDAP Pass Through Authentication Policy
667   * implementation.
668   *
669   * @return Returns the "java-class" property definition.
670   */
671  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
672    return PD_JAVA_CLASS;
673  }
674
675
676
677  /**
678   * Get the "mapped-attribute" property definition.
679   * <p>
680   * Specifies one or more attributes in the user's entry whose
681   * value(s) will determine the bind DN used when authenticating to
682   * the remote LDAP directory service. This property is mandatory when
683   * using the "mapped-bind" or "mapped-search" mapping policies.
684   * <p>
685   * At least one value must be provided. All values must refer to the
686   * name or OID of an attribute type defined in the directory server
687   * schema. At least one of the named attributes must exist in a
688   * user's local entry in order for authentication to proceed. When
689   * multiple attributes or values are found in the user's entry then
690   * the behavior is determined by the mapping policy.
691   *
692   * @return Returns the "mapped-attribute" property definition.
693   */
694  public AttributeTypePropertyDefinition getMappedAttributePropertyDefinition() {
695    return PD_MAPPED_ATTRIBUTE;
696  }
697
698
699
700  /**
701   * Get the "mapped-search-base-dn" property definition.
702   * <p>
703   * Specifies the set of base DNs below which to search for users in
704   * the remote LDAP directory service. This property is mandatory when
705   * using the "mapped-search" mapping policy.
706   * <p>
707   * If multiple values are given, searches are performed below all
708   * specified base DNs.
709   *
710   * @return Returns the "mapped-search-base-dn" property definition.
711   */
712  public DNPropertyDefinition getMappedSearchBaseDNPropertyDefinition() {
713    return PD_MAPPED_SEARCH_BASE_DN;
714  }
715
716
717
718  /**
719   * Get the "mapped-search-bind-dn" property definition.
720   * <p>
721   * Specifies the bind DN which should be used to perform user
722   * searches in the remote LDAP directory service.
723   *
724   * @return Returns the "mapped-search-bind-dn" property definition.
725   */
726  public DNPropertyDefinition getMappedSearchBindDNPropertyDefinition() {
727    return PD_MAPPED_SEARCH_BIND_DN;
728  }
729
730
731
732  /**
733   * Get the "mapped-search-bind-password" property definition.
734   * <p>
735   * Specifies the bind password which should be used to perform user
736   * searches in the remote LDAP directory service.
737   *
738   * @return Returns the "mapped-search-bind-password" property definition.
739   */
740  public StringPropertyDefinition getMappedSearchBindPasswordPropertyDefinition() {
741    return PD_MAPPED_SEARCH_BIND_PASSWORD;
742  }
743
744
745
746  /**
747   * Get the "mapped-search-bind-password-environment-variable" property definition.
748   * <p>
749   * Specifies the name of an environment variable containing the bind
750   * password which should be used to perform user searches in the
751   * remote LDAP directory service.
752   *
753   * @return Returns the "mapped-search-bind-password-environment-variable" property definition.
754   */
755  public StringPropertyDefinition getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition() {
756    return PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE;
757  }
758
759
760
761  /**
762   * Get the "mapped-search-bind-password-file" property definition.
763   * <p>
764   * Specifies the name of a file containing the bind password which
765   * should be used to perform user searches in the remote LDAP
766   * directory service.
767   *
768   * @return Returns the "mapped-search-bind-password-file" property definition.
769   */
770  public StringPropertyDefinition getMappedSearchBindPasswordFilePropertyDefinition() {
771    return PD_MAPPED_SEARCH_BIND_PASSWORD_FILE;
772  }
773
774
775
776  /**
777   * Get the "mapped-search-bind-password-property" property definition.
778   * <p>
779   * Specifies the name of a Java property containing the bind
780   * password which should be used to perform user searches in the
781   * remote LDAP directory service.
782   *
783   * @return Returns the "mapped-search-bind-password-property" property definition.
784   */
785  public StringPropertyDefinition getMappedSearchBindPasswordPropertyPropertyDefinition() {
786    return PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY;
787  }
788
789
790
791  /**
792   * Get the "mapped-search-filter-template" property definition.
793   * <p>
794   * If defined, overrides the filter used when searching for the
795   * user, substituting %s with the value of the local entry's
796   * "mapped-attribute".
797   * <p>
798   * The filter-template may include ZERO or ONE %s substitutions. If
799   * multiple mapped-attributes are configured, multiple renditions of
800   * this template will be aggregated into one larger filter using an
801   * OR (|) operator. An example use-case for this property would be to
802   * use a different attribute type on the mapped search. For example,
803   * mapped-attribute could be set to "uid" and filter-template to
804   * "(samAccountName=%s)".
805   *
806   * @return Returns the "mapped-search-filter-template" property definition.
807   */
808  public StringPropertyDefinition getMappedSearchFilterTemplatePropertyDefinition() {
809    return PD_MAPPED_SEARCH_FILTER_TEMPLATE;
810  }
811
812
813
814  /**
815   * Get the "mapping-policy" property definition.
816   * <p>
817   * Specifies the mapping algorithm for obtaining the bind DN from
818   * the user's entry.
819   *
820   * @return Returns the "mapping-policy" property definition.
821   */
822  public EnumPropertyDefinition<MappingPolicy> getMappingPolicyPropertyDefinition() {
823    return PD_MAPPING_POLICY;
824  }
825
826
827
828  /**
829   * Get the "primary-remote-ldap-server" property definition.
830   * <p>
831   * Specifies the primary list of remote LDAP servers which should be
832   * used for pass through authentication.
833   * <p>
834   * If more than one LDAP server is specified then operations may be
835   * distributed across them. If all of the primary LDAP servers are
836   * unavailable then operations will fail-over to the set of secondary
837   * LDAP servers, if defined.
838   *
839   * @return Returns the "primary-remote-ldap-server" property definition.
840   */
841  public StringPropertyDefinition getPrimaryRemoteLDAPServerPropertyDefinition() {
842    return PD_PRIMARY_REMOTE_LDAP_SERVER;
843  }
844
845
846
847  /**
848   * Get the "secondary-remote-ldap-server" property definition.
849   * <p>
850   * Specifies the secondary list of remote LDAP servers which should
851   * be used for pass through authentication in the event that the
852   * primary LDAP servers are unavailable.
853   * <p>
854   * If more than one LDAP server is specified then operations may be
855   * distributed across them. Operations will be rerouted to the
856   * primary LDAP servers as soon as they are determined to be
857   * available.
858   *
859   * @return Returns the "secondary-remote-ldap-server" property definition.
860   */
861  public StringPropertyDefinition getSecondaryRemoteLDAPServerPropertyDefinition() {
862    return PD_SECONDARY_REMOTE_LDAP_SERVER;
863  }
864
865
866
867  /**
868   * Get the "source-address" property definition.
869   * <p>
870   * If specified, the server will bind to the address before
871   * connecting to the remote server.
872   * <p>
873   * The address must be one assigned to an existing network
874   * interface.
875   *
876   * @return Returns the "source-address" property definition.
877   */
878  public IPAddressPropertyDefinition getSourceAddressPropertyDefinition() {
879    return PD_SOURCE_ADDRESS;
880  }
881
882
883
884  /**
885   * Get the "ssl-cipher-suite" property definition.
886   * <p>
887   * Specifies the names of the SSL cipher suites that are allowed for
888   * use in SSL based LDAP connections.
889   *
890   * @return Returns the "ssl-cipher-suite" property definition.
891   */
892  public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() {
893    return PD_SSL_CIPHER_SUITE;
894  }
895
896
897
898  /**
899   * Get the "ssl-protocol" property definition.
900   * <p>
901   * Specifies the names of the SSL protocols which are allowed for
902   * use in SSL based LDAP connections.
903   *
904   * @return Returns the "ssl-protocol" property definition.
905   */
906  public StringPropertyDefinition getSSLProtocolPropertyDefinition() {
907    return PD_SSL_PROTOCOL;
908  }
909
910
911
912  /**
913   * Get the "trust-manager-provider" property definition.
914   * <p>
915   * Specifies the name of the trust manager that should be used when
916   * negotiating SSL connections with remote LDAP directory servers.
917   *
918   * @return Returns the "trust-manager-provider" property definition.
919   */
920  public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() {
921    return PD_TRUST_MANAGER_PROVIDER;
922  }
923
924
925
926  /**
927   * Get the "use-password-caching" property definition.
928   * <p>
929   * Indicates whether passwords should be cached locally within the
930   * user's entry.
931   *
932   * @return Returns the "use-password-caching" property definition.
933   */
934  public BooleanPropertyDefinition getUsePasswordCachingPropertyDefinition() {
935    return PD_USE_PASSWORD_CACHING;
936  }
937
938
939
940  /**
941   * Get the "use-ssl" property definition.
942   * <p>
943   * Indicates whether the LDAP Pass Through Authentication Policy
944   * should use SSL.
945   * <p>
946   * If enabled, the LDAP Pass Through Authentication Policy will use
947   * SSL to encrypt communication with the clients.
948   *
949   * @return Returns the "use-ssl" property definition.
950   */
951  public BooleanPropertyDefinition getUseSSLPropertyDefinition() {
952    return PD_USE_SSL;
953  }
954
955
956
957  /**
958   * Get the "use-tcp-keep-alive" property definition.
959   * <p>
960   * Indicates whether LDAP connections should use TCP keep-alive.
961   * <p>
962   * If enabled, the SO_KEEPALIVE socket option is used to indicate
963   * that TCP keepalive messages should periodically be sent to the
964   * client to verify that the associated connection is still valid.
965   * This may also help prevent cases in which intermediate network
966   * hardware could silently drop an otherwise idle client connection,
967   * provided that the keepalive interval configured in the underlying
968   * operating system is smaller than the timeout enforced by the
969   * network hardware.
970   *
971   * @return Returns the "use-tcp-keep-alive" property definition.
972   */
973  public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() {
974    return PD_USE_TCP_KEEP_ALIVE;
975  }
976
977
978
979  /**
980   * Get the "use-tcp-no-delay" property definition.
981   * <p>
982   * Indicates whether LDAP connections should use TCP no-delay.
983   * <p>
984   * If enabled, the TCP_NODELAY socket option is used to ensure that
985   * response messages to the client are sent immediately rather than
986   * potentially waiting to determine whether additional response
987   * messages can be sent in the same packet. In most cases, using the
988   * TCP_NODELAY socket option provides better performance and lower
989   * response times, but disabling it may help for some cases in which
990   * the server sends a large number of entries to a client in response
991   * to a search request.
992   *
993   * @return Returns the "use-tcp-no-delay" property definition.
994   */
995  public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() {
996    return PD_USE_TCP_NO_DELAY;
997  }
998
999
1000
1001  /**
1002   * Managed object client implementation.
1003   */
1004  private static class LDAPPassThroughAuthenticationPolicyCfgClientImpl implements
1005    LDAPPassThroughAuthenticationPolicyCfgClient {
1006
1007    /** Private implementation. */
1008    private ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl;
1009
1010
1011
1012    /** Private constructor. */
1013    private LDAPPassThroughAuthenticationPolicyCfgClientImpl(
1014        ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) {
1015      this.impl = impl;
1016    }
1017
1018
1019
1020    /** {@inheritDoc} */
1021    public String getCachedPasswordStorageScheme() {
1022      return impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition());
1023    }
1024
1025
1026
1027    /** {@inheritDoc} */
1028    public void setCachedPasswordStorageScheme(String value) {
1029      impl.setPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition(), value);
1030    }
1031
1032
1033
1034    /** {@inheritDoc} */
1035    public long getCachedPasswordTTL() {
1036      return impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition());
1037    }
1038
1039
1040
1041    /** {@inheritDoc} */
1042    public void setCachedPasswordTTL(Long value) {
1043      impl.setPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition(), value);
1044    }
1045
1046
1047
1048    /** {@inheritDoc} */
1049    public long getConnectionTimeout() {
1050      return impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition());
1051    }
1052
1053
1054
1055    /** {@inheritDoc} */
1056    public void setConnectionTimeout(Long value) {
1057      impl.setPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition(), value);
1058    }
1059
1060
1061
1062    /** {@inheritDoc} */
1063    public String getJavaClass() {
1064      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1065    }
1066
1067
1068
1069    /** {@inheritDoc} */
1070    public void setJavaClass(String value) {
1071      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
1072    }
1073
1074
1075
1076    /** {@inheritDoc} */
1077    public SortedSet<AttributeType> getMappedAttribute() {
1078      return impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition());
1079    }
1080
1081
1082
1083    /** {@inheritDoc} */
1084    public void setMappedAttribute(Collection<AttributeType> values) {
1085      impl.setPropertyValues(INSTANCE.getMappedAttributePropertyDefinition(), values);
1086    }
1087
1088
1089
1090    /** {@inheritDoc} */
1091    public SortedSet<DN> getMappedSearchBaseDN() {
1092      return impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition());
1093    }
1094
1095
1096
1097    /** {@inheritDoc} */
1098    public void setMappedSearchBaseDN(Collection<DN> values) {
1099      impl.setPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition(), values);
1100    }
1101
1102
1103
1104    /** {@inheritDoc} */
1105    public DN getMappedSearchBindDN() {
1106      return impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition());
1107    }
1108
1109
1110
1111    /** {@inheritDoc} */
1112    public void setMappedSearchBindDN(DN value) {
1113      impl.setPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition(), value);
1114    }
1115
1116
1117
1118    /** {@inheritDoc} */
1119    public String getMappedSearchBindPassword() {
1120      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition());
1121    }
1122
1123
1124
1125    /** {@inheritDoc} */
1126    public void setMappedSearchBindPassword(String value) {
1127      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition(), value);
1128    }
1129
1130
1131
1132    /** {@inheritDoc} */
1133    public String getMappedSearchBindPasswordEnvironmentVariable() {
1134      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition());
1135    }
1136
1137
1138
1139    /** {@inheritDoc} */
1140    public void setMappedSearchBindPasswordEnvironmentVariable(String value) {
1141      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition(), value);
1142    }
1143
1144
1145
1146    /** {@inheritDoc} */
1147    public String getMappedSearchBindPasswordFile() {
1148      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition());
1149    }
1150
1151
1152
1153    /** {@inheritDoc} */
1154    public void setMappedSearchBindPasswordFile(String value) {
1155      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition(), value);
1156    }
1157
1158
1159
1160    /** {@inheritDoc} */
1161    public String getMappedSearchBindPasswordProperty() {
1162      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition());
1163    }
1164
1165
1166
1167    /** {@inheritDoc} */
1168    public void setMappedSearchBindPasswordProperty(String value) {
1169      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition(), value);
1170    }
1171
1172
1173
1174    /** {@inheritDoc} */
1175    public String getMappedSearchFilterTemplate() {
1176      return impl.getPropertyValue(INSTANCE.getMappedSearchFilterTemplatePropertyDefinition());
1177    }
1178
1179
1180
1181    /** {@inheritDoc} */
1182    public void setMappedSearchFilterTemplate(String value) {
1183      impl.setPropertyValue(INSTANCE.getMappedSearchFilterTemplatePropertyDefinition(), value);
1184    }
1185
1186
1187
1188    /** {@inheritDoc} */
1189    public MappingPolicy getMappingPolicy() {
1190      return impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition());
1191    }
1192
1193
1194
1195    /** {@inheritDoc} */
1196    public void setMappingPolicy(MappingPolicy value) {
1197      impl.setPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition(), value);
1198    }
1199
1200
1201
1202    /** {@inheritDoc} */
1203    public SortedSet<String> getPrimaryRemoteLDAPServer() {
1204      return impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition());
1205    }
1206
1207
1208
1209    /** {@inheritDoc} */
1210    public void setPrimaryRemoteLDAPServer(Collection<String> values) {
1211      impl.setPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition(), values);
1212    }
1213
1214
1215
1216    /** {@inheritDoc} */
1217    public SortedSet<String> getSecondaryRemoteLDAPServer() {
1218      return impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition());
1219    }
1220
1221
1222
1223    /** {@inheritDoc} */
1224    public void setSecondaryRemoteLDAPServer(Collection<String> values) {
1225      impl.setPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition(), values);
1226    }
1227
1228
1229
1230    /** {@inheritDoc} */
1231    public InetAddress getSourceAddress() {
1232      return impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition());
1233    }
1234
1235
1236
1237    /** {@inheritDoc} */
1238    public void setSourceAddress(InetAddress value) {
1239      impl.setPropertyValue(INSTANCE.getSourceAddressPropertyDefinition(), value);
1240    }
1241
1242
1243
1244    /** {@inheritDoc} */
1245    public SortedSet<String> getSSLCipherSuite() {
1246      return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1247    }
1248
1249
1250
1251    /** {@inheritDoc} */
1252    public void setSSLCipherSuite(Collection<String> values) {
1253      impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values);
1254    }
1255
1256
1257
1258    /** {@inheritDoc} */
1259    public SortedSet<String> getSSLProtocol() {
1260      return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1261    }
1262
1263
1264
1265    /** {@inheritDoc} */
1266    public void setSSLProtocol(Collection<String> values) {
1267      impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values);
1268    }
1269
1270
1271
1272    /** {@inheritDoc} */
1273    public String getTrustManagerProvider() {
1274      return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1275    }
1276
1277
1278
1279    /** {@inheritDoc} */
1280    public void setTrustManagerProvider(String value) {
1281      impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value);
1282    }
1283
1284
1285
1286    /** {@inheritDoc} */
1287    public boolean isUsePasswordCaching() {
1288      return impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition());
1289    }
1290
1291
1292
1293    /** {@inheritDoc} */
1294    public void setUsePasswordCaching(boolean value) {
1295      impl.setPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition(), value);
1296    }
1297
1298
1299
1300    /** {@inheritDoc} */
1301    public boolean isUseSSL() {
1302      return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1303    }
1304
1305
1306
1307    /** {@inheritDoc} */
1308    public void setUseSSL(Boolean value) {
1309      impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value);
1310    }
1311
1312
1313
1314    /** {@inheritDoc} */
1315    public boolean isUseTCPKeepAlive() {
1316      return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1317    }
1318
1319
1320
1321    /** {@inheritDoc} */
1322    public void setUseTCPKeepAlive(Boolean value) {
1323      impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value);
1324    }
1325
1326
1327
1328    /** {@inheritDoc} */
1329    public boolean isUseTCPNoDelay() {
1330      return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1331    }
1332
1333
1334
1335    /** {@inheritDoc} */
1336    public void setUseTCPNoDelay(Boolean value) {
1337      impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value);
1338    }
1339
1340
1341
1342    /** {@inheritDoc} */
1343    public ManagedObjectDefinition<? extends LDAPPassThroughAuthenticationPolicyCfgClient, ? extends LDAPPassThroughAuthenticationPolicyCfg> definition() {
1344      return INSTANCE;
1345    }
1346
1347
1348
1349    /** {@inheritDoc} */
1350    public PropertyProvider properties() {
1351      return impl;
1352    }
1353
1354
1355
1356    /** {@inheritDoc} */
1357    public void commit() throws ManagedObjectAlreadyExistsException,
1358        MissingMandatoryPropertiesException, ConcurrentModificationException,
1359        OperationRejectedException, LdapException {
1360      impl.commit();
1361    }
1362
1363
1364
1365    /** {@inheritDoc} */
1366    public String toString() {
1367      return impl.toString();
1368    }
1369  }
1370
1371
1372
1373  /**
1374   * Managed object server implementation.
1375   */
1376  private static class LDAPPassThroughAuthenticationPolicyCfgServerImpl implements
1377    LDAPPassThroughAuthenticationPolicyCfg {
1378
1379    /** Private implementation. */
1380    private ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl;
1381
1382    /** The value of the "cached-password-storage-scheme" property. */
1383    private final String pCachedPasswordStorageScheme;
1384
1385    /** The value of the "cached-password-ttl" property. */
1386    private final long pCachedPasswordTTL;
1387
1388    /** The value of the "connection-timeout" property. */
1389    private final long pConnectionTimeout;
1390
1391    /** The value of the "java-class" property. */
1392    private final String pJavaClass;
1393
1394    /** The value of the "mapped-attribute" property. */
1395    private final SortedSet<AttributeType> pMappedAttribute;
1396
1397    /** The value of the "mapped-search-base-dn" property. */
1398    private final SortedSet<DN> pMappedSearchBaseDN;
1399
1400    /** The value of the "mapped-search-bind-dn" property. */
1401    private final DN pMappedSearchBindDN;
1402
1403    /** The value of the "mapped-search-bind-password" property. */
1404    private final String pMappedSearchBindPassword;
1405
1406    /** The value of the "mapped-search-bind-password-environment-variable" property. */
1407    private final String pMappedSearchBindPasswordEnvironmentVariable;
1408
1409    /** The value of the "mapped-search-bind-password-file" property. */
1410    private final String pMappedSearchBindPasswordFile;
1411
1412    /** The value of the "mapped-search-bind-password-property" property. */
1413    private final String pMappedSearchBindPasswordProperty;
1414
1415    /** The value of the "mapped-search-filter-template" property. */
1416    private final String pMappedSearchFilterTemplate;
1417
1418    /** The value of the "mapping-policy" property. */
1419    private final MappingPolicy pMappingPolicy;
1420
1421    /** The value of the "primary-remote-ldap-server" property. */
1422    private final SortedSet<String> pPrimaryRemoteLDAPServer;
1423
1424    /** The value of the "secondary-remote-ldap-server" property. */
1425    private final SortedSet<String> pSecondaryRemoteLDAPServer;
1426
1427    /** The value of the "source-address" property. */
1428    private final InetAddress pSourceAddress;
1429
1430    /** The value of the "ssl-cipher-suite" property. */
1431    private final SortedSet<String> pSSLCipherSuite;
1432
1433    /** The value of the "ssl-protocol" property. */
1434    private final SortedSet<String> pSSLProtocol;
1435
1436    /** The value of the "trust-manager-provider" property. */
1437    private final String pTrustManagerProvider;
1438
1439    /** The value of the "use-password-caching" property. */
1440    private final boolean pUsePasswordCaching;
1441
1442    /** The value of the "use-ssl" property. */
1443    private final boolean pUseSSL;
1444
1445    /** The value of the "use-tcp-keep-alive" property. */
1446    private final boolean pUseTCPKeepAlive;
1447
1448    /** The value of the "use-tcp-no-delay" property. */
1449    private final boolean pUseTCPNoDelay;
1450
1451
1452
1453    /** Private constructor. */
1454    private LDAPPassThroughAuthenticationPolicyCfgServerImpl(ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) {
1455      this.impl = impl;
1456      this.pCachedPasswordStorageScheme = impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition());
1457      this.pCachedPasswordTTL = impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition());
1458      this.pConnectionTimeout = impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition());
1459      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1460      this.pMappedAttribute = impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition());
1461      this.pMappedSearchBaseDN = impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition());
1462      this.pMappedSearchBindDN = impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition());
1463      this.pMappedSearchBindPassword = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition());
1464      this.pMappedSearchBindPasswordEnvironmentVariable = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition());
1465      this.pMappedSearchBindPasswordFile = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition());
1466      this.pMappedSearchBindPasswordProperty = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition());
1467      this.pMappedSearchFilterTemplate = impl.getPropertyValue(INSTANCE.getMappedSearchFilterTemplatePropertyDefinition());
1468      this.pMappingPolicy = impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition());
1469      this.pPrimaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition());
1470      this.pSecondaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition());
1471      this.pSourceAddress = impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition());
1472      this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1473      this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1474      this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1475      this.pUsePasswordCaching = impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition());
1476      this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1477      this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1478      this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1479    }
1480
1481
1482
1483    /** {@inheritDoc} */
1484    public void addLDAPPassThroughChangeListener(
1485        ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) {
1486      impl.registerChangeListener(listener);
1487    }
1488
1489
1490
1491    /** {@inheritDoc} */
1492    public void removeLDAPPassThroughChangeListener(
1493        ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) {
1494      impl.deregisterChangeListener(listener);
1495    }
1496    /** {@inheritDoc} */
1497    public void addChangeListener(
1498        ConfigurationChangeListener<AuthenticationPolicyCfg> listener) {
1499      impl.registerChangeListener(listener);
1500    }
1501
1502
1503
1504    /** {@inheritDoc} */
1505    public void removeChangeListener(
1506        ConfigurationChangeListener<AuthenticationPolicyCfg> listener) {
1507      impl.deregisterChangeListener(listener);
1508    }
1509
1510
1511
1512    /** {@inheritDoc} */
1513    public String getCachedPasswordStorageScheme() {
1514      return pCachedPasswordStorageScheme;
1515    }
1516
1517
1518
1519    /**
1520     * {@inheritDoc}
1521     */
1522    public DN getCachedPasswordStorageSchemeDN() {
1523      String value = getCachedPasswordStorageScheme();
1524      if (value == null) return null;
1525      return INSTANCE.getCachedPasswordStorageSchemePropertyDefinition().getChildDN(value);
1526    }
1527
1528
1529
1530    /** {@inheritDoc} */
1531    public long getCachedPasswordTTL() {
1532      return pCachedPasswordTTL;
1533    }
1534
1535
1536
1537    /** {@inheritDoc} */
1538    public long getConnectionTimeout() {
1539      return pConnectionTimeout;
1540    }
1541
1542
1543
1544    /** {@inheritDoc} */
1545    public String getJavaClass() {
1546      return pJavaClass;
1547    }
1548
1549
1550
1551    /** {@inheritDoc} */
1552    public SortedSet<AttributeType> getMappedAttribute() {
1553      return pMappedAttribute;
1554    }
1555
1556
1557
1558    /** {@inheritDoc} */
1559    public SortedSet<DN> getMappedSearchBaseDN() {
1560      return pMappedSearchBaseDN;
1561    }
1562
1563
1564
1565    /** {@inheritDoc} */
1566    public DN getMappedSearchBindDN() {
1567      return pMappedSearchBindDN;
1568    }
1569
1570
1571
1572    /** {@inheritDoc} */
1573    public String getMappedSearchBindPassword() {
1574      return pMappedSearchBindPassword;
1575    }
1576
1577
1578
1579    /** {@inheritDoc} */
1580    public String getMappedSearchBindPasswordEnvironmentVariable() {
1581      return pMappedSearchBindPasswordEnvironmentVariable;
1582    }
1583
1584
1585
1586    /** {@inheritDoc} */
1587    public String getMappedSearchBindPasswordFile() {
1588      return pMappedSearchBindPasswordFile;
1589    }
1590
1591
1592
1593    /** {@inheritDoc} */
1594    public String getMappedSearchBindPasswordProperty() {
1595      return pMappedSearchBindPasswordProperty;
1596    }
1597
1598
1599
1600    /** {@inheritDoc} */
1601    public String getMappedSearchFilterTemplate() {
1602      return pMappedSearchFilterTemplate;
1603    }
1604
1605
1606
1607    /** {@inheritDoc} */
1608    public MappingPolicy getMappingPolicy() {
1609      return pMappingPolicy;
1610    }
1611
1612
1613
1614    /** {@inheritDoc} */
1615    public SortedSet<String> getPrimaryRemoteLDAPServer() {
1616      return pPrimaryRemoteLDAPServer;
1617    }
1618
1619
1620
1621    /** {@inheritDoc} */
1622    public SortedSet<String> getSecondaryRemoteLDAPServer() {
1623      return pSecondaryRemoteLDAPServer;
1624    }
1625
1626
1627
1628    /** {@inheritDoc} */
1629    public InetAddress getSourceAddress() {
1630      return pSourceAddress;
1631    }
1632
1633
1634
1635    /** {@inheritDoc} */
1636    public SortedSet<String> getSSLCipherSuite() {
1637      return pSSLCipherSuite;
1638    }
1639
1640
1641
1642    /** {@inheritDoc} */
1643    public SortedSet<String> getSSLProtocol() {
1644      return pSSLProtocol;
1645    }
1646
1647
1648
1649    /** {@inheritDoc} */
1650    public String getTrustManagerProvider() {
1651      return pTrustManagerProvider;
1652    }
1653
1654
1655
1656    /**
1657     * {@inheritDoc}
1658     */
1659    public DN getTrustManagerProviderDN() {
1660      String value = getTrustManagerProvider();
1661      if (value == null) return null;
1662      return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value);
1663    }
1664
1665
1666
1667    /** {@inheritDoc} */
1668    public boolean isUsePasswordCaching() {
1669      return pUsePasswordCaching;
1670    }
1671
1672
1673
1674    /** {@inheritDoc} */
1675    public boolean isUseSSL() {
1676      return pUseSSL;
1677    }
1678
1679
1680
1681    /** {@inheritDoc} */
1682    public boolean isUseTCPKeepAlive() {
1683      return pUseTCPKeepAlive;
1684    }
1685
1686
1687
1688    /** {@inheritDoc} */
1689    public boolean isUseTCPNoDelay() {
1690      return pUseTCPNoDelay;
1691    }
1692
1693
1694
1695    /** {@inheritDoc} */
1696    public Class<? extends LDAPPassThroughAuthenticationPolicyCfg> configurationClass() {
1697      return LDAPPassThroughAuthenticationPolicyCfg.class;
1698    }
1699
1700
1701
1702    /** {@inheritDoc} */
1703    public DN dn() {
1704      return impl.getDN();
1705    }
1706
1707
1708
1709    /** {@inheritDoc} */
1710    public String toString() {
1711      return impl.toString();
1712    }
1713  }
1714}