001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.meta; 027 028 029 030import java.net.InetAddress; 031import java.util.Collection; 032import java.util.SortedSet; 033import org.forgerock.opendj.ldap.AddressMask; 034import org.opends.server.admin.AdministratorAction; 035import org.opends.server.admin.AggregationPropertyDefinition; 036import org.opends.server.admin.AliasDefaultBehaviorProvider; 037import org.opends.server.admin.BooleanPropertyDefinition; 038import org.opends.server.admin.ClassPropertyDefinition; 039import org.opends.server.admin.client.AuthorizationException; 040import org.opends.server.admin.client.CommunicationException; 041import org.opends.server.admin.client.ConcurrentModificationException; 042import org.opends.server.admin.client.ManagedObject; 043import org.opends.server.admin.client.MissingMandatoryPropertiesException; 044import org.opends.server.admin.client.OperationRejectedException; 045import org.opends.server.admin.condition.Conditions; 046import org.opends.server.admin.DefaultBehaviorProvider; 047import org.opends.server.admin.DefinedDefaultBehaviorProvider; 048import org.opends.server.admin.DurationPropertyDefinition; 049import org.opends.server.admin.EnumPropertyDefinition; 050import org.opends.server.admin.GenericConstraint; 051import org.opends.server.admin.IntegerPropertyDefinition; 052import org.opends.server.admin.IPAddressMaskPropertyDefinition; 053import org.opends.server.admin.IPAddressPropertyDefinition; 054import org.opends.server.admin.ManagedObjectAlreadyExistsException; 055import org.opends.server.admin.ManagedObjectDefinition; 056import org.opends.server.admin.PropertyOption; 057import org.opends.server.admin.PropertyProvider; 058import org.opends.server.admin.server.ConfigurationChangeListener; 059import org.opends.server.admin.server.ServerManagedObject; 060import org.opends.server.admin.SizePropertyDefinition; 061import org.opends.server.admin.std.client.KeyManagerProviderCfgClient; 062import org.opends.server.admin.std.client.LDAPConnectionHandlerCfgClient; 063import org.opends.server.admin.std.client.TrustManagerProviderCfgClient; 064import org.opends.server.admin.std.server.ConnectionHandlerCfg; 065import org.opends.server.admin.std.server.KeyManagerProviderCfg; 066import org.opends.server.admin.std.server.LDAPConnectionHandlerCfg; 067import org.opends.server.admin.std.server.TrustManagerProviderCfg; 068import org.opends.server.admin.StringPropertyDefinition; 069import org.opends.server.admin.Tag; 070import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 071import org.opends.server.types.DN; 072 073 074 075/** 076 * An interface for querying the LDAP Connection Handler managed 077 * object definition meta information. 078 * <p> 079 * The LDAP Connection Handler is used to interact with clients using 080 * LDAP. 081 */ 082public final class LDAPConnectionHandlerCfgDefn extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient, LDAPConnectionHandlerCfg> { 083 084 // The singleton configuration definition instance. 085 private static final LDAPConnectionHandlerCfgDefn INSTANCE = new LDAPConnectionHandlerCfgDefn(); 086 087 088 089 /** 090 * Defines the set of permissable values for the "ssl-client-auth-policy" property. 091 * <p> 092 * Specifies the policy that the LDAP Connection Handler should use 093 * regarding client SSL certificates. Clients can use the SASL 094 * EXTERNAL mechanism only if the policy is set to "optional" or 095 * "required". 096 * <p> 097 * This is only applicable if clients are allowed to use SSL. 098 */ 099 public static enum SSLClientAuthPolicy { 100 101 /** 102 * Clients must not provide their own certificates when performing 103 * SSL negotiation. 104 */ 105 DISABLED("disabled"), 106 107 108 109 /** 110 * Clients are requested to provide their own certificates when 111 * performing SSL negotiation. The connection is nevertheless 112 * accepted if the client does not provide a certificate. 113 */ 114 OPTIONAL("optional"), 115 116 117 118 /** 119 * Clients are required to provide their own certificates when 120 * performing SSL negotiation and are refused access if they do not 121 * provide a certificate. 122 */ 123 REQUIRED("required"); 124 125 126 127 // String representation of the value. 128 private final String name; 129 130 131 132 // Private constructor. 133 private SSLClientAuthPolicy(String name) { this.name = name; } 134 135 136 137 /** 138 * {@inheritDoc} 139 */ 140 public String toString() { return name; } 141 142 } 143 144 145 146 // The "accept-backlog" property definition. 147 private static final IntegerPropertyDefinition PD_ACCEPT_BACKLOG; 148 149 150 151 // The "allow-ldap-v2" property definition. 152 private static final BooleanPropertyDefinition PD_ALLOW_LDAP_V2; 153 154 155 156 // The "allow-start-tls" property definition. 157 private static final BooleanPropertyDefinition PD_ALLOW_START_TLS; 158 159 160 161 // The "allow-tcp-reuse-address" property definition. 162 private static final BooleanPropertyDefinition PD_ALLOW_TCP_REUSE_ADDRESS; 163 164 165 166 // The "buffer-size" property definition. 167 private static final SizePropertyDefinition PD_BUFFER_SIZE; 168 169 170 171 // The "java-class" property definition. 172 private static final ClassPropertyDefinition PD_JAVA_CLASS; 173 174 175 176 // The "keep-stats" property definition. 177 private static final BooleanPropertyDefinition PD_KEEP_STATS; 178 179 180 181 // The "key-manager-provider" property definition. 182 private static final AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> PD_KEY_MANAGER_PROVIDER; 183 184 185 186 // The "listen-address" property definition. 187 private static final IPAddressPropertyDefinition PD_LISTEN_ADDRESS; 188 189 190 191 // The "listen-port" property definition. 192 private static final IntegerPropertyDefinition PD_LISTEN_PORT; 193 194 195 196 // The "max-blocked-write-time-limit" property definition. 197 private static final DurationPropertyDefinition PD_MAX_BLOCKED_WRITE_TIME_LIMIT; 198 199 200 201 // The "max-request-size" property definition. 202 private static final SizePropertyDefinition PD_MAX_REQUEST_SIZE; 203 204 205 206 // The "num-request-handlers" property definition. 207 private static final IntegerPropertyDefinition PD_NUM_REQUEST_HANDLERS; 208 209 210 211 // The "send-rejection-notice" property definition. 212 private static final BooleanPropertyDefinition PD_SEND_REJECTION_NOTICE; 213 214 215 216 // The "ssl-cert-nickname" property definition. 217 private static final StringPropertyDefinition PD_SSL_CERT_NICKNAME; 218 219 220 221 // The "ssl-cipher-suite" property definition. 222 private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE; 223 224 225 226 // The "ssl-client-auth-policy" property definition. 227 private static final EnumPropertyDefinition<SSLClientAuthPolicy> PD_SSL_CLIENT_AUTH_POLICY; 228 229 230 231 // The "ssl-protocol" property definition. 232 private static final StringPropertyDefinition PD_SSL_PROTOCOL; 233 234 235 236 // The "trust-manager-provider" property definition. 237 private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER; 238 239 240 241 // The "use-ssl" property definition. 242 private static final BooleanPropertyDefinition PD_USE_SSL; 243 244 245 246 // The "use-tcp-keep-alive" property definition. 247 private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE; 248 249 250 251 // The "use-tcp-no-delay" property definition. 252 private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY; 253 254 255 256 // Build the "accept-backlog" property definition. 257 static { 258 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "accept-backlog"); 259 builder.setOption(PropertyOption.ADVANCED); 260 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "accept-backlog")); 261 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("128"); 262 builder.setDefaultBehaviorProvider(provider); 263 builder.setLowerLimit(1); 264 PD_ACCEPT_BACKLOG = builder.getInstance(); 265 INSTANCE.registerPropertyDefinition(PD_ACCEPT_BACKLOG); 266 } 267 268 269 270 // Build the "allow-ldap-v2" property definition. 271 static { 272 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-ldap-v2"); 273 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-ldap-v2")); 274 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 275 builder.setDefaultBehaviorProvider(provider); 276 PD_ALLOW_LDAP_V2 = builder.getInstance(); 277 INSTANCE.registerPropertyDefinition(PD_ALLOW_LDAP_V2); 278 } 279 280 281 282 // Build the "allow-start-tls" property definition. 283 static { 284 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-start-tls"); 285 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-start-tls")); 286 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 287 builder.setDefaultBehaviorProvider(provider); 288 PD_ALLOW_START_TLS = builder.getInstance(); 289 INSTANCE.registerPropertyDefinition(PD_ALLOW_START_TLS); 290 } 291 292 293 294 // Build the "allow-tcp-reuse-address" property definition. 295 static { 296 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-tcp-reuse-address"); 297 builder.setOption(PropertyOption.ADVANCED); 298 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "allow-tcp-reuse-address")); 299 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 300 builder.setDefaultBehaviorProvider(provider); 301 PD_ALLOW_TCP_REUSE_ADDRESS = builder.getInstance(); 302 INSTANCE.registerPropertyDefinition(PD_ALLOW_TCP_REUSE_ADDRESS); 303 } 304 305 306 307 // Build the "buffer-size" property definition. 308 static { 309 SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "buffer-size"); 310 builder.setOption(PropertyOption.ADVANCED); 311 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "buffer-size")); 312 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("4096 bytes"); 313 builder.setDefaultBehaviorProvider(provider); 314 builder.setUpperLimit("2147483647b"); 315 builder.setLowerLimit("1b"); 316 PD_BUFFER_SIZE = builder.getInstance(); 317 INSTANCE.registerPropertyDefinition(PD_BUFFER_SIZE); 318 } 319 320 321 322 // Build the "java-class" property definition. 323 static { 324 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 325 builder.setOption(PropertyOption.MANDATORY); 326 builder.setOption(PropertyOption.ADVANCED); 327 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 328 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.ldap.LDAPConnectionHandler"); 329 builder.setDefaultBehaviorProvider(provider); 330 builder.addInstanceOf("org.opends.server.api.ConnectionHandler"); 331 PD_JAVA_CLASS = builder.getInstance(); 332 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 333 } 334 335 336 337 // Build the "keep-stats" property definition. 338 static { 339 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "keep-stats"); 340 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keep-stats")); 341 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 342 builder.setDefaultBehaviorProvider(provider); 343 PD_KEEP_STATS = builder.getInstance(); 344 INSTANCE.registerPropertyDefinition(PD_KEEP_STATS); 345 } 346 347 348 349 // Build the "key-manager-provider" property definition. 350 static { 351 AggregationPropertyDefinition.Builder<KeyManagerProviderCfgClient, KeyManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "key-manager-provider"); 352 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-manager-provider")); 353 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 354 builder.setParentPath("/"); 355 builder.setRelationDefinition("key-manager-provider"); 356 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))); 357 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 358 PD_KEY_MANAGER_PROVIDER = builder.getInstance(); 359 INSTANCE.registerPropertyDefinition(PD_KEY_MANAGER_PROVIDER); 360 INSTANCE.registerConstraint(PD_KEY_MANAGER_PROVIDER.getSourceConstraint()); 361 } 362 363 364 365 // Build the "listen-address" property definition. 366 static { 367 IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "listen-address"); 368 builder.setOption(PropertyOption.MULTI_VALUED); 369 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-address")); 370 DefaultBehaviorProvider<InetAddress> provider = new DefinedDefaultBehaviorProvider<InetAddress>("0.0.0.0"); 371 builder.setDefaultBehaviorProvider(provider); 372 PD_LISTEN_ADDRESS = builder.getInstance(); 373 INSTANCE.registerPropertyDefinition(PD_LISTEN_ADDRESS); 374 } 375 376 377 378 // Build the "listen-port" property definition. 379 static { 380 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "listen-port"); 381 builder.setOption(PropertyOption.MANDATORY); 382 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-port")); 383 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Integer>()); 384 builder.setUpperLimit(65535); 385 builder.setLowerLimit(1); 386 PD_LISTEN_PORT = builder.getInstance(); 387 INSTANCE.registerPropertyDefinition(PD_LISTEN_PORT); 388 } 389 390 391 392 // Build the "max-blocked-write-time-limit" property definition. 393 static { 394 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-blocked-write-time-limit"); 395 builder.setOption(PropertyOption.ADVANCED); 396 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-blocked-write-time-limit")); 397 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("2 minutes"); 398 builder.setDefaultBehaviorProvider(provider); 399 builder.setBaseUnit("ms"); 400 builder.setLowerLimit("0"); 401 PD_MAX_BLOCKED_WRITE_TIME_LIMIT = builder.getInstance(); 402 INSTANCE.registerPropertyDefinition(PD_MAX_BLOCKED_WRITE_TIME_LIMIT); 403 } 404 405 406 407 // Build the "max-request-size" property definition. 408 static { 409 SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "max-request-size"); 410 builder.setOption(PropertyOption.ADVANCED); 411 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-request-size")); 412 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 megabytes"); 413 builder.setDefaultBehaviorProvider(provider); 414 builder.setUpperLimit("2147483647b"); 415 PD_MAX_REQUEST_SIZE = builder.getInstance(); 416 INSTANCE.registerPropertyDefinition(PD_MAX_REQUEST_SIZE); 417 } 418 419 420 421 // Build the "num-request-handlers" property definition. 422 static { 423 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "num-request-handlers"); 424 builder.setOption(PropertyOption.ADVANCED); 425 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "num-request-handlers")); 426 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Integer>(INSTANCE, "num-request-handlers")); 427 builder.setLowerLimit(1); 428 PD_NUM_REQUEST_HANDLERS = builder.getInstance(); 429 INSTANCE.registerPropertyDefinition(PD_NUM_REQUEST_HANDLERS); 430 } 431 432 433 434 // Build the "send-rejection-notice" property definition. 435 static { 436 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "send-rejection-notice"); 437 builder.setOption(PropertyOption.ADVANCED); 438 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "send-rejection-notice")); 439 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 440 builder.setDefaultBehaviorProvider(provider); 441 PD_SEND_REJECTION_NOTICE = builder.getInstance(); 442 INSTANCE.registerPropertyDefinition(PD_SEND_REJECTION_NOTICE); 443 } 444 445 446 447 // Build the "ssl-cert-nickname" property definition. 448 static { 449 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cert-nickname"); 450 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-cert-nickname")); 451 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cert-nickname")); 452 PD_SSL_CERT_NICKNAME = builder.getInstance(); 453 INSTANCE.registerPropertyDefinition(PD_SSL_CERT_NICKNAME); 454 } 455 456 457 458 // Build the "ssl-cipher-suite" property definition. 459 static { 460 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite"); 461 builder.setOption(PropertyOption.MULTI_VALUED); 462 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite")); 463 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite")); 464 PD_SSL_CIPHER_SUITE = builder.getInstance(); 465 INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE); 466 } 467 468 469 470 // Build the "ssl-client-auth-policy" property definition. 471 static { 472 EnumPropertyDefinition.Builder<SSLClientAuthPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "ssl-client-auth-policy"); 473 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-client-auth-policy")); 474 DefaultBehaviorProvider<SSLClientAuthPolicy> provider = new DefinedDefaultBehaviorProvider<SSLClientAuthPolicy>("optional"); 475 builder.setDefaultBehaviorProvider(provider); 476 builder.setEnumClass(SSLClientAuthPolicy.class); 477 PD_SSL_CLIENT_AUTH_POLICY = builder.getInstance(); 478 INSTANCE.registerPropertyDefinition(PD_SSL_CLIENT_AUTH_POLICY); 479 } 480 481 482 483 // Build the "ssl-protocol" property definition. 484 static { 485 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol"); 486 builder.setOption(PropertyOption.MULTI_VALUED); 487 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol")); 488 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol")); 489 PD_SSL_PROTOCOL = builder.getInstance(); 490 INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL); 491 } 492 493 494 495 // Build the "trust-manager-provider" property definition. 496 static { 497 AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider"); 498 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider")); 499 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 500 builder.setParentPath("/"); 501 builder.setRelationDefinition("trust-manager-provider"); 502 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))); 503 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 504 PD_TRUST_MANAGER_PROVIDER = builder.getInstance(); 505 INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER); 506 INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint()); 507 } 508 509 510 511 // Build the "use-ssl" property definition. 512 static { 513 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl"); 514 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl")); 515 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 516 builder.setDefaultBehaviorProvider(provider); 517 PD_USE_SSL = builder.getInstance(); 518 INSTANCE.registerPropertyDefinition(PD_USE_SSL); 519 } 520 521 522 523 // Build the "use-tcp-keep-alive" property definition. 524 static { 525 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive"); 526 builder.setOption(PropertyOption.ADVANCED); 527 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive")); 528 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 529 builder.setDefaultBehaviorProvider(provider); 530 PD_USE_TCP_KEEP_ALIVE = builder.getInstance(); 531 INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE); 532 } 533 534 535 536 // Build the "use-tcp-no-delay" property definition. 537 static { 538 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay"); 539 builder.setOption(PropertyOption.ADVANCED); 540 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay")); 541 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 542 builder.setDefaultBehaviorProvider(provider); 543 PD_USE_TCP_NO_DELAY = builder.getInstance(); 544 INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY); 545 } 546 547 548 549 // Register the tags associated with this managed object definition. 550 static { 551 INSTANCE.registerTag(Tag.valueOf("core-server")); 552 } 553 554 555 556 // Register the constraints associated with this managed object definition. 557 static { 558 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("key-manager-provider"))))); 559 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("trust-manager-provider"))))); 560 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.not(Conditions.and(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))))); 561 } 562 563 564 565 /** 566 * Get the LDAP Connection Handler configuration definition 567 * singleton. 568 * 569 * @return Returns the LDAP Connection Handler configuration 570 * definition singleton. 571 */ 572 public static LDAPConnectionHandlerCfgDefn getInstance() { 573 return INSTANCE; 574 } 575 576 577 578 /** 579 * Private constructor. 580 */ 581 private LDAPConnectionHandlerCfgDefn() { 582 super("ldap-connection-handler", ConnectionHandlerCfgDefn.getInstance()); 583 } 584 585 586 587 /** 588 * {@inheritDoc} 589 */ 590 public LDAPConnectionHandlerCfgClient createClientConfiguration( 591 ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) { 592 return new LDAPConnectionHandlerCfgClientImpl(impl); 593 } 594 595 596 597 /** 598 * {@inheritDoc} 599 */ 600 public LDAPConnectionHandlerCfg createServerConfiguration( 601 ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) { 602 return new LDAPConnectionHandlerCfgServerImpl(impl); 603 } 604 605 606 607 /** 608 * {@inheritDoc} 609 */ 610 public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass() { 611 return LDAPConnectionHandlerCfg.class; 612 } 613 614 615 616 /** 617 * Get the "accept-backlog" property definition. 618 * <p> 619 * Specifies the maximum number of pending connection attempts that 620 * are allowed to queue up in the accept backlog before the server 621 * starts rejecting new connection attempts. 622 * <p> 623 * This is primarily an issue for cases in which a large number of 624 * connections are established to the server in a very short period 625 * of time (for example, a benchmark utility that creates a large 626 * number of client threads that each have their own connection to 627 * the server) and the connection handler is unable to keep up with 628 * the rate at which the new connections are established. 629 * 630 * @return Returns the "accept-backlog" property definition. 631 */ 632 public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition() { 633 return PD_ACCEPT_BACKLOG; 634 } 635 636 637 638 /** 639 * Get the "allowed-client" property definition. 640 * <p> 641 * Specifies a set of host names or address masks that determine the 642 * clients that are allowed to establish connections to this LDAP 643 * Connection Handler. 644 * <p> 645 * Valid values include a host name, a fully qualified domain name, 646 * a domain name, an IP address, or a subnetwork with subnetwork 647 * mask. 648 * 649 * @return Returns the "allowed-client" property definition. 650 */ 651 public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition() { 652 return ConnectionHandlerCfgDefn.getInstance().getAllowedClientPropertyDefinition(); 653 } 654 655 656 657 /** 658 * Get the "allow-ldap-v2" property definition. 659 * <p> 660 * Indicates whether connections from LDAPv2 clients are allowed. 661 * <p> 662 * If LDAPv2 clients are allowed, then only a minimal degree of 663 * special support are provided for them to ensure that 664 * LDAPv3-specific protocol elements (for example, Configuration 665 * Guide 25 controls, extended response messages, intermediate 666 * response messages, referrals) are not sent to an LDAPv2 client. 667 * 668 * @return Returns the "allow-ldap-v2" property definition. 669 */ 670 public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition() { 671 return PD_ALLOW_LDAP_V2; 672 } 673 674 675 676 /** 677 * Get the "allow-start-tls" property definition. 678 * <p> 679 * Indicates whether clients are allowed to use StartTLS. 680 * <p> 681 * If enabled, the LDAP Connection Handler allows clients to use the 682 * StartTLS extended operation to initiate secure communication over 683 * an otherwise insecure channel. Note that this is only allowed if 684 * the LDAP Connection Handler is not configured to use SSL, and if 685 * the server is configured with a valid key manager provider and a 686 * valid trust manager provider. 687 * 688 * @return Returns the "allow-start-tls" property definition. 689 */ 690 public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition() { 691 return PD_ALLOW_START_TLS; 692 } 693 694 695 696 /** 697 * Get the "allow-tcp-reuse-address" property definition. 698 * <p> 699 * Indicates whether the LDAP Connection Handler should reuse socket 700 * descriptors. 701 * <p> 702 * If enabled, the SO_REUSEADDR socket option is used on the server 703 * listen socket to potentially allow the reuse of socket descriptors 704 * for clients in a TIME_WAIT state. This may help the server avoid 705 * temporarily running out of socket descriptors in cases in which a 706 * very large number of short-lived connections have been established 707 * from the same client system. 708 * 709 * @return Returns the "allow-tcp-reuse-address" property definition. 710 */ 711 public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition() { 712 return PD_ALLOW_TCP_REUSE_ADDRESS; 713 } 714 715 716 717 /** 718 * Get the "buffer-size" property definition. 719 * <p> 720 * Specifies the size in bytes of the LDAP response message write 721 * buffer. 722 * <p> 723 * This property specifies write buffer size allocated by the server 724 * for each client connection and used to buffer LDAP response 725 * messages data when writing. 726 * 727 * @return Returns the "buffer-size" property definition. 728 */ 729 public SizePropertyDefinition getBufferSizePropertyDefinition() { 730 return PD_BUFFER_SIZE; 731 } 732 733 734 735 /** 736 * Get the "denied-client" property definition. 737 * <p> 738 * Specifies a set of host names or address masks that determine the 739 * clients that are not allowed to establish connections to this LDAP 740 * Connection Handler. 741 * <p> 742 * Valid values include a host name, a fully qualified domain name, 743 * a domain name, an IP address, or a subnetwork with subnetwork 744 * mask. If both allowed and denied client masks are defined and a 745 * client connection matches one or more masks in both lists, then 746 * the connection is denied. If only a denied list is specified, then 747 * any client not matching a mask in that list is allowed. 748 * 749 * @return Returns the "denied-client" property definition. 750 */ 751 public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition() { 752 return ConnectionHandlerCfgDefn.getInstance().getDeniedClientPropertyDefinition(); 753 } 754 755 756 757 /** 758 * Get the "enabled" property definition. 759 * <p> 760 * Indicates whether the LDAP Connection Handler is enabled. 761 * 762 * @return Returns the "enabled" property definition. 763 */ 764 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 765 return ConnectionHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 766 } 767 768 769 770 /** 771 * Get the "java-class" property definition. 772 * <p> 773 * Specifies the fully-qualified name of the Java class that 774 * provides the LDAP Connection Handler implementation. 775 * 776 * @return Returns the "java-class" property definition. 777 */ 778 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 779 return PD_JAVA_CLASS; 780 } 781 782 783 784 /** 785 * Get the "keep-stats" property definition. 786 * <p> 787 * Indicates whether the LDAP Connection Handler should keep 788 * statistics. 789 * <p> 790 * If enabled, the LDAP Connection Handler maintains statistics 791 * about the number and types of operations requested over LDAP and 792 * the amount of data sent and received. 793 * 794 * @return Returns the "keep-stats" property definition. 795 */ 796 public BooleanPropertyDefinition getKeepStatsPropertyDefinition() { 797 return PD_KEEP_STATS; 798 } 799 800 801 802 /** 803 * Get the "key-manager-provider" property definition. 804 * <p> 805 * Specifies the name of the key manager that should be used with 806 * this LDAP Connection Handler . 807 * 808 * @return Returns the "key-manager-provider" property definition. 809 */ 810 public AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition() { 811 return PD_KEY_MANAGER_PROVIDER; 812 } 813 814 815 816 /** 817 * Get the "listen-address" property definition. 818 * <p> 819 * Specifies the address or set of addresses on which this LDAP 820 * Connection Handler should listen for connections from LDAP 821 * clients. 822 * <p> 823 * Multiple addresses may be provided as separate values for this 824 * attribute. If no values are provided, then the LDAP Connection 825 * Handler listens on all interfaces. 826 * 827 * @return Returns the "listen-address" property definition. 828 */ 829 public IPAddressPropertyDefinition getListenAddressPropertyDefinition() { 830 return PD_LISTEN_ADDRESS; 831 } 832 833 834 835 /** 836 * Get the "listen-port" property definition. 837 * <p> 838 * Specifies the port number on which the LDAP Connection Handler 839 * will listen for connections from clients. 840 * <p> 841 * Only a single port number may be provided. 842 * 843 * @return Returns the "listen-port" property definition. 844 */ 845 public IntegerPropertyDefinition getListenPortPropertyDefinition() { 846 return PD_LISTEN_PORT; 847 } 848 849 850 851 /** 852 * Get the "max-blocked-write-time-limit" property definition. 853 * <p> 854 * Specifies the maximum length of time that attempts to write data 855 * to LDAP clients should be allowed to block. 856 * <p> 857 * If an attempt to write data to a client takes longer than this 858 * length of time, then the client connection is terminated. 859 * 860 * @return Returns the "max-blocked-write-time-limit" property definition. 861 */ 862 public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition() { 863 return PD_MAX_BLOCKED_WRITE_TIME_LIMIT; 864 } 865 866 867 868 /** 869 * Get the "max-request-size" property definition. 870 * <p> 871 * Specifies the size in bytes of the largest LDAP request message 872 * that will be allowed by this LDAP Connection handler. 873 * <p> 874 * This property is analogous to the maxBERSize configuration 875 * attribute of the Sun Java System Directory Server. This can help 876 * prevent denial-of-service attacks by clients that indicate they 877 * send extremely large requests to the server causing it to attempt 878 * to allocate large amounts of memory. 879 * 880 * @return Returns the "max-request-size" property definition. 881 */ 882 public SizePropertyDefinition getMaxRequestSizePropertyDefinition() { 883 return PD_MAX_REQUEST_SIZE; 884 } 885 886 887 888 /** 889 * Get the "num-request-handlers" property definition. 890 * <p> 891 * Specifies the number of request handlers that are used to read 892 * requests from clients. 893 * <p> 894 * The LDAP Connection Handler uses one thread to accept new 895 * connections from clients, but uses one or more additional threads 896 * to read requests from existing client connections. This ensures 897 * that new requests are read efficiently and that the connection 898 * handler itself does not become a bottleneck when the server is 899 * under heavy load from many clients at the same time. 900 * 901 * @return Returns the "num-request-handlers" property definition. 902 */ 903 public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition() { 904 return PD_NUM_REQUEST_HANDLERS; 905 } 906 907 908 909 /** 910 * Get the "send-rejection-notice" property definition. 911 * <p> 912 * Indicates whether the LDAP Connection Handler should send a 913 * notice of disconnection extended response message to the client if 914 * a new connection is rejected for some reason. 915 * <p> 916 * The extended response message may provide an explanation 917 * indicating the reason that the connection was rejected. 918 * 919 * @return Returns the "send-rejection-notice" property definition. 920 */ 921 public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition() { 922 return PD_SEND_REJECTION_NOTICE; 923 } 924 925 926 927 /** 928 * Get the "ssl-cert-nickname" property definition. 929 * <p> 930 * Specifies the nickname (also called the alias) of the certificate 931 * that the LDAP Connection Handler should use when performing SSL 932 * communication. 933 * <p> 934 * This is only applicable when the LDAP Connection Handler is 935 * configured to use SSL. 936 * 937 * @return Returns the "ssl-cert-nickname" property definition. 938 */ 939 public StringPropertyDefinition getSSLCertNicknamePropertyDefinition() { 940 return PD_SSL_CERT_NICKNAME; 941 } 942 943 944 945 /** 946 * Get the "ssl-cipher-suite" property definition. 947 * <p> 948 * Specifies the names of the SSL cipher suites that are allowed for 949 * use in SSL or StartTLS communication. 950 * 951 * @return Returns the "ssl-cipher-suite" property definition. 952 */ 953 public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() { 954 return PD_SSL_CIPHER_SUITE; 955 } 956 957 958 959 /** 960 * Get the "ssl-client-auth-policy" property definition. 961 * <p> 962 * Specifies the policy that the LDAP Connection Handler should use 963 * regarding client SSL certificates. Clients can use the SASL 964 * EXTERNAL mechanism only if the policy is set to "optional" or 965 * "required". 966 * <p> 967 * This is only applicable if clients are allowed to use SSL. 968 * 969 * @return Returns the "ssl-client-auth-policy" property definition. 970 */ 971 public EnumPropertyDefinition<SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition() { 972 return PD_SSL_CLIENT_AUTH_POLICY; 973 } 974 975 976 977 /** 978 * Get the "ssl-protocol" property definition. 979 * <p> 980 * Specifies the names of the SSL protocols that are allowed for use 981 * in SSL or StartTLS communication. 982 * 983 * @return Returns the "ssl-protocol" property definition. 984 */ 985 public StringPropertyDefinition getSSLProtocolPropertyDefinition() { 986 return PD_SSL_PROTOCOL; 987 } 988 989 990 991 /** 992 * Get the "trust-manager-provider" property definition. 993 * <p> 994 * Specifies the name of the trust manager that should be used with 995 * the LDAP Connection Handler . 996 * 997 * @return Returns the "trust-manager-provider" property definition. 998 */ 999 public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() { 1000 return PD_TRUST_MANAGER_PROVIDER; 1001 } 1002 1003 1004 1005 /** 1006 * Get the "use-ssl" property definition. 1007 * <p> 1008 * Indicates whether the LDAP Connection Handler should use SSL. 1009 * <p> 1010 * If enabled, the LDAP Connection Handler will use SSL to encrypt 1011 * communication with the clients. 1012 * 1013 * @return Returns the "use-ssl" property definition. 1014 */ 1015 public BooleanPropertyDefinition getUseSSLPropertyDefinition() { 1016 return PD_USE_SSL; 1017 } 1018 1019 1020 1021 /** 1022 * Get the "use-tcp-keep-alive" property definition. 1023 * <p> 1024 * Indicates whether the LDAP Connection Handler should use TCP 1025 * keep-alive. 1026 * <p> 1027 * If enabled, the SO_KEEPALIVE socket option is used to indicate 1028 * that TCP keepalive messages should periodically be sent to the 1029 * client to verify that the associated connection is still valid. 1030 * This may also help prevent cases in which intermediate network 1031 * hardware could silently drop an otherwise idle client connection, 1032 * provided that the keepalive interval configured in the underlying 1033 * operating system is smaller than the timeout enforced by the 1034 * network hardware. 1035 * 1036 * @return Returns the "use-tcp-keep-alive" property definition. 1037 */ 1038 public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() { 1039 return PD_USE_TCP_KEEP_ALIVE; 1040 } 1041 1042 1043 1044 /** 1045 * Get the "use-tcp-no-delay" property definition. 1046 * <p> 1047 * Indicates whether the LDAP Connection Handler should use TCP 1048 * no-delay. 1049 * <p> 1050 * If enabled, the TCP_NODELAY socket option is used to ensure that 1051 * response messages to the client are sent immediately rather than 1052 * potentially waiting to determine whether additional response 1053 * messages can be sent in the same packet. In most cases, using the 1054 * TCP_NODELAY socket option provides better performance and lower 1055 * response times, but disabling it may help for some cases in which 1056 * the server sends a large number of entries to a client in response 1057 * to a search request. 1058 * 1059 * @return Returns the "use-tcp-no-delay" property definition. 1060 */ 1061 public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() { 1062 return PD_USE_TCP_NO_DELAY; 1063 } 1064 1065 1066 1067 /** 1068 * Managed object client implementation. 1069 */ 1070 private static class LDAPConnectionHandlerCfgClientImpl implements 1071 LDAPConnectionHandlerCfgClient { 1072 1073 // Private implementation. 1074 private ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl; 1075 1076 1077 1078 // Private constructor. 1079 private LDAPConnectionHandlerCfgClientImpl( 1080 ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) { 1081 this.impl = impl; 1082 } 1083 1084 1085 1086 /** 1087 * {@inheritDoc} 1088 */ 1089 public int getAcceptBacklog() { 1090 return impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition()); 1091 } 1092 1093 1094 1095 /** 1096 * {@inheritDoc} 1097 */ 1098 public void setAcceptBacklog(Integer value) { 1099 impl.setPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition(), value); 1100 } 1101 1102 1103 1104 /** 1105 * {@inheritDoc} 1106 */ 1107 public SortedSet<AddressMask> getAllowedClient() { 1108 return impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition()); 1109 } 1110 1111 1112 1113 /** 1114 * {@inheritDoc} 1115 */ 1116 public void setAllowedClient(Collection<AddressMask> values) { 1117 impl.setPropertyValues(INSTANCE.getAllowedClientPropertyDefinition(), values); 1118 } 1119 1120 1121 1122 /** 1123 * {@inheritDoc} 1124 */ 1125 public boolean isAllowLDAPV2() { 1126 return impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition()); 1127 } 1128 1129 1130 1131 /** 1132 * {@inheritDoc} 1133 */ 1134 public void setAllowLDAPV2(Boolean value) { 1135 impl.setPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition(), value); 1136 } 1137 1138 1139 1140 /** 1141 * {@inheritDoc} 1142 */ 1143 public boolean isAllowStartTLS() { 1144 return impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition()); 1145 } 1146 1147 1148 1149 /** 1150 * {@inheritDoc} 1151 */ 1152 public void setAllowStartTLS(Boolean value) { 1153 impl.setPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition(), value); 1154 } 1155 1156 1157 1158 /** 1159 * {@inheritDoc} 1160 */ 1161 public boolean isAllowTCPReuseAddress() { 1162 return impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition()); 1163 } 1164 1165 1166 1167 /** 1168 * {@inheritDoc} 1169 */ 1170 public void setAllowTCPReuseAddress(Boolean value) { 1171 impl.setPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition(), value); 1172 } 1173 1174 1175 1176 /** 1177 * {@inheritDoc} 1178 */ 1179 public long getBufferSize() { 1180 return impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition()); 1181 } 1182 1183 1184 1185 /** 1186 * {@inheritDoc} 1187 */ 1188 public void setBufferSize(Long value) { 1189 impl.setPropertyValue(INSTANCE.getBufferSizePropertyDefinition(), value); 1190 } 1191 1192 1193 1194 /** 1195 * {@inheritDoc} 1196 */ 1197 public SortedSet<AddressMask> getDeniedClient() { 1198 return impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition()); 1199 } 1200 1201 1202 1203 /** 1204 * {@inheritDoc} 1205 */ 1206 public void setDeniedClient(Collection<AddressMask> values) { 1207 impl.setPropertyValues(INSTANCE.getDeniedClientPropertyDefinition(), values); 1208 } 1209 1210 1211 1212 /** 1213 * {@inheritDoc} 1214 */ 1215 public Boolean isEnabled() { 1216 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 1217 } 1218 1219 1220 1221 /** 1222 * {@inheritDoc} 1223 */ 1224 public void setEnabled(boolean value) { 1225 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 1226 } 1227 1228 1229 1230 /** 1231 * {@inheritDoc} 1232 */ 1233 public String getJavaClass() { 1234 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1235 } 1236 1237 1238 1239 /** 1240 * {@inheritDoc} 1241 */ 1242 public void setJavaClass(String value) { 1243 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 1244 } 1245 1246 1247 1248 /** 1249 * {@inheritDoc} 1250 */ 1251 public boolean isKeepStats() { 1252 return impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition()); 1253 } 1254 1255 1256 1257 /** 1258 * {@inheritDoc} 1259 */ 1260 public void setKeepStats(Boolean value) { 1261 impl.setPropertyValue(INSTANCE.getKeepStatsPropertyDefinition(), value); 1262 } 1263 1264 1265 1266 /** 1267 * {@inheritDoc} 1268 */ 1269 public String getKeyManagerProvider() { 1270 return impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition()); 1271 } 1272 1273 1274 1275 /** 1276 * {@inheritDoc} 1277 */ 1278 public void setKeyManagerProvider(String value) { 1279 impl.setPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition(), value); 1280 } 1281 1282 1283 1284 /** 1285 * {@inheritDoc} 1286 */ 1287 public SortedSet<InetAddress> getListenAddress() { 1288 return impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition()); 1289 } 1290 1291 1292 1293 /** 1294 * {@inheritDoc} 1295 */ 1296 public void setListenAddress(Collection<InetAddress> values) { 1297 impl.setPropertyValues(INSTANCE.getListenAddressPropertyDefinition(), values); 1298 } 1299 1300 1301 1302 /** 1303 * {@inheritDoc} 1304 */ 1305 public Integer getListenPort() { 1306 return impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition()); 1307 } 1308 1309 1310 1311 /** 1312 * {@inheritDoc} 1313 */ 1314 public void setListenPort(int value) { 1315 impl.setPropertyValue(INSTANCE.getListenPortPropertyDefinition(), value); 1316 } 1317 1318 1319 1320 /** 1321 * {@inheritDoc} 1322 */ 1323 public long getMaxBlockedWriteTimeLimit() { 1324 return impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition()); 1325 } 1326 1327 1328 1329 /** 1330 * {@inheritDoc} 1331 */ 1332 public void setMaxBlockedWriteTimeLimit(Long value) { 1333 impl.setPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition(), value); 1334 } 1335 1336 1337 1338 /** 1339 * {@inheritDoc} 1340 */ 1341 public long getMaxRequestSize() { 1342 return impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition()); 1343 } 1344 1345 1346 1347 /** 1348 * {@inheritDoc} 1349 */ 1350 public void setMaxRequestSize(Long value) { 1351 impl.setPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition(), value); 1352 } 1353 1354 1355 1356 /** 1357 * {@inheritDoc} 1358 */ 1359 public Integer getNumRequestHandlers() { 1360 return impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition()); 1361 } 1362 1363 1364 1365 /** 1366 * {@inheritDoc} 1367 */ 1368 public void setNumRequestHandlers(Integer value) { 1369 impl.setPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition(), value); 1370 } 1371 1372 1373 1374 /** 1375 * {@inheritDoc} 1376 */ 1377 public boolean isSendRejectionNotice() { 1378 return impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition()); 1379 } 1380 1381 1382 1383 /** 1384 * {@inheritDoc} 1385 */ 1386 public void setSendRejectionNotice(Boolean value) { 1387 impl.setPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition(), value); 1388 } 1389 1390 1391 1392 /** 1393 * {@inheritDoc} 1394 */ 1395 public String getSSLCertNickname() { 1396 return impl.getPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition()); 1397 } 1398 1399 1400 1401 /** 1402 * {@inheritDoc} 1403 */ 1404 public void setSSLCertNickname(String value) { 1405 impl.setPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition(), value); 1406 } 1407 1408 1409 1410 /** 1411 * {@inheritDoc} 1412 */ 1413 public SortedSet<String> getSSLCipherSuite() { 1414 return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1415 } 1416 1417 1418 1419 /** 1420 * {@inheritDoc} 1421 */ 1422 public void setSSLCipherSuite(Collection<String> values) { 1423 impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values); 1424 } 1425 1426 1427 1428 /** 1429 * {@inheritDoc} 1430 */ 1431 public SSLClientAuthPolicy getSSLClientAuthPolicy() { 1432 return impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition()); 1433 } 1434 1435 1436 1437 /** 1438 * {@inheritDoc} 1439 */ 1440 public void setSSLClientAuthPolicy(SSLClientAuthPolicy value) { 1441 impl.setPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition(), value); 1442 } 1443 1444 1445 1446 /** 1447 * {@inheritDoc} 1448 */ 1449 public SortedSet<String> getSSLProtocol() { 1450 return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1451 } 1452 1453 1454 1455 /** 1456 * {@inheritDoc} 1457 */ 1458 public void setSSLProtocol(Collection<String> values) { 1459 impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values); 1460 } 1461 1462 1463 1464 /** 1465 * {@inheritDoc} 1466 */ 1467 public String getTrustManagerProvider() { 1468 return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1469 } 1470 1471 1472 1473 /** 1474 * {@inheritDoc} 1475 */ 1476 public void setTrustManagerProvider(String value) { 1477 impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value); 1478 } 1479 1480 1481 1482 /** 1483 * {@inheritDoc} 1484 */ 1485 public boolean isUseSSL() { 1486 return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1487 } 1488 1489 1490 1491 /** 1492 * {@inheritDoc} 1493 */ 1494 public void setUseSSL(Boolean value) { 1495 impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value); 1496 } 1497 1498 1499 1500 /** 1501 * {@inheritDoc} 1502 */ 1503 public boolean isUseTCPKeepAlive() { 1504 return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1505 } 1506 1507 1508 1509 /** 1510 * {@inheritDoc} 1511 */ 1512 public void setUseTCPKeepAlive(Boolean value) { 1513 impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value); 1514 } 1515 1516 1517 1518 /** 1519 * {@inheritDoc} 1520 */ 1521 public boolean isUseTCPNoDelay() { 1522 return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1523 } 1524 1525 1526 1527 /** 1528 * {@inheritDoc} 1529 */ 1530 public void setUseTCPNoDelay(Boolean value) { 1531 impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value); 1532 } 1533 1534 1535 1536 /** 1537 * {@inheritDoc} 1538 */ 1539 public ManagedObjectDefinition<? extends LDAPConnectionHandlerCfgClient, ? extends LDAPConnectionHandlerCfg> definition() { 1540 return INSTANCE; 1541 } 1542 1543 1544 1545 /** 1546 * {@inheritDoc} 1547 */ 1548 public PropertyProvider properties() { 1549 return impl; 1550 } 1551 1552 1553 1554 /** 1555 * {@inheritDoc} 1556 */ 1557 public void commit() throws ManagedObjectAlreadyExistsException, 1558 MissingMandatoryPropertiesException, ConcurrentModificationException, 1559 OperationRejectedException, AuthorizationException, 1560 CommunicationException { 1561 impl.commit(); 1562 } 1563 1564 } 1565 1566 1567 1568 /** 1569 * Managed object server implementation. 1570 */ 1571 private static class LDAPConnectionHandlerCfgServerImpl implements 1572 LDAPConnectionHandlerCfg { 1573 1574 // Private implementation. 1575 private ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl; 1576 1577 // The value of the "accept-backlog" property. 1578 private final int pAcceptBacklog; 1579 1580 // The value of the "allowed-client" property. 1581 private final SortedSet<AddressMask> pAllowedClient; 1582 1583 // The value of the "allow-ldap-v2" property. 1584 private final boolean pAllowLDAPV2; 1585 1586 // The value of the "allow-start-tls" property. 1587 private final boolean pAllowStartTLS; 1588 1589 // The value of the "allow-tcp-reuse-address" property. 1590 private final boolean pAllowTCPReuseAddress; 1591 1592 // The value of the "buffer-size" property. 1593 private final long pBufferSize; 1594 1595 // The value of the "denied-client" property. 1596 private final SortedSet<AddressMask> pDeniedClient; 1597 1598 // The value of the "enabled" property. 1599 private final boolean pEnabled; 1600 1601 // The value of the "java-class" property. 1602 private final String pJavaClass; 1603 1604 // The value of the "keep-stats" property. 1605 private final boolean pKeepStats; 1606 1607 // The value of the "key-manager-provider" property. 1608 private final String pKeyManagerProvider; 1609 1610 // The value of the "listen-address" property. 1611 private final SortedSet<InetAddress> pListenAddress; 1612 1613 // The value of the "listen-port" property. 1614 private final int pListenPort; 1615 1616 // The value of the "max-blocked-write-time-limit" property. 1617 private final long pMaxBlockedWriteTimeLimit; 1618 1619 // The value of the "max-request-size" property. 1620 private final long pMaxRequestSize; 1621 1622 // The value of the "num-request-handlers" property. 1623 private final Integer pNumRequestHandlers; 1624 1625 // The value of the "send-rejection-notice" property. 1626 private final boolean pSendRejectionNotice; 1627 1628 // The value of the "ssl-cert-nickname" property. 1629 private final String pSSLCertNickname; 1630 1631 // The value of the "ssl-cipher-suite" property. 1632 private final SortedSet<String> pSSLCipherSuite; 1633 1634 // The value of the "ssl-client-auth-policy" property. 1635 private final SSLClientAuthPolicy pSSLClientAuthPolicy; 1636 1637 // The value of the "ssl-protocol" property. 1638 private final SortedSet<String> pSSLProtocol; 1639 1640 // The value of the "trust-manager-provider" property. 1641 private final String pTrustManagerProvider; 1642 1643 // The value of the "use-ssl" property. 1644 private final boolean pUseSSL; 1645 1646 // The value of the "use-tcp-keep-alive" property. 1647 private final boolean pUseTCPKeepAlive; 1648 1649 // The value of the "use-tcp-no-delay" property. 1650 private final boolean pUseTCPNoDelay; 1651 1652 1653 1654 // Private constructor. 1655 private LDAPConnectionHandlerCfgServerImpl(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) { 1656 this.impl = impl; 1657 this.pAcceptBacklog = impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition()); 1658 this.pAllowedClient = impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition()); 1659 this.pAllowLDAPV2 = impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition()); 1660 this.pAllowStartTLS = impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition()); 1661 this.pAllowTCPReuseAddress = impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition()); 1662 this.pBufferSize = impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition()); 1663 this.pDeniedClient = impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition()); 1664 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 1665 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1666 this.pKeepStats = impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition()); 1667 this.pKeyManagerProvider = impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition()); 1668 this.pListenAddress = impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition()); 1669 this.pListenPort = impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition()); 1670 this.pMaxBlockedWriteTimeLimit = impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition()); 1671 this.pMaxRequestSize = impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition()); 1672 this.pNumRequestHandlers = impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition()); 1673 this.pSendRejectionNotice = impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition()); 1674 this.pSSLCertNickname = impl.getPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition()); 1675 this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1676 this.pSSLClientAuthPolicy = impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition()); 1677 this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1678 this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1679 this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1680 this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1681 this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1682 } 1683 1684 1685 1686 /** 1687 * {@inheritDoc} 1688 */ 1689 public void addLDAPChangeListener( 1690 ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) { 1691 impl.registerChangeListener(listener); 1692 } 1693 1694 1695 1696 /** 1697 * {@inheritDoc} 1698 */ 1699 public void removeLDAPChangeListener( 1700 ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) { 1701 impl.deregisterChangeListener(listener); 1702 } 1703 /** 1704 * {@inheritDoc} 1705 */ 1706 public void addChangeListener( 1707 ConfigurationChangeListener<ConnectionHandlerCfg> listener) { 1708 impl.registerChangeListener(listener); 1709 } 1710 1711 1712 1713 /** 1714 * {@inheritDoc} 1715 */ 1716 public void removeChangeListener( 1717 ConfigurationChangeListener<ConnectionHandlerCfg> listener) { 1718 impl.deregisterChangeListener(listener); 1719 } 1720 1721 1722 1723 /** 1724 * {@inheritDoc} 1725 */ 1726 public int getAcceptBacklog() { 1727 return pAcceptBacklog; 1728 } 1729 1730 1731 1732 /** 1733 * {@inheritDoc} 1734 */ 1735 public SortedSet<AddressMask> getAllowedClient() { 1736 return pAllowedClient; 1737 } 1738 1739 1740 1741 /** 1742 * {@inheritDoc} 1743 */ 1744 public boolean isAllowLDAPV2() { 1745 return pAllowLDAPV2; 1746 } 1747 1748 1749 1750 /** 1751 * {@inheritDoc} 1752 */ 1753 public boolean isAllowStartTLS() { 1754 return pAllowStartTLS; 1755 } 1756 1757 1758 1759 /** 1760 * {@inheritDoc} 1761 */ 1762 public boolean isAllowTCPReuseAddress() { 1763 return pAllowTCPReuseAddress; 1764 } 1765 1766 1767 1768 /** 1769 * {@inheritDoc} 1770 */ 1771 public long getBufferSize() { 1772 return pBufferSize; 1773 } 1774 1775 1776 1777 /** 1778 * {@inheritDoc} 1779 */ 1780 public SortedSet<AddressMask> getDeniedClient() { 1781 return pDeniedClient; 1782 } 1783 1784 1785 1786 /** 1787 * {@inheritDoc} 1788 */ 1789 public boolean isEnabled() { 1790 return pEnabled; 1791 } 1792 1793 1794 1795 /** 1796 * {@inheritDoc} 1797 */ 1798 public String getJavaClass() { 1799 return pJavaClass; 1800 } 1801 1802 1803 1804 /** 1805 * {@inheritDoc} 1806 */ 1807 public boolean isKeepStats() { 1808 return pKeepStats; 1809 } 1810 1811 1812 1813 /** 1814 * {@inheritDoc} 1815 */ 1816 public String getKeyManagerProvider() { 1817 return pKeyManagerProvider; 1818 } 1819 1820 1821 1822 /** 1823 * {@inheritDoc} 1824 */ 1825 public DN getKeyManagerProviderDN() { 1826 String value = getKeyManagerProvider(); 1827 if (value == null) return null; 1828 return INSTANCE.getKeyManagerProviderPropertyDefinition().getChildDN(value); 1829 } 1830 1831 1832 1833 /** 1834 * {@inheritDoc} 1835 */ 1836 public SortedSet<InetAddress> getListenAddress() { 1837 return pListenAddress; 1838 } 1839 1840 1841 1842 /** 1843 * {@inheritDoc} 1844 */ 1845 public int getListenPort() { 1846 return pListenPort; 1847 } 1848 1849 1850 1851 /** 1852 * {@inheritDoc} 1853 */ 1854 public long getMaxBlockedWriteTimeLimit() { 1855 return pMaxBlockedWriteTimeLimit; 1856 } 1857 1858 1859 1860 /** 1861 * {@inheritDoc} 1862 */ 1863 public long getMaxRequestSize() { 1864 return pMaxRequestSize; 1865 } 1866 1867 1868 1869 /** 1870 * {@inheritDoc} 1871 */ 1872 public Integer getNumRequestHandlers() { 1873 return pNumRequestHandlers; 1874 } 1875 1876 1877 1878 /** 1879 * {@inheritDoc} 1880 */ 1881 public boolean isSendRejectionNotice() { 1882 return pSendRejectionNotice; 1883 } 1884 1885 1886 1887 /** 1888 * {@inheritDoc} 1889 */ 1890 public String getSSLCertNickname() { 1891 return pSSLCertNickname; 1892 } 1893 1894 1895 1896 /** 1897 * {@inheritDoc} 1898 */ 1899 public SortedSet<String> getSSLCipherSuite() { 1900 return pSSLCipherSuite; 1901 } 1902 1903 1904 1905 /** 1906 * {@inheritDoc} 1907 */ 1908 public SSLClientAuthPolicy getSSLClientAuthPolicy() { 1909 return pSSLClientAuthPolicy; 1910 } 1911 1912 1913 1914 /** 1915 * {@inheritDoc} 1916 */ 1917 public SortedSet<String> getSSLProtocol() { 1918 return pSSLProtocol; 1919 } 1920 1921 1922 1923 /** 1924 * {@inheritDoc} 1925 */ 1926 public String getTrustManagerProvider() { 1927 return pTrustManagerProvider; 1928 } 1929 1930 1931 1932 /** 1933 * {@inheritDoc} 1934 */ 1935 public DN getTrustManagerProviderDN() { 1936 String value = getTrustManagerProvider(); 1937 if (value == null) return null; 1938 return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value); 1939 } 1940 1941 1942 1943 /** 1944 * {@inheritDoc} 1945 */ 1946 public boolean isUseSSL() { 1947 return pUseSSL; 1948 } 1949 1950 1951 1952 /** 1953 * {@inheritDoc} 1954 */ 1955 public boolean isUseTCPKeepAlive() { 1956 return pUseTCPKeepAlive; 1957 } 1958 1959 1960 1961 /** 1962 * {@inheritDoc} 1963 */ 1964 public boolean isUseTCPNoDelay() { 1965 return pUseTCPNoDelay; 1966 } 1967 1968 1969 1970 /** 1971 * {@inheritDoc} 1972 */ 1973 public Class<? extends LDAPConnectionHandlerCfg> configurationClass() { 1974 return LDAPConnectionHandlerCfg.class; 1975 } 1976 1977 1978 1979 /** 1980 * {@inheritDoc} 1981 */ 1982 public DN dn() { 1983 return impl.getDN(); 1984 } 1985 1986 } 1987}