001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.meta; 027 028 029 030import java.util.Collection; 031import java.util.SortedSet; 032import org.opends.server.admin.AdministratorAction; 033import org.opends.server.admin.AliasDefaultBehaviorProvider; 034import org.opends.server.admin.AttributeTypePropertyDefinition; 035import org.opends.server.admin.BooleanPropertyDefinition; 036import org.opends.server.admin.ClassPropertyDefinition; 037import org.opends.server.admin.client.AuthorizationException; 038import org.opends.server.admin.client.CommunicationException; 039import org.opends.server.admin.client.ConcurrentModificationException; 040import org.opends.server.admin.client.ManagedObject; 041import org.opends.server.admin.client.MissingMandatoryPropertiesException; 042import org.opends.server.admin.client.OperationRejectedException; 043import org.opends.server.admin.DefaultBehaviorProvider; 044import org.opends.server.admin.DefinedDefaultBehaviorProvider; 045import org.opends.server.admin.IntegerPropertyDefinition; 046import org.opends.server.admin.ManagedObjectAlreadyExistsException; 047import org.opends.server.admin.ManagedObjectDefinition; 048import org.opends.server.admin.PropertyOption; 049import org.opends.server.admin.PropertyProvider; 050import org.opends.server.admin.server.ConfigurationChangeListener; 051import org.opends.server.admin.server.ServerManagedObject; 052import org.opends.server.admin.std.client.AttributeValuePasswordValidatorCfgClient; 053import org.opends.server.admin.std.server.AttributeValuePasswordValidatorCfg; 054import org.opends.server.admin.std.server.PasswordValidatorCfg; 055import org.opends.server.admin.Tag; 056import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 057import org.opends.server.types.AttributeType; 058import org.opends.server.types.DN; 059 060 061 062/** 063 * An interface for querying the Attribute Value Password Validator 064 * managed object definition meta information. 065 * <p> 066 * The Attribute Value Password Validator attempts to determine 067 * whether a proposed password is acceptable for use by determining 068 * whether that password is contained in any attribute within the 069 * user's entry. 070 */ 071public final class AttributeValuePasswordValidatorCfgDefn extends ManagedObjectDefinition<AttributeValuePasswordValidatorCfgClient, AttributeValuePasswordValidatorCfg> { 072 073 // The singleton configuration definition instance. 074 private static final AttributeValuePasswordValidatorCfgDefn INSTANCE = new AttributeValuePasswordValidatorCfgDefn(); 075 076 077 078 // The "check-substrings" property definition. 079 private static final BooleanPropertyDefinition PD_CHECK_SUBSTRINGS; 080 081 082 083 // The "java-class" property definition. 084 private static final ClassPropertyDefinition PD_JAVA_CLASS; 085 086 087 088 // The "match-attribute" property definition. 089 private static final AttributeTypePropertyDefinition PD_MATCH_ATTRIBUTE; 090 091 092 093 // The "min-substring-length" property definition. 094 private static final IntegerPropertyDefinition PD_MIN_SUBSTRING_LENGTH; 095 096 097 098 // The "test-reversed-password" property definition. 099 private static final BooleanPropertyDefinition PD_TEST_REVERSED_PASSWORD; 100 101 102 103 // Build the "check-substrings" property definition. 104 static { 105 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "check-substrings"); 106 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "check-substrings")); 107 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 108 builder.setDefaultBehaviorProvider(provider); 109 PD_CHECK_SUBSTRINGS = builder.getInstance(); 110 INSTANCE.registerPropertyDefinition(PD_CHECK_SUBSTRINGS); 111 } 112 113 114 115 // Build the "java-class" property definition. 116 static { 117 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 118 builder.setOption(PropertyOption.MANDATORY); 119 builder.setOption(PropertyOption.ADVANCED); 120 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 121 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.AttributeValuePasswordValidator"); 122 builder.setDefaultBehaviorProvider(provider); 123 builder.addInstanceOf("org.opends.server.api.PasswordValidator"); 124 PD_JAVA_CLASS = builder.getInstance(); 125 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 126 } 127 128 129 130 // Build the "match-attribute" property definition. 131 static { 132 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "match-attribute"); 133 builder.setOption(PropertyOption.MULTI_VALUED); 134 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "match-attribute")); 135 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<AttributeType>(INSTANCE, "match-attribute")); 136 PD_MATCH_ATTRIBUTE = builder.getInstance(); 137 INSTANCE.registerPropertyDefinition(PD_MATCH_ATTRIBUTE); 138 } 139 140 141 142 // Build the "min-substring-length" property definition. 143 static { 144 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "min-substring-length"); 145 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-substring-length")); 146 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("5"); 147 builder.setDefaultBehaviorProvider(provider); 148 PD_MIN_SUBSTRING_LENGTH = builder.getInstance(); 149 INSTANCE.registerPropertyDefinition(PD_MIN_SUBSTRING_LENGTH); 150 } 151 152 153 154 // Build the "test-reversed-password" property definition. 155 static { 156 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "test-reversed-password"); 157 builder.setOption(PropertyOption.MANDATORY); 158 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "test-reversed-password")); 159 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Boolean>()); 160 PD_TEST_REVERSED_PASSWORD = builder.getInstance(); 161 INSTANCE.registerPropertyDefinition(PD_TEST_REVERSED_PASSWORD); 162 } 163 164 165 166 // Register the tags associated with this managed object definition. 167 static { 168 INSTANCE.registerTag(Tag.valueOf("user-management")); 169 } 170 171 172 173 /** 174 * Get the Attribute Value Password Validator configuration 175 * definition singleton. 176 * 177 * @return Returns the Attribute Value Password Validator 178 * configuration definition singleton. 179 */ 180 public static AttributeValuePasswordValidatorCfgDefn getInstance() { 181 return INSTANCE; 182 } 183 184 185 186 /** 187 * Private constructor. 188 */ 189 private AttributeValuePasswordValidatorCfgDefn() { 190 super("attribute-value-password-validator", PasswordValidatorCfgDefn.getInstance()); 191 } 192 193 194 195 /** 196 * {@inheritDoc} 197 */ 198 public AttributeValuePasswordValidatorCfgClient createClientConfiguration( 199 ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl) { 200 return new AttributeValuePasswordValidatorCfgClientImpl(impl); 201 } 202 203 204 205 /** 206 * {@inheritDoc} 207 */ 208 public AttributeValuePasswordValidatorCfg createServerConfiguration( 209 ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl) { 210 return new AttributeValuePasswordValidatorCfgServerImpl(impl); 211 } 212 213 214 215 /** 216 * {@inheritDoc} 217 */ 218 public Class<AttributeValuePasswordValidatorCfg> getServerConfigurationClass() { 219 return AttributeValuePasswordValidatorCfg.class; 220 } 221 222 223 224 /** 225 * Get the "check-substrings" property definition. 226 * <p> 227 * Indicates whether this password validator is to match portions of 228 * the password string against attribute values. 229 * <p> 230 * If "false" then only match the entire password against attribute 231 * values otherwise ("true") check whether the password contains 232 * attribute values. 233 * 234 * @return Returns the "check-substrings" property definition. 235 */ 236 public BooleanPropertyDefinition getCheckSubstringsPropertyDefinition() { 237 return PD_CHECK_SUBSTRINGS; 238 } 239 240 241 242 /** 243 * Get the "enabled" property definition. 244 * <p> 245 * Indicates whether the password validator is enabled for use. 246 * 247 * @return Returns the "enabled" property definition. 248 */ 249 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 250 return PasswordValidatorCfgDefn.getInstance().getEnabledPropertyDefinition(); 251 } 252 253 254 255 /** 256 * Get the "java-class" property definition. 257 * <p> 258 * Specifies the fully-qualified name of the Java class that 259 * provides the password validator implementation. 260 * 261 * @return Returns the "java-class" property definition. 262 */ 263 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 264 return PD_JAVA_CLASS; 265 } 266 267 268 269 /** 270 * Get the "match-attribute" property definition. 271 * <p> 272 * Specifies the name(s) of the attribute(s) whose values should be 273 * checked to determine whether they match the provided password. If 274 * no values are provided, then the server checks if the proposed 275 * password matches the value of any attribute in the user's entry. 276 * 277 * @return Returns the "match-attribute" property definition. 278 */ 279 public AttributeTypePropertyDefinition getMatchAttributePropertyDefinition() { 280 return PD_MATCH_ATTRIBUTE; 281 } 282 283 284 285 /** 286 * Get the "min-substring-length" property definition. 287 * <p> 288 * Indicates the minimal length of the substring within the password 289 * in case substring checking is enabled. 290 * <p> 291 * If "check-substrings" option is set to true, then this parameter 292 * defines the length of the smallest word which should be used for 293 * substring matching. Use with caution because values below 3 might 294 * disqualify valid passwords. 295 * 296 * @return Returns the "min-substring-length" property definition. 297 */ 298 public IntegerPropertyDefinition getMinSubstringLengthPropertyDefinition() { 299 return PD_MIN_SUBSTRING_LENGTH; 300 } 301 302 303 304 /** 305 * Get the "test-reversed-password" property definition. 306 * <p> 307 * Indicates whether this password validator should test the 308 * reversed value of the provided password as well as the order in 309 * which it was given. 310 * 311 * @return Returns the "test-reversed-password" property definition. 312 */ 313 public BooleanPropertyDefinition getTestReversedPasswordPropertyDefinition() { 314 return PD_TEST_REVERSED_PASSWORD; 315 } 316 317 318 319 /** 320 * Managed object client implementation. 321 */ 322 private static class AttributeValuePasswordValidatorCfgClientImpl implements 323 AttributeValuePasswordValidatorCfgClient { 324 325 // Private implementation. 326 private ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl; 327 328 329 330 // Private constructor. 331 private AttributeValuePasswordValidatorCfgClientImpl( 332 ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl) { 333 this.impl = impl; 334 } 335 336 337 338 /** 339 * {@inheritDoc} 340 */ 341 public boolean isCheckSubstrings() { 342 return impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition()); 343 } 344 345 346 347 /** 348 * {@inheritDoc} 349 */ 350 public void setCheckSubstrings(Boolean value) { 351 impl.setPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition(), value); 352 } 353 354 355 356 /** 357 * {@inheritDoc} 358 */ 359 public Boolean isEnabled() { 360 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 361 } 362 363 364 365 /** 366 * {@inheritDoc} 367 */ 368 public void setEnabled(boolean value) { 369 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 370 } 371 372 373 374 /** 375 * {@inheritDoc} 376 */ 377 public String getJavaClass() { 378 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 379 } 380 381 382 383 /** 384 * {@inheritDoc} 385 */ 386 public void setJavaClass(String value) { 387 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 388 } 389 390 391 392 /** 393 * {@inheritDoc} 394 */ 395 public SortedSet<AttributeType> getMatchAttribute() { 396 return impl.getPropertyValues(INSTANCE.getMatchAttributePropertyDefinition()); 397 } 398 399 400 401 /** 402 * {@inheritDoc} 403 */ 404 public void setMatchAttribute(Collection<AttributeType> values) { 405 impl.setPropertyValues(INSTANCE.getMatchAttributePropertyDefinition(), values); 406 } 407 408 409 410 /** 411 * {@inheritDoc} 412 */ 413 public int getMinSubstringLength() { 414 return impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition()); 415 } 416 417 418 419 /** 420 * {@inheritDoc} 421 */ 422 public void setMinSubstringLength(Integer value) { 423 impl.setPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition(), value); 424 } 425 426 427 428 /** 429 * {@inheritDoc} 430 */ 431 public Boolean isTestReversedPassword() { 432 return impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition()); 433 } 434 435 436 437 /** 438 * {@inheritDoc} 439 */ 440 public void setTestReversedPassword(boolean value) { 441 impl.setPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition(), value); 442 } 443 444 445 446 /** 447 * {@inheritDoc} 448 */ 449 public ManagedObjectDefinition<? extends AttributeValuePasswordValidatorCfgClient, ? extends AttributeValuePasswordValidatorCfg> definition() { 450 return INSTANCE; 451 } 452 453 454 455 /** 456 * {@inheritDoc} 457 */ 458 public PropertyProvider properties() { 459 return impl; 460 } 461 462 463 464 /** 465 * {@inheritDoc} 466 */ 467 public void commit() throws ManagedObjectAlreadyExistsException, 468 MissingMandatoryPropertiesException, ConcurrentModificationException, 469 OperationRejectedException, AuthorizationException, 470 CommunicationException { 471 impl.commit(); 472 } 473 474 } 475 476 477 478 /** 479 * Managed object server implementation. 480 */ 481 private static class AttributeValuePasswordValidatorCfgServerImpl implements 482 AttributeValuePasswordValidatorCfg { 483 484 // Private implementation. 485 private ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl; 486 487 // The value of the "check-substrings" property. 488 private final boolean pCheckSubstrings; 489 490 // The value of the "enabled" property. 491 private final boolean pEnabled; 492 493 // The value of the "java-class" property. 494 private final String pJavaClass; 495 496 // The value of the "match-attribute" property. 497 private final SortedSet<AttributeType> pMatchAttribute; 498 499 // The value of the "min-substring-length" property. 500 private final int pMinSubstringLength; 501 502 // The value of the "test-reversed-password" property. 503 private final boolean pTestReversedPassword; 504 505 506 507 // Private constructor. 508 private AttributeValuePasswordValidatorCfgServerImpl(ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl) { 509 this.impl = impl; 510 this.pCheckSubstrings = impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition()); 511 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 512 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 513 this.pMatchAttribute = impl.getPropertyValues(INSTANCE.getMatchAttributePropertyDefinition()); 514 this.pMinSubstringLength = impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition()); 515 this.pTestReversedPassword = impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition()); 516 } 517 518 519 520 /** 521 * {@inheritDoc} 522 */ 523 public void addAttributeValueChangeListener( 524 ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener) { 525 impl.registerChangeListener(listener); 526 } 527 528 529 530 /** 531 * {@inheritDoc} 532 */ 533 public void removeAttributeValueChangeListener( 534 ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener) { 535 impl.deregisterChangeListener(listener); 536 } 537 /** 538 * {@inheritDoc} 539 */ 540 public void addChangeListener( 541 ConfigurationChangeListener<PasswordValidatorCfg> listener) { 542 impl.registerChangeListener(listener); 543 } 544 545 546 547 /** 548 * {@inheritDoc} 549 */ 550 public void removeChangeListener( 551 ConfigurationChangeListener<PasswordValidatorCfg> listener) { 552 impl.deregisterChangeListener(listener); 553 } 554 555 556 557 /** 558 * {@inheritDoc} 559 */ 560 public boolean isCheckSubstrings() { 561 return pCheckSubstrings; 562 } 563 564 565 566 /** 567 * {@inheritDoc} 568 */ 569 public boolean isEnabled() { 570 return pEnabled; 571 } 572 573 574 575 /** 576 * {@inheritDoc} 577 */ 578 public String getJavaClass() { 579 return pJavaClass; 580 } 581 582 583 584 /** 585 * {@inheritDoc} 586 */ 587 public SortedSet<AttributeType> getMatchAttribute() { 588 return pMatchAttribute; 589 } 590 591 592 593 /** 594 * {@inheritDoc} 595 */ 596 public int getMinSubstringLength() { 597 return pMinSubstringLength; 598 } 599 600 601 602 /** 603 * {@inheritDoc} 604 */ 605 public boolean isTestReversedPassword() { 606 return pTestReversedPassword; 607 } 608 609 610 611 /** 612 * {@inheritDoc} 613 */ 614 public Class<? extends AttributeValuePasswordValidatorCfg> configurationClass() { 615 return AttributeValuePasswordValidatorCfg.class; 616 } 617 618 619 620 /** 621 * {@inheritDoc} 622 */ 623 public DN dn() { 624 return impl.getDN(); 625 } 626 627 } 628}