001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.meta; 027 028 029 030import org.opends.server.admin.AdministratorAction; 031import org.opends.server.admin.BooleanPropertyDefinition; 032import org.opends.server.admin.ClassPropertyDefinition; 033import org.opends.server.admin.client.AuthorizationException; 034import org.opends.server.admin.client.CommunicationException; 035import org.opends.server.admin.client.ConcurrentModificationException; 036import org.opends.server.admin.client.ManagedObject; 037import org.opends.server.admin.client.MissingMandatoryPropertiesException; 038import org.opends.server.admin.client.OperationRejectedException; 039import org.opends.server.admin.DefaultBehaviorProvider; 040import org.opends.server.admin.DefinedDefaultBehaviorProvider; 041import org.opends.server.admin.EnumPropertyDefinition; 042import org.opends.server.admin.ManagedObjectAlreadyExistsException; 043import org.opends.server.admin.ManagedObjectDefinition; 044import org.opends.server.admin.PropertyOption; 045import org.opends.server.admin.PropertyProvider; 046import org.opends.server.admin.server.ConfigurationChangeListener; 047import org.opends.server.admin.server.ServerManagedObject; 048import org.opends.server.admin.std.client.CryptPasswordStorageSchemeCfgClient; 049import org.opends.server.admin.std.server.CryptPasswordStorageSchemeCfg; 050import org.opends.server.admin.std.server.PasswordStorageSchemeCfg; 051import org.opends.server.admin.Tag; 052import org.opends.server.types.DN; 053 054 055 056/** 057 * An interface for querying the Crypt Password Storage Scheme managed 058 * object definition meta information. 059 * <p> 060 * The Crypt Password Storage Scheme provides a mechanism for encoding 061 * user passwords like Unix crypt does. Like on most Unix systems, the 062 * password may be encrypted using different algorithms, either Unix 063 * crypt, md5, sha256 or sha512. 064 */ 065public final class CryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<CryptPasswordStorageSchemeCfgClient, CryptPasswordStorageSchemeCfg> { 066 067 // The singleton configuration definition instance. 068 private static final CryptPasswordStorageSchemeCfgDefn INSTANCE = new CryptPasswordStorageSchemeCfgDefn(); 069 070 071 072 /** 073 * Defines the set of permissable values for the "crypt-password-storage-encryption-algorithm" property. 074 * <p> 075 * Specifies the algorithm to use to encrypt new passwords. 076 * <p> 077 * Select the crypt algorithm to use to encrypt new passwords. The 078 * value can either be "unix", which means the password is encrypted 079 * with the weak Unix crypt algorithm, or "md5" which means the 080 * password is encrypted with the BSD MD5 algorithm and has a $1$ 081 * prefix, or "sha256" which means the password is encrypted with the 082 * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the 083 * password is encrypted with the SHA512 algorithm and has a $6$ 084 * prefix. 085 */ 086 public static enum CryptPasswordStorageEncryptionAlgorithm { 087 088 /** 089 * New passwords are encrypted with the BSD MD5 algorithm. 090 */ 091 MD5("md5"), 092 093 094 095 /** 096 * New passwords are encrypted with the Unix crypt SHA256 097 * algorithm. 098 */ 099 SHA256("sha256"), 100 101 102 103 /** 104 * New passwords are encrypted with the Unix crypt SHA512 105 * algorithm. 106 */ 107 SHA512("sha512"), 108 109 110 111 /** 112 * New passwords are encrypted with the Unix crypt algorithm. 113 * Passwords are truncated at 8 characters and the top bit of each 114 * character is ignored. 115 */ 116 UNIX("unix"); 117 118 119 120 // String representation of the value. 121 private final String name; 122 123 124 125 // Private constructor. 126 private CryptPasswordStorageEncryptionAlgorithm(String name) { this.name = name; } 127 128 129 130 /** 131 * {@inheritDoc} 132 */ 133 public String toString() { return name; } 134 135 } 136 137 138 139 // The "crypt-password-storage-encryption-algorithm" property definition. 140 private static final EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM; 141 142 143 144 // The "java-class" property definition. 145 private static final ClassPropertyDefinition PD_JAVA_CLASS; 146 147 148 149 // Build the "crypt-password-storage-encryption-algorithm" property definition. 150 static { 151 EnumPropertyDefinition.Builder<CryptPasswordStorageEncryptionAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "crypt-password-storage-encryption-algorithm"); 152 builder.setOption(PropertyOption.MANDATORY); 153 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "crypt-password-storage-encryption-algorithm")); 154 DefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm> provider = new DefinedDefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm>("unix"); 155 builder.setDefaultBehaviorProvider(provider); 156 builder.setEnumClass(CryptPasswordStorageEncryptionAlgorithm.class); 157 PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM = builder.getInstance(); 158 INSTANCE.registerPropertyDefinition(PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM); 159 } 160 161 162 163 // Build the "java-class" property definition. 164 static { 165 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 166 builder.setOption(PropertyOption.MANDATORY); 167 builder.setOption(PropertyOption.ADVANCED); 168 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 169 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.CryptPasswordStorageScheme"); 170 builder.setDefaultBehaviorProvider(provider); 171 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 172 PD_JAVA_CLASS = builder.getInstance(); 173 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 174 } 175 176 177 178 // Register the tags associated with this managed object definition. 179 static { 180 INSTANCE.registerTag(Tag.valueOf("user-management")); 181 } 182 183 184 185 /** 186 * Get the Crypt Password Storage Scheme configuration definition 187 * singleton. 188 * 189 * @return Returns the Crypt Password Storage Scheme configuration 190 * definition singleton. 191 */ 192 public static CryptPasswordStorageSchemeCfgDefn getInstance() { 193 return INSTANCE; 194 } 195 196 197 198 /** 199 * Private constructor. 200 */ 201 private CryptPasswordStorageSchemeCfgDefn() { 202 super("crypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 203 } 204 205 206 207 /** 208 * {@inheritDoc} 209 */ 210 public CryptPasswordStorageSchemeCfgClient createClientConfiguration( 211 ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) { 212 return new CryptPasswordStorageSchemeCfgClientImpl(impl); 213 } 214 215 216 217 /** 218 * {@inheritDoc} 219 */ 220 public CryptPasswordStorageSchemeCfg createServerConfiguration( 221 ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) { 222 return new CryptPasswordStorageSchemeCfgServerImpl(impl); 223 } 224 225 226 227 /** 228 * {@inheritDoc} 229 */ 230 public Class<CryptPasswordStorageSchemeCfg> getServerConfigurationClass() { 231 return CryptPasswordStorageSchemeCfg.class; 232 } 233 234 235 236 /** 237 * Get the "crypt-password-storage-encryption-algorithm" property definition. 238 * <p> 239 * Specifies the algorithm to use to encrypt new passwords. 240 * <p> 241 * Select the crypt algorithm to use to encrypt new passwords. The 242 * value can either be "unix", which means the password is encrypted 243 * with the weak Unix crypt algorithm, or "md5" which means the 244 * password is encrypted with the BSD MD5 algorithm and has a $1$ 245 * prefix, or "sha256" which means the password is encrypted with the 246 * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the 247 * password is encrypted with the SHA512 algorithm and has a $6$ 248 * prefix. 249 * 250 * @return Returns the "crypt-password-storage-encryption-algorithm" property definition. 251 */ 252 public EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition() { 253 return PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM; 254 } 255 256 257 258 /** 259 * Get the "enabled" property definition. 260 * <p> 261 * Indicates whether the Crypt Password Storage Scheme is enabled 262 * for use. 263 * 264 * @return Returns the "enabled" property definition. 265 */ 266 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 267 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 268 } 269 270 271 272 /** 273 * Get the "java-class" property definition. 274 * <p> 275 * Specifies the fully-qualified name of the Java class that 276 * provides the Crypt Password Storage Scheme implementation. 277 * 278 * @return Returns the "java-class" property definition. 279 */ 280 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 281 return PD_JAVA_CLASS; 282 } 283 284 285 286 /** 287 * Managed object client implementation. 288 */ 289 private static class CryptPasswordStorageSchemeCfgClientImpl implements 290 CryptPasswordStorageSchemeCfgClient { 291 292 // Private implementation. 293 private ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl; 294 295 296 297 // Private constructor. 298 private CryptPasswordStorageSchemeCfgClientImpl( 299 ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) { 300 this.impl = impl; 301 } 302 303 304 305 /** 306 * {@inheritDoc} 307 */ 308 public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() { 309 return impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition()); 310 } 311 312 313 314 /** 315 * {@inheritDoc} 316 */ 317 public void setCryptPasswordStorageEncryptionAlgorithm(CryptPasswordStorageEncryptionAlgorithm value) { 318 impl.setPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition(), value); 319 } 320 321 322 323 /** 324 * {@inheritDoc} 325 */ 326 public Boolean isEnabled() { 327 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 328 } 329 330 331 332 /** 333 * {@inheritDoc} 334 */ 335 public void setEnabled(boolean value) { 336 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 337 } 338 339 340 341 /** 342 * {@inheritDoc} 343 */ 344 public String getJavaClass() { 345 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 346 } 347 348 349 350 /** 351 * {@inheritDoc} 352 */ 353 public void setJavaClass(String value) { 354 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 355 } 356 357 358 359 /** 360 * {@inheritDoc} 361 */ 362 public ManagedObjectDefinition<? extends CryptPasswordStorageSchemeCfgClient, ? extends CryptPasswordStorageSchemeCfg> definition() { 363 return INSTANCE; 364 } 365 366 367 368 /** 369 * {@inheritDoc} 370 */ 371 public PropertyProvider properties() { 372 return impl; 373 } 374 375 376 377 /** 378 * {@inheritDoc} 379 */ 380 public void commit() throws ManagedObjectAlreadyExistsException, 381 MissingMandatoryPropertiesException, ConcurrentModificationException, 382 OperationRejectedException, AuthorizationException, 383 CommunicationException { 384 impl.commit(); 385 } 386 387 } 388 389 390 391 /** 392 * Managed object server implementation. 393 */ 394 private static class CryptPasswordStorageSchemeCfgServerImpl implements 395 CryptPasswordStorageSchemeCfg { 396 397 // Private implementation. 398 private ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl; 399 400 // The value of the "crypt-password-storage-encryption-algorithm" property. 401 private final CryptPasswordStorageEncryptionAlgorithm pCryptPasswordStorageEncryptionAlgorithm; 402 403 // The value of the "enabled" property. 404 private final boolean pEnabled; 405 406 // The value of the "java-class" property. 407 private final String pJavaClass; 408 409 410 411 // Private constructor. 412 private CryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) { 413 this.impl = impl; 414 this.pCryptPasswordStorageEncryptionAlgorithm = impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition()); 415 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 416 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 417 } 418 419 420 421 /** 422 * {@inheritDoc} 423 */ 424 public void addCryptChangeListener( 425 ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) { 426 impl.registerChangeListener(listener); 427 } 428 429 430 431 /** 432 * {@inheritDoc} 433 */ 434 public void removeCryptChangeListener( 435 ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) { 436 impl.deregisterChangeListener(listener); 437 } 438 /** 439 * {@inheritDoc} 440 */ 441 public void addChangeListener( 442 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 443 impl.registerChangeListener(listener); 444 } 445 446 447 448 /** 449 * {@inheritDoc} 450 */ 451 public void removeChangeListener( 452 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 453 impl.deregisterChangeListener(listener); 454 } 455 456 457 458 /** 459 * {@inheritDoc} 460 */ 461 public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() { 462 return pCryptPasswordStorageEncryptionAlgorithm; 463 } 464 465 466 467 /** 468 * {@inheritDoc} 469 */ 470 public boolean isEnabled() { 471 return pEnabled; 472 } 473 474 475 476 /** 477 * {@inheritDoc} 478 */ 479 public String getJavaClass() { 480 return pJavaClass; 481 } 482 483 484 485 /** 486 * {@inheritDoc} 487 */ 488 public Class<? extends CryptPasswordStorageSchemeCfg> configurationClass() { 489 return CryptPasswordStorageSchemeCfg.class; 490 } 491 492 493 494 /** 495 * {@inheritDoc} 496 */ 497 public DN dn() { 498 return impl.getDN(); 499 } 500 501 } 502}