001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.meta;
027
028
029
030import org.opends.server.admin.AdministratorAction;
031import org.opends.server.admin.BooleanPropertyDefinition;
032import org.opends.server.admin.ClassPropertyDefinition;
033import org.opends.server.admin.client.AuthorizationException;
034import org.opends.server.admin.client.CommunicationException;
035import org.opends.server.admin.client.ConcurrentModificationException;
036import org.opends.server.admin.client.ManagedObject;
037import org.opends.server.admin.client.MissingMandatoryPropertiesException;
038import org.opends.server.admin.client.OperationRejectedException;
039import org.opends.server.admin.DefaultBehaviorProvider;
040import org.opends.server.admin.DefinedDefaultBehaviorProvider;
041import org.opends.server.admin.EnumPropertyDefinition;
042import org.opends.server.admin.ManagedObjectAlreadyExistsException;
043import org.opends.server.admin.ManagedObjectDefinition;
044import org.opends.server.admin.PropertyOption;
045import org.opends.server.admin.PropertyProvider;
046import org.opends.server.admin.server.ConfigurationChangeListener;
047import org.opends.server.admin.server.ServerManagedObject;
048import org.opends.server.admin.std.client.CryptPasswordStorageSchemeCfgClient;
049import org.opends.server.admin.std.server.CryptPasswordStorageSchemeCfg;
050import org.opends.server.admin.std.server.PasswordStorageSchemeCfg;
051import org.opends.server.admin.Tag;
052import org.opends.server.types.DN;
053
054
055
056/**
057 * An interface for querying the Crypt Password Storage Scheme managed
058 * object definition meta information.
059 * <p>
060 * The Crypt Password Storage Scheme provides a mechanism for encoding
061 * user passwords like Unix crypt does. Like on most Unix systems, the
062 * password may be encrypted using different algorithms, either Unix
063 * crypt, md5, sha256 or sha512.
064 */
065public final class CryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<CryptPasswordStorageSchemeCfgClient, CryptPasswordStorageSchemeCfg> {
066
067  // The singleton configuration definition instance.
068  private static final CryptPasswordStorageSchemeCfgDefn INSTANCE = new CryptPasswordStorageSchemeCfgDefn();
069
070
071
072  /**
073   * Defines the set of permissable values for the "crypt-password-storage-encryption-algorithm" property.
074   * <p>
075   * Specifies the algorithm to use to encrypt new passwords.
076   * <p>
077   * Select the crypt algorithm to use to encrypt new passwords. The
078   * value can either be "unix", which means the password is encrypted
079   * with the weak Unix crypt algorithm, or "md5" which means the
080   * password is encrypted with the BSD MD5 algorithm and has a $1$
081   * prefix, or "sha256" which means the password is encrypted with the
082   * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the
083   * password is encrypted with the SHA512 algorithm and has a $6$
084   * prefix.
085   */
086  public static enum CryptPasswordStorageEncryptionAlgorithm {
087
088    /**
089     * New passwords are encrypted with the BSD MD5 algorithm.
090     */
091    MD5("md5"),
092
093
094
095    /**
096     * New passwords are encrypted with the Unix crypt SHA256
097     * algorithm.
098     */
099    SHA256("sha256"),
100
101
102
103    /**
104     * New passwords are encrypted with the Unix crypt SHA512
105     * algorithm.
106     */
107    SHA512("sha512"),
108
109
110
111    /**
112     * New passwords are encrypted with the Unix crypt algorithm.
113     * Passwords are truncated at 8 characters and the top bit of each
114     * character is ignored.
115     */
116    UNIX("unix");
117
118
119
120    // String representation of the value.
121    private final String name;
122
123
124
125    // Private constructor.
126    private CryptPasswordStorageEncryptionAlgorithm(String name) { this.name = name; }
127
128
129
130    /**
131     * {@inheritDoc}
132     */
133    public String toString() { return name; }
134
135  }
136
137
138
139  // The "crypt-password-storage-encryption-algorithm" property definition.
140  private static final EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM;
141
142
143
144  // The "java-class" property definition.
145  private static final ClassPropertyDefinition PD_JAVA_CLASS;
146
147
148
149  // Build the "crypt-password-storage-encryption-algorithm" property definition.
150  static {
151      EnumPropertyDefinition.Builder<CryptPasswordStorageEncryptionAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "crypt-password-storage-encryption-algorithm");
152      builder.setOption(PropertyOption.MANDATORY);
153      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "crypt-password-storage-encryption-algorithm"));
154      DefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm> provider = new DefinedDefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm>("unix");
155      builder.setDefaultBehaviorProvider(provider);
156      builder.setEnumClass(CryptPasswordStorageEncryptionAlgorithm.class);
157      PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM = builder.getInstance();
158      INSTANCE.registerPropertyDefinition(PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM);
159  }
160
161
162
163  // Build the "java-class" property definition.
164  static {
165      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
166      builder.setOption(PropertyOption.MANDATORY);
167      builder.setOption(PropertyOption.ADVANCED);
168      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class"));
169      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.CryptPasswordStorageScheme");
170      builder.setDefaultBehaviorProvider(provider);
171      builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme");
172      PD_JAVA_CLASS = builder.getInstance();
173      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
174  }
175
176
177
178  // Register the tags associated with this managed object definition.
179  static {
180    INSTANCE.registerTag(Tag.valueOf("user-management"));
181  }
182
183
184
185  /**
186   * Get the Crypt Password Storage Scheme configuration definition
187   * singleton.
188   *
189   * @return Returns the Crypt Password Storage Scheme configuration
190   *         definition singleton.
191   */
192  public static CryptPasswordStorageSchemeCfgDefn getInstance() {
193    return INSTANCE;
194  }
195
196
197
198  /**
199   * Private constructor.
200   */
201  private CryptPasswordStorageSchemeCfgDefn() {
202    super("crypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance());
203  }
204
205
206
207  /**
208   * {@inheritDoc}
209   */
210  public CryptPasswordStorageSchemeCfgClient createClientConfiguration(
211      ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) {
212    return new CryptPasswordStorageSchemeCfgClientImpl(impl);
213  }
214
215
216
217  /**
218   * {@inheritDoc}
219   */
220  public CryptPasswordStorageSchemeCfg createServerConfiguration(
221      ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) {
222    return new CryptPasswordStorageSchemeCfgServerImpl(impl);
223  }
224
225
226
227  /**
228   * {@inheritDoc}
229   */
230  public Class<CryptPasswordStorageSchemeCfg> getServerConfigurationClass() {
231    return CryptPasswordStorageSchemeCfg.class;
232  }
233
234
235
236  /**
237   * Get the "crypt-password-storage-encryption-algorithm" property definition.
238   * <p>
239   * Specifies the algorithm to use to encrypt new passwords.
240   * <p>
241   * Select the crypt algorithm to use to encrypt new passwords. The
242   * value can either be "unix", which means the password is encrypted
243   * with the weak Unix crypt algorithm, or "md5" which means the
244   * password is encrypted with the BSD MD5 algorithm and has a $1$
245   * prefix, or "sha256" which means the password is encrypted with the
246   * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the
247   * password is encrypted with the SHA512 algorithm and has a $6$
248   * prefix.
249   *
250   * @return Returns the "crypt-password-storage-encryption-algorithm" property definition.
251   */
252  public EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition() {
253    return PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM;
254  }
255
256
257
258  /**
259   * Get the "enabled" property definition.
260   * <p>
261   * Indicates whether the Crypt Password Storage Scheme is enabled
262   * for use.
263   *
264   * @return Returns the "enabled" property definition.
265   */
266  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
267    return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition();
268  }
269
270
271
272  /**
273   * Get the "java-class" property definition.
274   * <p>
275   * Specifies the fully-qualified name of the Java class that
276   * provides the Crypt Password Storage Scheme implementation.
277   *
278   * @return Returns the "java-class" property definition.
279   */
280  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
281    return PD_JAVA_CLASS;
282  }
283
284
285
286  /**
287   * Managed object client implementation.
288   */
289  private static class CryptPasswordStorageSchemeCfgClientImpl implements
290    CryptPasswordStorageSchemeCfgClient {
291
292    // Private implementation.
293    private ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl;
294
295
296
297    // Private constructor.
298    private CryptPasswordStorageSchemeCfgClientImpl(
299        ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) {
300      this.impl = impl;
301    }
302
303
304
305    /**
306     * {@inheritDoc}
307     */
308    public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() {
309      return impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition());
310    }
311
312
313
314    /**
315     * {@inheritDoc}
316     */
317    public void setCryptPasswordStorageEncryptionAlgorithm(CryptPasswordStorageEncryptionAlgorithm value) {
318      impl.setPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition(), value);
319    }
320
321
322
323    /**
324     * {@inheritDoc}
325     */
326    public Boolean isEnabled() {
327      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
328    }
329
330
331
332    /**
333     * {@inheritDoc}
334     */
335    public void setEnabled(boolean value) {
336      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
337    }
338
339
340
341    /**
342     * {@inheritDoc}
343     */
344    public String getJavaClass() {
345      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
346    }
347
348
349
350    /**
351     * {@inheritDoc}
352     */
353    public void setJavaClass(String value) {
354      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
355    }
356
357
358
359    /**
360     * {@inheritDoc}
361     */
362    public ManagedObjectDefinition<? extends CryptPasswordStorageSchemeCfgClient, ? extends CryptPasswordStorageSchemeCfg> definition() {
363      return INSTANCE;
364    }
365
366
367
368    /**
369     * {@inheritDoc}
370     */
371    public PropertyProvider properties() {
372      return impl;
373    }
374
375
376
377    /**
378     * {@inheritDoc}
379     */
380    public void commit() throws ManagedObjectAlreadyExistsException,
381        MissingMandatoryPropertiesException, ConcurrentModificationException,
382        OperationRejectedException, AuthorizationException,
383        CommunicationException {
384      impl.commit();
385    }
386
387  }
388
389
390
391  /**
392   * Managed object server implementation.
393   */
394  private static class CryptPasswordStorageSchemeCfgServerImpl implements
395    CryptPasswordStorageSchemeCfg {
396
397    // Private implementation.
398    private ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl;
399
400    // The value of the "crypt-password-storage-encryption-algorithm" property.
401    private final CryptPasswordStorageEncryptionAlgorithm pCryptPasswordStorageEncryptionAlgorithm;
402
403    // The value of the "enabled" property.
404    private final boolean pEnabled;
405
406    // The value of the "java-class" property.
407    private final String pJavaClass;
408
409
410
411    // Private constructor.
412    private CryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) {
413      this.impl = impl;
414      this.pCryptPasswordStorageEncryptionAlgorithm = impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition());
415      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
416      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
417    }
418
419
420
421    /**
422     * {@inheritDoc}
423     */
424    public void addCryptChangeListener(
425        ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) {
426      impl.registerChangeListener(listener);
427    }
428
429
430
431    /**
432     * {@inheritDoc}
433     */
434    public void removeCryptChangeListener(
435        ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) {
436      impl.deregisterChangeListener(listener);
437    }
438    /**
439     * {@inheritDoc}
440     */
441    public void addChangeListener(
442        ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) {
443      impl.registerChangeListener(listener);
444    }
445
446
447
448    /**
449     * {@inheritDoc}
450     */
451    public void removeChangeListener(
452        ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) {
453      impl.deregisterChangeListener(listener);
454    }
455
456
457
458    /**
459     * {@inheritDoc}
460     */
461    public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() {
462      return pCryptPasswordStorageEncryptionAlgorithm;
463    }
464
465
466
467    /**
468     * {@inheritDoc}
469     */
470    public boolean isEnabled() {
471      return pEnabled;
472    }
473
474
475
476    /**
477     * {@inheritDoc}
478     */
479    public String getJavaClass() {
480      return pJavaClass;
481    }
482
483
484
485    /**
486     * {@inheritDoc}
487     */
488    public Class<? extends CryptPasswordStorageSchemeCfg> configurationClass() {
489      return CryptPasswordStorageSchemeCfg.class;
490    }
491
492
493
494    /**
495     * {@inheritDoc}
496     */
497    public DN dn() {
498      return impl.getDN();
499    }
500
501  }
502}