001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.meta; 027 028 029 030import org.opends.server.admin.AdministratorAction; 031import org.opends.server.admin.AggregationPropertyDefinition; 032import org.opends.server.admin.AliasDefaultBehaviorProvider; 033import org.opends.server.admin.BooleanPropertyDefinition; 034import org.opends.server.admin.ClassPropertyDefinition; 035import org.opends.server.admin.client.AuthorizationException; 036import org.opends.server.admin.client.CommunicationException; 037import org.opends.server.admin.client.ConcurrentModificationException; 038import org.opends.server.admin.client.ManagedObject; 039import org.opends.server.admin.client.MissingMandatoryPropertiesException; 040import org.opends.server.admin.client.OperationRejectedException; 041import org.opends.server.admin.condition.Conditions; 042import org.opends.server.admin.DefaultBehaviorProvider; 043import org.opends.server.admin.DefinedDefaultBehaviorProvider; 044import org.opends.server.admin.EnumPropertyDefinition; 045import org.opends.server.admin.ManagedObjectAlreadyExistsException; 046import org.opends.server.admin.ManagedObjectDefinition; 047import org.opends.server.admin.PropertyOption; 048import org.opends.server.admin.PropertyProvider; 049import org.opends.server.admin.server.ConfigurationChangeListener; 050import org.opends.server.admin.server.ServerManagedObject; 051import org.opends.server.admin.std.client.DigestMD5SASLMechanismHandlerCfgClient; 052import org.opends.server.admin.std.client.IdentityMapperCfgClient; 053import org.opends.server.admin.std.server.DigestMD5SASLMechanismHandlerCfg; 054import org.opends.server.admin.std.server.IdentityMapperCfg; 055import org.opends.server.admin.std.server.SASLMechanismHandlerCfg; 056import org.opends.server.admin.StringPropertyDefinition; 057import org.opends.server.admin.Tag; 058import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 059import org.opends.server.types.DN; 060 061 062 063/** 064 * An interface for querying the Digest MD5 SASL Mechanism Handler 065 * managed object definition meta information. 066 * <p> 067 * The DIGEST-MD5 SASL mechanism is used to perform all processing 068 * related to SASL DIGEST-MD5 authentication. 069 */ 070public final class DigestMD5SASLMechanismHandlerCfgDefn extends ManagedObjectDefinition<DigestMD5SASLMechanismHandlerCfgClient, DigestMD5SASLMechanismHandlerCfg> { 071 072 // The singleton configuration definition instance. 073 private static final DigestMD5SASLMechanismHandlerCfgDefn INSTANCE = new DigestMD5SASLMechanismHandlerCfgDefn(); 074 075 076 077 /** 078 * Defines the set of permissable values for the "quality-of-protection" property. 079 * <p> 080 * The name of a property that specifies the quality of protection 081 * the server will support. 082 */ 083 public static enum QualityOfProtection { 084 085 /** 086 * Quality of protection equals authentication with integrity and 087 * confidentiality protection. 088 */ 089 CONFIDENTIALITY("confidentiality"), 090 091 092 093 /** 094 * Quality of protection equals authentication with integrity 095 * protection. 096 */ 097 INTEGRITY("integrity"), 098 099 100 101 /** 102 * QOP equals authentication only. 103 */ 104 NONE("none"); 105 106 107 108 // String representation of the value. 109 private final String name; 110 111 112 113 // Private constructor. 114 private QualityOfProtection(String name) { this.name = name; } 115 116 117 118 /** 119 * {@inheritDoc} 120 */ 121 public String toString() { return name; } 122 123 } 124 125 126 127 // The "identity-mapper" property definition. 128 private static final AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> PD_IDENTITY_MAPPER; 129 130 131 132 // The "java-class" property definition. 133 private static final ClassPropertyDefinition PD_JAVA_CLASS; 134 135 136 137 // The "quality-of-protection" property definition. 138 private static final EnumPropertyDefinition<QualityOfProtection> PD_QUALITY_OF_PROTECTION; 139 140 141 142 // The "realm" property definition. 143 private static final StringPropertyDefinition PD_REALM; 144 145 146 147 // The "server-fqdn" property definition. 148 private static final StringPropertyDefinition PD_SERVER_FQDN; 149 150 151 152 // Build the "identity-mapper" property definition. 153 static { 154 AggregationPropertyDefinition.Builder<IdentityMapperCfgClient, IdentityMapperCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "identity-mapper"); 155 builder.setOption(PropertyOption.MANDATORY); 156 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "identity-mapper")); 157 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 158 builder.setParentPath("/"); 159 builder.setRelationDefinition("identity-mapper"); 160 builder.setTargetNeedsEnablingCondition(Conditions.contains("enabled", "true")); 161 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 162 PD_IDENTITY_MAPPER = builder.getInstance(); 163 INSTANCE.registerPropertyDefinition(PD_IDENTITY_MAPPER); 164 INSTANCE.registerConstraint(PD_IDENTITY_MAPPER.getSourceConstraint()); 165 } 166 167 168 169 // Build the "java-class" property definition. 170 static { 171 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 172 builder.setOption(PropertyOption.MANDATORY); 173 builder.setOption(PropertyOption.ADVANCED); 174 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 175 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.DigestMD5SASLMechanismHandler"); 176 builder.setDefaultBehaviorProvider(provider); 177 builder.addInstanceOf("org.opends.server.api.SASLMechanismHandler"); 178 PD_JAVA_CLASS = builder.getInstance(); 179 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 180 } 181 182 183 184 // Build the "quality-of-protection" property definition. 185 static { 186 EnumPropertyDefinition.Builder<QualityOfProtection> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "quality-of-protection"); 187 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "quality-of-protection")); 188 DefaultBehaviorProvider<QualityOfProtection> provider = new DefinedDefaultBehaviorProvider<QualityOfProtection>("none"); 189 builder.setDefaultBehaviorProvider(provider); 190 builder.setEnumClass(QualityOfProtection.class); 191 PD_QUALITY_OF_PROTECTION = builder.getInstance(); 192 INSTANCE.registerPropertyDefinition(PD_QUALITY_OF_PROTECTION); 193 } 194 195 196 197 // Build the "realm" property definition. 198 static { 199 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "realm"); 200 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "realm")); 201 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "realm")); 202 builder.setPattern(".*", "STRING"); 203 PD_REALM = builder.getInstance(); 204 INSTANCE.registerPropertyDefinition(PD_REALM); 205 } 206 207 208 209 // Build the "server-fqdn" property definition. 210 static { 211 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "server-fqdn"); 212 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "server-fqdn")); 213 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "server-fqdn")); 214 builder.setPattern(".*", "STRING"); 215 PD_SERVER_FQDN = builder.getInstance(); 216 INSTANCE.registerPropertyDefinition(PD_SERVER_FQDN); 217 } 218 219 220 221 // Register the tags associated with this managed object definition. 222 static { 223 INSTANCE.registerTag(Tag.valueOf("security")); 224 } 225 226 227 228 /** 229 * Get the Digest MD5 SASL Mechanism Handler configuration 230 * definition singleton. 231 * 232 * @return Returns the Digest MD5 SASL Mechanism Handler 233 * configuration definition singleton. 234 */ 235 public static DigestMD5SASLMechanismHandlerCfgDefn getInstance() { 236 return INSTANCE; 237 } 238 239 240 241 /** 242 * Private constructor. 243 */ 244 private DigestMD5SASLMechanismHandlerCfgDefn() { 245 super("digest-md5-sasl-mechanism-handler", SASLMechanismHandlerCfgDefn.getInstance()); 246 } 247 248 249 250 /** 251 * {@inheritDoc} 252 */ 253 public DigestMD5SASLMechanismHandlerCfgClient createClientConfiguration( 254 ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl) { 255 return new DigestMD5SASLMechanismHandlerCfgClientImpl(impl); 256 } 257 258 259 260 /** 261 * {@inheritDoc} 262 */ 263 public DigestMD5SASLMechanismHandlerCfg createServerConfiguration( 264 ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl) { 265 return new DigestMD5SASLMechanismHandlerCfgServerImpl(impl); 266 } 267 268 269 270 /** 271 * {@inheritDoc} 272 */ 273 public Class<DigestMD5SASLMechanismHandlerCfg> getServerConfigurationClass() { 274 return DigestMD5SASLMechanismHandlerCfg.class; 275 } 276 277 278 279 /** 280 * Get the "enabled" property definition. 281 * <p> 282 * Indicates whether the SASL mechanism handler is enabled for use. 283 * 284 * @return Returns the "enabled" property definition. 285 */ 286 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 287 return SASLMechanismHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 288 } 289 290 291 292 /** 293 * Get the "identity-mapper" property definition. 294 * <p> 295 * Specifies the name of the identity mapper that is to be used with 296 * this SASL mechanism handler to match the authentication or 297 * authorization ID included in the SASL bind request to the 298 * corresponding user in the directory. 299 * 300 * @return Returns the "identity-mapper" property definition. 301 */ 302 public AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> getIdentityMapperPropertyDefinition() { 303 return PD_IDENTITY_MAPPER; 304 } 305 306 307 308 /** 309 * Get the "java-class" property definition. 310 * <p> 311 * Specifies the fully-qualified name of the Java class that 312 * provides the SASL mechanism handler implementation. 313 * 314 * @return Returns the "java-class" property definition. 315 */ 316 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 317 return PD_JAVA_CLASS; 318 } 319 320 321 322 /** 323 * Get the "quality-of-protection" property definition. 324 * <p> 325 * The name of a property that specifies the quality of protection 326 * the server will support. 327 * 328 * @return Returns the "quality-of-protection" property definition. 329 */ 330 public EnumPropertyDefinition<QualityOfProtection> getQualityOfProtectionPropertyDefinition() { 331 return PD_QUALITY_OF_PROTECTION; 332 } 333 334 335 336 /** 337 * Get the "realm" property definition. 338 * <p> 339 * Specifies the realms that is to be used by the server for 340 * DIGEST-MD5 authentication. 341 * <p> 342 * If this value is not provided, then the server defaults to use 343 * the fully qualified hostname of the machine. 344 * 345 * @return Returns the "realm" property definition. 346 */ 347 public StringPropertyDefinition getRealmPropertyDefinition() { 348 return PD_REALM; 349 } 350 351 352 353 /** 354 * Get the "server-fqdn" property definition. 355 * <p> 356 * Specifies the DNS-resolvable fully-qualified domain name for the 357 * server that is used when validating the digest-uri parameter 358 * during the authentication process. 359 * <p> 360 * If this configuration attribute is present, then the server 361 * expects that clients use a digest-uri equal to "ldap/" followed by 362 * the value of this attribute. For example, if the attribute has a 363 * value of "directory.example.com", then the server expects clients 364 * to use a digest-uri of "ldap/directory.example.com". If no value 365 * is provided, then the server does not attempt to validate the 366 * digest-uri provided by the client and accepts any value. 367 * 368 * @return Returns the "server-fqdn" property definition. 369 */ 370 public StringPropertyDefinition getServerFqdnPropertyDefinition() { 371 return PD_SERVER_FQDN; 372 } 373 374 375 376 /** 377 * Managed object client implementation. 378 */ 379 private static class DigestMD5SASLMechanismHandlerCfgClientImpl implements 380 DigestMD5SASLMechanismHandlerCfgClient { 381 382 // Private implementation. 383 private ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl; 384 385 386 387 // Private constructor. 388 private DigestMD5SASLMechanismHandlerCfgClientImpl( 389 ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl) { 390 this.impl = impl; 391 } 392 393 394 395 /** 396 * {@inheritDoc} 397 */ 398 public Boolean isEnabled() { 399 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 400 } 401 402 403 404 /** 405 * {@inheritDoc} 406 */ 407 public void setEnabled(boolean value) { 408 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 409 } 410 411 412 413 /** 414 * {@inheritDoc} 415 */ 416 public String getIdentityMapper() { 417 return impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition()); 418 } 419 420 421 422 /** 423 * {@inheritDoc} 424 */ 425 public void setIdentityMapper(String value) { 426 impl.setPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition(), value); 427 } 428 429 430 431 /** 432 * {@inheritDoc} 433 */ 434 public String getJavaClass() { 435 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 436 } 437 438 439 440 /** 441 * {@inheritDoc} 442 */ 443 public void setJavaClass(String value) { 444 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 445 } 446 447 448 449 /** 450 * {@inheritDoc} 451 */ 452 public QualityOfProtection getQualityOfProtection() { 453 return impl.getPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition()); 454 } 455 456 457 458 /** 459 * {@inheritDoc} 460 */ 461 public void setQualityOfProtection(QualityOfProtection value) { 462 impl.setPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition(), value); 463 } 464 465 466 467 /** 468 * {@inheritDoc} 469 */ 470 public String getRealm() { 471 return impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition()); 472 } 473 474 475 476 /** 477 * {@inheritDoc} 478 */ 479 public void setRealm(String value) { 480 impl.setPropertyValue(INSTANCE.getRealmPropertyDefinition(), value); 481 } 482 483 484 485 /** 486 * {@inheritDoc} 487 */ 488 public String getServerFqdn() { 489 return impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition()); 490 } 491 492 493 494 /** 495 * {@inheritDoc} 496 */ 497 public void setServerFqdn(String value) { 498 impl.setPropertyValue(INSTANCE.getServerFqdnPropertyDefinition(), value); 499 } 500 501 502 503 /** 504 * {@inheritDoc} 505 */ 506 public ManagedObjectDefinition<? extends DigestMD5SASLMechanismHandlerCfgClient, ? extends DigestMD5SASLMechanismHandlerCfg> definition() { 507 return INSTANCE; 508 } 509 510 511 512 /** 513 * {@inheritDoc} 514 */ 515 public PropertyProvider properties() { 516 return impl; 517 } 518 519 520 521 /** 522 * {@inheritDoc} 523 */ 524 public void commit() throws ManagedObjectAlreadyExistsException, 525 MissingMandatoryPropertiesException, ConcurrentModificationException, 526 OperationRejectedException, AuthorizationException, 527 CommunicationException { 528 impl.commit(); 529 } 530 531 } 532 533 534 535 /** 536 * Managed object server implementation. 537 */ 538 private static class DigestMD5SASLMechanismHandlerCfgServerImpl implements 539 DigestMD5SASLMechanismHandlerCfg { 540 541 // Private implementation. 542 private ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl; 543 544 // The value of the "enabled" property. 545 private final boolean pEnabled; 546 547 // The value of the "identity-mapper" property. 548 private final String pIdentityMapper; 549 550 // The value of the "java-class" property. 551 private final String pJavaClass; 552 553 // The value of the "quality-of-protection" property. 554 private final QualityOfProtection pQualityOfProtection; 555 556 // The value of the "realm" property. 557 private final String pRealm; 558 559 // The value of the "server-fqdn" property. 560 private final String pServerFqdn; 561 562 563 564 // Private constructor. 565 private DigestMD5SASLMechanismHandlerCfgServerImpl(ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl) { 566 this.impl = impl; 567 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 568 this.pIdentityMapper = impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition()); 569 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 570 this.pQualityOfProtection = impl.getPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition()); 571 this.pRealm = impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition()); 572 this.pServerFqdn = impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition()); 573 } 574 575 576 577 /** 578 * {@inheritDoc} 579 */ 580 public void addDigestMD5ChangeListener( 581 ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener) { 582 impl.registerChangeListener(listener); 583 } 584 585 586 587 /** 588 * {@inheritDoc} 589 */ 590 public void removeDigestMD5ChangeListener( 591 ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener) { 592 impl.deregisterChangeListener(listener); 593 } 594 /** 595 * {@inheritDoc} 596 */ 597 public void addChangeListener( 598 ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) { 599 impl.registerChangeListener(listener); 600 } 601 602 603 604 /** 605 * {@inheritDoc} 606 */ 607 public void removeChangeListener( 608 ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) { 609 impl.deregisterChangeListener(listener); 610 } 611 612 613 614 /** 615 * {@inheritDoc} 616 */ 617 public boolean isEnabled() { 618 return pEnabled; 619 } 620 621 622 623 /** 624 * {@inheritDoc} 625 */ 626 public String getIdentityMapper() { 627 return pIdentityMapper; 628 } 629 630 631 632 /** 633 * {@inheritDoc} 634 */ 635 public DN getIdentityMapperDN() { 636 String value = getIdentityMapper(); 637 if (value == null) return null; 638 return INSTANCE.getIdentityMapperPropertyDefinition().getChildDN(value); 639 } 640 641 642 643 /** 644 * {@inheritDoc} 645 */ 646 public String getJavaClass() { 647 return pJavaClass; 648 } 649 650 651 652 /** 653 * {@inheritDoc} 654 */ 655 public QualityOfProtection getQualityOfProtection() { 656 return pQualityOfProtection; 657 } 658 659 660 661 /** 662 * {@inheritDoc} 663 */ 664 public String getRealm() { 665 return pRealm; 666 } 667 668 669 670 /** 671 * {@inheritDoc} 672 */ 673 public String getServerFqdn() { 674 return pServerFqdn; 675 } 676 677 678 679 /** 680 * {@inheritDoc} 681 */ 682 public Class<? extends DigestMD5SASLMechanismHandlerCfg> configurationClass() { 683 return DigestMD5SASLMechanismHandlerCfg.class; 684 } 685 686 687 688 /** 689 * {@inheritDoc} 690 */ 691 public DN dn() { 692 return impl.getDN(); 693 } 694 695 } 696}