001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.meta;
027
028
029
030import org.opends.server.admin.AdministratorAction;
031import org.opends.server.admin.BooleanPropertyDefinition;
032import org.opends.server.admin.ClassPropertyDefinition;
033import org.opends.server.admin.client.AuthorizationException;
034import org.opends.server.admin.client.CommunicationException;
035import org.opends.server.admin.client.ConcurrentModificationException;
036import org.opends.server.admin.client.ManagedObject;
037import org.opends.server.admin.client.MissingMandatoryPropertiesException;
038import org.opends.server.admin.client.OperationRejectedException;
039import org.opends.server.admin.DefaultBehaviorProvider;
040import org.opends.server.admin.DefinedDefaultBehaviorProvider;
041import org.opends.server.admin.IntegerPropertyDefinition;
042import org.opends.server.admin.ManagedObjectAlreadyExistsException;
043import org.opends.server.admin.ManagedObjectDefinition;
044import org.opends.server.admin.PropertyOption;
045import org.opends.server.admin.PropertyProvider;
046import org.opends.server.admin.server.ConfigurationChangeListener;
047import org.opends.server.admin.server.ServerManagedObject;
048import org.opends.server.admin.std.client.DictionaryPasswordValidatorCfgClient;
049import org.opends.server.admin.std.server.DictionaryPasswordValidatorCfg;
050import org.opends.server.admin.std.server.PasswordValidatorCfg;
051import org.opends.server.admin.StringPropertyDefinition;
052import org.opends.server.admin.Tag;
053import org.opends.server.types.DN;
054
055
056
057/**
058 * An interface for querying the Dictionary Password Validator managed
059 * object definition meta information.
060 * <p>
061 * The Dictionary Password Validator determines whether a proposed
062 * password is acceptable based on whether the given password value
063 * appears in a provided dictionary file.
064 */
065public final class DictionaryPasswordValidatorCfgDefn extends ManagedObjectDefinition<DictionaryPasswordValidatorCfgClient, DictionaryPasswordValidatorCfg> {
066
067  // The singleton configuration definition instance.
068  private static final DictionaryPasswordValidatorCfgDefn INSTANCE = new DictionaryPasswordValidatorCfgDefn();
069
070
071
072  // The "case-sensitive-validation" property definition.
073  private static final BooleanPropertyDefinition PD_CASE_SENSITIVE_VALIDATION;
074
075
076
077  // The "check-substrings" property definition.
078  private static final BooleanPropertyDefinition PD_CHECK_SUBSTRINGS;
079
080
081
082  // The "dictionary-file" property definition.
083  private static final StringPropertyDefinition PD_DICTIONARY_FILE;
084
085
086
087  // The "java-class" property definition.
088  private static final ClassPropertyDefinition PD_JAVA_CLASS;
089
090
091
092  // The "min-substring-length" property definition.
093  private static final IntegerPropertyDefinition PD_MIN_SUBSTRING_LENGTH;
094
095
096
097  // The "test-reversed-password" property definition.
098  private static final BooleanPropertyDefinition PD_TEST_REVERSED_PASSWORD;
099
100
101
102  // Build the "case-sensitive-validation" property definition.
103  static {
104      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "case-sensitive-validation");
105      builder.setOption(PropertyOption.MANDATORY);
106      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "case-sensitive-validation"));
107      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
108      builder.setDefaultBehaviorProvider(provider);
109      PD_CASE_SENSITIVE_VALIDATION = builder.getInstance();
110      INSTANCE.registerPropertyDefinition(PD_CASE_SENSITIVE_VALIDATION);
111  }
112
113
114
115  // Build the "check-substrings" property definition.
116  static {
117      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "check-substrings");
118      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "check-substrings"));
119      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
120      builder.setDefaultBehaviorProvider(provider);
121      PD_CHECK_SUBSTRINGS = builder.getInstance();
122      INSTANCE.registerPropertyDefinition(PD_CHECK_SUBSTRINGS);
123  }
124
125
126
127  // Build the "dictionary-file" property definition.
128  static {
129      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "dictionary-file");
130      builder.setOption(PropertyOption.MANDATORY);
131      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "dictionary-file"));
132      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("For Unix and Linux systems: config/wordlist.txt. For Windows systems: config\\wordlist.txt");
133      builder.setDefaultBehaviorProvider(provider);
134      builder.setPattern(".*", "FILE");
135      PD_DICTIONARY_FILE = builder.getInstance();
136      INSTANCE.registerPropertyDefinition(PD_DICTIONARY_FILE);
137  }
138
139
140
141  // Build the "java-class" property definition.
142  static {
143      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
144      builder.setOption(PropertyOption.MANDATORY);
145      builder.setOption(PropertyOption.ADVANCED);
146      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
147      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.DictionaryPasswordValidator");
148      builder.setDefaultBehaviorProvider(provider);
149      builder.addInstanceOf("org.opends.server.api.PasswordValidator");
150      PD_JAVA_CLASS = builder.getInstance();
151      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
152  }
153
154
155
156  // Build the "min-substring-length" property definition.
157  static {
158      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "min-substring-length");
159      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-substring-length"));
160      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("5");
161      builder.setDefaultBehaviorProvider(provider);
162      PD_MIN_SUBSTRING_LENGTH = builder.getInstance();
163      INSTANCE.registerPropertyDefinition(PD_MIN_SUBSTRING_LENGTH);
164  }
165
166
167
168  // Build the "test-reversed-password" property definition.
169  static {
170      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "test-reversed-password");
171      builder.setOption(PropertyOption.MANDATORY);
172      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "test-reversed-password"));
173      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
174      builder.setDefaultBehaviorProvider(provider);
175      PD_TEST_REVERSED_PASSWORD = builder.getInstance();
176      INSTANCE.registerPropertyDefinition(PD_TEST_REVERSED_PASSWORD);
177  }
178
179
180
181  // Register the tags associated with this managed object definition.
182  static {
183    INSTANCE.registerTag(Tag.valueOf("user-management"));
184  }
185
186
187
188  /**
189   * Get the Dictionary Password Validator configuration definition
190   * singleton.
191   *
192   * @return Returns the Dictionary Password Validator configuration
193   *         definition singleton.
194   */
195  public static DictionaryPasswordValidatorCfgDefn getInstance() {
196    return INSTANCE;
197  }
198
199
200
201  /**
202   * Private constructor.
203   */
204  private DictionaryPasswordValidatorCfgDefn() {
205    super("dictionary-password-validator", PasswordValidatorCfgDefn.getInstance());
206  }
207
208
209
210  /**
211   * {@inheritDoc}
212   */
213  public DictionaryPasswordValidatorCfgClient createClientConfiguration(
214      ManagedObject<? extends DictionaryPasswordValidatorCfgClient> impl) {
215    return new DictionaryPasswordValidatorCfgClientImpl(impl);
216  }
217
218
219
220  /**
221   * {@inheritDoc}
222   */
223  public DictionaryPasswordValidatorCfg createServerConfiguration(
224      ServerManagedObject<? extends DictionaryPasswordValidatorCfg> impl) {
225    return new DictionaryPasswordValidatorCfgServerImpl(impl);
226  }
227
228
229
230  /**
231   * {@inheritDoc}
232   */
233  public Class<DictionaryPasswordValidatorCfg> getServerConfigurationClass() {
234    return DictionaryPasswordValidatorCfg.class;
235  }
236
237
238
239  /**
240   * Get the "case-sensitive-validation" property definition.
241   * <p>
242   * Indicates whether this password validator is to treat password
243   * characters in a case-sensitive manner.
244   * <p>
245   * If it is set to true, then the validator rejects a password only
246   * if it appears in the dictionary with exactly the same
247   * capitalization as provided by the user.
248   *
249   * @return Returns the "case-sensitive-validation" property definition.
250   */
251  public BooleanPropertyDefinition getCaseSensitiveValidationPropertyDefinition() {
252    return PD_CASE_SENSITIVE_VALIDATION;
253  }
254
255
256
257  /**
258   * Get the "check-substrings" property definition.
259   * <p>
260   * Indicates whether this password validator is to match portions of
261   * the password string against dictionary words.
262   * <p>
263   * If "false" then only match the entire password against words
264   * otherwise ("true") check whether the password contains words.
265   *
266   * @return Returns the "check-substrings" property definition.
267   */
268  public BooleanPropertyDefinition getCheckSubstringsPropertyDefinition() {
269    return PD_CHECK_SUBSTRINGS;
270  }
271
272
273
274  /**
275   * Get the "dictionary-file" property definition.
276   * <p>
277   * Specifies the path to the file containing a list of words that
278   * cannot be used as passwords.
279   * <p>
280   * It should be formatted with one word per line. The value can be
281   * an absolute path or a path that is relative to the OpenDJ instance
282   * root.
283   *
284   * @return Returns the "dictionary-file" property definition.
285   */
286  public StringPropertyDefinition getDictionaryFilePropertyDefinition() {
287    return PD_DICTIONARY_FILE;
288  }
289
290
291
292  /**
293   * Get the "enabled" property definition.
294   * <p>
295   * Indicates whether the password validator is enabled for use.
296   *
297   * @return Returns the "enabled" property definition.
298   */
299  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
300    return PasswordValidatorCfgDefn.getInstance().getEnabledPropertyDefinition();
301  }
302
303
304
305  /**
306   * Get the "java-class" property definition.
307   * <p>
308   * Specifies the fully-qualified name of the Java class that
309   * provides the password validator implementation.
310   *
311   * @return Returns the "java-class" property definition.
312   */
313  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
314    return PD_JAVA_CLASS;
315  }
316
317
318
319  /**
320   * Get the "min-substring-length" property definition.
321   * <p>
322   * Indicates the minimal length of the substring within the password
323   * in case substring checking is enabled.
324   * <p>
325   * If "check-substrings" option is set to true, then this parameter
326   * defines the length of the smallest word which should be used for
327   * substring matching. Use with caution because values below 3 might
328   * disqualify valid passwords.
329   *
330   * @return Returns the "min-substring-length" property definition.
331   */
332  public IntegerPropertyDefinition getMinSubstringLengthPropertyDefinition() {
333    return PD_MIN_SUBSTRING_LENGTH;
334  }
335
336
337
338  /**
339   * Get the "test-reversed-password" property definition.
340   * <p>
341   * Indicates whether this password validator is to test the reversed
342   * value of the provided password as well as the order in which it
343   * was given.
344   * <p>
345   * For example, if the user provides a new password of "password"
346   * and this configuration attribute is set to true, then the value
347   * "drowssap" is also tested against attribute values in the user's
348   * entry.
349   *
350   * @return Returns the "test-reversed-password" property definition.
351   */
352  public BooleanPropertyDefinition getTestReversedPasswordPropertyDefinition() {
353    return PD_TEST_REVERSED_PASSWORD;
354  }
355
356
357
358  /**
359   * Managed object client implementation.
360   */
361  private static class DictionaryPasswordValidatorCfgClientImpl implements
362    DictionaryPasswordValidatorCfgClient {
363
364    // Private implementation.
365    private ManagedObject<? extends DictionaryPasswordValidatorCfgClient> impl;
366
367
368
369    // Private constructor.
370    private DictionaryPasswordValidatorCfgClientImpl(
371        ManagedObject<? extends DictionaryPasswordValidatorCfgClient> impl) {
372      this.impl = impl;
373    }
374
375
376
377    /**
378     * {@inheritDoc}
379     */
380    public boolean isCaseSensitiveValidation() {
381      return impl.getPropertyValue(INSTANCE.getCaseSensitiveValidationPropertyDefinition());
382    }
383
384
385
386    /**
387     * {@inheritDoc}
388     */
389    public void setCaseSensitiveValidation(boolean value) {
390      impl.setPropertyValue(INSTANCE.getCaseSensitiveValidationPropertyDefinition(), value);
391    }
392
393
394
395    /**
396     * {@inheritDoc}
397     */
398    public boolean isCheckSubstrings() {
399      return impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition());
400    }
401
402
403
404    /**
405     * {@inheritDoc}
406     */
407    public void setCheckSubstrings(Boolean value) {
408      impl.setPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition(), value);
409    }
410
411
412
413    /**
414     * {@inheritDoc}
415     */
416    public String getDictionaryFile() {
417      return impl.getPropertyValue(INSTANCE.getDictionaryFilePropertyDefinition());
418    }
419
420
421
422    /**
423     * {@inheritDoc}
424     */
425    public void setDictionaryFile(String value) {
426      impl.setPropertyValue(INSTANCE.getDictionaryFilePropertyDefinition(), value);
427    }
428
429
430
431    /**
432     * {@inheritDoc}
433     */
434    public Boolean isEnabled() {
435      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
436    }
437
438
439
440    /**
441     * {@inheritDoc}
442     */
443    public void setEnabled(boolean value) {
444      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
445    }
446
447
448
449    /**
450     * {@inheritDoc}
451     */
452    public String getJavaClass() {
453      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
454    }
455
456
457
458    /**
459     * {@inheritDoc}
460     */
461    public void setJavaClass(String value) {
462      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
463    }
464
465
466
467    /**
468     * {@inheritDoc}
469     */
470    public int getMinSubstringLength() {
471      return impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition());
472    }
473
474
475
476    /**
477     * {@inheritDoc}
478     */
479    public void setMinSubstringLength(Integer value) {
480      impl.setPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition(), value);
481    }
482
483
484
485    /**
486     * {@inheritDoc}
487     */
488    public boolean isTestReversedPassword() {
489      return impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition());
490    }
491
492
493
494    /**
495     * {@inheritDoc}
496     */
497    public void setTestReversedPassword(boolean value) {
498      impl.setPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition(), value);
499    }
500
501
502
503    /**
504     * {@inheritDoc}
505     */
506    public ManagedObjectDefinition<? extends DictionaryPasswordValidatorCfgClient, ? extends DictionaryPasswordValidatorCfg> definition() {
507      return INSTANCE;
508    }
509
510
511
512    /**
513     * {@inheritDoc}
514     */
515    public PropertyProvider properties() {
516      return impl;
517    }
518
519
520
521    /**
522     * {@inheritDoc}
523     */
524    public void commit() throws ManagedObjectAlreadyExistsException,
525        MissingMandatoryPropertiesException, ConcurrentModificationException,
526        OperationRejectedException, AuthorizationException,
527        CommunicationException {
528      impl.commit();
529    }
530
531  }
532
533
534
535  /**
536   * Managed object server implementation.
537   */
538  private static class DictionaryPasswordValidatorCfgServerImpl implements
539    DictionaryPasswordValidatorCfg {
540
541    // Private implementation.
542    private ServerManagedObject<? extends DictionaryPasswordValidatorCfg> impl;
543
544    // The value of the "case-sensitive-validation" property.
545    private final boolean pCaseSensitiveValidation;
546
547    // The value of the "check-substrings" property.
548    private final boolean pCheckSubstrings;
549
550    // The value of the "dictionary-file" property.
551    private final String pDictionaryFile;
552
553    // The value of the "enabled" property.
554    private final boolean pEnabled;
555
556    // The value of the "java-class" property.
557    private final String pJavaClass;
558
559    // The value of the "min-substring-length" property.
560    private final int pMinSubstringLength;
561
562    // The value of the "test-reversed-password" property.
563    private final boolean pTestReversedPassword;
564
565
566
567    // Private constructor.
568    private DictionaryPasswordValidatorCfgServerImpl(ServerManagedObject<? extends DictionaryPasswordValidatorCfg> impl) {
569      this.impl = impl;
570      this.pCaseSensitiveValidation = impl.getPropertyValue(INSTANCE.getCaseSensitiveValidationPropertyDefinition());
571      this.pCheckSubstrings = impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition());
572      this.pDictionaryFile = impl.getPropertyValue(INSTANCE.getDictionaryFilePropertyDefinition());
573      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
574      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
575      this.pMinSubstringLength = impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition());
576      this.pTestReversedPassword = impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition());
577    }
578
579
580
581    /**
582     * {@inheritDoc}
583     */
584    public void addDictionaryChangeListener(
585        ConfigurationChangeListener<DictionaryPasswordValidatorCfg> listener) {
586      impl.registerChangeListener(listener);
587    }
588
589
590
591    /**
592     * {@inheritDoc}
593     */
594    public void removeDictionaryChangeListener(
595        ConfigurationChangeListener<DictionaryPasswordValidatorCfg> listener) {
596      impl.deregisterChangeListener(listener);
597    }
598    /**
599     * {@inheritDoc}
600     */
601    public void addChangeListener(
602        ConfigurationChangeListener<PasswordValidatorCfg> listener) {
603      impl.registerChangeListener(listener);
604    }
605
606
607
608    /**
609     * {@inheritDoc}
610     */
611    public void removeChangeListener(
612        ConfigurationChangeListener<PasswordValidatorCfg> listener) {
613      impl.deregisterChangeListener(listener);
614    }
615
616
617
618    /**
619     * {@inheritDoc}
620     */
621    public boolean isCaseSensitiveValidation() {
622      return pCaseSensitiveValidation;
623    }
624
625
626
627    /**
628     * {@inheritDoc}
629     */
630    public boolean isCheckSubstrings() {
631      return pCheckSubstrings;
632    }
633
634
635
636    /**
637     * {@inheritDoc}
638     */
639    public String getDictionaryFile() {
640      return pDictionaryFile;
641    }
642
643
644
645    /**
646     * {@inheritDoc}
647     */
648    public boolean isEnabled() {
649      return pEnabled;
650    }
651
652
653
654    /**
655     * {@inheritDoc}
656     */
657    public String getJavaClass() {
658      return pJavaClass;
659    }
660
661
662
663    /**
664     * {@inheritDoc}
665     */
666    public int getMinSubstringLength() {
667      return pMinSubstringLength;
668    }
669
670
671
672    /**
673     * {@inheritDoc}
674     */
675    public boolean isTestReversedPassword() {
676      return pTestReversedPassword;
677    }
678
679
680
681    /**
682     * {@inheritDoc}
683     */
684    public Class<? extends DictionaryPasswordValidatorCfg> configurationClass() {
685      return DictionaryPasswordValidatorCfg.class;
686    }
687
688
689
690    /**
691     * {@inheritDoc}
692     */
693    public DN dn() {
694      return impl.getDN();
695    }
696
697  }
698}