001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.meta; 027 028 029 030import java.util.Collection; 031import java.util.SortedSet; 032import org.opends.server.admin.AdministratorAction; 033import org.opends.server.admin.AliasDefaultBehaviorProvider; 034import org.opends.server.admin.BooleanPropertyDefinition; 035import org.opends.server.admin.ClassPropertyDefinition; 036import org.opends.server.admin.client.AuthorizationException; 037import org.opends.server.admin.client.CommunicationException; 038import org.opends.server.admin.client.ConcurrentModificationException; 039import org.opends.server.admin.client.ManagedObject; 040import org.opends.server.admin.client.MissingMandatoryPropertiesException; 041import org.opends.server.admin.client.OperationRejectedException; 042import org.opends.server.admin.DefaultBehaviorProvider; 043import org.opends.server.admin.DefinedDefaultBehaviorProvider; 044import org.opends.server.admin.DNPropertyDefinition; 045import org.opends.server.admin.ManagedObjectAlreadyExistsException; 046import org.opends.server.admin.ManagedObjectDefinition; 047import org.opends.server.admin.PropertyOption; 048import org.opends.server.admin.PropertyProvider; 049import org.opends.server.admin.server.ConfigurationChangeListener; 050import org.opends.server.admin.server.ServerManagedObject; 051import org.opends.server.admin.std.client.SubjectAttributeToUserAttributeCertificateMapperCfgClient; 052import org.opends.server.admin.std.server.CertificateMapperCfg; 053import org.opends.server.admin.std.server.SubjectAttributeToUserAttributeCertificateMapperCfg; 054import org.opends.server.admin.StringPropertyDefinition; 055import org.opends.server.admin.Tag; 056import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 057import org.opends.server.types.DN; 058 059 060 061/** 062 * An interface for querying the Subject Attribute To User Attribute 063 * Certificate Mapper managed object definition meta information. 064 * <p> 065 * The Subject Attribute To User Attribute Certificate Mapper maps 066 * client certificates to user entries by mapping the values of 067 * attributes contained in the certificate subject to attributes 068 * contained in user entries. 069 */ 070public final class SubjectAttributeToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectAttributeToUserAttributeCertificateMapperCfgClient, SubjectAttributeToUserAttributeCertificateMapperCfg> { 071 072 // The singleton configuration definition instance. 073 private static final SubjectAttributeToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectAttributeToUserAttributeCertificateMapperCfgDefn(); 074 075 076 077 // The "java-class" property definition. 078 private static final ClassPropertyDefinition PD_JAVA_CLASS; 079 080 081 082 // The "subject-attribute-mapping" property definition. 083 private static final StringPropertyDefinition PD_SUBJECT_ATTRIBUTE_MAPPING; 084 085 086 087 // The "user-base-dn" property definition. 088 private static final DNPropertyDefinition PD_USER_BASE_DN; 089 090 091 092 // Build the "java-class" property definition. 093 static { 094 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 095 builder.setOption(PropertyOption.MANDATORY); 096 builder.setOption(PropertyOption.ADVANCED); 097 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 098 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper"); 099 builder.setDefaultBehaviorProvider(provider); 100 builder.addInstanceOf("org.opends.server.api.CertificateMapper"); 101 PD_JAVA_CLASS = builder.getInstance(); 102 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 103 } 104 105 106 107 // Build the "subject-attribute-mapping" property definition. 108 static { 109 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "subject-attribute-mapping"); 110 builder.setOption(PropertyOption.MULTI_VALUED); 111 builder.setOption(PropertyOption.MANDATORY); 112 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute-mapping")); 113 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 114 PD_SUBJECT_ATTRIBUTE_MAPPING = builder.getInstance(); 115 INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE_MAPPING); 116 } 117 118 119 120 // Build the "user-base-dn" property definition. 121 static { 122 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn"); 123 builder.setOption(PropertyOption.MULTI_VALUED); 124 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn")); 125 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn")); 126 PD_USER_BASE_DN = builder.getInstance(); 127 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN); 128 } 129 130 131 132 // Register the tags associated with this managed object definition. 133 static { 134 INSTANCE.registerTag(Tag.valueOf("security")); 135 INSTANCE.registerTag(Tag.valueOf("user-management")); 136 } 137 138 139 140 /** 141 * Get the Subject Attribute To User Attribute Certificate Mapper 142 * configuration definition singleton. 143 * 144 * @return Returns the Subject Attribute To User Attribute 145 * Certificate Mapper configuration definition singleton. 146 */ 147 public static SubjectAttributeToUserAttributeCertificateMapperCfgDefn getInstance() { 148 return INSTANCE; 149 } 150 151 152 153 /** 154 * Private constructor. 155 */ 156 private SubjectAttributeToUserAttributeCertificateMapperCfgDefn() { 157 super("subject-attribute-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance()); 158 } 159 160 161 162 /** 163 * {@inheritDoc} 164 */ 165 public SubjectAttributeToUserAttributeCertificateMapperCfgClient createClientConfiguration( 166 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 167 return new SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl(impl); 168 } 169 170 171 172 /** 173 * {@inheritDoc} 174 */ 175 public SubjectAttributeToUserAttributeCertificateMapperCfg createServerConfiguration( 176 ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 177 return new SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(impl); 178 } 179 180 181 182 /** 183 * {@inheritDoc} 184 */ 185 public Class<SubjectAttributeToUserAttributeCertificateMapperCfg> getServerConfigurationClass() { 186 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 187 } 188 189 190 191 /** 192 * Get the "enabled" property definition. 193 * <p> 194 * Indicates whether the Subject Attribute To User Attribute 195 * Certificate Mapper is enabled. 196 * 197 * @return Returns the "enabled" property definition. 198 */ 199 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 200 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition(); 201 } 202 203 204 205 /** 206 * Get the "java-class" property definition. 207 * <p> 208 * Specifies the fully-qualified name of the Java class that 209 * provides the Subject Attribute To User Attribute Certificate 210 * Mapper implementation. 211 * 212 * @return Returns the "java-class" property definition. 213 */ 214 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 215 return PD_JAVA_CLASS; 216 } 217 218 219 220 /** 221 * Get the "subject-attribute-mapping" property definition. 222 * <p> 223 * Specifies a mapping between certificate attributes and user 224 * attributes. 225 * <p> 226 * Each value should be in the form "certattr:userattr" where 227 * certattr is the name of the attribute in the certificate subject 228 * and userattr is the name of the corresponding attribute in user 229 * entries. There may be multiple mappings defined, and when 230 * performing the mapping values for all attributes present in the 231 * certificate subject that have mappings defined must be present in 232 * the corresponding user entries. 233 * 234 * @return Returns the "subject-attribute-mapping" property definition. 235 */ 236 public StringPropertyDefinition getSubjectAttributeMappingPropertyDefinition() { 237 return PD_SUBJECT_ATTRIBUTE_MAPPING; 238 } 239 240 241 242 /** 243 * Get the "user-base-dn" property definition. 244 * <p> 245 * Specifies the base DNs that should be used when performing 246 * searches to map the client certificate to a user entry. 247 * 248 * @return Returns the "user-base-dn" property definition. 249 */ 250 public DNPropertyDefinition getUserBaseDNPropertyDefinition() { 251 return PD_USER_BASE_DN; 252 } 253 254 255 256 /** 257 * Managed object client implementation. 258 */ 259 private static class SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl implements 260 SubjectAttributeToUserAttributeCertificateMapperCfgClient { 261 262 // Private implementation. 263 private ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl; 264 265 266 267 // Private constructor. 268 private SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl( 269 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 270 this.impl = impl; 271 } 272 273 274 275 /** 276 * {@inheritDoc} 277 */ 278 public Boolean isEnabled() { 279 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 280 } 281 282 283 284 /** 285 * {@inheritDoc} 286 */ 287 public void setEnabled(boolean value) { 288 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 289 } 290 291 292 293 /** 294 * {@inheritDoc} 295 */ 296 public String getJavaClass() { 297 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 298 } 299 300 301 302 /** 303 * {@inheritDoc} 304 */ 305 public void setJavaClass(String value) { 306 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 307 } 308 309 310 311 /** 312 * {@inheritDoc} 313 */ 314 public SortedSet<String> getSubjectAttributeMapping() { 315 return impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 316 } 317 318 319 320 /** 321 * {@inheritDoc} 322 */ 323 public void setSubjectAttributeMapping(Collection<String> values) { 324 impl.setPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition(), values); 325 } 326 327 328 329 /** 330 * {@inheritDoc} 331 */ 332 public SortedSet<DN> getUserBaseDN() { 333 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 334 } 335 336 337 338 /** 339 * {@inheritDoc} 340 */ 341 public void setUserBaseDN(Collection<DN> values) { 342 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values); 343 } 344 345 346 347 /** 348 * {@inheritDoc} 349 */ 350 public ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient, ? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition() { 351 return INSTANCE; 352 } 353 354 355 356 /** 357 * {@inheritDoc} 358 */ 359 public PropertyProvider properties() { 360 return impl; 361 } 362 363 364 365 /** 366 * {@inheritDoc} 367 */ 368 public void commit() throws ManagedObjectAlreadyExistsException, 369 MissingMandatoryPropertiesException, ConcurrentModificationException, 370 OperationRejectedException, AuthorizationException, 371 CommunicationException { 372 impl.commit(); 373 } 374 375 } 376 377 378 379 /** 380 * Managed object server implementation. 381 */ 382 private static class SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl implements 383 SubjectAttributeToUserAttributeCertificateMapperCfg { 384 385 // Private implementation. 386 private ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl; 387 388 // The value of the "enabled" property. 389 private final boolean pEnabled; 390 391 // The value of the "java-class" property. 392 private final String pJavaClass; 393 394 // The value of the "subject-attribute-mapping" property. 395 private final SortedSet<String> pSubjectAttributeMapping; 396 397 // The value of the "user-base-dn" property. 398 private final SortedSet<DN> pUserBaseDN; 399 400 401 402 // Private constructor. 403 private SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 404 this.impl = impl; 405 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 406 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 407 this.pSubjectAttributeMapping = impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 408 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 409 } 410 411 412 413 /** 414 * {@inheritDoc} 415 */ 416 public void addSubjectAttributeToUserAttributeChangeListener( 417 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 418 impl.registerChangeListener(listener); 419 } 420 421 422 423 /** 424 * {@inheritDoc} 425 */ 426 public void removeSubjectAttributeToUserAttributeChangeListener( 427 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 428 impl.deregisterChangeListener(listener); 429 } 430 /** 431 * {@inheritDoc} 432 */ 433 public void addChangeListener( 434 ConfigurationChangeListener<CertificateMapperCfg> listener) { 435 impl.registerChangeListener(listener); 436 } 437 438 439 440 /** 441 * {@inheritDoc} 442 */ 443 public void removeChangeListener( 444 ConfigurationChangeListener<CertificateMapperCfg> listener) { 445 impl.deregisterChangeListener(listener); 446 } 447 448 449 450 /** 451 * {@inheritDoc} 452 */ 453 public boolean isEnabled() { 454 return pEnabled; 455 } 456 457 458 459 /** 460 * {@inheritDoc} 461 */ 462 public String getJavaClass() { 463 return pJavaClass; 464 } 465 466 467 468 /** 469 * {@inheritDoc} 470 */ 471 public SortedSet<String> getSubjectAttributeMapping() { 472 return pSubjectAttributeMapping; 473 } 474 475 476 477 /** 478 * {@inheritDoc} 479 */ 480 public SortedSet<DN> getUserBaseDN() { 481 return pUserBaseDN; 482 } 483 484 485 486 /** 487 * {@inheritDoc} 488 */ 489 public Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass() { 490 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 491 } 492 493 494 495 /** 496 * {@inheritDoc} 497 */ 498 public DN dn() { 499 return impl.getDN(); 500 } 501 502 } 503}