001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import java.util.Collection; 031import java.util.SortedSet; 032import org.forgerock.opendj.config.AdministratorAction; 033import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 034import org.forgerock.opendj.config.BooleanPropertyDefinition; 035import org.forgerock.opendj.config.ClassPropertyDefinition; 036import org.forgerock.opendj.config.client.ConcurrentModificationException; 037import org.forgerock.opendj.config.client.ManagedObject; 038import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 039import org.forgerock.opendj.config.client.OperationRejectedException; 040import org.forgerock.opendj.config.DefaultBehaviorProvider; 041import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 042import org.forgerock.opendj.config.DNPropertyDefinition; 043import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 044import org.forgerock.opendj.config.ManagedObjectDefinition; 045import org.forgerock.opendj.config.PropertyOption; 046import org.forgerock.opendj.config.PropertyProvider; 047import org.forgerock.opendj.config.server.ConfigurationChangeListener; 048import org.forgerock.opendj.config.server.ServerManagedObject; 049import org.forgerock.opendj.config.StringPropertyDefinition; 050import org.forgerock.opendj.config.Tag; 051import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 052import org.forgerock.opendj.ldap.DN; 053import org.forgerock.opendj.ldap.LdapException; 054import org.forgerock.opendj.server.config.client.SubjectAttributeToUserAttributeCertificateMapperCfgClient; 055import org.forgerock.opendj.server.config.server.CertificateMapperCfg; 056import org.forgerock.opendj.server.config.server.SubjectAttributeToUserAttributeCertificateMapperCfg; 057 058 059 060/** 061 * An interface for querying the Subject Attribute To User Attribute 062 * Certificate Mapper managed object definition meta information. 063 * <p> 064 * The Subject Attribute To User Attribute Certificate Mapper maps 065 * client certificates to user entries by mapping the values of 066 * attributes contained in the certificate subject to attributes 067 * contained in user entries. 068 */ 069public final class SubjectAttributeToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectAttributeToUserAttributeCertificateMapperCfgClient, SubjectAttributeToUserAttributeCertificateMapperCfg> { 070 071 // The singleton configuration definition instance. 072 private static final SubjectAttributeToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectAttributeToUserAttributeCertificateMapperCfgDefn(); 073 074 075 076 // The "java-class" property definition. 077 private static final ClassPropertyDefinition PD_JAVA_CLASS; 078 079 080 081 // The "subject-attribute-mapping" property definition. 082 private static final StringPropertyDefinition PD_SUBJECT_ATTRIBUTE_MAPPING; 083 084 085 086 // The "user-base-dn" property definition. 087 private static final DNPropertyDefinition PD_USER_BASE_DN; 088 089 090 091 // Build the "java-class" property definition. 092 static { 093 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 094 builder.setOption(PropertyOption.MANDATORY); 095 builder.setOption(PropertyOption.ADVANCED); 096 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 097 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper"); 098 builder.setDefaultBehaviorProvider(provider); 099 builder.addInstanceOf("org.opends.server.api.CertificateMapper"); 100 PD_JAVA_CLASS = builder.getInstance(); 101 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 102 } 103 104 105 106 // Build the "subject-attribute-mapping" property definition. 107 static { 108 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "subject-attribute-mapping"); 109 builder.setOption(PropertyOption.MULTI_VALUED); 110 builder.setOption(PropertyOption.MANDATORY); 111 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute-mapping")); 112 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 113 PD_SUBJECT_ATTRIBUTE_MAPPING = builder.getInstance(); 114 INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE_MAPPING); 115 } 116 117 118 119 // Build the "user-base-dn" property definition. 120 static { 121 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn"); 122 builder.setOption(PropertyOption.MULTI_VALUED); 123 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn")); 124 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn")); 125 PD_USER_BASE_DN = builder.getInstance(); 126 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN); 127 } 128 129 130 131 // Register the tags associated with this managed object definition. 132 static { 133 INSTANCE.registerTag(Tag.valueOf("security")); 134 INSTANCE.registerTag(Tag.valueOf("user-management")); 135 } 136 137 138 139 /** 140 * Get the Subject Attribute To User Attribute Certificate Mapper 141 * configuration definition singleton. 142 * 143 * @return Returns the Subject Attribute To User Attribute 144 * Certificate Mapper configuration definition singleton. 145 */ 146 public static SubjectAttributeToUserAttributeCertificateMapperCfgDefn getInstance() { 147 return INSTANCE; 148 } 149 150 151 152 /** 153 * Private constructor. 154 */ 155 private SubjectAttributeToUserAttributeCertificateMapperCfgDefn() { 156 super("subject-attribute-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance()); 157 } 158 159 160 161 /** 162 * {@inheritDoc} 163 */ 164 public SubjectAttributeToUserAttributeCertificateMapperCfgClient createClientConfiguration( 165 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 166 return new SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl(impl); 167 } 168 169 170 171 /** 172 * {@inheritDoc} 173 */ 174 public SubjectAttributeToUserAttributeCertificateMapperCfg createServerConfiguration( 175 ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 176 return new SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(impl); 177 } 178 179 180 181 /** 182 * {@inheritDoc} 183 */ 184 public Class<SubjectAttributeToUserAttributeCertificateMapperCfg> getServerConfigurationClass() { 185 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 186 } 187 188 189 190 /** 191 * Get the "enabled" property definition. 192 * <p> 193 * Indicates whether the Subject Attribute To User Attribute 194 * Certificate Mapper is enabled. 195 * 196 * @return Returns the "enabled" property definition. 197 */ 198 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 199 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition(); 200 } 201 202 203 204 /** 205 * Get the "java-class" property definition. 206 * <p> 207 * Specifies the fully-qualified name of the Java class that 208 * provides the Subject Attribute To User Attribute Certificate 209 * Mapper implementation. 210 * 211 * @return Returns the "java-class" property definition. 212 */ 213 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 214 return PD_JAVA_CLASS; 215 } 216 217 218 219 /** 220 * Get the "subject-attribute-mapping" property definition. 221 * <p> 222 * Specifies a mapping between certificate attributes and user 223 * attributes. 224 * <p> 225 * Each value should be in the form "certattr:userattr" where 226 * certattr is the name of the attribute in the certificate subject 227 * and userattr is the name of the corresponding attribute in user 228 * entries. There may be multiple mappings defined, and when 229 * performing the mapping values for all attributes present in the 230 * certificate subject that have mappings defined must be present in 231 * the corresponding user entries. 232 * 233 * @return Returns the "subject-attribute-mapping" property definition. 234 */ 235 public StringPropertyDefinition getSubjectAttributeMappingPropertyDefinition() { 236 return PD_SUBJECT_ATTRIBUTE_MAPPING; 237 } 238 239 240 241 /** 242 * Get the "user-base-dn" property definition. 243 * <p> 244 * Specifies the base DNs that should be used when performing 245 * searches to map the client certificate to a user entry. 246 * 247 * @return Returns the "user-base-dn" property definition. 248 */ 249 public DNPropertyDefinition getUserBaseDNPropertyDefinition() { 250 return PD_USER_BASE_DN; 251 } 252 253 254 255 /** 256 * Managed object client implementation. 257 */ 258 private static class SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl implements 259 SubjectAttributeToUserAttributeCertificateMapperCfgClient { 260 261 // Private implementation. 262 private ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl; 263 264 265 266 // Private constructor. 267 private SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl( 268 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 269 this.impl = impl; 270 } 271 272 273 274 /** 275 * {@inheritDoc} 276 */ 277 public Boolean isEnabled() { 278 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 279 } 280 281 282 283 /** 284 * {@inheritDoc} 285 */ 286 public void setEnabled(boolean value) { 287 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 288 } 289 290 291 292 /** 293 * {@inheritDoc} 294 */ 295 public String getJavaClass() { 296 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 297 } 298 299 300 301 /** 302 * {@inheritDoc} 303 */ 304 public void setJavaClass(String value) { 305 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 306 } 307 308 309 310 /** 311 * {@inheritDoc} 312 */ 313 public SortedSet<String> getSubjectAttributeMapping() { 314 return impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 315 } 316 317 318 319 /** 320 * {@inheritDoc} 321 */ 322 public void setSubjectAttributeMapping(Collection<String> values) { 323 impl.setPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition(), values); 324 } 325 326 327 328 /** 329 * {@inheritDoc} 330 */ 331 public SortedSet<DN> getUserBaseDN() { 332 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 333 } 334 335 336 337 /** 338 * {@inheritDoc} 339 */ 340 public void setUserBaseDN(Collection<DN> values) { 341 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values); 342 } 343 344 345 346 /** 347 * {@inheritDoc} 348 */ 349 public ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient, ? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition() { 350 return INSTANCE; 351 } 352 353 354 355 /** 356 * {@inheritDoc} 357 */ 358 public PropertyProvider properties() { 359 return impl; 360 } 361 362 363 364 /** 365 * {@inheritDoc} 366 */ 367 public void commit() throws ManagedObjectAlreadyExistsException, 368 MissingMandatoryPropertiesException, ConcurrentModificationException, 369 OperationRejectedException, LdapException { 370 impl.commit(); 371 } 372 373 } 374 375 376 377 /** 378 * Managed object server implementation. 379 */ 380 private static class SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl implements 381 SubjectAttributeToUserAttributeCertificateMapperCfg { 382 383 // Private implementation. 384 private ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl; 385 386 // The value of the "enabled" property. 387 private final boolean pEnabled; 388 389 // The value of the "java-class" property. 390 private final String pJavaClass; 391 392 // The value of the "subject-attribute-mapping" property. 393 private final SortedSet<String> pSubjectAttributeMapping; 394 395 // The value of the "user-base-dn" property. 396 private final SortedSet<DN> pUserBaseDN; 397 398 399 400 // Private constructor. 401 private SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 402 this.impl = impl; 403 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 404 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 405 this.pSubjectAttributeMapping = impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 406 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 407 } 408 409 410 411 /** 412 * {@inheritDoc} 413 */ 414 public void addSubjectAttributeToUserAttributeChangeListener( 415 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 416 impl.registerChangeListener(listener); 417 } 418 419 420 421 /** 422 * {@inheritDoc} 423 */ 424 public void removeSubjectAttributeToUserAttributeChangeListener( 425 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 426 impl.deregisterChangeListener(listener); 427 } 428 /** 429 * {@inheritDoc} 430 */ 431 public void addChangeListener( 432 ConfigurationChangeListener<CertificateMapperCfg> listener) { 433 impl.registerChangeListener(listener); 434 } 435 436 437 438 /** 439 * {@inheritDoc} 440 */ 441 public void removeChangeListener( 442 ConfigurationChangeListener<CertificateMapperCfg> listener) { 443 impl.deregisterChangeListener(listener); 444 } 445 446 447 448 /** 449 * {@inheritDoc} 450 */ 451 public boolean isEnabled() { 452 return pEnabled; 453 } 454 455 456 457 /** 458 * {@inheritDoc} 459 */ 460 public String getJavaClass() { 461 return pJavaClass; 462 } 463 464 465 466 /** 467 * {@inheritDoc} 468 */ 469 public SortedSet<String> getSubjectAttributeMapping() { 470 return pSubjectAttributeMapping; 471 } 472 473 474 475 /** 476 * {@inheritDoc} 477 */ 478 public SortedSet<DN> getUserBaseDN() { 479 return pUserBaseDN; 480 } 481 482 483 484 /** 485 * {@inheritDoc} 486 */ 487 public Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass() { 488 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 489 } 490 491 492 493 /** 494 * {@inheritDoc} 495 */ 496 public DN dn() { 497 return impl.getDN(); 498 } 499 500 } 501}