001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import org.forgerock.opendj.config.AdministratorAction;
031import org.forgerock.opendj.config.AggregationPropertyDefinition;
032import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
033import org.forgerock.opendj.config.BooleanPropertyDefinition;
034import org.forgerock.opendj.config.ClassPropertyDefinition;
035import org.forgerock.opendj.config.client.ConcurrentModificationException;
036import org.forgerock.opendj.config.client.ManagedObject;
037import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
038import org.forgerock.opendj.config.client.OperationRejectedException;
039import org.forgerock.opendj.config.conditions.Conditions;
040import org.forgerock.opendj.config.DefaultBehaviorProvider;
041import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
042import org.forgerock.opendj.config.EnumPropertyDefinition;
043import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
044import org.forgerock.opendj.config.ManagedObjectDefinition;
045import org.forgerock.opendj.config.PropertyOption;
046import org.forgerock.opendj.config.PropertyProvider;
047import org.forgerock.opendj.config.server.ConfigurationChangeListener;
048import org.forgerock.opendj.config.server.ServerManagedObject;
049import org.forgerock.opendj.config.StringPropertyDefinition;
050import org.forgerock.opendj.config.Tag;
051import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
052import org.forgerock.opendj.ldap.DN;
053import org.forgerock.opendj.ldap.LdapException;
054import org.forgerock.opendj.server.config.client.DigestMD5SASLMechanismHandlerCfgClient;
055import org.forgerock.opendj.server.config.client.IdentityMapperCfgClient;
056import org.forgerock.opendj.server.config.server.DigestMD5SASLMechanismHandlerCfg;
057import org.forgerock.opendj.server.config.server.IdentityMapperCfg;
058import org.forgerock.opendj.server.config.server.SASLMechanismHandlerCfg;
059
060
061
062/**
063 * An interface for querying the Digest MD5 SASL Mechanism Handler
064 * managed object definition meta information.
065 * <p>
066 * The DIGEST-MD5 SASL mechanism is used to perform all processing
067 * related to SASL DIGEST-MD5 authentication.
068 */
069public final class DigestMD5SASLMechanismHandlerCfgDefn extends ManagedObjectDefinition<DigestMD5SASLMechanismHandlerCfgClient, DigestMD5SASLMechanismHandlerCfg> {
070
071  // The singleton configuration definition instance.
072  private static final DigestMD5SASLMechanismHandlerCfgDefn INSTANCE = new DigestMD5SASLMechanismHandlerCfgDefn();
073
074
075
076  /**
077   * Defines the set of permissable values for the "quality-of-protection" property.
078   * <p>
079   * The name of a property that specifies the quality of protection
080   * the server will support.
081   */
082  public static enum QualityOfProtection {
083
084    /**
085     * Quality of protection equals authentication with integrity and
086     * confidentiality protection.
087     */
088    CONFIDENTIALITY("confidentiality"),
089
090
091
092    /**
093     * Quality of protection equals authentication with integrity
094     * protection.
095     */
096    INTEGRITY("integrity"),
097
098
099
100    /**
101     * QOP equals authentication only.
102     */
103    NONE("none");
104
105
106
107    // String representation of the value.
108    private final String name;
109
110
111
112    // Private constructor.
113    private QualityOfProtection(String name) { this.name = name; }
114
115
116
117    /**
118     * {@inheritDoc}
119     */
120    public String toString() { return name; }
121
122  }
123
124
125
126  // The "identity-mapper" property definition.
127  private static final AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> PD_IDENTITY_MAPPER;
128
129
130
131  // The "java-class" property definition.
132  private static final ClassPropertyDefinition PD_JAVA_CLASS;
133
134
135
136  // The "quality-of-protection" property definition.
137  private static final EnumPropertyDefinition<QualityOfProtection> PD_QUALITY_OF_PROTECTION;
138
139
140
141  // The "realm" property definition.
142  private static final StringPropertyDefinition PD_REALM;
143
144
145
146  // The "server-fqdn" property definition.
147  private static final StringPropertyDefinition PD_SERVER_FQDN;
148
149
150
151  // Build the "identity-mapper" property definition.
152  static {
153      AggregationPropertyDefinition.Builder<IdentityMapperCfgClient, IdentityMapperCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "identity-mapper");
154      builder.setOption(PropertyOption.MANDATORY);
155      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "identity-mapper"));
156      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
157      builder.setParentPath("/");
158      builder.setRelationDefinition("identity-mapper");
159      builder.setTargetNeedsEnablingCondition(Conditions.contains("enabled", "true"));
160      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
161      PD_IDENTITY_MAPPER = builder.getInstance();
162      INSTANCE.registerPropertyDefinition(PD_IDENTITY_MAPPER);
163      INSTANCE.registerConstraint(PD_IDENTITY_MAPPER.getSourceConstraint());
164  }
165
166
167
168  // Build the "java-class" property definition.
169  static {
170      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
171      builder.setOption(PropertyOption.MANDATORY);
172      builder.setOption(PropertyOption.ADVANCED);
173      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
174      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.DigestMD5SASLMechanismHandler");
175      builder.setDefaultBehaviorProvider(provider);
176      builder.addInstanceOf("org.opends.server.api.SASLMechanismHandler");
177      PD_JAVA_CLASS = builder.getInstance();
178      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
179  }
180
181
182
183  // Build the "quality-of-protection" property definition.
184  static {
185      EnumPropertyDefinition.Builder<QualityOfProtection> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "quality-of-protection");
186      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "quality-of-protection"));
187      DefaultBehaviorProvider<QualityOfProtection> provider = new DefinedDefaultBehaviorProvider<QualityOfProtection>("none");
188      builder.setDefaultBehaviorProvider(provider);
189      builder.setEnumClass(QualityOfProtection.class);
190      PD_QUALITY_OF_PROTECTION = builder.getInstance();
191      INSTANCE.registerPropertyDefinition(PD_QUALITY_OF_PROTECTION);
192  }
193
194
195
196  // Build the "realm" property definition.
197  static {
198      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "realm");
199      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "realm"));
200      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "realm"));
201      builder.setPattern(".*", "STRING");
202      PD_REALM = builder.getInstance();
203      INSTANCE.registerPropertyDefinition(PD_REALM);
204  }
205
206
207
208  // Build the "server-fqdn" property definition.
209  static {
210      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "server-fqdn");
211      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "server-fqdn"));
212      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "server-fqdn"));
213      builder.setPattern(".*", "STRING");
214      PD_SERVER_FQDN = builder.getInstance();
215      INSTANCE.registerPropertyDefinition(PD_SERVER_FQDN);
216  }
217
218
219
220  // Register the tags associated with this managed object definition.
221  static {
222    INSTANCE.registerTag(Tag.valueOf("security"));
223  }
224
225
226
227  /**
228   * Get the Digest MD5 SASL Mechanism Handler configuration
229   * definition singleton.
230   *
231   * @return Returns the Digest MD5 SASL Mechanism Handler
232   *         configuration definition singleton.
233   */
234  public static DigestMD5SASLMechanismHandlerCfgDefn getInstance() {
235    return INSTANCE;
236  }
237
238
239
240  /**
241   * Private constructor.
242   */
243  private DigestMD5SASLMechanismHandlerCfgDefn() {
244    super("digest-md5-sasl-mechanism-handler", SASLMechanismHandlerCfgDefn.getInstance());
245  }
246
247
248
249  /**
250   * {@inheritDoc}
251   */
252  public DigestMD5SASLMechanismHandlerCfgClient createClientConfiguration(
253      ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl) {
254    return new DigestMD5SASLMechanismHandlerCfgClientImpl(impl);
255  }
256
257
258
259  /**
260   * {@inheritDoc}
261   */
262  public DigestMD5SASLMechanismHandlerCfg createServerConfiguration(
263      ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl) {
264    return new DigestMD5SASLMechanismHandlerCfgServerImpl(impl);
265  }
266
267
268
269  /**
270   * {@inheritDoc}
271   */
272  public Class<DigestMD5SASLMechanismHandlerCfg> getServerConfigurationClass() {
273    return DigestMD5SASLMechanismHandlerCfg.class;
274  }
275
276
277
278  /**
279   * Get the "enabled" property definition.
280   * <p>
281   * Indicates whether the SASL mechanism handler is enabled for use.
282   *
283   * @return Returns the "enabled" property definition.
284   */
285  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
286    return SASLMechanismHandlerCfgDefn.getInstance().getEnabledPropertyDefinition();
287  }
288
289
290
291  /**
292   * Get the "identity-mapper" property definition.
293   * <p>
294   * Specifies the name of the identity mapper that is to be used with
295   * this SASL mechanism handler to match the authentication or
296   * authorization ID included in the SASL bind request to the
297   * corresponding user in the directory.
298   *
299   * @return Returns the "identity-mapper" property definition.
300   */
301  public AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> getIdentityMapperPropertyDefinition() {
302    return PD_IDENTITY_MAPPER;
303  }
304
305
306
307  /**
308   * Get the "java-class" property definition.
309   * <p>
310   * Specifies the fully-qualified name of the Java class that
311   * provides the SASL mechanism handler implementation.
312   *
313   * @return Returns the "java-class" property definition.
314   */
315  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
316    return PD_JAVA_CLASS;
317  }
318
319
320
321  /**
322   * Get the "quality-of-protection" property definition.
323   * <p>
324   * The name of a property that specifies the quality of protection
325   * the server will support.
326   *
327   * @return Returns the "quality-of-protection" property definition.
328   */
329  public EnumPropertyDefinition<QualityOfProtection> getQualityOfProtectionPropertyDefinition() {
330    return PD_QUALITY_OF_PROTECTION;
331  }
332
333
334
335  /**
336   * Get the "realm" property definition.
337   * <p>
338   * Specifies the realms that is to be used by the server for
339   * DIGEST-MD5 authentication.
340   * <p>
341   * If this value is not provided, then the server defaults to use
342   * the fully qualified hostname of the machine.
343   *
344   * @return Returns the "realm" property definition.
345   */
346  public StringPropertyDefinition getRealmPropertyDefinition() {
347    return PD_REALM;
348  }
349
350
351
352  /**
353   * Get the "server-fqdn" property definition.
354   * <p>
355   * Specifies the DNS-resolvable fully-qualified domain name for the
356   * server that is used when validating the digest-uri parameter
357   * during the authentication process.
358   * <p>
359   * If this configuration attribute is present, then the server
360   * expects that clients use a digest-uri equal to "ldap/" followed by
361   * the value of this attribute. For example, if the attribute has a
362   * value of "directory.example.com", then the server expects clients
363   * to use a digest-uri of "ldap/directory.example.com". If no value
364   * is provided, then the server does not attempt to validate the
365   * digest-uri provided by the client and accepts any value.
366   *
367   * @return Returns the "server-fqdn" property definition.
368   */
369  public StringPropertyDefinition getServerFqdnPropertyDefinition() {
370    return PD_SERVER_FQDN;
371  }
372
373
374
375  /**
376   * Managed object client implementation.
377   */
378  private static class DigestMD5SASLMechanismHandlerCfgClientImpl implements
379    DigestMD5SASLMechanismHandlerCfgClient {
380
381    // Private implementation.
382    private ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl;
383
384
385
386    // Private constructor.
387    private DigestMD5SASLMechanismHandlerCfgClientImpl(
388        ManagedObject<? extends DigestMD5SASLMechanismHandlerCfgClient> impl) {
389      this.impl = impl;
390    }
391
392
393
394    /**
395     * {@inheritDoc}
396     */
397    public Boolean isEnabled() {
398      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
399    }
400
401
402
403    /**
404     * {@inheritDoc}
405     */
406    public void setEnabled(boolean value) {
407      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
408    }
409
410
411
412    /**
413     * {@inheritDoc}
414     */
415    public String getIdentityMapper() {
416      return impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
417    }
418
419
420
421    /**
422     * {@inheritDoc}
423     */
424    public void setIdentityMapper(String value) {
425      impl.setPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition(), value);
426    }
427
428
429
430    /**
431     * {@inheritDoc}
432     */
433    public String getJavaClass() {
434      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
435    }
436
437
438
439    /**
440     * {@inheritDoc}
441     */
442    public void setJavaClass(String value) {
443      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
444    }
445
446
447
448    /**
449     * {@inheritDoc}
450     */
451    public QualityOfProtection getQualityOfProtection() {
452      return impl.getPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition());
453    }
454
455
456
457    /**
458     * {@inheritDoc}
459     */
460    public void setQualityOfProtection(QualityOfProtection value) {
461      impl.setPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition(), value);
462    }
463
464
465
466    /**
467     * {@inheritDoc}
468     */
469    public String getRealm() {
470      return impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition());
471    }
472
473
474
475    /**
476     * {@inheritDoc}
477     */
478    public void setRealm(String value) {
479      impl.setPropertyValue(INSTANCE.getRealmPropertyDefinition(), value);
480    }
481
482
483
484    /**
485     * {@inheritDoc}
486     */
487    public String getServerFqdn() {
488      return impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition());
489    }
490
491
492
493    /**
494     * {@inheritDoc}
495     */
496    public void setServerFqdn(String value) {
497      impl.setPropertyValue(INSTANCE.getServerFqdnPropertyDefinition(), value);
498    }
499
500
501
502    /**
503     * {@inheritDoc}
504     */
505    public ManagedObjectDefinition<? extends DigestMD5SASLMechanismHandlerCfgClient, ? extends DigestMD5SASLMechanismHandlerCfg> definition() {
506      return INSTANCE;
507    }
508
509
510
511    /**
512     * {@inheritDoc}
513     */
514    public PropertyProvider properties() {
515      return impl;
516    }
517
518
519
520    /**
521     * {@inheritDoc}
522     */
523    public void commit() throws ManagedObjectAlreadyExistsException,
524        MissingMandatoryPropertiesException, ConcurrentModificationException,
525        OperationRejectedException, LdapException {
526      impl.commit();
527    }
528
529  }
530
531
532
533  /**
534   * Managed object server implementation.
535   */
536  private static class DigestMD5SASLMechanismHandlerCfgServerImpl implements
537    DigestMD5SASLMechanismHandlerCfg {
538
539    // Private implementation.
540    private ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl;
541
542    // The value of the "enabled" property.
543    private final boolean pEnabled;
544
545    // The value of the "identity-mapper" property.
546    private final String pIdentityMapper;
547
548    // The value of the "java-class" property.
549    private final String pJavaClass;
550
551    // The value of the "quality-of-protection" property.
552    private final QualityOfProtection pQualityOfProtection;
553
554    // The value of the "realm" property.
555    private final String pRealm;
556
557    // The value of the "server-fqdn" property.
558    private final String pServerFqdn;
559
560
561
562    // Private constructor.
563    private DigestMD5SASLMechanismHandlerCfgServerImpl(ServerManagedObject<? extends DigestMD5SASLMechanismHandlerCfg> impl) {
564      this.impl = impl;
565      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
566      this.pIdentityMapper = impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
567      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
568      this.pQualityOfProtection = impl.getPropertyValue(INSTANCE.getQualityOfProtectionPropertyDefinition());
569      this.pRealm = impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition());
570      this.pServerFqdn = impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition());
571    }
572
573
574
575    /**
576     * {@inheritDoc}
577     */
578    public void addDigestMD5ChangeListener(
579        ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener) {
580      impl.registerChangeListener(listener);
581    }
582
583
584
585    /**
586     * {@inheritDoc}
587     */
588    public void removeDigestMD5ChangeListener(
589        ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener) {
590      impl.deregisterChangeListener(listener);
591    }
592    /**
593     * {@inheritDoc}
594     */
595    public void addChangeListener(
596        ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) {
597      impl.registerChangeListener(listener);
598    }
599
600
601
602    /**
603     * {@inheritDoc}
604     */
605    public void removeChangeListener(
606        ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) {
607      impl.deregisterChangeListener(listener);
608    }
609
610
611
612    /**
613     * {@inheritDoc}
614     */
615    public boolean isEnabled() {
616      return pEnabled;
617    }
618
619
620
621    /**
622     * {@inheritDoc}
623     */
624    public String getIdentityMapper() {
625      return pIdentityMapper;
626    }
627
628
629
630    /**
631     * {@inheritDoc}
632     */
633    public DN getIdentityMapperDN() {
634      String value = getIdentityMapper();
635      if (value == null) return null;
636      return INSTANCE.getIdentityMapperPropertyDefinition().getChildDN(value);
637    }
638
639
640
641    /**
642     * {@inheritDoc}
643     */
644    public String getJavaClass() {
645      return pJavaClass;
646    }
647
648
649
650    /**
651     * {@inheritDoc}
652     */
653    public QualityOfProtection getQualityOfProtection() {
654      return pQualityOfProtection;
655    }
656
657
658
659    /**
660     * {@inheritDoc}
661     */
662    public String getRealm() {
663      return pRealm;
664    }
665
666
667
668    /**
669     * {@inheritDoc}
670     */
671    public String getServerFqdn() {
672      return pServerFqdn;
673    }
674
675
676
677    /**
678     * {@inheritDoc}
679     */
680    public Class<? extends DigestMD5SASLMechanismHandlerCfg> configurationClass() {
681      return DigestMD5SASLMechanismHandlerCfg.class;
682    }
683
684
685
686    /**
687     * {@inheritDoc}
688     */
689    public DN dn() {
690      return impl.getDN();
691    }
692
693  }
694}