001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import java.net.InetAddress;
031import java.util.Collection;
032import java.util.SortedSet;
033import org.forgerock.opendj.config.AdministratorAction;
034import org.forgerock.opendj.config.AggregationPropertyDefinition;
035import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
036import org.forgerock.opendj.config.BooleanPropertyDefinition;
037import org.forgerock.opendj.config.ClassPropertyDefinition;
038import org.forgerock.opendj.config.client.ConcurrentModificationException;
039import org.forgerock.opendj.config.client.ManagedObject;
040import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
041import org.forgerock.opendj.config.client.OperationRejectedException;
042import org.forgerock.opendj.config.conditions.Conditions;
043import org.forgerock.opendj.config.DefaultBehaviorProvider;
044import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
045import org.forgerock.opendj.config.DurationPropertyDefinition;
046import org.forgerock.opendj.config.EnumPropertyDefinition;
047import org.forgerock.opendj.config.GenericConstraint;
048import org.forgerock.opendj.config.IntegerPropertyDefinition;
049import org.forgerock.opendj.config.IPAddressMaskPropertyDefinition;
050import org.forgerock.opendj.config.IPAddressPropertyDefinition;
051import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
052import org.forgerock.opendj.config.ManagedObjectDefinition;
053import org.forgerock.opendj.config.PropertyOption;
054import org.forgerock.opendj.config.PropertyProvider;
055import org.forgerock.opendj.config.server.ConfigurationChangeListener;
056import org.forgerock.opendj.config.server.ServerManagedObject;
057import org.forgerock.opendj.config.SizePropertyDefinition;
058import org.forgerock.opendj.config.StringPropertyDefinition;
059import org.forgerock.opendj.config.Tag;
060import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
061import org.forgerock.opendj.ldap.AddressMask;
062import org.forgerock.opendj.ldap.DN;
063import org.forgerock.opendj.ldap.LdapException;
064import org.forgerock.opendj.server.config.client.KeyManagerProviderCfgClient;
065import org.forgerock.opendj.server.config.client.LDAPConnectionHandlerCfgClient;
066import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient;
067import org.forgerock.opendj.server.config.server.ConnectionHandlerCfg;
068import org.forgerock.opendj.server.config.server.KeyManagerProviderCfg;
069import org.forgerock.opendj.server.config.server.LDAPConnectionHandlerCfg;
070import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg;
071
072
073
074/**
075 * An interface for querying the LDAP Connection Handler managed
076 * object definition meta information.
077 * <p>
078 * The LDAP Connection Handler is used to interact with clients using
079 * LDAP.
080 */
081public final class LDAPConnectionHandlerCfgDefn extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient, LDAPConnectionHandlerCfg> {
082
083  // The singleton configuration definition instance.
084  private static final LDAPConnectionHandlerCfgDefn INSTANCE = new LDAPConnectionHandlerCfgDefn();
085
086
087
088  /**
089   * Defines the set of permissable values for the "ssl-client-auth-policy" property.
090   * <p>
091   * Specifies the policy that the LDAP Connection Handler should use
092   * regarding client SSL certificates. Clients can use the SASL
093   * EXTERNAL mechanism only if the policy is set to "optional" or
094   * "required".
095   * <p>
096   * This is only applicable if clients are allowed to use SSL.
097   */
098  public static enum SSLClientAuthPolicy {
099
100    /**
101     * Clients must not provide their own certificates when performing
102     * SSL negotiation.
103     */
104    DISABLED("disabled"),
105
106
107
108    /**
109     * Clients are requested to provide their own certificates when
110     * performing SSL negotiation. The connection is nevertheless
111     * accepted if the client does not provide a certificate.
112     */
113    OPTIONAL("optional"),
114
115
116
117    /**
118     * Clients are required to provide their own certificates when
119     * performing SSL negotiation and are refused access if they do not
120     * provide a certificate.
121     */
122    REQUIRED("required");
123
124
125
126    // String representation of the value.
127    private final String name;
128
129
130
131    // Private constructor.
132    private SSLClientAuthPolicy(String name) { this.name = name; }
133
134
135
136    /**
137     * {@inheritDoc}
138     */
139    public String toString() { return name; }
140
141  }
142
143
144
145  // The "accept-backlog" property definition.
146  private static final IntegerPropertyDefinition PD_ACCEPT_BACKLOG;
147
148
149
150  // The "allow-ldap-v2" property definition.
151  private static final BooleanPropertyDefinition PD_ALLOW_LDAP_V2;
152
153
154
155  // The "allow-start-tls" property definition.
156  private static final BooleanPropertyDefinition PD_ALLOW_START_TLS;
157
158
159
160  // The "allow-tcp-reuse-address" property definition.
161  private static final BooleanPropertyDefinition PD_ALLOW_TCP_REUSE_ADDRESS;
162
163
164
165  // The "buffer-size" property definition.
166  private static final SizePropertyDefinition PD_BUFFER_SIZE;
167
168
169
170  // The "java-class" property definition.
171  private static final ClassPropertyDefinition PD_JAVA_CLASS;
172
173
174
175  // The "keep-stats" property definition.
176  private static final BooleanPropertyDefinition PD_KEEP_STATS;
177
178
179
180  // The "key-manager-provider" property definition.
181  private static final AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> PD_KEY_MANAGER_PROVIDER;
182
183
184
185  // The "listen-address" property definition.
186  private static final IPAddressPropertyDefinition PD_LISTEN_ADDRESS;
187
188
189
190  // The "listen-port" property definition.
191  private static final IntegerPropertyDefinition PD_LISTEN_PORT;
192
193
194
195  // The "max-blocked-write-time-limit" property definition.
196  private static final DurationPropertyDefinition PD_MAX_BLOCKED_WRITE_TIME_LIMIT;
197
198
199
200  // The "max-request-size" property definition.
201  private static final SizePropertyDefinition PD_MAX_REQUEST_SIZE;
202
203
204
205  // The "num-request-handlers" property definition.
206  private static final IntegerPropertyDefinition PD_NUM_REQUEST_HANDLERS;
207
208
209
210  // The "send-rejection-notice" property definition.
211  private static final BooleanPropertyDefinition PD_SEND_REJECTION_NOTICE;
212
213
214
215  // The "ssl-cert-nickname" property definition.
216  private static final StringPropertyDefinition PD_SSL_CERT_NICKNAME;
217
218
219
220  // The "ssl-cipher-suite" property definition.
221  private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE;
222
223
224
225  // The "ssl-client-auth-policy" property definition.
226  private static final EnumPropertyDefinition<SSLClientAuthPolicy> PD_SSL_CLIENT_AUTH_POLICY;
227
228
229
230  // The "ssl-protocol" property definition.
231  private static final StringPropertyDefinition PD_SSL_PROTOCOL;
232
233
234
235  // The "trust-manager-provider" property definition.
236  private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER;
237
238
239
240  // The "use-ssl" property definition.
241  private static final BooleanPropertyDefinition PD_USE_SSL;
242
243
244
245  // The "use-tcp-keep-alive" property definition.
246  private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE;
247
248
249
250  // The "use-tcp-no-delay" property definition.
251  private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY;
252
253
254
255  // Build the "accept-backlog" property definition.
256  static {
257      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "accept-backlog");
258      builder.setOption(PropertyOption.ADVANCED);
259      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "accept-backlog"));
260      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("128");
261      builder.setDefaultBehaviorProvider(provider);
262      builder.setLowerLimit(1);
263      PD_ACCEPT_BACKLOG = builder.getInstance();
264      INSTANCE.registerPropertyDefinition(PD_ACCEPT_BACKLOG);
265  }
266
267
268
269  // Build the "allow-ldap-v2" property definition.
270  static {
271      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-ldap-v2");
272      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-ldap-v2"));
273      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
274      builder.setDefaultBehaviorProvider(provider);
275      PD_ALLOW_LDAP_V2 = builder.getInstance();
276      INSTANCE.registerPropertyDefinition(PD_ALLOW_LDAP_V2);
277  }
278
279
280
281  // Build the "allow-start-tls" property definition.
282  static {
283      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-start-tls");
284      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-start-tls"));
285      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
286      builder.setDefaultBehaviorProvider(provider);
287      PD_ALLOW_START_TLS = builder.getInstance();
288      INSTANCE.registerPropertyDefinition(PD_ALLOW_START_TLS);
289  }
290
291
292
293  // Build the "allow-tcp-reuse-address" property definition.
294  static {
295      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-tcp-reuse-address");
296      builder.setOption(PropertyOption.ADVANCED);
297      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "allow-tcp-reuse-address"));
298      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
299      builder.setDefaultBehaviorProvider(provider);
300      PD_ALLOW_TCP_REUSE_ADDRESS = builder.getInstance();
301      INSTANCE.registerPropertyDefinition(PD_ALLOW_TCP_REUSE_ADDRESS);
302  }
303
304
305
306  // Build the "buffer-size" property definition.
307  static {
308      SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "buffer-size");
309      builder.setOption(PropertyOption.ADVANCED);
310      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "buffer-size"));
311      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("4096 bytes");
312      builder.setDefaultBehaviorProvider(provider);
313      builder.setUpperLimit("2147483647b");
314      builder.setLowerLimit("1b");
315      PD_BUFFER_SIZE = builder.getInstance();
316      INSTANCE.registerPropertyDefinition(PD_BUFFER_SIZE);
317  }
318
319
320
321  // Build the "java-class" property definition.
322  static {
323      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
324      builder.setOption(PropertyOption.MANDATORY);
325      builder.setOption(PropertyOption.ADVANCED);
326      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
327      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.ldap.LDAPConnectionHandler");
328      builder.setDefaultBehaviorProvider(provider);
329      builder.addInstanceOf("org.opends.server.api.ConnectionHandler");
330      PD_JAVA_CLASS = builder.getInstance();
331      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
332  }
333
334
335
336  // Build the "keep-stats" property definition.
337  static {
338      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "keep-stats");
339      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keep-stats"));
340      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
341      builder.setDefaultBehaviorProvider(provider);
342      PD_KEEP_STATS = builder.getInstance();
343      INSTANCE.registerPropertyDefinition(PD_KEEP_STATS);
344  }
345
346
347
348  // Build the "key-manager-provider" property definition.
349  static {
350      AggregationPropertyDefinition.Builder<KeyManagerProviderCfgClient, KeyManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "key-manager-provider");
351      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-manager-provider"));
352      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
353      builder.setParentPath("/");
354      builder.setRelationDefinition("key-manager-provider");
355      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))));
356      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
357      PD_KEY_MANAGER_PROVIDER = builder.getInstance();
358      INSTANCE.registerPropertyDefinition(PD_KEY_MANAGER_PROVIDER);
359      INSTANCE.registerConstraint(PD_KEY_MANAGER_PROVIDER.getSourceConstraint());
360  }
361
362
363
364  // Build the "listen-address" property definition.
365  static {
366      IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "listen-address");
367      builder.setOption(PropertyOption.MULTI_VALUED);
368      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-address"));
369      DefaultBehaviorProvider<InetAddress> provider = new DefinedDefaultBehaviorProvider<InetAddress>("0.0.0.0");
370      builder.setDefaultBehaviorProvider(provider);
371      PD_LISTEN_ADDRESS = builder.getInstance();
372      INSTANCE.registerPropertyDefinition(PD_LISTEN_ADDRESS);
373  }
374
375
376
377  // Build the "listen-port" property definition.
378  static {
379      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "listen-port");
380      builder.setOption(PropertyOption.MANDATORY);
381      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-port"));
382      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Integer>());
383      builder.setUpperLimit(65535);
384      builder.setLowerLimit(1);
385      PD_LISTEN_PORT = builder.getInstance();
386      INSTANCE.registerPropertyDefinition(PD_LISTEN_PORT);
387  }
388
389
390
391  // Build the "max-blocked-write-time-limit" property definition.
392  static {
393      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-blocked-write-time-limit");
394      builder.setOption(PropertyOption.ADVANCED);
395      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-blocked-write-time-limit"));
396      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("2 minutes");
397      builder.setDefaultBehaviorProvider(provider);
398      builder.setBaseUnit("ms");
399      builder.setLowerLimit("0");
400      PD_MAX_BLOCKED_WRITE_TIME_LIMIT = builder.getInstance();
401      INSTANCE.registerPropertyDefinition(PD_MAX_BLOCKED_WRITE_TIME_LIMIT);
402  }
403
404
405
406  // Build the "max-request-size" property definition.
407  static {
408      SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "max-request-size");
409      builder.setOption(PropertyOption.ADVANCED);
410      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-request-size"));
411      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 megabytes");
412      builder.setDefaultBehaviorProvider(provider);
413      builder.setUpperLimit("2147483647b");
414      PD_MAX_REQUEST_SIZE = builder.getInstance();
415      INSTANCE.registerPropertyDefinition(PD_MAX_REQUEST_SIZE);
416  }
417
418
419
420  // Build the "num-request-handlers" property definition.
421  static {
422      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "num-request-handlers");
423      builder.setOption(PropertyOption.ADVANCED);
424      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "num-request-handlers"));
425      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Integer>(INSTANCE, "num-request-handlers"));
426      builder.setLowerLimit(1);
427      PD_NUM_REQUEST_HANDLERS = builder.getInstance();
428      INSTANCE.registerPropertyDefinition(PD_NUM_REQUEST_HANDLERS);
429  }
430
431
432
433  // Build the "send-rejection-notice" property definition.
434  static {
435      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "send-rejection-notice");
436      builder.setOption(PropertyOption.ADVANCED);
437      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "send-rejection-notice"));
438      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
439      builder.setDefaultBehaviorProvider(provider);
440      PD_SEND_REJECTION_NOTICE = builder.getInstance();
441      INSTANCE.registerPropertyDefinition(PD_SEND_REJECTION_NOTICE);
442  }
443
444
445
446  // Build the "ssl-cert-nickname" property definition.
447  static {
448      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cert-nickname");
449      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-cert-nickname"));
450      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cert-nickname"));
451      PD_SSL_CERT_NICKNAME = builder.getInstance();
452      INSTANCE.registerPropertyDefinition(PD_SSL_CERT_NICKNAME);
453  }
454
455
456
457  // Build the "ssl-cipher-suite" property definition.
458  static {
459      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite");
460      builder.setOption(PropertyOption.MULTI_VALUED);
461      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite"));
462      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite"));
463      PD_SSL_CIPHER_SUITE = builder.getInstance();
464      INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE);
465  }
466
467
468
469  // Build the "ssl-client-auth-policy" property definition.
470  static {
471      EnumPropertyDefinition.Builder<SSLClientAuthPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "ssl-client-auth-policy");
472      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-client-auth-policy"));
473      DefaultBehaviorProvider<SSLClientAuthPolicy> provider = new DefinedDefaultBehaviorProvider<SSLClientAuthPolicy>("optional");
474      builder.setDefaultBehaviorProvider(provider);
475      builder.setEnumClass(SSLClientAuthPolicy.class);
476      PD_SSL_CLIENT_AUTH_POLICY = builder.getInstance();
477      INSTANCE.registerPropertyDefinition(PD_SSL_CLIENT_AUTH_POLICY);
478  }
479
480
481
482  // Build the "ssl-protocol" property definition.
483  static {
484      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol");
485      builder.setOption(PropertyOption.MULTI_VALUED);
486      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol"));
487      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol"));
488      PD_SSL_PROTOCOL = builder.getInstance();
489      INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL);
490  }
491
492
493
494  // Build the "trust-manager-provider" property definition.
495  static {
496      AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider");
497      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider"));
498      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
499      builder.setParentPath("/");
500      builder.setRelationDefinition("trust-manager-provider");
501      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))));
502      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
503      PD_TRUST_MANAGER_PROVIDER = builder.getInstance();
504      INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER);
505      INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint());
506  }
507
508
509
510  // Build the "use-ssl" property definition.
511  static {
512      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl");
513      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl"));
514      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
515      builder.setDefaultBehaviorProvider(provider);
516      PD_USE_SSL = builder.getInstance();
517      INSTANCE.registerPropertyDefinition(PD_USE_SSL);
518  }
519
520
521
522  // Build the "use-tcp-keep-alive" property definition.
523  static {
524      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive");
525      builder.setOption(PropertyOption.ADVANCED);
526      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive"));
527      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
528      builder.setDefaultBehaviorProvider(provider);
529      PD_USE_TCP_KEEP_ALIVE = builder.getInstance();
530      INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE);
531  }
532
533
534
535  // Build the "use-tcp-no-delay" property definition.
536  static {
537      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay");
538      builder.setOption(PropertyOption.ADVANCED);
539      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay"));
540      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
541      builder.setDefaultBehaviorProvider(provider);
542      PD_USE_TCP_NO_DELAY = builder.getInstance();
543      INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY);
544  }
545
546
547
548  // Register the tags associated with this managed object definition.
549  static {
550    INSTANCE.registerTag(Tag.valueOf("core-server"));
551  }
552
553
554
555  // Register the constraints associated with this managed object definition.
556  static {
557    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("key-manager-provider")))));
558    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("trust-manager-provider")))));
559    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.not(Conditions.and(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))))));
560  }
561
562
563
564  /**
565   * Get the LDAP Connection Handler configuration definition
566   * singleton.
567   *
568   * @return Returns the LDAP Connection Handler configuration
569   *         definition singleton.
570   */
571  public static LDAPConnectionHandlerCfgDefn getInstance() {
572    return INSTANCE;
573  }
574
575
576
577  /**
578   * Private constructor.
579   */
580  private LDAPConnectionHandlerCfgDefn() {
581    super("ldap-connection-handler", ConnectionHandlerCfgDefn.getInstance());
582  }
583
584
585
586  /**
587   * {@inheritDoc}
588   */
589  public LDAPConnectionHandlerCfgClient createClientConfiguration(
590      ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) {
591    return new LDAPConnectionHandlerCfgClientImpl(impl);
592  }
593
594
595
596  /**
597   * {@inheritDoc}
598   */
599  public LDAPConnectionHandlerCfg createServerConfiguration(
600      ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) {
601    return new LDAPConnectionHandlerCfgServerImpl(impl);
602  }
603
604
605
606  /**
607   * {@inheritDoc}
608   */
609  public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass() {
610    return LDAPConnectionHandlerCfg.class;
611  }
612
613
614
615  /**
616   * Get the "accept-backlog" property definition.
617   * <p>
618   * Specifies the maximum number of pending connection attempts that
619   * are allowed to queue up in the accept backlog before the server
620   * starts rejecting new connection attempts.
621   * <p>
622   * This is primarily an issue for cases in which a large number of
623   * connections are established to the server in a very short period
624   * of time (for example, a benchmark utility that creates a large
625   * number of client threads that each have their own connection to
626   * the server) and the connection handler is unable to keep up with
627   * the rate at which the new connections are established.
628   *
629   * @return Returns the "accept-backlog" property definition.
630   */
631  public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition() {
632    return PD_ACCEPT_BACKLOG;
633  }
634
635
636
637  /**
638   * Get the "allowed-client" property definition.
639   * <p>
640   * Specifies a set of host names or address masks that determine the
641   * clients that are allowed to establish connections to this LDAP
642   * Connection Handler.
643   * <p>
644   * Valid values include a host name, a fully qualified domain name,
645   * a domain name, an IP address, or a subnetwork with subnetwork
646   * mask.
647   *
648   * @return Returns the "allowed-client" property definition.
649   */
650  public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition() {
651    return ConnectionHandlerCfgDefn.getInstance().getAllowedClientPropertyDefinition();
652  }
653
654
655
656  /**
657   * Get the "allow-ldap-v2" property definition.
658   * <p>
659   * Indicates whether connections from LDAPv2 clients are allowed.
660   * <p>
661   * If LDAPv2 clients are allowed, then only a minimal degree of
662   * special support are provided for them to ensure that
663   * LDAPv3-specific protocol elements (for example, Configuration
664   * Guide 25 controls, extended response messages, intermediate
665   * response messages, referrals) are not sent to an LDAPv2 client.
666   *
667   * @return Returns the "allow-ldap-v2" property definition.
668   */
669  public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition() {
670    return PD_ALLOW_LDAP_V2;
671  }
672
673
674
675  /**
676   * Get the "allow-start-tls" property definition.
677   * <p>
678   * Indicates whether clients are allowed to use StartTLS.
679   * <p>
680   * If enabled, the LDAP Connection Handler allows clients to use the
681   * StartTLS extended operation to initiate secure communication over
682   * an otherwise insecure channel. Note that this is only allowed if
683   * the LDAP Connection Handler is not configured to use SSL, and if
684   * the server is configured with a valid key manager provider and a
685   * valid trust manager provider.
686   *
687   * @return Returns the "allow-start-tls" property definition.
688   */
689  public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition() {
690    return PD_ALLOW_START_TLS;
691  }
692
693
694
695  /**
696   * Get the "allow-tcp-reuse-address" property definition.
697   * <p>
698   * Indicates whether the LDAP Connection Handler should reuse socket
699   * descriptors.
700   * <p>
701   * If enabled, the SO_REUSEADDR socket option is used on the server
702   * listen socket to potentially allow the reuse of socket descriptors
703   * for clients in a TIME_WAIT state. This may help the server avoid
704   * temporarily running out of socket descriptors in cases in which a
705   * very large number of short-lived connections have been established
706   * from the same client system.
707   *
708   * @return Returns the "allow-tcp-reuse-address" property definition.
709   */
710  public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition() {
711    return PD_ALLOW_TCP_REUSE_ADDRESS;
712  }
713
714
715
716  /**
717   * Get the "buffer-size" property definition.
718   * <p>
719   * Specifies the size in bytes of the LDAP response message write
720   * buffer.
721   * <p>
722   * This property specifies write buffer size allocated by the server
723   * for each client connection and used to buffer LDAP response
724   * messages data when writing.
725   *
726   * @return Returns the "buffer-size" property definition.
727   */
728  public SizePropertyDefinition getBufferSizePropertyDefinition() {
729    return PD_BUFFER_SIZE;
730  }
731
732
733
734  /**
735   * Get the "denied-client" property definition.
736   * <p>
737   * Specifies a set of host names or address masks that determine the
738   * clients that are not allowed to establish connections to this LDAP
739   * Connection Handler.
740   * <p>
741   * Valid values include a host name, a fully qualified domain name,
742   * a domain name, an IP address, or a subnetwork with subnetwork
743   * mask. If both allowed and denied client masks are defined and a
744   * client connection matches one or more masks in both lists, then
745   * the connection is denied. If only a denied list is specified, then
746   * any client not matching a mask in that list is allowed.
747   *
748   * @return Returns the "denied-client" property definition.
749   */
750  public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition() {
751    return ConnectionHandlerCfgDefn.getInstance().getDeniedClientPropertyDefinition();
752  }
753
754
755
756  /**
757   * Get the "enabled" property definition.
758   * <p>
759   * Indicates whether the LDAP Connection Handler is enabled.
760   *
761   * @return Returns the "enabled" property definition.
762   */
763  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
764    return ConnectionHandlerCfgDefn.getInstance().getEnabledPropertyDefinition();
765  }
766
767
768
769  /**
770   * Get the "java-class" property definition.
771   * <p>
772   * Specifies the fully-qualified name of the Java class that
773   * provides the LDAP Connection Handler implementation.
774   *
775   * @return Returns the "java-class" property definition.
776   */
777  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
778    return PD_JAVA_CLASS;
779  }
780
781
782
783  /**
784   * Get the "keep-stats" property definition.
785   * <p>
786   * Indicates whether the LDAP Connection Handler should keep
787   * statistics.
788   * <p>
789   * If enabled, the LDAP Connection Handler maintains statistics
790   * about the number and types of operations requested over LDAP and
791   * the amount of data sent and received.
792   *
793   * @return Returns the "keep-stats" property definition.
794   */
795  public BooleanPropertyDefinition getKeepStatsPropertyDefinition() {
796    return PD_KEEP_STATS;
797  }
798
799
800
801  /**
802   * Get the "key-manager-provider" property definition.
803   * <p>
804   * Specifies the name of the key manager that should be used with
805   * this LDAP Connection Handler .
806   *
807   * @return Returns the "key-manager-provider" property definition.
808   */
809  public AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition() {
810    return PD_KEY_MANAGER_PROVIDER;
811  }
812
813
814
815  /**
816   * Get the "listen-address" property definition.
817   * <p>
818   * Specifies the address or set of addresses on which this LDAP
819   * Connection Handler should listen for connections from LDAP
820   * clients.
821   * <p>
822   * Multiple addresses may be provided as separate values for this
823   * attribute. If no values are provided, then the LDAP Connection
824   * Handler listens on all interfaces.
825   *
826   * @return Returns the "listen-address" property definition.
827   */
828  public IPAddressPropertyDefinition getListenAddressPropertyDefinition() {
829    return PD_LISTEN_ADDRESS;
830  }
831
832
833
834  /**
835   * Get the "listen-port" property definition.
836   * <p>
837   * Specifies the port number on which the LDAP Connection Handler
838   * will listen for connections from clients.
839   * <p>
840   * Only a single port number may be provided.
841   *
842   * @return Returns the "listen-port" property definition.
843   */
844  public IntegerPropertyDefinition getListenPortPropertyDefinition() {
845    return PD_LISTEN_PORT;
846  }
847
848
849
850  /**
851   * Get the "max-blocked-write-time-limit" property definition.
852   * <p>
853   * Specifies the maximum length of time that attempts to write data
854   * to LDAP clients should be allowed to block.
855   * <p>
856   * If an attempt to write data to a client takes longer than this
857   * length of time, then the client connection is terminated.
858   *
859   * @return Returns the "max-blocked-write-time-limit" property definition.
860   */
861  public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition() {
862    return PD_MAX_BLOCKED_WRITE_TIME_LIMIT;
863  }
864
865
866
867  /**
868   * Get the "max-request-size" property definition.
869   * <p>
870   * Specifies the size in bytes of the largest LDAP request message
871   * that will be allowed by this LDAP Connection handler.
872   * <p>
873   * This property is analogous to the maxBERSize configuration
874   * attribute of the Sun Java System Directory Server. This can help
875   * prevent denial-of-service attacks by clients that indicate they
876   * send extremely large requests to the server causing it to attempt
877   * to allocate large amounts of memory.
878   *
879   * @return Returns the "max-request-size" property definition.
880   */
881  public SizePropertyDefinition getMaxRequestSizePropertyDefinition() {
882    return PD_MAX_REQUEST_SIZE;
883  }
884
885
886
887  /**
888   * Get the "num-request-handlers" property definition.
889   * <p>
890   * Specifies the number of request handlers that are used to read
891   * requests from clients.
892   * <p>
893   * The LDAP Connection Handler uses one thread to accept new
894   * connections from clients, but uses one or more additional threads
895   * to read requests from existing client connections. This ensures
896   * that new requests are read efficiently and that the connection
897   * handler itself does not become a bottleneck when the server is
898   * under heavy load from many clients at the same time.
899   *
900   * @return Returns the "num-request-handlers" property definition.
901   */
902  public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition() {
903    return PD_NUM_REQUEST_HANDLERS;
904  }
905
906
907
908  /**
909   * Get the "send-rejection-notice" property definition.
910   * <p>
911   * Indicates whether the LDAP Connection Handler should send a
912   * notice of disconnection extended response message to the client if
913   * a new connection is rejected for some reason.
914   * <p>
915   * The extended response message may provide an explanation
916   * indicating the reason that the connection was rejected.
917   *
918   * @return Returns the "send-rejection-notice" property definition.
919   */
920  public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition() {
921    return PD_SEND_REJECTION_NOTICE;
922  }
923
924
925
926  /**
927   * Get the "ssl-cert-nickname" property definition.
928   * <p>
929   * Specifies the nickname (also called the alias) of the certificate
930   * that the LDAP Connection Handler should use when performing SSL
931   * communication.
932   * <p>
933   * This is only applicable when the LDAP Connection Handler is
934   * configured to use SSL.
935   *
936   * @return Returns the "ssl-cert-nickname" property definition.
937   */
938  public StringPropertyDefinition getSSLCertNicknamePropertyDefinition() {
939    return PD_SSL_CERT_NICKNAME;
940  }
941
942
943
944  /**
945   * Get the "ssl-cipher-suite" property definition.
946   * <p>
947   * Specifies the names of the SSL cipher suites that are allowed for
948   * use in SSL or StartTLS communication.
949   *
950   * @return Returns the "ssl-cipher-suite" property definition.
951   */
952  public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() {
953    return PD_SSL_CIPHER_SUITE;
954  }
955
956
957
958  /**
959   * Get the "ssl-client-auth-policy" property definition.
960   * <p>
961   * Specifies the policy that the LDAP Connection Handler should use
962   * regarding client SSL certificates. Clients can use the SASL
963   * EXTERNAL mechanism only if the policy is set to "optional" or
964   * "required".
965   * <p>
966   * This is only applicable if clients are allowed to use SSL.
967   *
968   * @return Returns the "ssl-client-auth-policy" property definition.
969   */
970  public EnumPropertyDefinition<SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition() {
971    return PD_SSL_CLIENT_AUTH_POLICY;
972  }
973
974
975
976  /**
977   * Get the "ssl-protocol" property definition.
978   * <p>
979   * Specifies the names of the SSL protocols that are allowed for use
980   * in SSL or StartTLS communication.
981   *
982   * @return Returns the "ssl-protocol" property definition.
983   */
984  public StringPropertyDefinition getSSLProtocolPropertyDefinition() {
985    return PD_SSL_PROTOCOL;
986  }
987
988
989
990  /**
991   * Get the "trust-manager-provider" property definition.
992   * <p>
993   * Specifies the name of the trust manager that should be used with
994   * the LDAP Connection Handler .
995   *
996   * @return Returns the "trust-manager-provider" property definition.
997   */
998  public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() {
999    return PD_TRUST_MANAGER_PROVIDER;
1000  }
1001
1002
1003
1004  /**
1005   * Get the "use-ssl" property definition.
1006   * <p>
1007   * Indicates whether the LDAP Connection Handler should use SSL.
1008   * <p>
1009   * If enabled, the LDAP Connection Handler will use SSL to encrypt
1010   * communication with the clients.
1011   *
1012   * @return Returns the "use-ssl" property definition.
1013   */
1014  public BooleanPropertyDefinition getUseSSLPropertyDefinition() {
1015    return PD_USE_SSL;
1016  }
1017
1018
1019
1020  /**
1021   * Get the "use-tcp-keep-alive" property definition.
1022   * <p>
1023   * Indicates whether the LDAP Connection Handler should use TCP
1024   * keep-alive.
1025   * <p>
1026   * If enabled, the SO_KEEPALIVE socket option is used to indicate
1027   * that TCP keepalive messages should periodically be sent to the
1028   * client to verify that the associated connection is still valid.
1029   * This may also help prevent cases in which intermediate network
1030   * hardware could silently drop an otherwise idle client connection,
1031   * provided that the keepalive interval configured in the underlying
1032   * operating system is smaller than the timeout enforced by the
1033   * network hardware.
1034   *
1035   * @return Returns the "use-tcp-keep-alive" property definition.
1036   */
1037  public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() {
1038    return PD_USE_TCP_KEEP_ALIVE;
1039  }
1040
1041
1042
1043  /**
1044   * Get the "use-tcp-no-delay" property definition.
1045   * <p>
1046   * Indicates whether the LDAP Connection Handler should use TCP
1047   * no-delay.
1048   * <p>
1049   * If enabled, the TCP_NODELAY socket option is used to ensure that
1050   * response messages to the client are sent immediately rather than
1051   * potentially waiting to determine whether additional response
1052   * messages can be sent in the same packet. In most cases, using the
1053   * TCP_NODELAY socket option provides better performance and lower
1054   * response times, but disabling it may help for some cases in which
1055   * the server sends a large number of entries to a client in response
1056   * to a search request.
1057   *
1058   * @return Returns the "use-tcp-no-delay" property definition.
1059   */
1060  public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() {
1061    return PD_USE_TCP_NO_DELAY;
1062  }
1063
1064
1065
1066  /**
1067   * Managed object client implementation.
1068   */
1069  private static class LDAPConnectionHandlerCfgClientImpl implements
1070    LDAPConnectionHandlerCfgClient {
1071
1072    // Private implementation.
1073    private ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl;
1074
1075
1076
1077    // Private constructor.
1078    private LDAPConnectionHandlerCfgClientImpl(
1079        ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) {
1080      this.impl = impl;
1081    }
1082
1083
1084
1085    /**
1086     * {@inheritDoc}
1087     */
1088    public int getAcceptBacklog() {
1089      return impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition());
1090    }
1091
1092
1093
1094    /**
1095     * {@inheritDoc}
1096     */
1097    public void setAcceptBacklog(Integer value) {
1098      impl.setPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition(), value);
1099    }
1100
1101
1102
1103    /**
1104     * {@inheritDoc}
1105     */
1106    public SortedSet<AddressMask> getAllowedClient() {
1107      return impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition());
1108    }
1109
1110
1111
1112    /**
1113     * {@inheritDoc}
1114     */
1115    public void setAllowedClient(Collection<AddressMask> values) {
1116      impl.setPropertyValues(INSTANCE.getAllowedClientPropertyDefinition(), values);
1117    }
1118
1119
1120
1121    /**
1122     * {@inheritDoc}
1123     */
1124    public boolean isAllowLDAPV2() {
1125      return impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition());
1126    }
1127
1128
1129
1130    /**
1131     * {@inheritDoc}
1132     */
1133    public void setAllowLDAPV2(Boolean value) {
1134      impl.setPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition(), value);
1135    }
1136
1137
1138
1139    /**
1140     * {@inheritDoc}
1141     */
1142    public boolean isAllowStartTLS() {
1143      return impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition());
1144    }
1145
1146
1147
1148    /**
1149     * {@inheritDoc}
1150     */
1151    public void setAllowStartTLS(Boolean value) {
1152      impl.setPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition(), value);
1153    }
1154
1155
1156
1157    /**
1158     * {@inheritDoc}
1159     */
1160    public boolean isAllowTCPReuseAddress() {
1161      return impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition());
1162    }
1163
1164
1165
1166    /**
1167     * {@inheritDoc}
1168     */
1169    public void setAllowTCPReuseAddress(Boolean value) {
1170      impl.setPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition(), value);
1171    }
1172
1173
1174
1175    /**
1176     * {@inheritDoc}
1177     */
1178    public long getBufferSize() {
1179      return impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition());
1180    }
1181
1182
1183
1184    /**
1185     * {@inheritDoc}
1186     */
1187    public void setBufferSize(Long value) {
1188      impl.setPropertyValue(INSTANCE.getBufferSizePropertyDefinition(), value);
1189    }
1190
1191
1192
1193    /**
1194     * {@inheritDoc}
1195     */
1196    public SortedSet<AddressMask> getDeniedClient() {
1197      return impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition());
1198    }
1199
1200
1201
1202    /**
1203     * {@inheritDoc}
1204     */
1205    public void setDeniedClient(Collection<AddressMask> values) {
1206      impl.setPropertyValues(INSTANCE.getDeniedClientPropertyDefinition(), values);
1207    }
1208
1209
1210
1211    /**
1212     * {@inheritDoc}
1213     */
1214    public Boolean isEnabled() {
1215      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
1216    }
1217
1218
1219
1220    /**
1221     * {@inheritDoc}
1222     */
1223    public void setEnabled(boolean value) {
1224      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
1225    }
1226
1227
1228
1229    /**
1230     * {@inheritDoc}
1231     */
1232    public String getJavaClass() {
1233      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1234    }
1235
1236
1237
1238    /**
1239     * {@inheritDoc}
1240     */
1241    public void setJavaClass(String value) {
1242      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
1243    }
1244
1245
1246
1247    /**
1248     * {@inheritDoc}
1249     */
1250    public boolean isKeepStats() {
1251      return impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition());
1252    }
1253
1254
1255
1256    /**
1257     * {@inheritDoc}
1258     */
1259    public void setKeepStats(Boolean value) {
1260      impl.setPropertyValue(INSTANCE.getKeepStatsPropertyDefinition(), value);
1261    }
1262
1263
1264
1265    /**
1266     * {@inheritDoc}
1267     */
1268    public String getKeyManagerProvider() {
1269      return impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition());
1270    }
1271
1272
1273
1274    /**
1275     * {@inheritDoc}
1276     */
1277    public void setKeyManagerProvider(String value) {
1278      impl.setPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition(), value);
1279    }
1280
1281
1282
1283    /**
1284     * {@inheritDoc}
1285     */
1286    public SortedSet<InetAddress> getListenAddress() {
1287      return impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition());
1288    }
1289
1290
1291
1292    /**
1293     * {@inheritDoc}
1294     */
1295    public void setListenAddress(Collection<InetAddress> values) {
1296      impl.setPropertyValues(INSTANCE.getListenAddressPropertyDefinition(), values);
1297    }
1298
1299
1300
1301    /**
1302     * {@inheritDoc}
1303     */
1304    public Integer getListenPort() {
1305      return impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition());
1306    }
1307
1308
1309
1310    /**
1311     * {@inheritDoc}
1312     */
1313    public void setListenPort(int value) {
1314      impl.setPropertyValue(INSTANCE.getListenPortPropertyDefinition(), value);
1315    }
1316
1317
1318
1319    /**
1320     * {@inheritDoc}
1321     */
1322    public long getMaxBlockedWriteTimeLimit() {
1323      return impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition());
1324    }
1325
1326
1327
1328    /**
1329     * {@inheritDoc}
1330     */
1331    public void setMaxBlockedWriteTimeLimit(Long value) {
1332      impl.setPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition(), value);
1333    }
1334
1335
1336
1337    /**
1338     * {@inheritDoc}
1339     */
1340    public long getMaxRequestSize() {
1341      return impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition());
1342    }
1343
1344
1345
1346    /**
1347     * {@inheritDoc}
1348     */
1349    public void setMaxRequestSize(Long value) {
1350      impl.setPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition(), value);
1351    }
1352
1353
1354
1355    /**
1356     * {@inheritDoc}
1357     */
1358    public Integer getNumRequestHandlers() {
1359      return impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition());
1360    }
1361
1362
1363
1364    /**
1365     * {@inheritDoc}
1366     */
1367    public void setNumRequestHandlers(Integer value) {
1368      impl.setPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition(), value);
1369    }
1370
1371
1372
1373    /**
1374     * {@inheritDoc}
1375     */
1376    public boolean isSendRejectionNotice() {
1377      return impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition());
1378    }
1379
1380
1381
1382    /**
1383     * {@inheritDoc}
1384     */
1385    public void setSendRejectionNotice(Boolean value) {
1386      impl.setPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition(), value);
1387    }
1388
1389
1390
1391    /**
1392     * {@inheritDoc}
1393     */
1394    public String getSSLCertNickname() {
1395      return impl.getPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition());
1396    }
1397
1398
1399
1400    /**
1401     * {@inheritDoc}
1402     */
1403    public void setSSLCertNickname(String value) {
1404      impl.setPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition(), value);
1405    }
1406
1407
1408
1409    /**
1410     * {@inheritDoc}
1411     */
1412    public SortedSet<String> getSSLCipherSuite() {
1413      return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1414    }
1415
1416
1417
1418    /**
1419     * {@inheritDoc}
1420     */
1421    public void setSSLCipherSuite(Collection<String> values) {
1422      impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values);
1423    }
1424
1425
1426
1427    /**
1428     * {@inheritDoc}
1429     */
1430    public SSLClientAuthPolicy getSSLClientAuthPolicy() {
1431      return impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition());
1432    }
1433
1434
1435
1436    /**
1437     * {@inheritDoc}
1438     */
1439    public void setSSLClientAuthPolicy(SSLClientAuthPolicy value) {
1440      impl.setPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition(), value);
1441    }
1442
1443
1444
1445    /**
1446     * {@inheritDoc}
1447     */
1448    public SortedSet<String> getSSLProtocol() {
1449      return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1450    }
1451
1452
1453
1454    /**
1455     * {@inheritDoc}
1456     */
1457    public void setSSLProtocol(Collection<String> values) {
1458      impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values);
1459    }
1460
1461
1462
1463    /**
1464     * {@inheritDoc}
1465     */
1466    public String getTrustManagerProvider() {
1467      return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1468    }
1469
1470
1471
1472    /**
1473     * {@inheritDoc}
1474     */
1475    public void setTrustManagerProvider(String value) {
1476      impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value);
1477    }
1478
1479
1480
1481    /**
1482     * {@inheritDoc}
1483     */
1484    public boolean isUseSSL() {
1485      return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1486    }
1487
1488
1489
1490    /**
1491     * {@inheritDoc}
1492     */
1493    public void setUseSSL(Boolean value) {
1494      impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value);
1495    }
1496
1497
1498
1499    /**
1500     * {@inheritDoc}
1501     */
1502    public boolean isUseTCPKeepAlive() {
1503      return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1504    }
1505
1506
1507
1508    /**
1509     * {@inheritDoc}
1510     */
1511    public void setUseTCPKeepAlive(Boolean value) {
1512      impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value);
1513    }
1514
1515
1516
1517    /**
1518     * {@inheritDoc}
1519     */
1520    public boolean isUseTCPNoDelay() {
1521      return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1522    }
1523
1524
1525
1526    /**
1527     * {@inheritDoc}
1528     */
1529    public void setUseTCPNoDelay(Boolean value) {
1530      impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value);
1531    }
1532
1533
1534
1535    /**
1536     * {@inheritDoc}
1537     */
1538    public ManagedObjectDefinition<? extends LDAPConnectionHandlerCfgClient, ? extends LDAPConnectionHandlerCfg> definition() {
1539      return INSTANCE;
1540    }
1541
1542
1543
1544    /**
1545     * {@inheritDoc}
1546     */
1547    public PropertyProvider properties() {
1548      return impl;
1549    }
1550
1551
1552
1553    /**
1554     * {@inheritDoc}
1555     */
1556    public void commit() throws ManagedObjectAlreadyExistsException,
1557        MissingMandatoryPropertiesException, ConcurrentModificationException,
1558        OperationRejectedException, LdapException {
1559      impl.commit();
1560    }
1561
1562  }
1563
1564
1565
1566  /**
1567   * Managed object server implementation.
1568   */
1569  private static class LDAPConnectionHandlerCfgServerImpl implements
1570    LDAPConnectionHandlerCfg {
1571
1572    // Private implementation.
1573    private ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl;
1574
1575    // The value of the "accept-backlog" property.
1576    private final int pAcceptBacklog;
1577
1578    // The value of the "allowed-client" property.
1579    private final SortedSet<AddressMask> pAllowedClient;
1580
1581    // The value of the "allow-ldap-v2" property.
1582    private final boolean pAllowLDAPV2;
1583
1584    // The value of the "allow-start-tls" property.
1585    private final boolean pAllowStartTLS;
1586
1587    // The value of the "allow-tcp-reuse-address" property.
1588    private final boolean pAllowTCPReuseAddress;
1589
1590    // The value of the "buffer-size" property.
1591    private final long pBufferSize;
1592
1593    // The value of the "denied-client" property.
1594    private final SortedSet<AddressMask> pDeniedClient;
1595
1596    // The value of the "enabled" property.
1597    private final boolean pEnabled;
1598
1599    // The value of the "java-class" property.
1600    private final String pJavaClass;
1601
1602    // The value of the "keep-stats" property.
1603    private final boolean pKeepStats;
1604
1605    // The value of the "key-manager-provider" property.
1606    private final String pKeyManagerProvider;
1607
1608    // The value of the "listen-address" property.
1609    private final SortedSet<InetAddress> pListenAddress;
1610
1611    // The value of the "listen-port" property.
1612    private final int pListenPort;
1613
1614    // The value of the "max-blocked-write-time-limit" property.
1615    private final long pMaxBlockedWriteTimeLimit;
1616
1617    // The value of the "max-request-size" property.
1618    private final long pMaxRequestSize;
1619
1620    // The value of the "num-request-handlers" property.
1621    private final Integer pNumRequestHandlers;
1622
1623    // The value of the "send-rejection-notice" property.
1624    private final boolean pSendRejectionNotice;
1625
1626    // The value of the "ssl-cert-nickname" property.
1627    private final String pSSLCertNickname;
1628
1629    // The value of the "ssl-cipher-suite" property.
1630    private final SortedSet<String> pSSLCipherSuite;
1631
1632    // The value of the "ssl-client-auth-policy" property.
1633    private final SSLClientAuthPolicy pSSLClientAuthPolicy;
1634
1635    // The value of the "ssl-protocol" property.
1636    private final SortedSet<String> pSSLProtocol;
1637
1638    // The value of the "trust-manager-provider" property.
1639    private final String pTrustManagerProvider;
1640
1641    // The value of the "use-ssl" property.
1642    private final boolean pUseSSL;
1643
1644    // The value of the "use-tcp-keep-alive" property.
1645    private final boolean pUseTCPKeepAlive;
1646
1647    // The value of the "use-tcp-no-delay" property.
1648    private final boolean pUseTCPNoDelay;
1649
1650
1651
1652    // Private constructor.
1653    private LDAPConnectionHandlerCfgServerImpl(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) {
1654      this.impl = impl;
1655      this.pAcceptBacklog = impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition());
1656      this.pAllowedClient = impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition());
1657      this.pAllowLDAPV2 = impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition());
1658      this.pAllowStartTLS = impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition());
1659      this.pAllowTCPReuseAddress = impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition());
1660      this.pBufferSize = impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition());
1661      this.pDeniedClient = impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition());
1662      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
1663      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1664      this.pKeepStats = impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition());
1665      this.pKeyManagerProvider = impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition());
1666      this.pListenAddress = impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition());
1667      this.pListenPort = impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition());
1668      this.pMaxBlockedWriteTimeLimit = impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition());
1669      this.pMaxRequestSize = impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition());
1670      this.pNumRequestHandlers = impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition());
1671      this.pSendRejectionNotice = impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition());
1672      this.pSSLCertNickname = impl.getPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition());
1673      this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1674      this.pSSLClientAuthPolicy = impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition());
1675      this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1676      this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1677      this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1678      this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1679      this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1680    }
1681
1682
1683
1684    /**
1685     * {@inheritDoc}
1686     */
1687    public void addLDAPChangeListener(
1688        ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) {
1689      impl.registerChangeListener(listener);
1690    }
1691
1692
1693
1694    /**
1695     * {@inheritDoc}
1696     */
1697    public void removeLDAPChangeListener(
1698        ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) {
1699      impl.deregisterChangeListener(listener);
1700    }
1701    /**
1702     * {@inheritDoc}
1703     */
1704    public void addChangeListener(
1705        ConfigurationChangeListener<ConnectionHandlerCfg> listener) {
1706      impl.registerChangeListener(listener);
1707    }
1708
1709
1710
1711    /**
1712     * {@inheritDoc}
1713     */
1714    public void removeChangeListener(
1715        ConfigurationChangeListener<ConnectionHandlerCfg> listener) {
1716      impl.deregisterChangeListener(listener);
1717    }
1718
1719
1720
1721    /**
1722     * {@inheritDoc}
1723     */
1724    public int getAcceptBacklog() {
1725      return pAcceptBacklog;
1726    }
1727
1728
1729
1730    /**
1731     * {@inheritDoc}
1732     */
1733    public SortedSet<AddressMask> getAllowedClient() {
1734      return pAllowedClient;
1735    }
1736
1737
1738
1739    /**
1740     * {@inheritDoc}
1741     */
1742    public boolean isAllowLDAPV2() {
1743      return pAllowLDAPV2;
1744    }
1745
1746
1747
1748    /**
1749     * {@inheritDoc}
1750     */
1751    public boolean isAllowStartTLS() {
1752      return pAllowStartTLS;
1753    }
1754
1755
1756
1757    /**
1758     * {@inheritDoc}
1759     */
1760    public boolean isAllowTCPReuseAddress() {
1761      return pAllowTCPReuseAddress;
1762    }
1763
1764
1765
1766    /**
1767     * {@inheritDoc}
1768     */
1769    public long getBufferSize() {
1770      return pBufferSize;
1771    }
1772
1773
1774
1775    /**
1776     * {@inheritDoc}
1777     */
1778    public SortedSet<AddressMask> getDeniedClient() {
1779      return pDeniedClient;
1780    }
1781
1782
1783
1784    /**
1785     * {@inheritDoc}
1786     */
1787    public boolean isEnabled() {
1788      return pEnabled;
1789    }
1790
1791
1792
1793    /**
1794     * {@inheritDoc}
1795     */
1796    public String getJavaClass() {
1797      return pJavaClass;
1798    }
1799
1800
1801
1802    /**
1803     * {@inheritDoc}
1804     */
1805    public boolean isKeepStats() {
1806      return pKeepStats;
1807    }
1808
1809
1810
1811    /**
1812     * {@inheritDoc}
1813     */
1814    public String getKeyManagerProvider() {
1815      return pKeyManagerProvider;
1816    }
1817
1818
1819
1820    /**
1821     * {@inheritDoc}
1822     */
1823    public DN getKeyManagerProviderDN() {
1824      String value = getKeyManagerProvider();
1825      if (value == null) return null;
1826      return INSTANCE.getKeyManagerProviderPropertyDefinition().getChildDN(value);
1827    }
1828
1829
1830
1831    /**
1832     * {@inheritDoc}
1833     */
1834    public SortedSet<InetAddress> getListenAddress() {
1835      return pListenAddress;
1836    }
1837
1838
1839
1840    /**
1841     * {@inheritDoc}
1842     */
1843    public int getListenPort() {
1844      return pListenPort;
1845    }
1846
1847
1848
1849    /**
1850     * {@inheritDoc}
1851     */
1852    public long getMaxBlockedWriteTimeLimit() {
1853      return pMaxBlockedWriteTimeLimit;
1854    }
1855
1856
1857
1858    /**
1859     * {@inheritDoc}
1860     */
1861    public long getMaxRequestSize() {
1862      return pMaxRequestSize;
1863    }
1864
1865
1866
1867    /**
1868     * {@inheritDoc}
1869     */
1870    public Integer getNumRequestHandlers() {
1871      return pNumRequestHandlers;
1872    }
1873
1874
1875
1876    /**
1877     * {@inheritDoc}
1878     */
1879    public boolean isSendRejectionNotice() {
1880      return pSendRejectionNotice;
1881    }
1882
1883
1884
1885    /**
1886     * {@inheritDoc}
1887     */
1888    public String getSSLCertNickname() {
1889      return pSSLCertNickname;
1890    }
1891
1892
1893
1894    /**
1895     * {@inheritDoc}
1896     */
1897    public SortedSet<String> getSSLCipherSuite() {
1898      return pSSLCipherSuite;
1899    }
1900
1901
1902
1903    /**
1904     * {@inheritDoc}
1905     */
1906    public SSLClientAuthPolicy getSSLClientAuthPolicy() {
1907      return pSSLClientAuthPolicy;
1908    }
1909
1910
1911
1912    /**
1913     * {@inheritDoc}
1914     */
1915    public SortedSet<String> getSSLProtocol() {
1916      return pSSLProtocol;
1917    }
1918
1919
1920
1921    /**
1922     * {@inheritDoc}
1923     */
1924    public String getTrustManagerProvider() {
1925      return pTrustManagerProvider;
1926    }
1927
1928
1929
1930    /**
1931     * {@inheritDoc}
1932     */
1933    public DN getTrustManagerProviderDN() {
1934      String value = getTrustManagerProvider();
1935      if (value == null) return null;
1936      return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value);
1937    }
1938
1939
1940
1941    /**
1942     * {@inheritDoc}
1943     */
1944    public boolean isUseSSL() {
1945      return pUseSSL;
1946    }
1947
1948
1949
1950    /**
1951     * {@inheritDoc}
1952     */
1953    public boolean isUseTCPKeepAlive() {
1954      return pUseTCPKeepAlive;
1955    }
1956
1957
1958
1959    /**
1960     * {@inheritDoc}
1961     */
1962    public boolean isUseTCPNoDelay() {
1963      return pUseTCPNoDelay;
1964    }
1965
1966
1967
1968    /**
1969     * {@inheritDoc}
1970     */
1971    public Class<? extends LDAPConnectionHandlerCfg> configurationClass() {
1972      return LDAPConnectionHandlerCfg.class;
1973    }
1974
1975
1976
1977    /**
1978     * {@inheritDoc}
1979     */
1980    public DN dn() {
1981      return impl.getDN();
1982    }
1983
1984  }
1985}