001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import java.util.Collection;
031import java.util.SortedSet;
032import org.forgerock.opendj.config.AdministratorAction;
033import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
034import org.forgerock.opendj.config.AttributeTypePropertyDefinition;
035import org.forgerock.opendj.config.BooleanPropertyDefinition;
036import org.forgerock.opendj.config.ClassPropertyDefinition;
037import org.forgerock.opendj.config.client.ConcurrentModificationException;
038import org.forgerock.opendj.config.client.ManagedObject;
039import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
040import org.forgerock.opendj.config.client.OperationRejectedException;
041import org.forgerock.opendj.config.DefaultBehaviorProvider;
042import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
043import org.forgerock.opendj.config.IntegerPropertyDefinition;
044import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
045import org.forgerock.opendj.config.ManagedObjectDefinition;
046import org.forgerock.opendj.config.PropertyOption;
047import org.forgerock.opendj.config.PropertyProvider;
048import org.forgerock.opendj.config.server.ConfigurationChangeListener;
049import org.forgerock.opendj.config.server.ServerManagedObject;
050import org.forgerock.opendj.config.Tag;
051import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
052import org.forgerock.opendj.ldap.DN;
053import org.forgerock.opendj.ldap.LdapException;
054import org.forgerock.opendj.ldap.schema.AttributeType;
055import org.forgerock.opendj.server.config.client.AttributeValuePasswordValidatorCfgClient;
056import org.forgerock.opendj.server.config.server.AttributeValuePasswordValidatorCfg;
057import org.forgerock.opendj.server.config.server.PasswordValidatorCfg;
058
059
060
061/**
062 * An interface for querying the Attribute Value Password Validator
063 * managed object definition meta information.
064 * <p>
065 * The Attribute Value Password Validator attempts to determine
066 * whether a proposed password is acceptable for use by determining
067 * whether that password is contained in any attribute within the
068 * user's entry.
069 */
070public final class AttributeValuePasswordValidatorCfgDefn extends ManagedObjectDefinition<AttributeValuePasswordValidatorCfgClient, AttributeValuePasswordValidatorCfg> {
071
072  // The singleton configuration definition instance.
073  private static final AttributeValuePasswordValidatorCfgDefn INSTANCE = new AttributeValuePasswordValidatorCfgDefn();
074
075
076
077  // The "check-substrings" property definition.
078  private static final BooleanPropertyDefinition PD_CHECK_SUBSTRINGS;
079
080
081
082  // The "java-class" property definition.
083  private static final ClassPropertyDefinition PD_JAVA_CLASS;
084
085
086
087  // The "match-attribute" property definition.
088  private static final AttributeTypePropertyDefinition PD_MATCH_ATTRIBUTE;
089
090
091
092  // The "min-substring-length" property definition.
093  private static final IntegerPropertyDefinition PD_MIN_SUBSTRING_LENGTH;
094
095
096
097  // The "test-reversed-password" property definition.
098  private static final BooleanPropertyDefinition PD_TEST_REVERSED_PASSWORD;
099
100
101
102  // Build the "check-substrings" property definition.
103  static {
104      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "check-substrings");
105      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "check-substrings"));
106      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
107      builder.setDefaultBehaviorProvider(provider);
108      PD_CHECK_SUBSTRINGS = builder.getInstance();
109      INSTANCE.registerPropertyDefinition(PD_CHECK_SUBSTRINGS);
110  }
111
112
113
114  // Build the "java-class" property definition.
115  static {
116      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
117      builder.setOption(PropertyOption.MANDATORY);
118      builder.setOption(PropertyOption.ADVANCED);
119      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
120      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.AttributeValuePasswordValidator");
121      builder.setDefaultBehaviorProvider(provider);
122      builder.addInstanceOf("org.opends.server.api.PasswordValidator");
123      PD_JAVA_CLASS = builder.getInstance();
124      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
125  }
126
127
128
129  // Build the "match-attribute" property definition.
130  static {
131      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "match-attribute");
132      builder.setOption(PropertyOption.MULTI_VALUED);
133      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "match-attribute"));
134      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<AttributeType>(INSTANCE, "match-attribute"));
135      PD_MATCH_ATTRIBUTE = builder.getInstance();
136      INSTANCE.registerPropertyDefinition(PD_MATCH_ATTRIBUTE);
137  }
138
139
140
141  // Build the "min-substring-length" property definition.
142  static {
143      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "min-substring-length");
144      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "min-substring-length"));
145      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("5");
146      builder.setDefaultBehaviorProvider(provider);
147      PD_MIN_SUBSTRING_LENGTH = builder.getInstance();
148      INSTANCE.registerPropertyDefinition(PD_MIN_SUBSTRING_LENGTH);
149  }
150
151
152
153  // Build the "test-reversed-password" property definition.
154  static {
155      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "test-reversed-password");
156      builder.setOption(PropertyOption.MANDATORY);
157      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "test-reversed-password"));
158      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Boolean>());
159      PD_TEST_REVERSED_PASSWORD = builder.getInstance();
160      INSTANCE.registerPropertyDefinition(PD_TEST_REVERSED_PASSWORD);
161  }
162
163
164
165  // Register the tags associated with this managed object definition.
166  static {
167    INSTANCE.registerTag(Tag.valueOf("user-management"));
168  }
169
170
171
172  /**
173   * Get the Attribute Value Password Validator configuration
174   * definition singleton.
175   *
176   * @return Returns the Attribute Value Password Validator
177   *         configuration definition singleton.
178   */
179  public static AttributeValuePasswordValidatorCfgDefn getInstance() {
180    return INSTANCE;
181  }
182
183
184
185  /**
186   * Private constructor.
187   */
188  private AttributeValuePasswordValidatorCfgDefn() {
189    super("attribute-value-password-validator", PasswordValidatorCfgDefn.getInstance());
190  }
191
192
193
194  /**
195   * {@inheritDoc}
196   */
197  public AttributeValuePasswordValidatorCfgClient createClientConfiguration(
198      ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl) {
199    return new AttributeValuePasswordValidatorCfgClientImpl(impl);
200  }
201
202
203
204  /**
205   * {@inheritDoc}
206   */
207  public AttributeValuePasswordValidatorCfg createServerConfiguration(
208      ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl) {
209    return new AttributeValuePasswordValidatorCfgServerImpl(impl);
210  }
211
212
213
214  /**
215   * {@inheritDoc}
216   */
217  public Class<AttributeValuePasswordValidatorCfg> getServerConfigurationClass() {
218    return AttributeValuePasswordValidatorCfg.class;
219  }
220
221
222
223  /**
224   * Get the "check-substrings" property definition.
225   * <p>
226   * Indicates whether this password validator is to match portions of
227   * the password string against attribute values.
228   * <p>
229   * If "false" then only match the entire password against attribute
230   * values otherwise ("true") check whether the password contains
231   * attribute values.
232   *
233   * @return Returns the "check-substrings" property definition.
234   */
235  public BooleanPropertyDefinition getCheckSubstringsPropertyDefinition() {
236    return PD_CHECK_SUBSTRINGS;
237  }
238
239
240
241  /**
242   * Get the "enabled" property definition.
243   * <p>
244   * Indicates whether the password validator is enabled for use.
245   *
246   * @return Returns the "enabled" property definition.
247   */
248  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
249    return PasswordValidatorCfgDefn.getInstance().getEnabledPropertyDefinition();
250  }
251
252
253
254  /**
255   * Get the "java-class" property definition.
256   * <p>
257   * Specifies the fully-qualified name of the Java class that
258   * provides the password validator implementation.
259   *
260   * @return Returns the "java-class" property definition.
261   */
262  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
263    return PD_JAVA_CLASS;
264  }
265
266
267
268  /**
269   * Get the "match-attribute" property definition.
270   * <p>
271   * Specifies the name(s) of the attribute(s) whose values should be
272   * checked to determine whether they match the provided password. If
273   * no values are provided, then the server checks if the proposed
274   * password matches the value of any attribute in the user's entry.
275   *
276   * @return Returns the "match-attribute" property definition.
277   */
278  public AttributeTypePropertyDefinition getMatchAttributePropertyDefinition() {
279    return PD_MATCH_ATTRIBUTE;
280  }
281
282
283
284  /**
285   * Get the "min-substring-length" property definition.
286   * <p>
287   * Indicates the minimal length of the substring within the password
288   * in case substring checking is enabled.
289   * <p>
290   * If "check-substrings" option is set to true, then this parameter
291   * defines the length of the smallest word which should be used for
292   * substring matching. Use with caution because values below 3 might
293   * disqualify valid passwords.
294   *
295   * @return Returns the "min-substring-length" property definition.
296   */
297  public IntegerPropertyDefinition getMinSubstringLengthPropertyDefinition() {
298    return PD_MIN_SUBSTRING_LENGTH;
299  }
300
301
302
303  /**
304   * Get the "test-reversed-password" property definition.
305   * <p>
306   * Indicates whether this password validator should test the
307   * reversed value of the provided password as well as the order in
308   * which it was given.
309   *
310   * @return Returns the "test-reversed-password" property definition.
311   */
312  public BooleanPropertyDefinition getTestReversedPasswordPropertyDefinition() {
313    return PD_TEST_REVERSED_PASSWORD;
314  }
315
316
317
318  /**
319   * Managed object client implementation.
320   */
321  private static class AttributeValuePasswordValidatorCfgClientImpl implements
322    AttributeValuePasswordValidatorCfgClient {
323
324    // Private implementation.
325    private ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl;
326
327
328
329    // Private constructor.
330    private AttributeValuePasswordValidatorCfgClientImpl(
331        ManagedObject<? extends AttributeValuePasswordValidatorCfgClient> impl) {
332      this.impl = impl;
333    }
334
335
336
337    /**
338     * {@inheritDoc}
339     */
340    public boolean isCheckSubstrings() {
341      return impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition());
342    }
343
344
345
346    /**
347     * {@inheritDoc}
348     */
349    public void setCheckSubstrings(Boolean value) {
350      impl.setPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition(), value);
351    }
352
353
354
355    /**
356     * {@inheritDoc}
357     */
358    public Boolean isEnabled() {
359      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
360    }
361
362
363
364    /**
365     * {@inheritDoc}
366     */
367    public void setEnabled(boolean value) {
368      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
369    }
370
371
372
373    /**
374     * {@inheritDoc}
375     */
376    public String getJavaClass() {
377      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
378    }
379
380
381
382    /**
383     * {@inheritDoc}
384     */
385    public void setJavaClass(String value) {
386      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
387    }
388
389
390
391    /**
392     * {@inheritDoc}
393     */
394    public SortedSet<AttributeType> getMatchAttribute() {
395      return impl.getPropertyValues(INSTANCE.getMatchAttributePropertyDefinition());
396    }
397
398
399
400    /**
401     * {@inheritDoc}
402     */
403    public void setMatchAttribute(Collection<AttributeType> values) {
404      impl.setPropertyValues(INSTANCE.getMatchAttributePropertyDefinition(), values);
405    }
406
407
408
409    /**
410     * {@inheritDoc}
411     */
412    public int getMinSubstringLength() {
413      return impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition());
414    }
415
416
417
418    /**
419     * {@inheritDoc}
420     */
421    public void setMinSubstringLength(Integer value) {
422      impl.setPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition(), value);
423    }
424
425
426
427    /**
428     * {@inheritDoc}
429     */
430    public Boolean isTestReversedPassword() {
431      return impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition());
432    }
433
434
435
436    /**
437     * {@inheritDoc}
438     */
439    public void setTestReversedPassword(boolean value) {
440      impl.setPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition(), value);
441    }
442
443
444
445    /**
446     * {@inheritDoc}
447     */
448    public ManagedObjectDefinition<? extends AttributeValuePasswordValidatorCfgClient, ? extends AttributeValuePasswordValidatorCfg> definition() {
449      return INSTANCE;
450    }
451
452
453
454    /**
455     * {@inheritDoc}
456     */
457    public PropertyProvider properties() {
458      return impl;
459    }
460
461
462
463    /**
464     * {@inheritDoc}
465     */
466    public void commit() throws ManagedObjectAlreadyExistsException,
467        MissingMandatoryPropertiesException, ConcurrentModificationException,
468        OperationRejectedException, LdapException {
469      impl.commit();
470    }
471
472  }
473
474
475
476  /**
477   * Managed object server implementation.
478   */
479  private static class AttributeValuePasswordValidatorCfgServerImpl implements
480    AttributeValuePasswordValidatorCfg {
481
482    // Private implementation.
483    private ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl;
484
485    // The value of the "check-substrings" property.
486    private final boolean pCheckSubstrings;
487
488    // The value of the "enabled" property.
489    private final boolean pEnabled;
490
491    // The value of the "java-class" property.
492    private final String pJavaClass;
493
494    // The value of the "match-attribute" property.
495    private final SortedSet<AttributeType> pMatchAttribute;
496
497    // The value of the "min-substring-length" property.
498    private final int pMinSubstringLength;
499
500    // The value of the "test-reversed-password" property.
501    private final boolean pTestReversedPassword;
502
503
504
505    // Private constructor.
506    private AttributeValuePasswordValidatorCfgServerImpl(ServerManagedObject<? extends AttributeValuePasswordValidatorCfg> impl) {
507      this.impl = impl;
508      this.pCheckSubstrings = impl.getPropertyValue(INSTANCE.getCheckSubstringsPropertyDefinition());
509      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
510      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
511      this.pMatchAttribute = impl.getPropertyValues(INSTANCE.getMatchAttributePropertyDefinition());
512      this.pMinSubstringLength = impl.getPropertyValue(INSTANCE.getMinSubstringLengthPropertyDefinition());
513      this.pTestReversedPassword = impl.getPropertyValue(INSTANCE.getTestReversedPasswordPropertyDefinition());
514    }
515
516
517
518    /**
519     * {@inheritDoc}
520     */
521    public void addAttributeValueChangeListener(
522        ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener) {
523      impl.registerChangeListener(listener);
524    }
525
526
527
528    /**
529     * {@inheritDoc}
530     */
531    public void removeAttributeValueChangeListener(
532        ConfigurationChangeListener<AttributeValuePasswordValidatorCfg> listener) {
533      impl.deregisterChangeListener(listener);
534    }
535    /**
536     * {@inheritDoc}
537     */
538    public void addChangeListener(
539        ConfigurationChangeListener<PasswordValidatorCfg> listener) {
540      impl.registerChangeListener(listener);
541    }
542
543
544
545    /**
546     * {@inheritDoc}
547     */
548    public void removeChangeListener(
549        ConfigurationChangeListener<PasswordValidatorCfg> listener) {
550      impl.deregisterChangeListener(listener);
551    }
552
553
554
555    /**
556     * {@inheritDoc}
557     */
558    public boolean isCheckSubstrings() {
559      return pCheckSubstrings;
560    }
561
562
563
564    /**
565     * {@inheritDoc}
566     */
567    public boolean isEnabled() {
568      return pEnabled;
569    }
570
571
572
573    /**
574     * {@inheritDoc}
575     */
576    public String getJavaClass() {
577      return pJavaClass;
578    }
579
580
581
582    /**
583     * {@inheritDoc}
584     */
585    public SortedSet<AttributeType> getMatchAttribute() {
586      return pMatchAttribute;
587    }
588
589
590
591    /**
592     * {@inheritDoc}
593     */
594    public int getMinSubstringLength() {
595      return pMinSubstringLength;
596    }
597
598
599
600    /**
601     * {@inheritDoc}
602     */
603    public boolean isTestReversedPassword() {
604      return pTestReversedPassword;
605    }
606
607
608
609    /**
610     * {@inheritDoc}
611     */
612    public Class<? extends AttributeValuePasswordValidatorCfg> configurationClass() {
613      return AttributeValuePasswordValidatorCfg.class;
614    }
615
616
617
618    /**
619     * {@inheritDoc}
620     */
621    public DN dn() {
622      return impl.getDN();
623    }
624
625  }
626}