001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import java.net.InetAddress; 031import java.util.Collection; 032import java.util.SortedSet; 033import org.forgerock.opendj.config.AdministratorAction; 034import org.forgerock.opendj.config.AggregationPropertyDefinition; 035import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 036import org.forgerock.opendj.config.AttributeTypePropertyDefinition; 037import org.forgerock.opendj.config.BooleanPropertyDefinition; 038import org.forgerock.opendj.config.ClassPropertyDefinition; 039import org.forgerock.opendj.config.client.ConcurrentModificationException; 040import org.forgerock.opendj.config.client.ManagedObject; 041import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 042import org.forgerock.opendj.config.client.OperationRejectedException; 043import org.forgerock.opendj.config.conditions.Conditions; 044import org.forgerock.opendj.config.DefaultBehaviorProvider; 045import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 046import org.forgerock.opendj.config.DNPropertyDefinition; 047import org.forgerock.opendj.config.DurationPropertyDefinition; 048import org.forgerock.opendj.config.EnumPropertyDefinition; 049import org.forgerock.opendj.config.GenericConstraint; 050import org.forgerock.opendj.config.IPAddressPropertyDefinition; 051import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 052import org.forgerock.opendj.config.ManagedObjectDefinition; 053import org.forgerock.opendj.config.PropertyOption; 054import org.forgerock.opendj.config.PropertyProvider; 055import org.forgerock.opendj.config.server.ConfigurationChangeListener; 056import org.forgerock.opendj.config.server.ServerManagedObject; 057import org.forgerock.opendj.config.StringPropertyDefinition; 058import org.forgerock.opendj.config.Tag; 059import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 060import org.forgerock.opendj.ldap.DN; 061import org.forgerock.opendj.ldap.LdapException; 062import org.forgerock.opendj.ldap.schema.AttributeType; 063import org.forgerock.opendj.server.config.client.LDAPPassThroughAuthenticationPolicyCfgClient; 064import org.forgerock.opendj.server.config.client.PasswordStorageSchemeCfgClient; 065import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient; 066import org.forgerock.opendj.server.config.server.AuthenticationPolicyCfg; 067import org.forgerock.opendj.server.config.server.LDAPPassThroughAuthenticationPolicyCfg; 068import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 069import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg; 070 071 072 073/** 074 * An interface for querying the LDAP Pass Through Authentication 075 * Policy managed object definition meta information. 076 * <p> 077 * An authentication policy for users whose credentials are managed by 078 * a remote LDAP directory service. 079 */ 080public final class LDAPPassThroughAuthenticationPolicyCfgDefn extends ManagedObjectDefinition<LDAPPassThroughAuthenticationPolicyCfgClient, LDAPPassThroughAuthenticationPolicyCfg> { 081 082 // The singleton configuration definition instance. 083 private static final LDAPPassThroughAuthenticationPolicyCfgDefn INSTANCE = new LDAPPassThroughAuthenticationPolicyCfgDefn(); 084 085 086 087 /** 088 * Defines the set of permissable values for the "mapping-policy" property. 089 * <p> 090 * Specifies the mapping algorithm for obtaining the bind DN from 091 * the user's entry. 092 */ 093 public static enum MappingPolicy { 094 095 /** 096 * Bind to the remote LDAP directory service using a DN obtained 097 * from an attribute in the user's entry. This policy will check 098 * each attribute named in the "mapped-attribute" property. If more 099 * than one attribute or value is present then the first one will 100 * be used. 101 */ 102 MAPPED_BIND("mapped-bind"), 103 104 105 106 /** 107 * Bind to the remote LDAP directory service using the DN of an 108 * entry obtained using a search against the remote LDAP directory 109 * service. The search filter will comprise of an equality matching 110 * filter whose attribute type is the "mapped-attribute" property, 111 * and whose assertion value is the attribute value obtained from 112 * the user's entry. If more than one attribute or value is present 113 * then the filter will be composed of multiple equality filters 114 * combined using a logical OR (union). 115 */ 116 MAPPED_SEARCH("mapped-search"), 117 118 119 120 /** 121 * Bind to the remote LDAP directory service using the DN of the 122 * user's entry in this directory server. 123 */ 124 UNMAPPED("unmapped"); 125 126 127 128 // String representation of the value. 129 private final String name; 130 131 132 133 // Private constructor. 134 private MappingPolicy(String name) { this.name = name; } 135 136 137 138 /** 139 * {@inheritDoc} 140 */ 141 public String toString() { return name; } 142 143 } 144 145 146 147 // The "cached-password-storage-scheme" property definition. 148 private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_CACHED_PASSWORD_STORAGE_SCHEME; 149 150 151 152 // The "cached-password-ttl" property definition. 153 private static final DurationPropertyDefinition PD_CACHED_PASSWORD_TTL; 154 155 156 157 // The "connection-timeout" property definition. 158 private static final DurationPropertyDefinition PD_CONNECTION_TIMEOUT; 159 160 161 162 // The "java-class" property definition. 163 private static final ClassPropertyDefinition PD_JAVA_CLASS; 164 165 166 167 // The "mapped-attribute" property definition. 168 private static final AttributeTypePropertyDefinition PD_MAPPED_ATTRIBUTE; 169 170 171 172 // The "mapped-search-base-dn" property definition. 173 private static final DNPropertyDefinition PD_MAPPED_SEARCH_BASE_DN; 174 175 176 177 // The "mapped-search-bind-dn" property definition. 178 private static final DNPropertyDefinition PD_MAPPED_SEARCH_BIND_DN; 179 180 181 182 // The "mapped-search-bind-password" property definition. 183 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD; 184 185 186 187 // The "mapped-search-bind-password-environment-variable" property definition. 188 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE; 189 190 191 192 // The "mapped-search-bind-password-file" property definition. 193 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_FILE; 194 195 196 197 // The "mapped-search-bind-password-property" property definition. 198 private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY; 199 200 201 202 // The "mapping-policy" property definition. 203 private static final EnumPropertyDefinition<MappingPolicy> PD_MAPPING_POLICY; 204 205 206 207 // The "primary-remote-ldap-server" property definition. 208 private static final StringPropertyDefinition PD_PRIMARY_REMOTE_LDAP_SERVER; 209 210 211 212 // The "secondary-remote-ldap-server" property definition. 213 private static final StringPropertyDefinition PD_SECONDARY_REMOTE_LDAP_SERVER; 214 215 216 217 // The "source-address" property definition. 218 private static final IPAddressPropertyDefinition PD_SOURCE_ADDRESS; 219 220 221 222 // The "ssl-cipher-suite" property definition. 223 private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE; 224 225 226 227 // The "ssl-protocol" property definition. 228 private static final StringPropertyDefinition PD_SSL_PROTOCOL; 229 230 231 232 // The "trust-manager-provider" property definition. 233 private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER; 234 235 236 237 // The "use-password-caching" property definition. 238 private static final BooleanPropertyDefinition PD_USE_PASSWORD_CACHING; 239 240 241 242 // The "use-ssl" property definition. 243 private static final BooleanPropertyDefinition PD_USE_SSL; 244 245 246 247 // The "use-tcp-keep-alive" property definition. 248 private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE; 249 250 251 252 // The "use-tcp-no-delay" property definition. 253 private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY; 254 255 256 257 // Build the "cached-password-storage-scheme" property definition. 258 static { 259 AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "cached-password-storage-scheme"); 260 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-storage-scheme")); 261 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 262 builder.setParentPath("/"); 263 builder.setRelationDefinition("password-storage-scheme"); 264 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 265 PD_CACHED_PASSWORD_STORAGE_SCHEME = builder.getInstance(); 266 INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_STORAGE_SCHEME); 267 INSTANCE.registerConstraint(PD_CACHED_PASSWORD_STORAGE_SCHEME.getSourceConstraint()); 268 } 269 270 271 272 // Build the "cached-password-ttl" property definition. 273 static { 274 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "cached-password-ttl"); 275 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-ttl")); 276 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("8 hours"); 277 builder.setDefaultBehaviorProvider(provider); 278 builder.setBaseUnit("s"); 279 PD_CACHED_PASSWORD_TTL = builder.getInstance(); 280 INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_TTL); 281 } 282 283 284 285 // Build the "connection-timeout" property definition. 286 static { 287 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "connection-timeout"); 288 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "connection-timeout")); 289 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("3 seconds"); 290 builder.setDefaultBehaviorProvider(provider); 291 builder.setBaseUnit("ms"); 292 builder.setLowerLimit("0"); 293 PD_CONNECTION_TIMEOUT = builder.getInstance(); 294 INSTANCE.registerPropertyDefinition(PD_CONNECTION_TIMEOUT); 295 } 296 297 298 299 // Build the "java-class" property definition. 300 static { 301 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 302 builder.setOption(PropertyOption.MANDATORY); 303 builder.setOption(PropertyOption.ADVANCED); 304 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 305 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.LDAPPassThroughAuthenticationPolicyFactory"); 306 builder.setDefaultBehaviorProvider(provider); 307 builder.addInstanceOf("org.opends.server.api.AuthenticationPolicyFactory"); 308 PD_JAVA_CLASS = builder.getInstance(); 309 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 310 } 311 312 313 314 // Build the "mapped-attribute" property definition. 315 static { 316 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "mapped-attribute"); 317 builder.setOption(PropertyOption.MULTI_VALUED); 318 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-attribute")); 319 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>()); 320 PD_MAPPED_ATTRIBUTE = builder.getInstance(); 321 INSTANCE.registerPropertyDefinition(PD_MAPPED_ATTRIBUTE); 322 } 323 324 325 326 // Build the "mapped-search-base-dn" property definition. 327 static { 328 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-base-dn"); 329 builder.setOption(PropertyOption.MULTI_VALUED); 330 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-base-dn")); 331 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<DN>()); 332 PD_MAPPED_SEARCH_BASE_DN = builder.getInstance(); 333 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BASE_DN); 334 } 335 336 337 338 // Build the "mapped-search-bind-dn" property definition. 339 static { 340 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-dn"); 341 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-dn")); 342 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "mapped-search-bind-dn")); 343 PD_MAPPED_SEARCH_BIND_DN = builder.getInstance(); 344 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_DN); 345 } 346 347 348 349 // Build the "mapped-search-bind-password" property definition. 350 static { 351 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password"); 352 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password")); 353 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 354 PD_MAPPED_SEARCH_BIND_PASSWORD = builder.getInstance(); 355 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD); 356 } 357 358 359 360 // Build the "mapped-search-bind-password-environment-variable" property definition. 361 static { 362 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-environment-variable"); 363 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-environment-variable")); 364 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 365 PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE = builder.getInstance(); 366 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE); 367 } 368 369 370 371 // Build the "mapped-search-bind-password-file" property definition. 372 static { 373 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-file"); 374 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-file")); 375 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 376 PD_MAPPED_SEARCH_BIND_PASSWORD_FILE = builder.getInstance(); 377 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_FILE); 378 } 379 380 381 382 // Build the "mapped-search-bind-password-property" property definition. 383 static { 384 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-property"); 385 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-property")); 386 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 387 PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY = builder.getInstance(); 388 INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY); 389 } 390 391 392 393 // Build the "mapping-policy" property definition. 394 static { 395 EnumPropertyDefinition.Builder<MappingPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "mapping-policy"); 396 builder.setOption(PropertyOption.MANDATORY); 397 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapping-policy")); 398 DefaultBehaviorProvider<MappingPolicy> provider = new DefinedDefaultBehaviorProvider<MappingPolicy>("unmapped"); 399 builder.setDefaultBehaviorProvider(provider); 400 builder.setEnumClass(MappingPolicy.class); 401 PD_MAPPING_POLICY = builder.getInstance(); 402 INSTANCE.registerPropertyDefinition(PD_MAPPING_POLICY); 403 } 404 405 406 407 // Build the "primary-remote-ldap-server" property definition. 408 static { 409 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "primary-remote-ldap-server"); 410 builder.setOption(PropertyOption.MULTI_VALUED); 411 builder.setOption(PropertyOption.MANDATORY); 412 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "primary-remote-ldap-server")); 413 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 414 builder.setPattern("^.+:[0-9]+$", "HOST:PORT"); 415 PD_PRIMARY_REMOTE_LDAP_SERVER = builder.getInstance(); 416 INSTANCE.registerPropertyDefinition(PD_PRIMARY_REMOTE_LDAP_SERVER); 417 } 418 419 420 421 // Build the "secondary-remote-ldap-server" property definition. 422 static { 423 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "secondary-remote-ldap-server"); 424 builder.setOption(PropertyOption.MULTI_VALUED); 425 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "secondary-remote-ldap-server")); 426 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "secondary-remote-ldap-server")); 427 builder.setPattern("^.+:[0-9]+$", "HOST:PORT"); 428 PD_SECONDARY_REMOTE_LDAP_SERVER = builder.getInstance(); 429 INSTANCE.registerPropertyDefinition(PD_SECONDARY_REMOTE_LDAP_SERVER); 430 } 431 432 433 434 // Build the "source-address" property definition. 435 static { 436 IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "source-address"); 437 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "source-address")); 438 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<InetAddress>(INSTANCE, "source-address")); 439 PD_SOURCE_ADDRESS = builder.getInstance(); 440 INSTANCE.registerPropertyDefinition(PD_SOURCE_ADDRESS); 441 } 442 443 444 445 // Build the "ssl-cipher-suite" property definition. 446 static { 447 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite"); 448 builder.setOption(PropertyOption.MULTI_VALUED); 449 builder.setOption(PropertyOption.ADVANCED); 450 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite")); 451 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite")); 452 PD_SSL_CIPHER_SUITE = builder.getInstance(); 453 INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE); 454 } 455 456 457 458 // Build the "ssl-protocol" property definition. 459 static { 460 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol"); 461 builder.setOption(PropertyOption.MULTI_VALUED); 462 builder.setOption(PropertyOption.ADVANCED); 463 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol")); 464 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol")); 465 PD_SSL_PROTOCOL = builder.getInstance(); 466 INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL); 467 } 468 469 470 471 // Build the "trust-manager-provider" property definition. 472 static { 473 AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider"); 474 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider")); 475 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "trust-manager-provider")); 476 builder.setParentPath("/"); 477 builder.setRelationDefinition("trust-manager-provider"); 478 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("use-ssl", "true"))); 479 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 480 PD_TRUST_MANAGER_PROVIDER = builder.getInstance(); 481 INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER); 482 INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint()); 483 } 484 485 486 487 // Build the "use-password-caching" property definition. 488 static { 489 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-password-caching"); 490 builder.setOption(PropertyOption.MANDATORY); 491 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-password-caching")); 492 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 493 builder.setDefaultBehaviorProvider(provider); 494 PD_USE_PASSWORD_CACHING = builder.getInstance(); 495 INSTANCE.registerPropertyDefinition(PD_USE_PASSWORD_CACHING); 496 } 497 498 499 500 // Build the "use-ssl" property definition. 501 static { 502 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl"); 503 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl")); 504 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 505 builder.setDefaultBehaviorProvider(provider); 506 PD_USE_SSL = builder.getInstance(); 507 INSTANCE.registerPropertyDefinition(PD_USE_SSL); 508 } 509 510 511 512 // Build the "use-tcp-keep-alive" property definition. 513 static { 514 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive"); 515 builder.setOption(PropertyOption.ADVANCED); 516 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive")); 517 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 518 builder.setDefaultBehaviorProvider(provider); 519 PD_USE_TCP_KEEP_ALIVE = builder.getInstance(); 520 INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE); 521 } 522 523 524 525 // Build the "use-tcp-no-delay" property definition. 526 static { 527 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay"); 528 builder.setOption(PropertyOption.ADVANCED); 529 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay")); 530 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 531 builder.setDefaultBehaviorProvider(provider); 532 PD_USE_TCP_NO_DELAY = builder.getInstance(); 533 INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY); 534 } 535 536 537 538 // Register the tags associated with this managed object definition. 539 static { 540 INSTANCE.registerTag(Tag.valueOf("user-management")); 541 } 542 543 544 545 // Register the constraints associated with this managed object definition. 546 static { 547 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.or(Conditions.contains("mapping-policy", "mapped-bind"), Conditions.contains("mapping-policy", "mapped-search")), Conditions.isPresent("mapped-attribute")))); 548 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-base-dn")))); 549 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.and(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-bind-dn")), Conditions.or(Conditions.isPresent("mapped-search-bind-password"), Conditions.isPresent("mapped-search-bind-password-property"), Conditions.isPresent("mapped-search-bind-password-environment-variable"), Conditions.isPresent("mapped-search-bind-password-file"))))); 550 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 4, Conditions.implies(Conditions.contains("use-password-caching", "true"), Conditions.isPresent("cached-password-storage-scheme")))); 551 } 552 553 554 555 /** 556 * Get the LDAP Pass Through Authentication Policy configuration 557 * definition singleton. 558 * 559 * @return Returns the LDAP Pass Through Authentication Policy 560 * configuration definition singleton. 561 */ 562 public static LDAPPassThroughAuthenticationPolicyCfgDefn getInstance() { 563 return INSTANCE; 564 } 565 566 567 568 /** 569 * Private constructor. 570 */ 571 private LDAPPassThroughAuthenticationPolicyCfgDefn() { 572 super("ldap-pass-through-authentication-policy", AuthenticationPolicyCfgDefn.getInstance()); 573 } 574 575 576 577 /** 578 * {@inheritDoc} 579 */ 580 public LDAPPassThroughAuthenticationPolicyCfgClient createClientConfiguration( 581 ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) { 582 return new LDAPPassThroughAuthenticationPolicyCfgClientImpl(impl); 583 } 584 585 586 587 /** 588 * {@inheritDoc} 589 */ 590 public LDAPPassThroughAuthenticationPolicyCfg createServerConfiguration( 591 ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) { 592 return new LDAPPassThroughAuthenticationPolicyCfgServerImpl(impl); 593 } 594 595 596 597 /** 598 * {@inheritDoc} 599 */ 600 public Class<LDAPPassThroughAuthenticationPolicyCfg> getServerConfigurationClass() { 601 return LDAPPassThroughAuthenticationPolicyCfg.class; 602 } 603 604 605 606 /** 607 * Get the "cached-password-storage-scheme" property definition. 608 * <p> 609 * Specifies the name of a password storage scheme which should be 610 * used for encoding cached passwords. 611 * <p> 612 * Changing the password storage scheme will cause all existing 613 * cached passwords to be discarded. 614 * 615 * @return Returns the "cached-password-storage-scheme" property definition. 616 */ 617 public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getCachedPasswordStorageSchemePropertyDefinition() { 618 return PD_CACHED_PASSWORD_STORAGE_SCHEME; 619 } 620 621 622 623 /** 624 * Get the "cached-password-ttl" property definition. 625 * <p> 626 * Specifies the maximum length of time that a locally cached 627 * password may be used for authentication before it is refreshed 628 * from the remote LDAP service. 629 * <p> 630 * This property represents a cache timeout. Increasing the timeout 631 * period decreases the frequency that bind operations are delegated 632 * to the remote LDAP service, but increases the risk of users 633 * authenticating using stale passwords. Note that authentication 634 * attempts which fail because the provided password does not match 635 * the locally cached password will always be retried against the 636 * remote LDAP service. 637 * 638 * @return Returns the "cached-password-ttl" property definition. 639 */ 640 public DurationPropertyDefinition getCachedPasswordTTLPropertyDefinition() { 641 return PD_CACHED_PASSWORD_TTL; 642 } 643 644 645 646 /** 647 * Get the "connection-timeout" property definition. 648 * <p> 649 * Specifies the timeout used when connecting to remote LDAP 650 * directory servers, performing SSL negotiation, and for individual 651 * search and bind requests. 652 * <p> 653 * If the timeout expires then the current operation will be aborted 654 * and retried against another LDAP server if one is available. 655 * 656 * @return Returns the "connection-timeout" property definition. 657 */ 658 public DurationPropertyDefinition getConnectionTimeoutPropertyDefinition() { 659 return PD_CONNECTION_TIMEOUT; 660 } 661 662 663 664 /** 665 * Get the "java-class" property definition. 666 * <p> 667 * Specifies the fully-qualified name of the Java class which 668 * provides the LDAP Pass Through Authentication Policy 669 * implementation. 670 * 671 * @return Returns the "java-class" property definition. 672 */ 673 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 674 return PD_JAVA_CLASS; 675 } 676 677 678 679 /** 680 * Get the "mapped-attribute" property definition. 681 * <p> 682 * Specifies one or more attributes in the user's entry whose 683 * value(s) will determine the bind DN used when authenticating to 684 * the remote LDAP directory service. This property is mandatory when 685 * using the "mapped-bind" or "mapped-search" mapping policies. 686 * <p> 687 * At least one value must be provided. All values must refer to the 688 * name or OID of an attribute type defined in the directory server 689 * schema. At least one of the named attributes must exist in a 690 * user's local entry in order for authentication to proceed. When 691 * multiple attributes or values are found in the user's entry then 692 * the behavior is determined by the mapping policy. 693 * 694 * @return Returns the "mapped-attribute" property definition. 695 */ 696 public AttributeTypePropertyDefinition getMappedAttributePropertyDefinition() { 697 return PD_MAPPED_ATTRIBUTE; 698 } 699 700 701 702 /** 703 * Get the "mapped-search-base-dn" property definition. 704 * <p> 705 * Specifies the set of base DNs below which to search for users in 706 * the remote LDAP directory service. This property is mandatory when 707 * using the "mapped-search" mapping policy. 708 * <p> 709 * If multiple values are given, searches are performed below all 710 * specified base DNs. 711 * 712 * @return Returns the "mapped-search-base-dn" property definition. 713 */ 714 public DNPropertyDefinition getMappedSearchBaseDNPropertyDefinition() { 715 return PD_MAPPED_SEARCH_BASE_DN; 716 } 717 718 719 720 /** 721 * Get the "mapped-search-bind-dn" property definition. 722 * <p> 723 * Specifies the bind DN which should be used to perform user 724 * searches in the remote LDAP directory service. 725 * 726 * @return Returns the "mapped-search-bind-dn" property definition. 727 */ 728 public DNPropertyDefinition getMappedSearchBindDNPropertyDefinition() { 729 return PD_MAPPED_SEARCH_BIND_DN; 730 } 731 732 733 734 /** 735 * Get the "mapped-search-bind-password" property definition. 736 * <p> 737 * Specifies the bind password which should be used to perform user 738 * searches in the remote LDAP directory service. 739 * 740 * @return Returns the "mapped-search-bind-password" property definition. 741 */ 742 public StringPropertyDefinition getMappedSearchBindPasswordPropertyDefinition() { 743 return PD_MAPPED_SEARCH_BIND_PASSWORD; 744 } 745 746 747 748 /** 749 * Get the "mapped-search-bind-password-environment-variable" property definition. 750 * <p> 751 * Specifies the name of an environment variable containing the bind 752 * password which should be used to perform user searches in the 753 * remote LDAP directory service. 754 * 755 * @return Returns the "mapped-search-bind-password-environment-variable" property definition. 756 */ 757 public StringPropertyDefinition getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition() { 758 return PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE; 759 } 760 761 762 763 /** 764 * Get the "mapped-search-bind-password-file" property definition. 765 * <p> 766 * Specifies the name of a file containing the bind password which 767 * should be used to perform user searches in the remote LDAP 768 * directory service. 769 * 770 * @return Returns the "mapped-search-bind-password-file" property definition. 771 */ 772 public StringPropertyDefinition getMappedSearchBindPasswordFilePropertyDefinition() { 773 return PD_MAPPED_SEARCH_BIND_PASSWORD_FILE; 774 } 775 776 777 778 /** 779 * Get the "mapped-search-bind-password-property" property definition. 780 * <p> 781 * Specifies the name of a Java property containing the bind 782 * password which should be used to perform user searches in the 783 * remote LDAP directory service. 784 * 785 * @return Returns the "mapped-search-bind-password-property" property definition. 786 */ 787 public StringPropertyDefinition getMappedSearchBindPasswordPropertyPropertyDefinition() { 788 return PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY; 789 } 790 791 792 793 /** 794 * Get the "mapping-policy" property definition. 795 * <p> 796 * Specifies the mapping algorithm for obtaining the bind DN from 797 * the user's entry. 798 * 799 * @return Returns the "mapping-policy" property definition. 800 */ 801 public EnumPropertyDefinition<MappingPolicy> getMappingPolicyPropertyDefinition() { 802 return PD_MAPPING_POLICY; 803 } 804 805 806 807 /** 808 * Get the "primary-remote-ldap-server" property definition. 809 * <p> 810 * Specifies the primary list of remote LDAP servers which should be 811 * used for pass through authentication. 812 * <p> 813 * If more than one LDAP server is specified then operations may be 814 * distributed across them. If all of the primary LDAP servers are 815 * unavailable then operations will fail-over to the set of secondary 816 * LDAP servers, if defined. 817 * 818 * @return Returns the "primary-remote-ldap-server" property definition. 819 */ 820 public StringPropertyDefinition getPrimaryRemoteLDAPServerPropertyDefinition() { 821 return PD_PRIMARY_REMOTE_LDAP_SERVER; 822 } 823 824 825 826 /** 827 * Get the "secondary-remote-ldap-server" property definition. 828 * <p> 829 * Specifies the secondary list of remote LDAP servers which should 830 * be used for pass through authentication in the event that the 831 * primary LDAP servers are unavailable. 832 * <p> 833 * If more than one LDAP server is specified then operations may be 834 * distributed across them. Operations will be rerouted to the 835 * primary LDAP servers as soon as they are determined to be 836 * available. 837 * 838 * @return Returns the "secondary-remote-ldap-server" property definition. 839 */ 840 public StringPropertyDefinition getSecondaryRemoteLDAPServerPropertyDefinition() { 841 return PD_SECONDARY_REMOTE_LDAP_SERVER; 842 } 843 844 845 846 /** 847 * Get the "source-address" property definition. 848 * <p> 849 * If specified, the server will bind to the address before 850 * connecting to the remote server. 851 * <p> 852 * The address must be one assigned to an existing network 853 * interface. 854 * 855 * @return Returns the "source-address" property definition. 856 */ 857 public IPAddressPropertyDefinition getSourceAddressPropertyDefinition() { 858 return PD_SOURCE_ADDRESS; 859 } 860 861 862 863 /** 864 * Get the "ssl-cipher-suite" property definition. 865 * <p> 866 * Specifies the names of the SSL cipher suites that are allowed for 867 * use in SSL based LDAP connections. 868 * 869 * @return Returns the "ssl-cipher-suite" property definition. 870 */ 871 public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() { 872 return PD_SSL_CIPHER_SUITE; 873 } 874 875 876 877 /** 878 * Get the "ssl-protocol" property definition. 879 * <p> 880 * Specifies the names of the SSL protocols which are allowed for 881 * use in SSL based LDAP connections. 882 * 883 * @return Returns the "ssl-protocol" property definition. 884 */ 885 public StringPropertyDefinition getSSLProtocolPropertyDefinition() { 886 return PD_SSL_PROTOCOL; 887 } 888 889 890 891 /** 892 * Get the "trust-manager-provider" property definition. 893 * <p> 894 * Specifies the name of the trust manager that should be used when 895 * negotiating SSL connections with remote LDAP directory servers. 896 * 897 * @return Returns the "trust-manager-provider" property definition. 898 */ 899 public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() { 900 return PD_TRUST_MANAGER_PROVIDER; 901 } 902 903 904 905 /** 906 * Get the "use-password-caching" property definition. 907 * <p> 908 * Indicates whether passwords should be cached locally within the 909 * user's entry. 910 * 911 * @return Returns the "use-password-caching" property definition. 912 */ 913 public BooleanPropertyDefinition getUsePasswordCachingPropertyDefinition() { 914 return PD_USE_PASSWORD_CACHING; 915 } 916 917 918 919 /** 920 * Get the "use-ssl" property definition. 921 * <p> 922 * Indicates whether the LDAP Pass Through Authentication Policy 923 * should use SSL. 924 * <p> 925 * If enabled, the LDAP Pass Through Authentication Policy will use 926 * SSL to encrypt communication with the clients. 927 * 928 * @return Returns the "use-ssl" property definition. 929 */ 930 public BooleanPropertyDefinition getUseSSLPropertyDefinition() { 931 return PD_USE_SSL; 932 } 933 934 935 936 /** 937 * Get the "use-tcp-keep-alive" property definition. 938 * <p> 939 * Indicates whether LDAP connections should use TCP keep-alive. 940 * <p> 941 * If enabled, the SO_KEEPALIVE socket option is used to indicate 942 * that TCP keepalive messages should periodically be sent to the 943 * client to verify that the associated connection is still valid. 944 * This may also help prevent cases in which intermediate network 945 * hardware could silently drop an otherwise idle client connection, 946 * provided that the keepalive interval configured in the underlying 947 * operating system is smaller than the timeout enforced by the 948 * network hardware. 949 * 950 * @return Returns the "use-tcp-keep-alive" property definition. 951 */ 952 public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() { 953 return PD_USE_TCP_KEEP_ALIVE; 954 } 955 956 957 958 /** 959 * Get the "use-tcp-no-delay" property definition. 960 * <p> 961 * Indicates whether LDAP connections should use TCP no-delay. 962 * <p> 963 * If enabled, the TCP_NODELAY socket option is used to ensure that 964 * response messages to the client are sent immediately rather than 965 * potentially waiting to determine whether additional response 966 * messages can be sent in the same packet. In most cases, using the 967 * TCP_NODELAY socket option provides better performance and lower 968 * response times, but disabling it may help for some cases in which 969 * the server sends a large number of entries to a client in response 970 * to a search request. 971 * 972 * @return Returns the "use-tcp-no-delay" property definition. 973 */ 974 public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() { 975 return PD_USE_TCP_NO_DELAY; 976 } 977 978 979 980 /** 981 * Managed object client implementation. 982 */ 983 private static class LDAPPassThroughAuthenticationPolicyCfgClientImpl implements 984 LDAPPassThroughAuthenticationPolicyCfgClient { 985 986 // Private implementation. 987 private ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl; 988 989 990 991 // Private constructor. 992 private LDAPPassThroughAuthenticationPolicyCfgClientImpl( 993 ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) { 994 this.impl = impl; 995 } 996 997 998 999 /** 1000 * {@inheritDoc} 1001 */ 1002 public String getCachedPasswordStorageScheme() { 1003 return impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition()); 1004 } 1005 1006 1007 1008 /** 1009 * {@inheritDoc} 1010 */ 1011 public void setCachedPasswordStorageScheme(String value) { 1012 impl.setPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition(), value); 1013 } 1014 1015 1016 1017 /** 1018 * {@inheritDoc} 1019 */ 1020 public long getCachedPasswordTTL() { 1021 return impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition()); 1022 } 1023 1024 1025 1026 /** 1027 * {@inheritDoc} 1028 */ 1029 public void setCachedPasswordTTL(Long value) { 1030 impl.setPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition(), value); 1031 } 1032 1033 1034 1035 /** 1036 * {@inheritDoc} 1037 */ 1038 public long getConnectionTimeout() { 1039 return impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition()); 1040 } 1041 1042 1043 1044 /** 1045 * {@inheritDoc} 1046 */ 1047 public void setConnectionTimeout(Long value) { 1048 impl.setPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition(), value); 1049 } 1050 1051 1052 1053 /** 1054 * {@inheritDoc} 1055 */ 1056 public String getJavaClass() { 1057 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1058 } 1059 1060 1061 1062 /** 1063 * {@inheritDoc} 1064 */ 1065 public void setJavaClass(String value) { 1066 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 1067 } 1068 1069 1070 1071 /** 1072 * {@inheritDoc} 1073 */ 1074 public SortedSet<AttributeType> getMappedAttribute() { 1075 return impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition()); 1076 } 1077 1078 1079 1080 /** 1081 * {@inheritDoc} 1082 */ 1083 public void setMappedAttribute(Collection<AttributeType> values) { 1084 impl.setPropertyValues(INSTANCE.getMappedAttributePropertyDefinition(), values); 1085 } 1086 1087 1088 1089 /** 1090 * {@inheritDoc} 1091 */ 1092 public SortedSet<DN> getMappedSearchBaseDN() { 1093 return impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition()); 1094 } 1095 1096 1097 1098 /** 1099 * {@inheritDoc} 1100 */ 1101 public void setMappedSearchBaseDN(Collection<DN> values) { 1102 impl.setPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition(), values); 1103 } 1104 1105 1106 1107 /** 1108 * {@inheritDoc} 1109 */ 1110 public DN getMappedSearchBindDN() { 1111 return impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition()); 1112 } 1113 1114 1115 1116 /** 1117 * {@inheritDoc} 1118 */ 1119 public void setMappedSearchBindDN(DN value) { 1120 impl.setPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition(), value); 1121 } 1122 1123 1124 1125 /** 1126 * {@inheritDoc} 1127 */ 1128 public String getMappedSearchBindPassword() { 1129 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition()); 1130 } 1131 1132 1133 1134 /** 1135 * {@inheritDoc} 1136 */ 1137 public void setMappedSearchBindPassword(String value) { 1138 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition(), value); 1139 } 1140 1141 1142 1143 /** 1144 * {@inheritDoc} 1145 */ 1146 public String getMappedSearchBindPasswordEnvironmentVariable() { 1147 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition()); 1148 } 1149 1150 1151 1152 /** 1153 * {@inheritDoc} 1154 */ 1155 public void setMappedSearchBindPasswordEnvironmentVariable(String value) { 1156 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition(), value); 1157 } 1158 1159 1160 1161 /** 1162 * {@inheritDoc} 1163 */ 1164 public String getMappedSearchBindPasswordFile() { 1165 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition()); 1166 } 1167 1168 1169 1170 /** 1171 * {@inheritDoc} 1172 */ 1173 public void setMappedSearchBindPasswordFile(String value) { 1174 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition(), value); 1175 } 1176 1177 1178 1179 /** 1180 * {@inheritDoc} 1181 */ 1182 public String getMappedSearchBindPasswordProperty() { 1183 return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition()); 1184 } 1185 1186 1187 1188 /** 1189 * {@inheritDoc} 1190 */ 1191 public void setMappedSearchBindPasswordProperty(String value) { 1192 impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition(), value); 1193 } 1194 1195 1196 1197 /** 1198 * {@inheritDoc} 1199 */ 1200 public MappingPolicy getMappingPolicy() { 1201 return impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition()); 1202 } 1203 1204 1205 1206 /** 1207 * {@inheritDoc} 1208 */ 1209 public void setMappingPolicy(MappingPolicy value) { 1210 impl.setPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition(), value); 1211 } 1212 1213 1214 1215 /** 1216 * {@inheritDoc} 1217 */ 1218 public SortedSet<String> getPrimaryRemoteLDAPServer() { 1219 return impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition()); 1220 } 1221 1222 1223 1224 /** 1225 * {@inheritDoc} 1226 */ 1227 public void setPrimaryRemoteLDAPServer(Collection<String> values) { 1228 impl.setPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition(), values); 1229 } 1230 1231 1232 1233 /** 1234 * {@inheritDoc} 1235 */ 1236 public SortedSet<String> getSecondaryRemoteLDAPServer() { 1237 return impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition()); 1238 } 1239 1240 1241 1242 /** 1243 * {@inheritDoc} 1244 */ 1245 public void setSecondaryRemoteLDAPServer(Collection<String> values) { 1246 impl.setPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition(), values); 1247 } 1248 1249 1250 1251 /** 1252 * {@inheritDoc} 1253 */ 1254 public InetAddress getSourceAddress() { 1255 return impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition()); 1256 } 1257 1258 1259 1260 /** 1261 * {@inheritDoc} 1262 */ 1263 public void setSourceAddress(InetAddress value) { 1264 impl.setPropertyValue(INSTANCE.getSourceAddressPropertyDefinition(), value); 1265 } 1266 1267 1268 1269 /** 1270 * {@inheritDoc} 1271 */ 1272 public SortedSet<String> getSSLCipherSuite() { 1273 return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1274 } 1275 1276 1277 1278 /** 1279 * {@inheritDoc} 1280 */ 1281 public void setSSLCipherSuite(Collection<String> values) { 1282 impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values); 1283 } 1284 1285 1286 1287 /** 1288 * {@inheritDoc} 1289 */ 1290 public SortedSet<String> getSSLProtocol() { 1291 return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1292 } 1293 1294 1295 1296 /** 1297 * {@inheritDoc} 1298 */ 1299 public void setSSLProtocol(Collection<String> values) { 1300 impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values); 1301 } 1302 1303 1304 1305 /** 1306 * {@inheritDoc} 1307 */ 1308 public String getTrustManagerProvider() { 1309 return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1310 } 1311 1312 1313 1314 /** 1315 * {@inheritDoc} 1316 */ 1317 public void setTrustManagerProvider(String value) { 1318 impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value); 1319 } 1320 1321 1322 1323 /** 1324 * {@inheritDoc} 1325 */ 1326 public boolean isUsePasswordCaching() { 1327 return impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition()); 1328 } 1329 1330 1331 1332 /** 1333 * {@inheritDoc} 1334 */ 1335 public void setUsePasswordCaching(boolean value) { 1336 impl.setPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition(), value); 1337 } 1338 1339 1340 1341 /** 1342 * {@inheritDoc} 1343 */ 1344 public boolean isUseSSL() { 1345 return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1346 } 1347 1348 1349 1350 /** 1351 * {@inheritDoc} 1352 */ 1353 public void setUseSSL(Boolean value) { 1354 impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value); 1355 } 1356 1357 1358 1359 /** 1360 * {@inheritDoc} 1361 */ 1362 public boolean isUseTCPKeepAlive() { 1363 return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1364 } 1365 1366 1367 1368 /** 1369 * {@inheritDoc} 1370 */ 1371 public void setUseTCPKeepAlive(Boolean value) { 1372 impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value); 1373 } 1374 1375 1376 1377 /** 1378 * {@inheritDoc} 1379 */ 1380 public boolean isUseTCPNoDelay() { 1381 return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1382 } 1383 1384 1385 1386 /** 1387 * {@inheritDoc} 1388 */ 1389 public void setUseTCPNoDelay(Boolean value) { 1390 impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value); 1391 } 1392 1393 1394 1395 /** 1396 * {@inheritDoc} 1397 */ 1398 public ManagedObjectDefinition<? extends LDAPPassThroughAuthenticationPolicyCfgClient, ? extends LDAPPassThroughAuthenticationPolicyCfg> definition() { 1399 return INSTANCE; 1400 } 1401 1402 1403 1404 /** 1405 * {@inheritDoc} 1406 */ 1407 public PropertyProvider properties() { 1408 return impl; 1409 } 1410 1411 1412 1413 /** 1414 * {@inheritDoc} 1415 */ 1416 public void commit() throws ManagedObjectAlreadyExistsException, 1417 MissingMandatoryPropertiesException, ConcurrentModificationException, 1418 OperationRejectedException, LdapException { 1419 impl.commit(); 1420 } 1421 1422 } 1423 1424 1425 1426 /** 1427 * Managed object server implementation. 1428 */ 1429 private static class LDAPPassThroughAuthenticationPolicyCfgServerImpl implements 1430 LDAPPassThroughAuthenticationPolicyCfg { 1431 1432 // Private implementation. 1433 private ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl; 1434 1435 // The value of the "cached-password-storage-scheme" property. 1436 private final String pCachedPasswordStorageScheme; 1437 1438 // The value of the "cached-password-ttl" property. 1439 private final long pCachedPasswordTTL; 1440 1441 // The value of the "connection-timeout" property. 1442 private final long pConnectionTimeout; 1443 1444 // The value of the "java-class" property. 1445 private final String pJavaClass; 1446 1447 // The value of the "mapped-attribute" property. 1448 private final SortedSet<AttributeType> pMappedAttribute; 1449 1450 // The value of the "mapped-search-base-dn" property. 1451 private final SortedSet<DN> pMappedSearchBaseDN; 1452 1453 // The value of the "mapped-search-bind-dn" property. 1454 private final DN pMappedSearchBindDN; 1455 1456 // The value of the "mapped-search-bind-password" property. 1457 private final String pMappedSearchBindPassword; 1458 1459 // The value of the "mapped-search-bind-password-environment-variable" property. 1460 private final String pMappedSearchBindPasswordEnvironmentVariable; 1461 1462 // The value of the "mapped-search-bind-password-file" property. 1463 private final String pMappedSearchBindPasswordFile; 1464 1465 // The value of the "mapped-search-bind-password-property" property. 1466 private final String pMappedSearchBindPasswordProperty; 1467 1468 // The value of the "mapping-policy" property. 1469 private final MappingPolicy pMappingPolicy; 1470 1471 // The value of the "primary-remote-ldap-server" property. 1472 private final SortedSet<String> pPrimaryRemoteLDAPServer; 1473 1474 // The value of the "secondary-remote-ldap-server" property. 1475 private final SortedSet<String> pSecondaryRemoteLDAPServer; 1476 1477 // The value of the "source-address" property. 1478 private final InetAddress pSourceAddress; 1479 1480 // The value of the "ssl-cipher-suite" property. 1481 private final SortedSet<String> pSSLCipherSuite; 1482 1483 // The value of the "ssl-protocol" property. 1484 private final SortedSet<String> pSSLProtocol; 1485 1486 // The value of the "trust-manager-provider" property. 1487 private final String pTrustManagerProvider; 1488 1489 // The value of the "use-password-caching" property. 1490 private final boolean pUsePasswordCaching; 1491 1492 // The value of the "use-ssl" property. 1493 private final boolean pUseSSL; 1494 1495 // The value of the "use-tcp-keep-alive" property. 1496 private final boolean pUseTCPKeepAlive; 1497 1498 // The value of the "use-tcp-no-delay" property. 1499 private final boolean pUseTCPNoDelay; 1500 1501 1502 1503 // Private constructor. 1504 private LDAPPassThroughAuthenticationPolicyCfgServerImpl(ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) { 1505 this.impl = impl; 1506 this.pCachedPasswordStorageScheme = impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition()); 1507 this.pCachedPasswordTTL = impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition()); 1508 this.pConnectionTimeout = impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition()); 1509 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1510 this.pMappedAttribute = impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition()); 1511 this.pMappedSearchBaseDN = impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition()); 1512 this.pMappedSearchBindDN = impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition()); 1513 this.pMappedSearchBindPassword = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition()); 1514 this.pMappedSearchBindPasswordEnvironmentVariable = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition()); 1515 this.pMappedSearchBindPasswordFile = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition()); 1516 this.pMappedSearchBindPasswordProperty = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition()); 1517 this.pMappingPolicy = impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition()); 1518 this.pPrimaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition()); 1519 this.pSecondaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition()); 1520 this.pSourceAddress = impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition()); 1521 this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1522 this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1523 this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1524 this.pUsePasswordCaching = impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition()); 1525 this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1526 this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1527 this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1528 } 1529 1530 1531 1532 /** 1533 * {@inheritDoc} 1534 */ 1535 public void addLDAPPassThroughChangeListener( 1536 ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) { 1537 impl.registerChangeListener(listener); 1538 } 1539 1540 1541 1542 /** 1543 * {@inheritDoc} 1544 */ 1545 public void removeLDAPPassThroughChangeListener( 1546 ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) { 1547 impl.deregisterChangeListener(listener); 1548 } 1549 /** 1550 * {@inheritDoc} 1551 */ 1552 public void addChangeListener( 1553 ConfigurationChangeListener<AuthenticationPolicyCfg> listener) { 1554 impl.registerChangeListener(listener); 1555 } 1556 1557 1558 1559 /** 1560 * {@inheritDoc} 1561 */ 1562 public void removeChangeListener( 1563 ConfigurationChangeListener<AuthenticationPolicyCfg> listener) { 1564 impl.deregisterChangeListener(listener); 1565 } 1566 1567 1568 1569 /** 1570 * {@inheritDoc} 1571 */ 1572 public String getCachedPasswordStorageScheme() { 1573 return pCachedPasswordStorageScheme; 1574 } 1575 1576 1577 1578 /** 1579 * {@inheritDoc} 1580 */ 1581 public DN getCachedPasswordStorageSchemeDN() { 1582 String value = getCachedPasswordStorageScheme(); 1583 if (value == null) return null; 1584 return INSTANCE.getCachedPasswordStorageSchemePropertyDefinition().getChildDN(value); 1585 } 1586 1587 1588 1589 /** 1590 * {@inheritDoc} 1591 */ 1592 public long getCachedPasswordTTL() { 1593 return pCachedPasswordTTL; 1594 } 1595 1596 1597 1598 /** 1599 * {@inheritDoc} 1600 */ 1601 public long getConnectionTimeout() { 1602 return pConnectionTimeout; 1603 } 1604 1605 1606 1607 /** 1608 * {@inheritDoc} 1609 */ 1610 public String getJavaClass() { 1611 return pJavaClass; 1612 } 1613 1614 1615 1616 /** 1617 * {@inheritDoc} 1618 */ 1619 public SortedSet<AttributeType> getMappedAttribute() { 1620 return pMappedAttribute; 1621 } 1622 1623 1624 1625 /** 1626 * {@inheritDoc} 1627 */ 1628 public SortedSet<DN> getMappedSearchBaseDN() { 1629 return pMappedSearchBaseDN; 1630 } 1631 1632 1633 1634 /** 1635 * {@inheritDoc} 1636 */ 1637 public DN getMappedSearchBindDN() { 1638 return pMappedSearchBindDN; 1639 } 1640 1641 1642 1643 /** 1644 * {@inheritDoc} 1645 */ 1646 public String getMappedSearchBindPassword() { 1647 return pMappedSearchBindPassword; 1648 } 1649 1650 1651 1652 /** 1653 * {@inheritDoc} 1654 */ 1655 public String getMappedSearchBindPasswordEnvironmentVariable() { 1656 return pMappedSearchBindPasswordEnvironmentVariable; 1657 } 1658 1659 1660 1661 /** 1662 * {@inheritDoc} 1663 */ 1664 public String getMappedSearchBindPasswordFile() { 1665 return pMappedSearchBindPasswordFile; 1666 } 1667 1668 1669 1670 /** 1671 * {@inheritDoc} 1672 */ 1673 public String getMappedSearchBindPasswordProperty() { 1674 return pMappedSearchBindPasswordProperty; 1675 } 1676 1677 1678 1679 /** 1680 * {@inheritDoc} 1681 */ 1682 public MappingPolicy getMappingPolicy() { 1683 return pMappingPolicy; 1684 } 1685 1686 1687 1688 /** 1689 * {@inheritDoc} 1690 */ 1691 public SortedSet<String> getPrimaryRemoteLDAPServer() { 1692 return pPrimaryRemoteLDAPServer; 1693 } 1694 1695 1696 1697 /** 1698 * {@inheritDoc} 1699 */ 1700 public SortedSet<String> getSecondaryRemoteLDAPServer() { 1701 return pSecondaryRemoteLDAPServer; 1702 } 1703 1704 1705 1706 /** 1707 * {@inheritDoc} 1708 */ 1709 public InetAddress getSourceAddress() { 1710 return pSourceAddress; 1711 } 1712 1713 1714 1715 /** 1716 * {@inheritDoc} 1717 */ 1718 public SortedSet<String> getSSLCipherSuite() { 1719 return pSSLCipherSuite; 1720 } 1721 1722 1723 1724 /** 1725 * {@inheritDoc} 1726 */ 1727 public SortedSet<String> getSSLProtocol() { 1728 return pSSLProtocol; 1729 } 1730 1731 1732 1733 /** 1734 * {@inheritDoc} 1735 */ 1736 public String getTrustManagerProvider() { 1737 return pTrustManagerProvider; 1738 } 1739 1740 1741 1742 /** 1743 * {@inheritDoc} 1744 */ 1745 public DN getTrustManagerProviderDN() { 1746 String value = getTrustManagerProvider(); 1747 if (value == null) return null; 1748 return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value); 1749 } 1750 1751 1752 1753 /** 1754 * {@inheritDoc} 1755 */ 1756 public boolean isUsePasswordCaching() { 1757 return pUsePasswordCaching; 1758 } 1759 1760 1761 1762 /** 1763 * {@inheritDoc} 1764 */ 1765 public boolean isUseSSL() { 1766 return pUseSSL; 1767 } 1768 1769 1770 1771 /** 1772 * {@inheritDoc} 1773 */ 1774 public boolean isUseTCPKeepAlive() { 1775 return pUseTCPKeepAlive; 1776 } 1777 1778 1779 1780 /** 1781 * {@inheritDoc} 1782 */ 1783 public boolean isUseTCPNoDelay() { 1784 return pUseTCPNoDelay; 1785 } 1786 1787 1788 1789 /** 1790 * {@inheritDoc} 1791 */ 1792 public Class<? extends LDAPPassThroughAuthenticationPolicyCfg> configurationClass() { 1793 return LDAPPassThroughAuthenticationPolicyCfg.class; 1794 } 1795 1796 1797 1798 /** 1799 * {@inheritDoc} 1800 */ 1801 public DN dn() { 1802 return impl.getDN(); 1803 } 1804 1805 } 1806}