001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import org.forgerock.opendj.config.AdministratorAction; 031import org.forgerock.opendj.config.BooleanPropertyDefinition; 032import org.forgerock.opendj.config.ClassPropertyDefinition; 033import org.forgerock.opendj.config.client.ConcurrentModificationException; 034import org.forgerock.opendj.config.client.ManagedObject; 035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 036import org.forgerock.opendj.config.client.OperationRejectedException; 037import org.forgerock.opendj.config.DefaultBehaviorProvider; 038import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 039import org.forgerock.opendj.config.IntegerPropertyDefinition; 040import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 041import org.forgerock.opendj.config.ManagedObjectDefinition; 042import org.forgerock.opendj.config.PropertyOption; 043import org.forgerock.opendj.config.PropertyProvider; 044import org.forgerock.opendj.config.server.ConfigurationChangeListener; 045import org.forgerock.opendj.config.server.ServerManagedObject; 046import org.forgerock.opendj.config.Tag; 047import org.forgerock.opendj.ldap.DN; 048import org.forgerock.opendj.ldap.LdapException; 049import org.forgerock.opendj.server.config.client.PBKDF2PasswordStorageSchemeCfgClient; 050import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 051import org.forgerock.opendj.server.config.server.PBKDF2PasswordStorageSchemeCfg; 052 053 054 055/** 056 * An interface for querying the PBKDF2 Password Storage Scheme 057 * managed object definition meta information. 058 * <p> 059 * The PBKDF2 Password Storage Scheme provides a mechanism for 060 * encoding user passwords using the PBKDF2 message digest algorithm. 061 */ 062public final class PBKDF2PasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<PBKDF2PasswordStorageSchemeCfgClient, PBKDF2PasswordStorageSchemeCfg> { 063 064 // The singleton configuration definition instance. 065 private static final PBKDF2PasswordStorageSchemeCfgDefn INSTANCE = new PBKDF2PasswordStorageSchemeCfgDefn(); 066 067 068 069 // The "java-class" property definition. 070 private static final ClassPropertyDefinition PD_JAVA_CLASS; 071 072 073 074 // The "pbkdf2-iterations" property definition. 075 private static final IntegerPropertyDefinition PD_PBKDF2_ITERATIONS; 076 077 078 079 // Build the "java-class" property definition. 080 static { 081 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 082 builder.setOption(PropertyOption.MANDATORY); 083 builder.setOption(PropertyOption.ADVANCED); 084 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 085 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.PBKDF2PasswordStorageScheme"); 086 builder.setDefaultBehaviorProvider(provider); 087 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 088 PD_JAVA_CLASS = builder.getInstance(); 089 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 090 } 091 092 093 094 // Build the "pbkdf2-iterations" property definition. 095 static { 096 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "pbkdf2-iterations"); 097 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "pbkdf2-iterations")); 098 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("10000"); 099 builder.setDefaultBehaviorProvider(provider); 100 builder.setLowerLimit(1); 101 PD_PBKDF2_ITERATIONS = builder.getInstance(); 102 INSTANCE.registerPropertyDefinition(PD_PBKDF2_ITERATIONS); 103 } 104 105 106 107 // Register the tags associated with this managed object definition. 108 static { 109 INSTANCE.registerTag(Tag.valueOf("user-management")); 110 } 111 112 113 114 /** 115 * Get the PBKDF2 Password Storage Scheme configuration definition 116 * singleton. 117 * 118 * @return Returns the PBKDF2 Password Storage Scheme configuration 119 * definition singleton. 120 */ 121 public static PBKDF2PasswordStorageSchemeCfgDefn getInstance() { 122 return INSTANCE; 123 } 124 125 126 127 /** 128 * Private constructor. 129 */ 130 private PBKDF2PasswordStorageSchemeCfgDefn() { 131 super("pbkdf2-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 132 } 133 134 135 136 /** 137 * {@inheritDoc} 138 */ 139 public PBKDF2PasswordStorageSchemeCfgClient createClientConfiguration( 140 ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl) { 141 return new PBKDF2PasswordStorageSchemeCfgClientImpl(impl); 142 } 143 144 145 146 /** 147 * {@inheritDoc} 148 */ 149 public PBKDF2PasswordStorageSchemeCfg createServerConfiguration( 150 ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl) { 151 return new PBKDF2PasswordStorageSchemeCfgServerImpl(impl); 152 } 153 154 155 156 /** 157 * {@inheritDoc} 158 */ 159 public Class<PBKDF2PasswordStorageSchemeCfg> getServerConfigurationClass() { 160 return PBKDF2PasswordStorageSchemeCfg.class; 161 } 162 163 164 165 /** 166 * Get the "enabled" property definition. 167 * <p> 168 * Indicates whether the PBKDF2 Password Storage Scheme is enabled 169 * for use. 170 * 171 * @return Returns the "enabled" property definition. 172 */ 173 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 174 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 175 } 176 177 178 179 /** 180 * Get the "java-class" property definition. 181 * <p> 182 * Specifies the fully-qualified name of the Java class that 183 * provides the PBKDF2 Password Storage Scheme implementation. 184 * 185 * @return Returns the "java-class" property definition. 186 */ 187 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 188 return PD_JAVA_CLASS; 189 } 190 191 192 193 /** 194 * Get the "pbkdf2-iterations" property definition. 195 * <p> 196 * The number of algorithm iterations to make. NIST recommends at 197 * least 1000. 198 * 199 * @return Returns the "pbkdf2-iterations" property definition. 200 */ 201 public IntegerPropertyDefinition getPBKDF2IterationsPropertyDefinition() { 202 return PD_PBKDF2_ITERATIONS; 203 } 204 205 206 207 /** 208 * Managed object client implementation. 209 */ 210 private static class PBKDF2PasswordStorageSchemeCfgClientImpl implements 211 PBKDF2PasswordStorageSchemeCfgClient { 212 213 // Private implementation. 214 private ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl; 215 216 217 218 // Private constructor. 219 private PBKDF2PasswordStorageSchemeCfgClientImpl( 220 ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl) { 221 this.impl = impl; 222 } 223 224 225 226 /** 227 * {@inheritDoc} 228 */ 229 public Boolean isEnabled() { 230 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 231 } 232 233 234 235 /** 236 * {@inheritDoc} 237 */ 238 public void setEnabled(boolean value) { 239 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 240 } 241 242 243 244 /** 245 * {@inheritDoc} 246 */ 247 public String getJavaClass() { 248 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 249 } 250 251 252 253 /** 254 * {@inheritDoc} 255 */ 256 public void setJavaClass(String value) { 257 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 258 } 259 260 261 262 /** 263 * {@inheritDoc} 264 */ 265 public int getPBKDF2Iterations() { 266 return impl.getPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition()); 267 } 268 269 270 271 /** 272 * {@inheritDoc} 273 */ 274 public void setPBKDF2Iterations(Integer value) { 275 impl.setPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition(), value); 276 } 277 278 279 280 /** 281 * {@inheritDoc} 282 */ 283 public ManagedObjectDefinition<? extends PBKDF2PasswordStorageSchemeCfgClient, ? extends PBKDF2PasswordStorageSchemeCfg> definition() { 284 return INSTANCE; 285 } 286 287 288 289 /** 290 * {@inheritDoc} 291 */ 292 public PropertyProvider properties() { 293 return impl; 294 } 295 296 297 298 /** 299 * {@inheritDoc} 300 */ 301 public void commit() throws ManagedObjectAlreadyExistsException, 302 MissingMandatoryPropertiesException, ConcurrentModificationException, 303 OperationRejectedException, LdapException { 304 impl.commit(); 305 } 306 307 } 308 309 310 311 /** 312 * Managed object server implementation. 313 */ 314 private static class PBKDF2PasswordStorageSchemeCfgServerImpl implements 315 PBKDF2PasswordStorageSchemeCfg { 316 317 // Private implementation. 318 private ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl; 319 320 // The value of the "enabled" property. 321 private final boolean pEnabled; 322 323 // The value of the "java-class" property. 324 private final String pJavaClass; 325 326 // The value of the "pbkdf2-iterations" property. 327 private final int pPBKDF2Iterations; 328 329 330 331 // Private constructor. 332 private PBKDF2PasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl) { 333 this.impl = impl; 334 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 335 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 336 this.pPBKDF2Iterations = impl.getPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition()); 337 } 338 339 340 341 /** 342 * {@inheritDoc} 343 */ 344 public void addPBKDF2ChangeListener( 345 ConfigurationChangeListener<PBKDF2PasswordStorageSchemeCfg> listener) { 346 impl.registerChangeListener(listener); 347 } 348 349 350 351 /** 352 * {@inheritDoc} 353 */ 354 public void removePBKDF2ChangeListener( 355 ConfigurationChangeListener<PBKDF2PasswordStorageSchemeCfg> listener) { 356 impl.deregisterChangeListener(listener); 357 } 358 /** 359 * {@inheritDoc} 360 */ 361 public void addChangeListener( 362 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 363 impl.registerChangeListener(listener); 364 } 365 366 367 368 /** 369 * {@inheritDoc} 370 */ 371 public void removeChangeListener( 372 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 373 impl.deregisterChangeListener(listener); 374 } 375 376 377 378 /** 379 * {@inheritDoc} 380 */ 381 public boolean isEnabled() { 382 return pEnabled; 383 } 384 385 386 387 /** 388 * {@inheritDoc} 389 */ 390 public String getJavaClass() { 391 return pJavaClass; 392 } 393 394 395 396 /** 397 * {@inheritDoc} 398 */ 399 public int getPBKDF2Iterations() { 400 return pPBKDF2Iterations; 401 } 402 403 404 405 /** 406 * {@inheritDoc} 407 */ 408 public Class<? extends PBKDF2PasswordStorageSchemeCfg> configurationClass() { 409 return PBKDF2PasswordStorageSchemeCfg.class; 410 } 411 412 413 414 /** 415 * {@inheritDoc} 416 */ 417 public DN dn() { 418 return impl.getDN(); 419 } 420 421 } 422}