001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import java.util.Collection; 031import java.util.SortedSet; 032import org.forgerock.opendj.config.ACIPropertyDefinition; 033import org.forgerock.opendj.config.AdministratorAction; 034import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 035import org.forgerock.opendj.config.BooleanPropertyDefinition; 036import org.forgerock.opendj.config.ClassPropertyDefinition; 037import org.forgerock.opendj.config.client.ConcurrentModificationException; 038import org.forgerock.opendj.config.client.ManagedObject; 039import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 040import org.forgerock.opendj.config.client.OperationRejectedException; 041import org.forgerock.opendj.config.DefaultBehaviorProvider; 042import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 043import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 044import org.forgerock.opendj.config.ManagedObjectDefinition; 045import org.forgerock.opendj.config.PropertyOption; 046import org.forgerock.opendj.config.PropertyProvider; 047import org.forgerock.opendj.config.server.ConfigurationChangeListener; 048import org.forgerock.opendj.config.server.ServerManagedObject; 049import org.forgerock.opendj.config.Tag; 050import org.forgerock.opendj.ldap.DN; 051import org.forgerock.opendj.ldap.LdapException; 052import org.forgerock.opendj.server.config.client.DseeCompatAccessControlHandlerCfgClient; 053import org.forgerock.opendj.server.config.server.AccessControlHandlerCfg; 054import org.forgerock.opendj.server.config.server.DseeCompatAccessControlHandlerCfg; 055 056 057 058/** 059 * An interface for querying the Dsee Compat Access Control Handler 060 * managed object definition meta information. 061 * <p> 062 * The Dsee Compat Access Control Handler provides an implementation 063 * that uses syntax compatible with the Sun Java System Directory 064 * Server Enterprise Edition access control handlers. 065 */ 066public final class DseeCompatAccessControlHandlerCfgDefn extends ManagedObjectDefinition<DseeCompatAccessControlHandlerCfgClient, DseeCompatAccessControlHandlerCfg> { 067 068 // The singleton configuration definition instance. 069 private static final DseeCompatAccessControlHandlerCfgDefn INSTANCE = new DseeCompatAccessControlHandlerCfgDefn(); 070 071 072 073 // The "global-aci" property definition. 074 private static final ACIPropertyDefinition PD_GLOBAL_ACI; 075 076 077 078 // The "java-class" property definition. 079 private static final ClassPropertyDefinition PD_JAVA_CLASS; 080 081 082 083 // Build the "global-aci" property definition. 084 static { 085 ACIPropertyDefinition.Builder builder = ACIPropertyDefinition.createBuilder(INSTANCE, "global-aci"); 086 builder.setOption(PropertyOption.MULTI_VALUED); 087 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "global-aci")); 088 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "global-aci")); 089 PD_GLOBAL_ACI = builder.getInstance(); 090 INSTANCE.registerPropertyDefinition(PD_GLOBAL_ACI); 091 } 092 093 094 095 // Build the "java-class" property definition. 096 static { 097 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 098 builder.setOption(PropertyOption.MANDATORY); 099 builder.setOption(PropertyOption.ADVANCED); 100 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 101 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.authorization.dseecompat.AciHandler"); 102 builder.setDefaultBehaviorProvider(provider); 103 builder.addInstanceOf("org.opends.server.api.AccessControlHandler"); 104 PD_JAVA_CLASS = builder.getInstance(); 105 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 106 } 107 108 109 110 // Register the tags associated with this managed object definition. 111 static { 112 INSTANCE.registerTag(Tag.valueOf("security")); 113 } 114 115 116 117 /** 118 * Get the Dsee Compat Access Control Handler configuration 119 * definition singleton. 120 * 121 * @return Returns the Dsee Compat Access Control Handler 122 * configuration definition singleton. 123 */ 124 public static DseeCompatAccessControlHandlerCfgDefn getInstance() { 125 return INSTANCE; 126 } 127 128 129 130 /** 131 * Private constructor. 132 */ 133 private DseeCompatAccessControlHandlerCfgDefn() { 134 super("dsee-compat-access-control-handler", AccessControlHandlerCfgDefn.getInstance()); 135 } 136 137 138 139 /** 140 * {@inheritDoc} 141 */ 142 public DseeCompatAccessControlHandlerCfgClient createClientConfiguration( 143 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 144 return new DseeCompatAccessControlHandlerCfgClientImpl(impl); 145 } 146 147 148 149 /** 150 * {@inheritDoc} 151 */ 152 public DseeCompatAccessControlHandlerCfg createServerConfiguration( 153 ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 154 return new DseeCompatAccessControlHandlerCfgServerImpl(impl); 155 } 156 157 158 159 /** 160 * {@inheritDoc} 161 */ 162 public Class<DseeCompatAccessControlHandlerCfg> getServerConfigurationClass() { 163 return DseeCompatAccessControlHandlerCfg.class; 164 } 165 166 167 168 /** 169 * Get the "enabled" property definition. 170 * <p> 171 * Indicates whether the Dsee Compat Access Control Handler is 172 * enabled. If set to FALSE, then no access control is enforced, and 173 * any client (including unauthenticated or anonymous clients) could 174 * be allowed to perform any operation if not subject to other 175 * restrictions, such as those enforced by the privilege subsystem. 176 * 177 * @return Returns the "enabled" property definition. 178 */ 179 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 180 return AccessControlHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 181 } 182 183 184 185 /** 186 * Get the "global-aci" property definition. 187 * <p> 188 * Defines global access control rules. 189 * <p> 190 * Global access control rules apply to all entries anywhere in the 191 * data managed by the OpenDJ directory server. The global access 192 * control rules may be overridden by more specific access control 193 * rules placed in the data. 194 * 195 * @return Returns the "global-aci" property definition. 196 */ 197 public ACIPropertyDefinition getGlobalACIPropertyDefinition() { 198 return PD_GLOBAL_ACI; 199 } 200 201 202 203 /** 204 * Get the "java-class" property definition. 205 * <p> 206 * Specifies the fully-qualified name of the Java class that 207 * provides the Dsee Compat Access Control Handler implementation. 208 * 209 * @return Returns the "java-class" property definition. 210 */ 211 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 212 return PD_JAVA_CLASS; 213 } 214 215 216 217 /** 218 * Managed object client implementation. 219 */ 220 private static class DseeCompatAccessControlHandlerCfgClientImpl implements 221 DseeCompatAccessControlHandlerCfgClient { 222 223 // Private implementation. 224 private ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl; 225 226 227 228 // Private constructor. 229 private DseeCompatAccessControlHandlerCfgClientImpl( 230 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 231 this.impl = impl; 232 } 233 234 235 236 /** 237 * {@inheritDoc} 238 */ 239 public Boolean isEnabled() { 240 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 241 } 242 243 244 245 /** 246 * {@inheritDoc} 247 */ 248 public void setEnabled(boolean value) { 249 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 250 } 251 252 253 254 /** 255 * {@inheritDoc} 256 */ 257 public SortedSet<String> getGlobalACI() { 258 return impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 259 } 260 261 262 263 /** 264 * {@inheritDoc} 265 */ 266 public void setGlobalACI(Collection<String> values) { 267 impl.setPropertyValues(INSTANCE.getGlobalACIPropertyDefinition(), values); 268 } 269 270 271 272 /** 273 * {@inheritDoc} 274 */ 275 public String getJavaClass() { 276 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 277 } 278 279 280 281 /** 282 * {@inheritDoc} 283 */ 284 public void setJavaClass(String value) { 285 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 286 } 287 288 289 290 /** 291 * {@inheritDoc} 292 */ 293 public ManagedObjectDefinition<? extends DseeCompatAccessControlHandlerCfgClient, ? extends DseeCompatAccessControlHandlerCfg> definition() { 294 return INSTANCE; 295 } 296 297 298 299 /** 300 * {@inheritDoc} 301 */ 302 public PropertyProvider properties() { 303 return impl; 304 } 305 306 307 308 /** 309 * {@inheritDoc} 310 */ 311 public void commit() throws ManagedObjectAlreadyExistsException, 312 MissingMandatoryPropertiesException, ConcurrentModificationException, 313 OperationRejectedException, LdapException { 314 impl.commit(); 315 } 316 317 } 318 319 320 321 /** 322 * Managed object server implementation. 323 */ 324 private static class DseeCompatAccessControlHandlerCfgServerImpl implements 325 DseeCompatAccessControlHandlerCfg { 326 327 // Private implementation. 328 private ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl; 329 330 // The value of the "enabled" property. 331 private final boolean pEnabled; 332 333 // The value of the "global-aci" property. 334 private final SortedSet<String> pGlobalACI; 335 336 // The value of the "java-class" property. 337 private final String pJavaClass; 338 339 340 341 // Private constructor. 342 private DseeCompatAccessControlHandlerCfgServerImpl(ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 343 this.impl = impl; 344 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 345 this.pGlobalACI = impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 346 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 347 } 348 349 350 351 /** 352 * {@inheritDoc} 353 */ 354 public void addDseeCompatChangeListener( 355 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 356 impl.registerChangeListener(listener); 357 } 358 359 360 361 /** 362 * {@inheritDoc} 363 */ 364 public void removeDseeCompatChangeListener( 365 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 366 impl.deregisterChangeListener(listener); 367 } 368 /** 369 * {@inheritDoc} 370 */ 371 public void addChangeListener( 372 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 373 impl.registerChangeListener(listener); 374 } 375 376 377 378 /** 379 * {@inheritDoc} 380 */ 381 public void removeChangeListener( 382 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 383 impl.deregisterChangeListener(listener); 384 } 385 386 387 388 /** 389 * {@inheritDoc} 390 */ 391 public boolean isEnabled() { 392 return pEnabled; 393 } 394 395 396 397 /** 398 * {@inheritDoc} 399 */ 400 public SortedSet<String> getGlobalACI() { 401 return pGlobalACI; 402 } 403 404 405 406 /** 407 * {@inheritDoc} 408 */ 409 public String getJavaClass() { 410 return pJavaClass; 411 } 412 413 414 415 /** 416 * {@inheritDoc} 417 */ 418 public Class<? extends DseeCompatAccessControlHandlerCfg> configurationClass() { 419 return DseeCompatAccessControlHandlerCfg.class; 420 } 421 422 423 424 /** 425 * {@inheritDoc} 426 */ 427 public DN dn() { 428 return impl.getDN(); 429 } 430 431 } 432}