001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import java.net.InetAddress;
031import java.util.Collection;
032import java.util.SortedSet;
033import org.forgerock.opendj.config.AdministratorAction;
034import org.forgerock.opendj.config.AggregationPropertyDefinition;
035import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
036import org.forgerock.opendj.config.AttributeTypePropertyDefinition;
037import org.forgerock.opendj.config.BooleanPropertyDefinition;
038import org.forgerock.opendj.config.ClassPropertyDefinition;
039import org.forgerock.opendj.config.client.ConcurrentModificationException;
040import org.forgerock.opendj.config.client.ManagedObject;
041import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
042import org.forgerock.opendj.config.client.OperationRejectedException;
043import org.forgerock.opendj.config.conditions.Conditions;
044import org.forgerock.opendj.config.DefaultBehaviorProvider;
045import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
046import org.forgerock.opendj.config.DNPropertyDefinition;
047import org.forgerock.opendj.config.DurationPropertyDefinition;
048import org.forgerock.opendj.config.EnumPropertyDefinition;
049import org.forgerock.opendj.config.GenericConstraint;
050import org.forgerock.opendj.config.IPAddressPropertyDefinition;
051import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
052import org.forgerock.opendj.config.ManagedObjectDefinition;
053import org.forgerock.opendj.config.PropertyOption;
054import org.forgerock.opendj.config.PropertyProvider;
055import org.forgerock.opendj.config.server.ConfigurationChangeListener;
056import org.forgerock.opendj.config.server.ServerManagedObject;
057import org.forgerock.opendj.config.StringPropertyDefinition;
058import org.forgerock.opendj.config.Tag;
059import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
060import org.forgerock.opendj.ldap.DN;
061import org.forgerock.opendj.ldap.LdapException;
062import org.forgerock.opendj.ldap.schema.AttributeType;
063import org.forgerock.opendj.server.config.client.LDAPPassThroughAuthenticationPolicyCfgClient;
064import org.forgerock.opendj.server.config.client.PasswordStorageSchemeCfgClient;
065import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient;
066import org.forgerock.opendj.server.config.server.AuthenticationPolicyCfg;
067import org.forgerock.opendj.server.config.server.LDAPPassThroughAuthenticationPolicyCfg;
068import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg;
069import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg;
070
071
072
073/**
074 * An interface for querying the LDAP Pass Through Authentication
075 * Policy managed object definition meta information.
076 * <p>
077 * An authentication policy for users whose credentials are managed by
078 * a remote LDAP directory service.
079 */
080public final class LDAPPassThroughAuthenticationPolicyCfgDefn extends ManagedObjectDefinition<LDAPPassThroughAuthenticationPolicyCfgClient, LDAPPassThroughAuthenticationPolicyCfg> {
081
082  // The singleton configuration definition instance.
083  private static final LDAPPassThroughAuthenticationPolicyCfgDefn INSTANCE = new LDAPPassThroughAuthenticationPolicyCfgDefn();
084
085
086
087  /**
088   * Defines the set of permissable values for the "mapping-policy" property.
089   * <p>
090   * Specifies the mapping algorithm for obtaining the bind DN from
091   * the user's entry.
092   */
093  public static enum MappingPolicy {
094
095    /**
096     * Bind to the remote LDAP directory service using a DN obtained
097     * from an attribute in the user's entry. This policy will check
098     * each attribute named in the "mapped-attribute" property. If more
099     * than one attribute or value is present then the first one will
100     * be used.
101     */
102    MAPPED_BIND("mapped-bind"),
103
104
105
106    /**
107     * Bind to the remote LDAP directory service using the DN of an
108     * entry obtained using a search against the remote LDAP directory
109     * service. The search filter will comprise of an equality matching
110     * filter whose attribute type is the "mapped-attribute" property,
111     * and whose assertion value is the attribute value obtained from
112     * the user's entry. If more than one attribute or value is present
113     * then the filter will be composed of multiple equality filters
114     * combined using a logical OR (union).
115     */
116    MAPPED_SEARCH("mapped-search"),
117
118
119
120    /**
121     * Bind to the remote LDAP directory service using the DN of the
122     * user's entry in this directory server.
123     */
124    UNMAPPED("unmapped");
125
126
127
128    // String representation of the value.
129    private final String name;
130
131
132
133    // Private constructor.
134    private MappingPolicy(String name) { this.name = name; }
135
136
137
138    /**
139     * {@inheritDoc}
140     */
141    public String toString() { return name; }
142
143  }
144
145
146
147  // The "cached-password-storage-scheme" property definition.
148  private static final AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> PD_CACHED_PASSWORD_STORAGE_SCHEME;
149
150
151
152  // The "cached-password-ttl" property definition.
153  private static final DurationPropertyDefinition PD_CACHED_PASSWORD_TTL;
154
155
156
157  // The "connection-timeout" property definition.
158  private static final DurationPropertyDefinition PD_CONNECTION_TIMEOUT;
159
160
161
162  // The "java-class" property definition.
163  private static final ClassPropertyDefinition PD_JAVA_CLASS;
164
165
166
167  // The "mapped-attribute" property definition.
168  private static final AttributeTypePropertyDefinition PD_MAPPED_ATTRIBUTE;
169
170
171
172  // The "mapped-search-base-dn" property definition.
173  private static final DNPropertyDefinition PD_MAPPED_SEARCH_BASE_DN;
174
175
176
177  // The "mapped-search-bind-dn" property definition.
178  private static final DNPropertyDefinition PD_MAPPED_SEARCH_BIND_DN;
179
180
181
182  // The "mapped-search-bind-password" property definition.
183  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD;
184
185
186
187  // The "mapped-search-bind-password-environment-variable" property definition.
188  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE;
189
190
191
192  // The "mapped-search-bind-password-file" property definition.
193  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_FILE;
194
195
196
197  // The "mapped-search-bind-password-property" property definition.
198  private static final StringPropertyDefinition PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY;
199
200
201
202  // The "mapping-policy" property definition.
203  private static final EnumPropertyDefinition<MappingPolicy> PD_MAPPING_POLICY;
204
205
206
207  // The "primary-remote-ldap-server" property definition.
208  private static final StringPropertyDefinition PD_PRIMARY_REMOTE_LDAP_SERVER;
209
210
211
212  // The "secondary-remote-ldap-server" property definition.
213  private static final StringPropertyDefinition PD_SECONDARY_REMOTE_LDAP_SERVER;
214
215
216
217  // The "source-address" property definition.
218  private static final IPAddressPropertyDefinition PD_SOURCE_ADDRESS;
219
220
221
222  // The "ssl-cipher-suite" property definition.
223  private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE;
224
225
226
227  // The "ssl-protocol" property definition.
228  private static final StringPropertyDefinition PD_SSL_PROTOCOL;
229
230
231
232  // The "trust-manager-provider" property definition.
233  private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER;
234
235
236
237  // The "use-password-caching" property definition.
238  private static final BooleanPropertyDefinition PD_USE_PASSWORD_CACHING;
239
240
241
242  // The "use-ssl" property definition.
243  private static final BooleanPropertyDefinition PD_USE_SSL;
244
245
246
247  // The "use-tcp-keep-alive" property definition.
248  private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE;
249
250
251
252  // The "use-tcp-no-delay" property definition.
253  private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY;
254
255
256
257  // Build the "cached-password-storage-scheme" property definition.
258  static {
259      AggregationPropertyDefinition.Builder<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "cached-password-storage-scheme");
260      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-storage-scheme"));
261      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
262      builder.setParentPath("/");
263      builder.setRelationDefinition("password-storage-scheme");
264      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
265      PD_CACHED_PASSWORD_STORAGE_SCHEME = builder.getInstance();
266      INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_STORAGE_SCHEME);
267      INSTANCE.registerConstraint(PD_CACHED_PASSWORD_STORAGE_SCHEME.getSourceConstraint());
268  }
269
270
271
272  // Build the "cached-password-ttl" property definition.
273  static {
274      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "cached-password-ttl");
275      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "cached-password-ttl"));
276      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("8 hours");
277      builder.setDefaultBehaviorProvider(provider);
278      builder.setBaseUnit("s");
279      PD_CACHED_PASSWORD_TTL = builder.getInstance();
280      INSTANCE.registerPropertyDefinition(PD_CACHED_PASSWORD_TTL);
281  }
282
283
284
285  // Build the "connection-timeout" property definition.
286  static {
287      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "connection-timeout");
288      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "connection-timeout"));
289      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("3 seconds");
290      builder.setDefaultBehaviorProvider(provider);
291      builder.setBaseUnit("ms");
292      builder.setLowerLimit("0");
293      PD_CONNECTION_TIMEOUT = builder.getInstance();
294      INSTANCE.registerPropertyDefinition(PD_CONNECTION_TIMEOUT);
295  }
296
297
298
299  // Build the "java-class" property definition.
300  static {
301      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
302      builder.setOption(PropertyOption.MANDATORY);
303      builder.setOption(PropertyOption.ADVANCED);
304      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
305      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.LDAPPassThroughAuthenticationPolicyFactory");
306      builder.setDefaultBehaviorProvider(provider);
307      builder.addInstanceOf("org.opends.server.api.AuthenticationPolicyFactory");
308      PD_JAVA_CLASS = builder.getInstance();
309      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
310  }
311
312
313
314  // Build the "mapped-attribute" property definition.
315  static {
316      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "mapped-attribute");
317      builder.setOption(PropertyOption.MULTI_VALUED);
318      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-attribute"));
319      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
320      PD_MAPPED_ATTRIBUTE = builder.getInstance();
321      INSTANCE.registerPropertyDefinition(PD_MAPPED_ATTRIBUTE);
322  }
323
324
325
326  // Build the "mapped-search-base-dn" property definition.
327  static {
328      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-base-dn");
329      builder.setOption(PropertyOption.MULTI_VALUED);
330      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-base-dn"));
331      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<DN>());
332      PD_MAPPED_SEARCH_BASE_DN = builder.getInstance();
333      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BASE_DN);
334  }
335
336
337
338  // Build the "mapped-search-bind-dn" property definition.
339  static {
340      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-dn");
341      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-dn"));
342      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "mapped-search-bind-dn"));
343      PD_MAPPED_SEARCH_BIND_DN = builder.getInstance();
344      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_DN);
345  }
346
347
348
349  // Build the "mapped-search-bind-password" property definition.
350  static {
351      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password");
352      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password"));
353      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
354      PD_MAPPED_SEARCH_BIND_PASSWORD = builder.getInstance();
355      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD);
356  }
357
358
359
360  // Build the "mapped-search-bind-password-environment-variable" property definition.
361  static {
362      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-environment-variable");
363      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-environment-variable"));
364      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
365      PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE = builder.getInstance();
366      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE);
367  }
368
369
370
371  // Build the "mapped-search-bind-password-file" property definition.
372  static {
373      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-file");
374      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-file"));
375      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
376      PD_MAPPED_SEARCH_BIND_PASSWORD_FILE = builder.getInstance();
377      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_FILE);
378  }
379
380
381
382  // Build the "mapped-search-bind-password-property" property definition.
383  static {
384      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "mapped-search-bind-password-property");
385      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapped-search-bind-password-property"));
386      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
387      PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY = builder.getInstance();
388      INSTANCE.registerPropertyDefinition(PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY);
389  }
390
391
392
393  // Build the "mapping-policy" property definition.
394  static {
395      EnumPropertyDefinition.Builder<MappingPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "mapping-policy");
396      builder.setOption(PropertyOption.MANDATORY);
397      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "mapping-policy"));
398      DefaultBehaviorProvider<MappingPolicy> provider = new DefinedDefaultBehaviorProvider<MappingPolicy>("unmapped");
399      builder.setDefaultBehaviorProvider(provider);
400      builder.setEnumClass(MappingPolicy.class);
401      PD_MAPPING_POLICY = builder.getInstance();
402      INSTANCE.registerPropertyDefinition(PD_MAPPING_POLICY);
403  }
404
405
406
407  // Build the "primary-remote-ldap-server" property definition.
408  static {
409      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "primary-remote-ldap-server");
410      builder.setOption(PropertyOption.MULTI_VALUED);
411      builder.setOption(PropertyOption.MANDATORY);
412      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "primary-remote-ldap-server"));
413      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
414      builder.setPattern("^.+:[0-9]+$", "HOST:PORT");
415      PD_PRIMARY_REMOTE_LDAP_SERVER = builder.getInstance();
416      INSTANCE.registerPropertyDefinition(PD_PRIMARY_REMOTE_LDAP_SERVER);
417  }
418
419
420
421  // Build the "secondary-remote-ldap-server" property definition.
422  static {
423      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "secondary-remote-ldap-server");
424      builder.setOption(PropertyOption.MULTI_VALUED);
425      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "secondary-remote-ldap-server"));
426      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "secondary-remote-ldap-server"));
427      builder.setPattern("^.+:[0-9]+$", "HOST:PORT");
428      PD_SECONDARY_REMOTE_LDAP_SERVER = builder.getInstance();
429      INSTANCE.registerPropertyDefinition(PD_SECONDARY_REMOTE_LDAP_SERVER);
430  }
431
432
433
434  // Build the "source-address" property definition.
435  static {
436      IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "source-address");
437      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "source-address"));
438      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<InetAddress>(INSTANCE, "source-address"));
439      PD_SOURCE_ADDRESS = builder.getInstance();
440      INSTANCE.registerPropertyDefinition(PD_SOURCE_ADDRESS);
441  }
442
443
444
445  // Build the "ssl-cipher-suite" property definition.
446  static {
447      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite");
448      builder.setOption(PropertyOption.MULTI_VALUED);
449      builder.setOption(PropertyOption.ADVANCED);
450      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite"));
451      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite"));
452      PD_SSL_CIPHER_SUITE = builder.getInstance();
453      INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE);
454  }
455
456
457
458  // Build the "ssl-protocol" property definition.
459  static {
460      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol");
461      builder.setOption(PropertyOption.MULTI_VALUED);
462      builder.setOption(PropertyOption.ADVANCED);
463      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol"));
464      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol"));
465      PD_SSL_PROTOCOL = builder.getInstance();
466      INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL);
467  }
468
469
470
471  // Build the "trust-manager-provider" property definition.
472  static {
473      AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider");
474      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider"));
475      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "trust-manager-provider"));
476      builder.setParentPath("/");
477      builder.setRelationDefinition("trust-manager-provider");
478      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("use-ssl", "true")));
479      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
480      PD_TRUST_MANAGER_PROVIDER = builder.getInstance();
481      INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER);
482      INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint());
483  }
484
485
486
487  // Build the "use-password-caching" property definition.
488  static {
489      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-password-caching");
490      builder.setOption(PropertyOption.MANDATORY);
491      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-password-caching"));
492      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
493      builder.setDefaultBehaviorProvider(provider);
494      PD_USE_PASSWORD_CACHING = builder.getInstance();
495      INSTANCE.registerPropertyDefinition(PD_USE_PASSWORD_CACHING);
496  }
497
498
499
500  // Build the "use-ssl" property definition.
501  static {
502      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl");
503      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl"));
504      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
505      builder.setDefaultBehaviorProvider(provider);
506      PD_USE_SSL = builder.getInstance();
507      INSTANCE.registerPropertyDefinition(PD_USE_SSL);
508  }
509
510
511
512  // Build the "use-tcp-keep-alive" property definition.
513  static {
514      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive");
515      builder.setOption(PropertyOption.ADVANCED);
516      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive"));
517      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
518      builder.setDefaultBehaviorProvider(provider);
519      PD_USE_TCP_KEEP_ALIVE = builder.getInstance();
520      INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE);
521  }
522
523
524
525  // Build the "use-tcp-no-delay" property definition.
526  static {
527      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay");
528      builder.setOption(PropertyOption.ADVANCED);
529      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay"));
530      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
531      builder.setDefaultBehaviorProvider(provider);
532      PD_USE_TCP_NO_DELAY = builder.getInstance();
533      INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY);
534  }
535
536
537
538  // Register the tags associated with this managed object definition.
539  static {
540    INSTANCE.registerTag(Tag.valueOf("user-management"));
541  }
542
543
544
545  // Register the constraints associated with this managed object definition.
546  static {
547    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.or(Conditions.contains("mapping-policy", "mapped-bind"), Conditions.contains("mapping-policy", "mapped-search")), Conditions.isPresent("mapped-attribute"))));
548    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-base-dn"))));
549    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.and(Conditions.contains("mapping-policy", "mapped-search"), Conditions.isPresent("mapped-search-bind-dn")), Conditions.or(Conditions.isPresent("mapped-search-bind-password"), Conditions.isPresent("mapped-search-bind-password-property"), Conditions.isPresent("mapped-search-bind-password-environment-variable"), Conditions.isPresent("mapped-search-bind-password-file")))));
550    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 4, Conditions.implies(Conditions.contains("use-password-caching", "true"), Conditions.isPresent("cached-password-storage-scheme"))));
551  }
552
553
554
555  /**
556   * Get the LDAP Pass Through Authentication Policy configuration
557   * definition singleton.
558   *
559   * @return Returns the LDAP Pass Through Authentication Policy
560   *         configuration definition singleton.
561   */
562  public static LDAPPassThroughAuthenticationPolicyCfgDefn getInstance() {
563    return INSTANCE;
564  }
565
566
567
568  /**
569   * Private constructor.
570   */
571  private LDAPPassThroughAuthenticationPolicyCfgDefn() {
572    super("ldap-pass-through-authentication-policy", AuthenticationPolicyCfgDefn.getInstance());
573  }
574
575
576
577  /**
578   * {@inheritDoc}
579   */
580  public LDAPPassThroughAuthenticationPolicyCfgClient createClientConfiguration(
581      ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) {
582    return new LDAPPassThroughAuthenticationPolicyCfgClientImpl(impl);
583  }
584
585
586
587  /**
588   * {@inheritDoc}
589   */
590  public LDAPPassThroughAuthenticationPolicyCfg createServerConfiguration(
591      ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) {
592    return new LDAPPassThroughAuthenticationPolicyCfgServerImpl(impl);
593  }
594
595
596
597  /**
598   * {@inheritDoc}
599   */
600  public Class<LDAPPassThroughAuthenticationPolicyCfg> getServerConfigurationClass() {
601    return LDAPPassThroughAuthenticationPolicyCfg.class;
602  }
603
604
605
606  /**
607   * Get the "cached-password-storage-scheme" property definition.
608   * <p>
609   * Specifies the name of a password storage scheme which should be
610   * used for encoding cached passwords.
611   * <p>
612   * Changing the password storage scheme will cause all existing
613   * cached passwords to be discarded.
614   *
615   * @return Returns the "cached-password-storage-scheme" property definition.
616   */
617  public AggregationPropertyDefinition<PasswordStorageSchemeCfgClient, PasswordStorageSchemeCfg> getCachedPasswordStorageSchemePropertyDefinition() {
618    return PD_CACHED_PASSWORD_STORAGE_SCHEME;
619  }
620
621
622
623  /**
624   * Get the "cached-password-ttl" property definition.
625   * <p>
626   * Specifies the maximum length of time that a locally cached
627   * password may be used for authentication before it is refreshed
628   * from the remote LDAP service.
629   * <p>
630   * This property represents a cache timeout. Increasing the timeout
631   * period decreases the frequency that bind operations are delegated
632   * to the remote LDAP service, but increases the risk of users
633   * authenticating using stale passwords. Note that authentication
634   * attempts which fail because the provided password does not match
635   * the locally cached password will always be retried against the
636   * remote LDAP service.
637   *
638   * @return Returns the "cached-password-ttl" property definition.
639   */
640  public DurationPropertyDefinition getCachedPasswordTTLPropertyDefinition() {
641    return PD_CACHED_PASSWORD_TTL;
642  }
643
644
645
646  /**
647   * Get the "connection-timeout" property definition.
648   * <p>
649   * Specifies the timeout used when connecting to remote LDAP
650   * directory servers, performing SSL negotiation, and for individual
651   * search and bind requests.
652   * <p>
653   * If the timeout expires then the current operation will be aborted
654   * and retried against another LDAP server if one is available.
655   *
656   * @return Returns the "connection-timeout" property definition.
657   */
658  public DurationPropertyDefinition getConnectionTimeoutPropertyDefinition() {
659    return PD_CONNECTION_TIMEOUT;
660  }
661
662
663
664  /**
665   * Get the "java-class" property definition.
666   * <p>
667   * Specifies the fully-qualified name of the Java class which
668   * provides the LDAP Pass Through Authentication Policy
669   * implementation.
670   *
671   * @return Returns the "java-class" property definition.
672   */
673  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
674    return PD_JAVA_CLASS;
675  }
676
677
678
679  /**
680   * Get the "mapped-attribute" property definition.
681   * <p>
682   * Specifies one or more attributes in the user's entry whose
683   * value(s) will determine the bind DN used when authenticating to
684   * the remote LDAP directory service. This property is mandatory when
685   * using the "mapped-bind" or "mapped-search" mapping policies.
686   * <p>
687   * At least one value must be provided. All values must refer to the
688   * name or OID of an attribute type defined in the directory server
689   * schema. At least one of the named attributes must exist in a
690   * user's local entry in order for authentication to proceed. When
691   * multiple attributes or values are found in the user's entry then
692   * the behavior is determined by the mapping policy.
693   *
694   * @return Returns the "mapped-attribute" property definition.
695   */
696  public AttributeTypePropertyDefinition getMappedAttributePropertyDefinition() {
697    return PD_MAPPED_ATTRIBUTE;
698  }
699
700
701
702  /**
703   * Get the "mapped-search-base-dn" property definition.
704   * <p>
705   * Specifies the set of base DNs below which to search for users in
706   * the remote LDAP directory service. This property is mandatory when
707   * using the "mapped-search" mapping policy.
708   * <p>
709   * If multiple values are given, searches are performed below all
710   * specified base DNs.
711   *
712   * @return Returns the "mapped-search-base-dn" property definition.
713   */
714  public DNPropertyDefinition getMappedSearchBaseDNPropertyDefinition() {
715    return PD_MAPPED_SEARCH_BASE_DN;
716  }
717
718
719
720  /**
721   * Get the "mapped-search-bind-dn" property definition.
722   * <p>
723   * Specifies the bind DN which should be used to perform user
724   * searches in the remote LDAP directory service.
725   *
726   * @return Returns the "mapped-search-bind-dn" property definition.
727   */
728  public DNPropertyDefinition getMappedSearchBindDNPropertyDefinition() {
729    return PD_MAPPED_SEARCH_BIND_DN;
730  }
731
732
733
734  /**
735   * Get the "mapped-search-bind-password" property definition.
736   * <p>
737   * Specifies the bind password which should be used to perform user
738   * searches in the remote LDAP directory service.
739   *
740   * @return Returns the "mapped-search-bind-password" property definition.
741   */
742  public StringPropertyDefinition getMappedSearchBindPasswordPropertyDefinition() {
743    return PD_MAPPED_SEARCH_BIND_PASSWORD;
744  }
745
746
747
748  /**
749   * Get the "mapped-search-bind-password-environment-variable" property definition.
750   * <p>
751   * Specifies the name of an environment variable containing the bind
752   * password which should be used to perform user searches in the
753   * remote LDAP directory service.
754   *
755   * @return Returns the "mapped-search-bind-password-environment-variable" property definition.
756   */
757  public StringPropertyDefinition getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition() {
758    return PD_MAPPED_SEARCH_BIND_PASSWORD_ENVIRONMENT_VARIABLE;
759  }
760
761
762
763  /**
764   * Get the "mapped-search-bind-password-file" property definition.
765   * <p>
766   * Specifies the name of a file containing the bind password which
767   * should be used to perform user searches in the remote LDAP
768   * directory service.
769   *
770   * @return Returns the "mapped-search-bind-password-file" property definition.
771   */
772  public StringPropertyDefinition getMappedSearchBindPasswordFilePropertyDefinition() {
773    return PD_MAPPED_SEARCH_BIND_PASSWORD_FILE;
774  }
775
776
777
778  /**
779   * Get the "mapped-search-bind-password-property" property definition.
780   * <p>
781   * Specifies the name of a Java property containing the bind
782   * password which should be used to perform user searches in the
783   * remote LDAP directory service.
784   *
785   * @return Returns the "mapped-search-bind-password-property" property definition.
786   */
787  public StringPropertyDefinition getMappedSearchBindPasswordPropertyPropertyDefinition() {
788    return PD_MAPPED_SEARCH_BIND_PASSWORD_PROPERTY;
789  }
790
791
792
793  /**
794   * Get the "mapping-policy" property definition.
795   * <p>
796   * Specifies the mapping algorithm for obtaining the bind DN from
797   * the user's entry.
798   *
799   * @return Returns the "mapping-policy" property definition.
800   */
801  public EnumPropertyDefinition<MappingPolicy> getMappingPolicyPropertyDefinition() {
802    return PD_MAPPING_POLICY;
803  }
804
805
806
807  /**
808   * Get the "primary-remote-ldap-server" property definition.
809   * <p>
810   * Specifies the primary list of remote LDAP servers which should be
811   * used for pass through authentication.
812   * <p>
813   * If more than one LDAP server is specified then operations may be
814   * distributed across them. If all of the primary LDAP servers are
815   * unavailable then operations will fail-over to the set of secondary
816   * LDAP servers, if defined.
817   *
818   * @return Returns the "primary-remote-ldap-server" property definition.
819   */
820  public StringPropertyDefinition getPrimaryRemoteLDAPServerPropertyDefinition() {
821    return PD_PRIMARY_REMOTE_LDAP_SERVER;
822  }
823
824
825
826  /**
827   * Get the "secondary-remote-ldap-server" property definition.
828   * <p>
829   * Specifies the secondary list of remote LDAP servers which should
830   * be used for pass through authentication in the event that the
831   * primary LDAP servers are unavailable.
832   * <p>
833   * If more than one LDAP server is specified then operations may be
834   * distributed across them. Operations will be rerouted to the
835   * primary LDAP servers as soon as they are determined to be
836   * available.
837   *
838   * @return Returns the "secondary-remote-ldap-server" property definition.
839   */
840  public StringPropertyDefinition getSecondaryRemoteLDAPServerPropertyDefinition() {
841    return PD_SECONDARY_REMOTE_LDAP_SERVER;
842  }
843
844
845
846  /**
847   * Get the "source-address" property definition.
848   * <p>
849   * If specified, the server will bind to the address before
850   * connecting to the remote server.
851   * <p>
852   * The address must be one assigned to an existing network
853   * interface.
854   *
855   * @return Returns the "source-address" property definition.
856   */
857  public IPAddressPropertyDefinition getSourceAddressPropertyDefinition() {
858    return PD_SOURCE_ADDRESS;
859  }
860
861
862
863  /**
864   * Get the "ssl-cipher-suite" property definition.
865   * <p>
866   * Specifies the names of the SSL cipher suites that are allowed for
867   * use in SSL based LDAP connections.
868   *
869   * @return Returns the "ssl-cipher-suite" property definition.
870   */
871  public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() {
872    return PD_SSL_CIPHER_SUITE;
873  }
874
875
876
877  /**
878   * Get the "ssl-protocol" property definition.
879   * <p>
880   * Specifies the names of the SSL protocols which are allowed for
881   * use in SSL based LDAP connections.
882   *
883   * @return Returns the "ssl-protocol" property definition.
884   */
885  public StringPropertyDefinition getSSLProtocolPropertyDefinition() {
886    return PD_SSL_PROTOCOL;
887  }
888
889
890
891  /**
892   * Get the "trust-manager-provider" property definition.
893   * <p>
894   * Specifies the name of the trust manager that should be used when
895   * negotiating SSL connections with remote LDAP directory servers.
896   *
897   * @return Returns the "trust-manager-provider" property definition.
898   */
899  public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() {
900    return PD_TRUST_MANAGER_PROVIDER;
901  }
902
903
904
905  /**
906   * Get the "use-password-caching" property definition.
907   * <p>
908   * Indicates whether passwords should be cached locally within the
909   * user's entry.
910   *
911   * @return Returns the "use-password-caching" property definition.
912   */
913  public BooleanPropertyDefinition getUsePasswordCachingPropertyDefinition() {
914    return PD_USE_PASSWORD_CACHING;
915  }
916
917
918
919  /**
920   * Get the "use-ssl" property definition.
921   * <p>
922   * Indicates whether the LDAP Pass Through Authentication Policy
923   * should use SSL.
924   * <p>
925   * If enabled, the LDAP Pass Through Authentication Policy will use
926   * SSL to encrypt communication with the clients.
927   *
928   * @return Returns the "use-ssl" property definition.
929   */
930  public BooleanPropertyDefinition getUseSSLPropertyDefinition() {
931    return PD_USE_SSL;
932  }
933
934
935
936  /**
937   * Get the "use-tcp-keep-alive" property definition.
938   * <p>
939   * Indicates whether LDAP connections should use TCP keep-alive.
940   * <p>
941   * If enabled, the SO_KEEPALIVE socket option is used to indicate
942   * that TCP keepalive messages should periodically be sent to the
943   * client to verify that the associated connection is still valid.
944   * This may also help prevent cases in which intermediate network
945   * hardware could silently drop an otherwise idle client connection,
946   * provided that the keepalive interval configured in the underlying
947   * operating system is smaller than the timeout enforced by the
948   * network hardware.
949   *
950   * @return Returns the "use-tcp-keep-alive" property definition.
951   */
952  public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() {
953    return PD_USE_TCP_KEEP_ALIVE;
954  }
955
956
957
958  /**
959   * Get the "use-tcp-no-delay" property definition.
960   * <p>
961   * Indicates whether LDAP connections should use TCP no-delay.
962   * <p>
963   * If enabled, the TCP_NODELAY socket option is used to ensure that
964   * response messages to the client are sent immediately rather than
965   * potentially waiting to determine whether additional response
966   * messages can be sent in the same packet. In most cases, using the
967   * TCP_NODELAY socket option provides better performance and lower
968   * response times, but disabling it may help for some cases in which
969   * the server sends a large number of entries to a client in response
970   * to a search request.
971   *
972   * @return Returns the "use-tcp-no-delay" property definition.
973   */
974  public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() {
975    return PD_USE_TCP_NO_DELAY;
976  }
977
978
979
980  /**
981   * Managed object client implementation.
982   */
983  private static class LDAPPassThroughAuthenticationPolicyCfgClientImpl implements
984    LDAPPassThroughAuthenticationPolicyCfgClient {
985
986    // Private implementation.
987    private ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl;
988
989
990
991    // Private constructor.
992    private LDAPPassThroughAuthenticationPolicyCfgClientImpl(
993        ManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfgClient> impl) {
994      this.impl = impl;
995    }
996
997
998
999    /**
1000     * {@inheritDoc}
1001     */
1002    public String getCachedPasswordStorageScheme() {
1003      return impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition());
1004    }
1005
1006
1007
1008    /**
1009     * {@inheritDoc}
1010     */
1011    public void setCachedPasswordStorageScheme(String value) {
1012      impl.setPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition(), value);
1013    }
1014
1015
1016
1017    /**
1018     * {@inheritDoc}
1019     */
1020    public long getCachedPasswordTTL() {
1021      return impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition());
1022    }
1023
1024
1025
1026    /**
1027     * {@inheritDoc}
1028     */
1029    public void setCachedPasswordTTL(Long value) {
1030      impl.setPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition(), value);
1031    }
1032
1033
1034
1035    /**
1036     * {@inheritDoc}
1037     */
1038    public long getConnectionTimeout() {
1039      return impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition());
1040    }
1041
1042
1043
1044    /**
1045     * {@inheritDoc}
1046     */
1047    public void setConnectionTimeout(Long value) {
1048      impl.setPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition(), value);
1049    }
1050
1051
1052
1053    /**
1054     * {@inheritDoc}
1055     */
1056    public String getJavaClass() {
1057      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1058    }
1059
1060
1061
1062    /**
1063     * {@inheritDoc}
1064     */
1065    public void setJavaClass(String value) {
1066      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
1067    }
1068
1069
1070
1071    /**
1072     * {@inheritDoc}
1073     */
1074    public SortedSet<AttributeType> getMappedAttribute() {
1075      return impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition());
1076    }
1077
1078
1079
1080    /**
1081     * {@inheritDoc}
1082     */
1083    public void setMappedAttribute(Collection<AttributeType> values) {
1084      impl.setPropertyValues(INSTANCE.getMappedAttributePropertyDefinition(), values);
1085    }
1086
1087
1088
1089    /**
1090     * {@inheritDoc}
1091     */
1092    public SortedSet<DN> getMappedSearchBaseDN() {
1093      return impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition());
1094    }
1095
1096
1097
1098    /**
1099     * {@inheritDoc}
1100     */
1101    public void setMappedSearchBaseDN(Collection<DN> values) {
1102      impl.setPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition(), values);
1103    }
1104
1105
1106
1107    /**
1108     * {@inheritDoc}
1109     */
1110    public DN getMappedSearchBindDN() {
1111      return impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition());
1112    }
1113
1114
1115
1116    /**
1117     * {@inheritDoc}
1118     */
1119    public void setMappedSearchBindDN(DN value) {
1120      impl.setPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition(), value);
1121    }
1122
1123
1124
1125    /**
1126     * {@inheritDoc}
1127     */
1128    public String getMappedSearchBindPassword() {
1129      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition());
1130    }
1131
1132
1133
1134    /**
1135     * {@inheritDoc}
1136     */
1137    public void setMappedSearchBindPassword(String value) {
1138      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition(), value);
1139    }
1140
1141
1142
1143    /**
1144     * {@inheritDoc}
1145     */
1146    public String getMappedSearchBindPasswordEnvironmentVariable() {
1147      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition());
1148    }
1149
1150
1151
1152    /**
1153     * {@inheritDoc}
1154     */
1155    public void setMappedSearchBindPasswordEnvironmentVariable(String value) {
1156      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition(), value);
1157    }
1158
1159
1160
1161    /**
1162     * {@inheritDoc}
1163     */
1164    public String getMappedSearchBindPasswordFile() {
1165      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition());
1166    }
1167
1168
1169
1170    /**
1171     * {@inheritDoc}
1172     */
1173    public void setMappedSearchBindPasswordFile(String value) {
1174      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition(), value);
1175    }
1176
1177
1178
1179    /**
1180     * {@inheritDoc}
1181     */
1182    public String getMappedSearchBindPasswordProperty() {
1183      return impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition());
1184    }
1185
1186
1187
1188    /**
1189     * {@inheritDoc}
1190     */
1191    public void setMappedSearchBindPasswordProperty(String value) {
1192      impl.setPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition(), value);
1193    }
1194
1195
1196
1197    /**
1198     * {@inheritDoc}
1199     */
1200    public MappingPolicy getMappingPolicy() {
1201      return impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition());
1202    }
1203
1204
1205
1206    /**
1207     * {@inheritDoc}
1208     */
1209    public void setMappingPolicy(MappingPolicy value) {
1210      impl.setPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition(), value);
1211    }
1212
1213
1214
1215    /**
1216     * {@inheritDoc}
1217     */
1218    public SortedSet<String> getPrimaryRemoteLDAPServer() {
1219      return impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition());
1220    }
1221
1222
1223
1224    /**
1225     * {@inheritDoc}
1226     */
1227    public void setPrimaryRemoteLDAPServer(Collection<String> values) {
1228      impl.setPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition(), values);
1229    }
1230
1231
1232
1233    /**
1234     * {@inheritDoc}
1235     */
1236    public SortedSet<String> getSecondaryRemoteLDAPServer() {
1237      return impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition());
1238    }
1239
1240
1241
1242    /**
1243     * {@inheritDoc}
1244     */
1245    public void setSecondaryRemoteLDAPServer(Collection<String> values) {
1246      impl.setPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition(), values);
1247    }
1248
1249
1250
1251    /**
1252     * {@inheritDoc}
1253     */
1254    public InetAddress getSourceAddress() {
1255      return impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition());
1256    }
1257
1258
1259
1260    /**
1261     * {@inheritDoc}
1262     */
1263    public void setSourceAddress(InetAddress value) {
1264      impl.setPropertyValue(INSTANCE.getSourceAddressPropertyDefinition(), value);
1265    }
1266
1267
1268
1269    /**
1270     * {@inheritDoc}
1271     */
1272    public SortedSet<String> getSSLCipherSuite() {
1273      return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1274    }
1275
1276
1277
1278    /**
1279     * {@inheritDoc}
1280     */
1281    public void setSSLCipherSuite(Collection<String> values) {
1282      impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values);
1283    }
1284
1285
1286
1287    /**
1288     * {@inheritDoc}
1289     */
1290    public SortedSet<String> getSSLProtocol() {
1291      return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1292    }
1293
1294
1295
1296    /**
1297     * {@inheritDoc}
1298     */
1299    public void setSSLProtocol(Collection<String> values) {
1300      impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values);
1301    }
1302
1303
1304
1305    /**
1306     * {@inheritDoc}
1307     */
1308    public String getTrustManagerProvider() {
1309      return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1310    }
1311
1312
1313
1314    /**
1315     * {@inheritDoc}
1316     */
1317    public void setTrustManagerProvider(String value) {
1318      impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value);
1319    }
1320
1321
1322
1323    /**
1324     * {@inheritDoc}
1325     */
1326    public boolean isUsePasswordCaching() {
1327      return impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition());
1328    }
1329
1330
1331
1332    /**
1333     * {@inheritDoc}
1334     */
1335    public void setUsePasswordCaching(boolean value) {
1336      impl.setPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition(), value);
1337    }
1338
1339
1340
1341    /**
1342     * {@inheritDoc}
1343     */
1344    public boolean isUseSSL() {
1345      return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1346    }
1347
1348
1349
1350    /**
1351     * {@inheritDoc}
1352     */
1353    public void setUseSSL(Boolean value) {
1354      impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value);
1355    }
1356
1357
1358
1359    /**
1360     * {@inheritDoc}
1361     */
1362    public boolean isUseTCPKeepAlive() {
1363      return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1364    }
1365
1366
1367
1368    /**
1369     * {@inheritDoc}
1370     */
1371    public void setUseTCPKeepAlive(Boolean value) {
1372      impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value);
1373    }
1374
1375
1376
1377    /**
1378     * {@inheritDoc}
1379     */
1380    public boolean isUseTCPNoDelay() {
1381      return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1382    }
1383
1384
1385
1386    /**
1387     * {@inheritDoc}
1388     */
1389    public void setUseTCPNoDelay(Boolean value) {
1390      impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value);
1391    }
1392
1393
1394
1395    /**
1396     * {@inheritDoc}
1397     */
1398    public ManagedObjectDefinition<? extends LDAPPassThroughAuthenticationPolicyCfgClient, ? extends LDAPPassThroughAuthenticationPolicyCfg> definition() {
1399      return INSTANCE;
1400    }
1401
1402
1403
1404    /**
1405     * {@inheritDoc}
1406     */
1407    public PropertyProvider properties() {
1408      return impl;
1409    }
1410
1411
1412
1413    /**
1414     * {@inheritDoc}
1415     */
1416    public void commit() throws ManagedObjectAlreadyExistsException,
1417        MissingMandatoryPropertiesException, ConcurrentModificationException,
1418        OperationRejectedException, LdapException {
1419      impl.commit();
1420    }
1421
1422  }
1423
1424
1425
1426  /**
1427   * Managed object server implementation.
1428   */
1429  private static class LDAPPassThroughAuthenticationPolicyCfgServerImpl implements
1430    LDAPPassThroughAuthenticationPolicyCfg {
1431
1432    // Private implementation.
1433    private ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl;
1434
1435    // The value of the "cached-password-storage-scheme" property.
1436    private final String pCachedPasswordStorageScheme;
1437
1438    // The value of the "cached-password-ttl" property.
1439    private final long pCachedPasswordTTL;
1440
1441    // The value of the "connection-timeout" property.
1442    private final long pConnectionTimeout;
1443
1444    // The value of the "java-class" property.
1445    private final String pJavaClass;
1446
1447    // The value of the "mapped-attribute" property.
1448    private final SortedSet<AttributeType> pMappedAttribute;
1449
1450    // The value of the "mapped-search-base-dn" property.
1451    private final SortedSet<DN> pMappedSearchBaseDN;
1452
1453    // The value of the "mapped-search-bind-dn" property.
1454    private final DN pMappedSearchBindDN;
1455
1456    // The value of the "mapped-search-bind-password" property.
1457    private final String pMappedSearchBindPassword;
1458
1459    // The value of the "mapped-search-bind-password-environment-variable" property.
1460    private final String pMappedSearchBindPasswordEnvironmentVariable;
1461
1462    // The value of the "mapped-search-bind-password-file" property.
1463    private final String pMappedSearchBindPasswordFile;
1464
1465    // The value of the "mapped-search-bind-password-property" property.
1466    private final String pMappedSearchBindPasswordProperty;
1467
1468    // The value of the "mapping-policy" property.
1469    private final MappingPolicy pMappingPolicy;
1470
1471    // The value of the "primary-remote-ldap-server" property.
1472    private final SortedSet<String> pPrimaryRemoteLDAPServer;
1473
1474    // The value of the "secondary-remote-ldap-server" property.
1475    private final SortedSet<String> pSecondaryRemoteLDAPServer;
1476
1477    // The value of the "source-address" property.
1478    private final InetAddress pSourceAddress;
1479
1480    // The value of the "ssl-cipher-suite" property.
1481    private final SortedSet<String> pSSLCipherSuite;
1482
1483    // The value of the "ssl-protocol" property.
1484    private final SortedSet<String> pSSLProtocol;
1485
1486    // The value of the "trust-manager-provider" property.
1487    private final String pTrustManagerProvider;
1488
1489    // The value of the "use-password-caching" property.
1490    private final boolean pUsePasswordCaching;
1491
1492    // The value of the "use-ssl" property.
1493    private final boolean pUseSSL;
1494
1495    // The value of the "use-tcp-keep-alive" property.
1496    private final boolean pUseTCPKeepAlive;
1497
1498    // The value of the "use-tcp-no-delay" property.
1499    private final boolean pUseTCPNoDelay;
1500
1501
1502
1503    // Private constructor.
1504    private LDAPPassThroughAuthenticationPolicyCfgServerImpl(ServerManagedObject<? extends LDAPPassThroughAuthenticationPolicyCfg> impl) {
1505      this.impl = impl;
1506      this.pCachedPasswordStorageScheme = impl.getPropertyValue(INSTANCE.getCachedPasswordStorageSchemePropertyDefinition());
1507      this.pCachedPasswordTTL = impl.getPropertyValue(INSTANCE.getCachedPasswordTTLPropertyDefinition());
1508      this.pConnectionTimeout = impl.getPropertyValue(INSTANCE.getConnectionTimeoutPropertyDefinition());
1509      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1510      this.pMappedAttribute = impl.getPropertyValues(INSTANCE.getMappedAttributePropertyDefinition());
1511      this.pMappedSearchBaseDN = impl.getPropertyValues(INSTANCE.getMappedSearchBaseDNPropertyDefinition());
1512      this.pMappedSearchBindDN = impl.getPropertyValue(INSTANCE.getMappedSearchBindDNPropertyDefinition());
1513      this.pMappedSearchBindPassword = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyDefinition());
1514      this.pMappedSearchBindPasswordEnvironmentVariable = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordEnvironmentVariablePropertyDefinition());
1515      this.pMappedSearchBindPasswordFile = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordFilePropertyDefinition());
1516      this.pMappedSearchBindPasswordProperty = impl.getPropertyValue(INSTANCE.getMappedSearchBindPasswordPropertyPropertyDefinition());
1517      this.pMappingPolicy = impl.getPropertyValue(INSTANCE.getMappingPolicyPropertyDefinition());
1518      this.pPrimaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getPrimaryRemoteLDAPServerPropertyDefinition());
1519      this.pSecondaryRemoteLDAPServer = impl.getPropertyValues(INSTANCE.getSecondaryRemoteLDAPServerPropertyDefinition());
1520      this.pSourceAddress = impl.getPropertyValue(INSTANCE.getSourceAddressPropertyDefinition());
1521      this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1522      this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1523      this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1524      this.pUsePasswordCaching = impl.getPropertyValue(INSTANCE.getUsePasswordCachingPropertyDefinition());
1525      this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1526      this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1527      this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1528    }
1529
1530
1531
1532    /**
1533     * {@inheritDoc}
1534     */
1535    public void addLDAPPassThroughChangeListener(
1536        ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) {
1537      impl.registerChangeListener(listener);
1538    }
1539
1540
1541
1542    /**
1543     * {@inheritDoc}
1544     */
1545    public void removeLDAPPassThroughChangeListener(
1546        ConfigurationChangeListener<LDAPPassThroughAuthenticationPolicyCfg> listener) {
1547      impl.deregisterChangeListener(listener);
1548    }
1549    /**
1550     * {@inheritDoc}
1551     */
1552    public void addChangeListener(
1553        ConfigurationChangeListener<AuthenticationPolicyCfg> listener) {
1554      impl.registerChangeListener(listener);
1555    }
1556
1557
1558
1559    /**
1560     * {@inheritDoc}
1561     */
1562    public void removeChangeListener(
1563        ConfigurationChangeListener<AuthenticationPolicyCfg> listener) {
1564      impl.deregisterChangeListener(listener);
1565    }
1566
1567
1568
1569    /**
1570     * {@inheritDoc}
1571     */
1572    public String getCachedPasswordStorageScheme() {
1573      return pCachedPasswordStorageScheme;
1574    }
1575
1576
1577
1578    /**
1579     * {@inheritDoc}
1580     */
1581    public DN getCachedPasswordStorageSchemeDN() {
1582      String value = getCachedPasswordStorageScheme();
1583      if (value == null) return null;
1584      return INSTANCE.getCachedPasswordStorageSchemePropertyDefinition().getChildDN(value);
1585    }
1586
1587
1588
1589    /**
1590     * {@inheritDoc}
1591     */
1592    public long getCachedPasswordTTL() {
1593      return pCachedPasswordTTL;
1594    }
1595
1596
1597
1598    /**
1599     * {@inheritDoc}
1600     */
1601    public long getConnectionTimeout() {
1602      return pConnectionTimeout;
1603    }
1604
1605
1606
1607    /**
1608     * {@inheritDoc}
1609     */
1610    public String getJavaClass() {
1611      return pJavaClass;
1612    }
1613
1614
1615
1616    /**
1617     * {@inheritDoc}
1618     */
1619    public SortedSet<AttributeType> getMappedAttribute() {
1620      return pMappedAttribute;
1621    }
1622
1623
1624
1625    /**
1626     * {@inheritDoc}
1627     */
1628    public SortedSet<DN> getMappedSearchBaseDN() {
1629      return pMappedSearchBaseDN;
1630    }
1631
1632
1633
1634    /**
1635     * {@inheritDoc}
1636     */
1637    public DN getMappedSearchBindDN() {
1638      return pMappedSearchBindDN;
1639    }
1640
1641
1642
1643    /**
1644     * {@inheritDoc}
1645     */
1646    public String getMappedSearchBindPassword() {
1647      return pMappedSearchBindPassword;
1648    }
1649
1650
1651
1652    /**
1653     * {@inheritDoc}
1654     */
1655    public String getMappedSearchBindPasswordEnvironmentVariable() {
1656      return pMappedSearchBindPasswordEnvironmentVariable;
1657    }
1658
1659
1660
1661    /**
1662     * {@inheritDoc}
1663     */
1664    public String getMappedSearchBindPasswordFile() {
1665      return pMappedSearchBindPasswordFile;
1666    }
1667
1668
1669
1670    /**
1671     * {@inheritDoc}
1672     */
1673    public String getMappedSearchBindPasswordProperty() {
1674      return pMappedSearchBindPasswordProperty;
1675    }
1676
1677
1678
1679    /**
1680     * {@inheritDoc}
1681     */
1682    public MappingPolicy getMappingPolicy() {
1683      return pMappingPolicy;
1684    }
1685
1686
1687
1688    /**
1689     * {@inheritDoc}
1690     */
1691    public SortedSet<String> getPrimaryRemoteLDAPServer() {
1692      return pPrimaryRemoteLDAPServer;
1693    }
1694
1695
1696
1697    /**
1698     * {@inheritDoc}
1699     */
1700    public SortedSet<String> getSecondaryRemoteLDAPServer() {
1701      return pSecondaryRemoteLDAPServer;
1702    }
1703
1704
1705
1706    /**
1707     * {@inheritDoc}
1708     */
1709    public InetAddress getSourceAddress() {
1710      return pSourceAddress;
1711    }
1712
1713
1714
1715    /**
1716     * {@inheritDoc}
1717     */
1718    public SortedSet<String> getSSLCipherSuite() {
1719      return pSSLCipherSuite;
1720    }
1721
1722
1723
1724    /**
1725     * {@inheritDoc}
1726     */
1727    public SortedSet<String> getSSLProtocol() {
1728      return pSSLProtocol;
1729    }
1730
1731
1732
1733    /**
1734     * {@inheritDoc}
1735     */
1736    public String getTrustManagerProvider() {
1737      return pTrustManagerProvider;
1738    }
1739
1740
1741
1742    /**
1743     * {@inheritDoc}
1744     */
1745    public DN getTrustManagerProviderDN() {
1746      String value = getTrustManagerProvider();
1747      if (value == null) return null;
1748      return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value);
1749    }
1750
1751
1752
1753    /**
1754     * {@inheritDoc}
1755     */
1756    public boolean isUsePasswordCaching() {
1757      return pUsePasswordCaching;
1758    }
1759
1760
1761
1762    /**
1763     * {@inheritDoc}
1764     */
1765    public boolean isUseSSL() {
1766      return pUseSSL;
1767    }
1768
1769
1770
1771    /**
1772     * {@inheritDoc}
1773     */
1774    public boolean isUseTCPKeepAlive() {
1775      return pUseTCPKeepAlive;
1776    }
1777
1778
1779
1780    /**
1781     * {@inheritDoc}
1782     */
1783    public boolean isUseTCPNoDelay() {
1784      return pUseTCPNoDelay;
1785    }
1786
1787
1788
1789    /**
1790     * {@inheritDoc}
1791     */
1792    public Class<? extends LDAPPassThroughAuthenticationPolicyCfg> configurationClass() {
1793      return LDAPPassThroughAuthenticationPolicyCfg.class;
1794    }
1795
1796
1797
1798    /**
1799     * {@inheritDoc}
1800     */
1801    public DN dn() {
1802      return impl.getDN();
1803    }
1804
1805  }
1806}