001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import org.forgerock.opendj.config.AdministratorAction;
031import org.forgerock.opendj.config.BooleanPropertyDefinition;
032import org.forgerock.opendj.config.ClassPropertyDefinition;
033import org.forgerock.opendj.config.client.ConcurrentModificationException;
034import org.forgerock.opendj.config.client.ManagedObject;
035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
036import org.forgerock.opendj.config.client.OperationRejectedException;
037import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
038import org.forgerock.opendj.config.ManagedObjectDefinition;
039import org.forgerock.opendj.config.PropertyOption;
040import org.forgerock.opendj.config.PropertyProvider;
041import org.forgerock.opendj.config.server.ConfigurationChangeListener;
042import org.forgerock.opendj.config.server.ServerManagedObject;
043import org.forgerock.opendj.config.Tag;
044import org.forgerock.opendj.config.TopCfgDefn;
045import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
046import org.forgerock.opendj.ldap.DN;
047import org.forgerock.opendj.ldap.LdapException;
048import org.forgerock.opendj.server.config.client.AccessControlHandlerCfgClient;
049import org.forgerock.opendj.server.config.server.AccessControlHandlerCfg;
050
051
052
053/**
054 * An interface for querying the Access Control Handler managed object
055 * definition meta information.
056 * <p>
057 * Access Control Handlers manage the application-wide access control.
058 * The OpenDJ access control handler is defined through an extensible
059 * interface, so that alternate implementations can be created. Only
060 * one access control handler may be active in the server at any given
061 * time.
062 */
063public final class AccessControlHandlerCfgDefn extends ManagedObjectDefinition<AccessControlHandlerCfgClient, AccessControlHandlerCfg> {
064
065  // The singleton configuration definition instance.
066  private static final AccessControlHandlerCfgDefn INSTANCE = new AccessControlHandlerCfgDefn();
067
068
069
070  // The "enabled" property definition.
071  private static final BooleanPropertyDefinition PD_ENABLED;
072
073
074
075  // The "java-class" property definition.
076  private static final ClassPropertyDefinition PD_JAVA_CLASS;
077
078
079
080  // Build the "enabled" property definition.
081  static {
082      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "enabled");
083      builder.setOption(PropertyOption.MANDATORY);
084      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "enabled"));
085      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Boolean>());
086      PD_ENABLED = builder.getInstance();
087      INSTANCE.registerPropertyDefinition(PD_ENABLED);
088  }
089
090
091
092  // Build the "java-class" property definition.
093  static {
094      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
095      builder.setOption(PropertyOption.MANDATORY);
096      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
097      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
098      builder.addInstanceOf("org.opends.server.api.AccessControlHandler");
099      PD_JAVA_CLASS = builder.getInstance();
100      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
101  }
102
103
104
105  // Register the tags associated with this managed object definition.
106  static {
107    INSTANCE.registerTag(Tag.valueOf("security"));
108  }
109
110
111
112  /**
113   * Get the Access Control Handler configuration definition
114   * singleton.
115   *
116   * @return Returns the Access Control Handler configuration
117   *         definition singleton.
118   */
119  public static AccessControlHandlerCfgDefn getInstance() {
120    return INSTANCE;
121  }
122
123
124
125  /**
126   * Private constructor.
127   */
128  private AccessControlHandlerCfgDefn() {
129    super("access-control-handler", TopCfgDefn.getInstance());
130  }
131
132
133
134  /**
135   * {@inheritDoc}
136   */
137  public AccessControlHandlerCfgClient createClientConfiguration(
138      ManagedObject<? extends AccessControlHandlerCfgClient> impl) {
139    return new AccessControlHandlerCfgClientImpl(impl);
140  }
141
142
143
144  /**
145   * {@inheritDoc}
146   */
147  public AccessControlHandlerCfg createServerConfiguration(
148      ServerManagedObject<? extends AccessControlHandlerCfg> impl) {
149    return new AccessControlHandlerCfgServerImpl(impl);
150  }
151
152
153
154  /**
155   * {@inheritDoc}
156   */
157  public Class<AccessControlHandlerCfg> getServerConfigurationClass() {
158    return AccessControlHandlerCfg.class;
159  }
160
161
162
163  /**
164   * Get the "enabled" property definition.
165   * <p>
166   * Indicates whether the Access Control Handler is enabled. If set
167   * to FALSE, then no access control is enforced, and any client
168   * (including unauthenticated or anonymous clients) could be allowed
169   * to perform any operation if not subject to other restrictions,
170   * such as those enforced by the privilege subsystem.
171   *
172   * @return Returns the "enabled" property definition.
173   */
174  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
175    return PD_ENABLED;
176  }
177
178
179
180  /**
181   * Get the "java-class" property definition.
182   * <p>
183   * Specifies the fully-qualified name of the Java class that
184   * provides the Access Control Handler implementation.
185   *
186   * @return Returns the "java-class" property definition.
187   */
188  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
189    return PD_JAVA_CLASS;
190  }
191
192
193
194  /**
195   * Managed object client implementation.
196   */
197  private static class AccessControlHandlerCfgClientImpl implements
198    AccessControlHandlerCfgClient {
199
200    // Private implementation.
201    private ManagedObject<? extends AccessControlHandlerCfgClient> impl;
202
203
204
205    // Private constructor.
206    private AccessControlHandlerCfgClientImpl(
207        ManagedObject<? extends AccessControlHandlerCfgClient> impl) {
208      this.impl = impl;
209    }
210
211
212
213    /**
214     * {@inheritDoc}
215     */
216    public Boolean isEnabled() {
217      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
218    }
219
220
221
222    /**
223     * {@inheritDoc}
224     */
225    public void setEnabled(boolean value) {
226      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
227    }
228
229
230
231    /**
232     * {@inheritDoc}
233     */
234    public String getJavaClass() {
235      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
236    }
237
238
239
240    /**
241     * {@inheritDoc}
242     */
243    public void setJavaClass(String value) {
244      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
245    }
246
247
248
249    /**
250     * {@inheritDoc}
251     */
252    public ManagedObjectDefinition<? extends AccessControlHandlerCfgClient, ? extends AccessControlHandlerCfg> definition() {
253      return INSTANCE;
254    }
255
256
257
258    /**
259     * {@inheritDoc}
260     */
261    public PropertyProvider properties() {
262      return impl;
263    }
264
265
266
267    /**
268     * {@inheritDoc}
269     */
270    public void commit() throws ManagedObjectAlreadyExistsException,
271        MissingMandatoryPropertiesException, ConcurrentModificationException,
272        OperationRejectedException, LdapException {
273      impl.commit();
274    }
275
276  }
277
278
279
280  /**
281   * Managed object server implementation.
282   */
283  private static class AccessControlHandlerCfgServerImpl implements
284    AccessControlHandlerCfg {
285
286    // Private implementation.
287    private ServerManagedObject<? extends AccessControlHandlerCfg> impl;
288
289    // The value of the "enabled" property.
290    private final boolean pEnabled;
291
292    // The value of the "java-class" property.
293    private final String pJavaClass;
294
295
296
297    // Private constructor.
298    private AccessControlHandlerCfgServerImpl(ServerManagedObject<? extends AccessControlHandlerCfg> impl) {
299      this.impl = impl;
300      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
301      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
302    }
303
304
305
306    /**
307     * {@inheritDoc}
308     */
309    public void addChangeListener(
310        ConfigurationChangeListener<AccessControlHandlerCfg> listener) {
311      impl.registerChangeListener(listener);
312    }
313
314
315
316    /**
317     * {@inheritDoc}
318     */
319    public void removeChangeListener(
320        ConfigurationChangeListener<AccessControlHandlerCfg> listener) {
321      impl.deregisterChangeListener(listener);
322    }
323
324
325
326    /**
327     * {@inheritDoc}
328     */
329    public boolean isEnabled() {
330      return pEnabled;
331    }
332
333
334
335    /**
336     * {@inheritDoc}
337     */
338    public String getJavaClass() {
339      return pJavaClass;
340    }
341
342
343
344    /**
345     * {@inheritDoc}
346     */
347    public Class<? extends AccessControlHandlerCfg> configurationClass() {
348      return AccessControlHandlerCfg.class;
349    }
350
351
352
353    /**
354     * {@inheritDoc}
355     */
356    public DN dn() {
357      return impl.getDN();
358    }
359
360  }
361}