001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import java.net.InetAddress; 031import java.util.Collection; 032import java.util.SortedSet; 033import org.forgerock.opendj.config.AdministratorAction; 034import org.forgerock.opendj.config.AggregationPropertyDefinition; 035import org.forgerock.opendj.config.AliasDefaultBehaviorProvider; 036import org.forgerock.opendj.config.BooleanPropertyDefinition; 037import org.forgerock.opendj.config.ClassPropertyDefinition; 038import org.forgerock.opendj.config.client.ConcurrentModificationException; 039import org.forgerock.opendj.config.client.ManagedObject; 040import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 041import org.forgerock.opendj.config.client.OperationRejectedException; 042import org.forgerock.opendj.config.conditions.Conditions; 043import org.forgerock.opendj.config.DefaultBehaviorProvider; 044import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 045import org.forgerock.opendj.config.DurationPropertyDefinition; 046import org.forgerock.opendj.config.EnumPropertyDefinition; 047import org.forgerock.opendj.config.GenericConstraint; 048import org.forgerock.opendj.config.IntegerPropertyDefinition; 049import org.forgerock.opendj.config.IPAddressMaskPropertyDefinition; 050import org.forgerock.opendj.config.IPAddressPropertyDefinition; 051import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 052import org.forgerock.opendj.config.ManagedObjectDefinition; 053import org.forgerock.opendj.config.PropertyOption; 054import org.forgerock.opendj.config.PropertyProvider; 055import org.forgerock.opendj.config.server.ConfigurationChangeListener; 056import org.forgerock.opendj.config.server.ServerManagedObject; 057import org.forgerock.opendj.config.SizePropertyDefinition; 058import org.forgerock.opendj.config.StringPropertyDefinition; 059import org.forgerock.opendj.config.Tag; 060import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 061import org.forgerock.opendj.ldap.AddressMask; 062import org.forgerock.opendj.ldap.DN; 063import org.forgerock.opendj.ldap.LdapException; 064import org.forgerock.opendj.server.config.client.KeyManagerProviderCfgClient; 065import org.forgerock.opendj.server.config.client.LDAPConnectionHandlerCfgClient; 066import org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient; 067import org.forgerock.opendj.server.config.server.ConnectionHandlerCfg; 068import org.forgerock.opendj.server.config.server.KeyManagerProviderCfg; 069import org.forgerock.opendj.server.config.server.LDAPConnectionHandlerCfg; 070import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg; 071 072 073 074/** 075 * An interface for querying the LDAP Connection Handler managed 076 * object definition meta information. 077 * <p> 078 * The LDAP Connection Handler is used to interact with clients using 079 * LDAP. 080 */ 081public final class LDAPConnectionHandlerCfgDefn extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient, LDAPConnectionHandlerCfg> { 082 083 // The singleton configuration definition instance. 084 private static final LDAPConnectionHandlerCfgDefn INSTANCE = new LDAPConnectionHandlerCfgDefn(); 085 086 087 088 /** 089 * Defines the set of permissable values for the "ssl-client-auth-policy" property. 090 * <p> 091 * Specifies the policy that the LDAP Connection Handler should use 092 * regarding client SSL certificates. Clients can use the SASL 093 * EXTERNAL mechanism only if the policy is set to "optional" or 094 * "required". 095 * <p> 096 * This is only applicable if clients are allowed to use SSL. 097 */ 098 public static enum SSLClientAuthPolicy { 099 100 /** 101 * Clients must not provide their own certificates when performing 102 * SSL negotiation. 103 */ 104 DISABLED("disabled"), 105 106 107 108 /** 109 * Clients are requested to provide their own certificates when 110 * performing SSL negotiation. The connection is nevertheless 111 * accepted if the client does not provide a certificate. 112 */ 113 OPTIONAL("optional"), 114 115 116 117 /** 118 * Clients are required to provide their own certificates when 119 * performing SSL negotiation and are refused access if they do not 120 * provide a certificate. 121 */ 122 REQUIRED("required"); 123 124 125 126 // String representation of the value. 127 private final String name; 128 129 130 131 // Private constructor. 132 private SSLClientAuthPolicy(String name) { this.name = name; } 133 134 135 136 /** 137 * {@inheritDoc} 138 */ 139 public String toString() { return name; } 140 141 } 142 143 144 145 // The "accept-backlog" property definition. 146 private static final IntegerPropertyDefinition PD_ACCEPT_BACKLOG; 147 148 149 150 // The "allow-ldap-v2" property definition. 151 private static final BooleanPropertyDefinition PD_ALLOW_LDAP_V2; 152 153 154 155 // The "allow-start-tls" property definition. 156 private static final BooleanPropertyDefinition PD_ALLOW_START_TLS; 157 158 159 160 // The "allow-tcp-reuse-address" property definition. 161 private static final BooleanPropertyDefinition PD_ALLOW_TCP_REUSE_ADDRESS; 162 163 164 165 // The "buffer-size" property definition. 166 private static final SizePropertyDefinition PD_BUFFER_SIZE; 167 168 169 170 // The "java-class" property definition. 171 private static final ClassPropertyDefinition PD_JAVA_CLASS; 172 173 174 175 // The "keep-stats" property definition. 176 private static final BooleanPropertyDefinition PD_KEEP_STATS; 177 178 179 180 // The "key-manager-provider" property definition. 181 private static final AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> PD_KEY_MANAGER_PROVIDER; 182 183 184 185 // The "listen-address" property definition. 186 private static final IPAddressPropertyDefinition PD_LISTEN_ADDRESS; 187 188 189 190 // The "listen-port" property definition. 191 private static final IntegerPropertyDefinition PD_LISTEN_PORT; 192 193 194 195 // The "max-blocked-write-time-limit" property definition. 196 private static final DurationPropertyDefinition PD_MAX_BLOCKED_WRITE_TIME_LIMIT; 197 198 199 200 // The "max-request-size" property definition. 201 private static final SizePropertyDefinition PD_MAX_REQUEST_SIZE; 202 203 204 205 // The "num-request-handlers" property definition. 206 private static final IntegerPropertyDefinition PD_NUM_REQUEST_HANDLERS; 207 208 209 210 // The "send-rejection-notice" property definition. 211 private static final BooleanPropertyDefinition PD_SEND_REJECTION_NOTICE; 212 213 214 215 // The "ssl-cert-nickname" property definition. 216 private static final StringPropertyDefinition PD_SSL_CERT_NICKNAME; 217 218 219 220 // The "ssl-cipher-suite" property definition. 221 private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE; 222 223 224 225 // The "ssl-client-auth-policy" property definition. 226 private static final EnumPropertyDefinition<SSLClientAuthPolicy> PD_SSL_CLIENT_AUTH_POLICY; 227 228 229 230 // The "ssl-protocol" property definition. 231 private static final StringPropertyDefinition PD_SSL_PROTOCOL; 232 233 234 235 // The "trust-manager-provider" property definition. 236 private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER; 237 238 239 240 // The "use-ssl" property definition. 241 private static final BooleanPropertyDefinition PD_USE_SSL; 242 243 244 245 // The "use-tcp-keep-alive" property definition. 246 private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE; 247 248 249 250 // The "use-tcp-no-delay" property definition. 251 private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY; 252 253 254 255 // Build the "accept-backlog" property definition. 256 static { 257 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "accept-backlog"); 258 builder.setOption(PropertyOption.ADVANCED); 259 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "accept-backlog")); 260 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("128"); 261 builder.setDefaultBehaviorProvider(provider); 262 builder.setLowerLimit(1); 263 PD_ACCEPT_BACKLOG = builder.getInstance(); 264 INSTANCE.registerPropertyDefinition(PD_ACCEPT_BACKLOG); 265 } 266 267 268 269 // Build the "allow-ldap-v2" property definition. 270 static { 271 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-ldap-v2"); 272 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-ldap-v2")); 273 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 274 builder.setDefaultBehaviorProvider(provider); 275 PD_ALLOW_LDAP_V2 = builder.getInstance(); 276 INSTANCE.registerPropertyDefinition(PD_ALLOW_LDAP_V2); 277 } 278 279 280 281 // Build the "allow-start-tls" property definition. 282 static { 283 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-start-tls"); 284 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-start-tls")); 285 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 286 builder.setDefaultBehaviorProvider(provider); 287 PD_ALLOW_START_TLS = builder.getInstance(); 288 INSTANCE.registerPropertyDefinition(PD_ALLOW_START_TLS); 289 } 290 291 292 293 // Build the "allow-tcp-reuse-address" property definition. 294 static { 295 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-tcp-reuse-address"); 296 builder.setOption(PropertyOption.ADVANCED); 297 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "allow-tcp-reuse-address")); 298 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 299 builder.setDefaultBehaviorProvider(provider); 300 PD_ALLOW_TCP_REUSE_ADDRESS = builder.getInstance(); 301 INSTANCE.registerPropertyDefinition(PD_ALLOW_TCP_REUSE_ADDRESS); 302 } 303 304 305 306 // Build the "buffer-size" property definition. 307 static { 308 SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "buffer-size"); 309 builder.setOption(PropertyOption.ADVANCED); 310 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "buffer-size")); 311 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("4096 bytes"); 312 builder.setDefaultBehaviorProvider(provider); 313 builder.setUpperLimit("2147483647b"); 314 builder.setLowerLimit("1b"); 315 PD_BUFFER_SIZE = builder.getInstance(); 316 INSTANCE.registerPropertyDefinition(PD_BUFFER_SIZE); 317 } 318 319 320 321 // Build the "java-class" property definition. 322 static { 323 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 324 builder.setOption(PropertyOption.MANDATORY); 325 builder.setOption(PropertyOption.ADVANCED); 326 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 327 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.ldap.LDAPConnectionHandler"); 328 builder.setDefaultBehaviorProvider(provider); 329 builder.addInstanceOf("org.opends.server.api.ConnectionHandler"); 330 PD_JAVA_CLASS = builder.getInstance(); 331 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 332 } 333 334 335 336 // Build the "keep-stats" property definition. 337 static { 338 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "keep-stats"); 339 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keep-stats")); 340 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 341 builder.setDefaultBehaviorProvider(provider); 342 PD_KEEP_STATS = builder.getInstance(); 343 INSTANCE.registerPropertyDefinition(PD_KEEP_STATS); 344 } 345 346 347 348 // Build the "key-manager-provider" property definition. 349 static { 350 AggregationPropertyDefinition.Builder<KeyManagerProviderCfgClient, KeyManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "key-manager-provider"); 351 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-manager-provider")); 352 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 353 builder.setParentPath("/"); 354 builder.setRelationDefinition("key-manager-provider"); 355 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))); 356 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 357 PD_KEY_MANAGER_PROVIDER = builder.getInstance(); 358 INSTANCE.registerPropertyDefinition(PD_KEY_MANAGER_PROVIDER); 359 INSTANCE.registerConstraint(PD_KEY_MANAGER_PROVIDER.getSourceConstraint()); 360 } 361 362 363 364 // Build the "listen-address" property definition. 365 static { 366 IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "listen-address"); 367 builder.setOption(PropertyOption.MULTI_VALUED); 368 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-address")); 369 DefaultBehaviorProvider<InetAddress> provider = new DefinedDefaultBehaviorProvider<InetAddress>("0.0.0.0"); 370 builder.setDefaultBehaviorProvider(provider); 371 PD_LISTEN_ADDRESS = builder.getInstance(); 372 INSTANCE.registerPropertyDefinition(PD_LISTEN_ADDRESS); 373 } 374 375 376 377 // Build the "listen-port" property definition. 378 static { 379 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "listen-port"); 380 builder.setOption(PropertyOption.MANDATORY); 381 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-port")); 382 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Integer>()); 383 builder.setUpperLimit(65535); 384 builder.setLowerLimit(1); 385 PD_LISTEN_PORT = builder.getInstance(); 386 INSTANCE.registerPropertyDefinition(PD_LISTEN_PORT); 387 } 388 389 390 391 // Build the "max-blocked-write-time-limit" property definition. 392 static { 393 DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-blocked-write-time-limit"); 394 builder.setOption(PropertyOption.ADVANCED); 395 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-blocked-write-time-limit")); 396 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("2 minutes"); 397 builder.setDefaultBehaviorProvider(provider); 398 builder.setBaseUnit("ms"); 399 builder.setLowerLimit("0"); 400 PD_MAX_BLOCKED_WRITE_TIME_LIMIT = builder.getInstance(); 401 INSTANCE.registerPropertyDefinition(PD_MAX_BLOCKED_WRITE_TIME_LIMIT); 402 } 403 404 405 406 // Build the "max-request-size" property definition. 407 static { 408 SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "max-request-size"); 409 builder.setOption(PropertyOption.ADVANCED); 410 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-request-size")); 411 DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 megabytes"); 412 builder.setDefaultBehaviorProvider(provider); 413 builder.setUpperLimit("2147483647b"); 414 PD_MAX_REQUEST_SIZE = builder.getInstance(); 415 INSTANCE.registerPropertyDefinition(PD_MAX_REQUEST_SIZE); 416 } 417 418 419 420 // Build the "num-request-handlers" property definition. 421 static { 422 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "num-request-handlers"); 423 builder.setOption(PropertyOption.ADVANCED); 424 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "num-request-handlers")); 425 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Integer>(INSTANCE, "num-request-handlers")); 426 builder.setLowerLimit(1); 427 PD_NUM_REQUEST_HANDLERS = builder.getInstance(); 428 INSTANCE.registerPropertyDefinition(PD_NUM_REQUEST_HANDLERS); 429 } 430 431 432 433 // Build the "send-rejection-notice" property definition. 434 static { 435 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "send-rejection-notice"); 436 builder.setOption(PropertyOption.ADVANCED); 437 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "send-rejection-notice")); 438 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 439 builder.setDefaultBehaviorProvider(provider); 440 PD_SEND_REJECTION_NOTICE = builder.getInstance(); 441 INSTANCE.registerPropertyDefinition(PD_SEND_REJECTION_NOTICE); 442 } 443 444 445 446 // Build the "ssl-cert-nickname" property definition. 447 static { 448 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cert-nickname"); 449 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-cert-nickname")); 450 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cert-nickname")); 451 PD_SSL_CERT_NICKNAME = builder.getInstance(); 452 INSTANCE.registerPropertyDefinition(PD_SSL_CERT_NICKNAME); 453 } 454 455 456 457 // Build the "ssl-cipher-suite" property definition. 458 static { 459 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite"); 460 builder.setOption(PropertyOption.MULTI_VALUED); 461 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite")); 462 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite")); 463 PD_SSL_CIPHER_SUITE = builder.getInstance(); 464 INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE); 465 } 466 467 468 469 // Build the "ssl-client-auth-policy" property definition. 470 static { 471 EnumPropertyDefinition.Builder<SSLClientAuthPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "ssl-client-auth-policy"); 472 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-client-auth-policy")); 473 DefaultBehaviorProvider<SSLClientAuthPolicy> provider = new DefinedDefaultBehaviorProvider<SSLClientAuthPolicy>("optional"); 474 builder.setDefaultBehaviorProvider(provider); 475 builder.setEnumClass(SSLClientAuthPolicy.class); 476 PD_SSL_CLIENT_AUTH_POLICY = builder.getInstance(); 477 INSTANCE.registerPropertyDefinition(PD_SSL_CLIENT_AUTH_POLICY); 478 } 479 480 481 482 // Build the "ssl-protocol" property definition. 483 static { 484 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol"); 485 builder.setOption(PropertyOption.MULTI_VALUED); 486 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol")); 487 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol")); 488 PD_SSL_PROTOCOL = builder.getInstance(); 489 INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL); 490 } 491 492 493 494 // Build the "trust-manager-provider" property definition. 495 static { 496 AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider"); 497 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider")); 498 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 499 builder.setParentPath("/"); 500 builder.setRelationDefinition("trust-manager-provider"); 501 builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))); 502 builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true")); 503 PD_TRUST_MANAGER_PROVIDER = builder.getInstance(); 504 INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER); 505 INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint()); 506 } 507 508 509 510 // Build the "use-ssl" property definition. 511 static { 512 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl"); 513 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl")); 514 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false"); 515 builder.setDefaultBehaviorProvider(provider); 516 PD_USE_SSL = builder.getInstance(); 517 INSTANCE.registerPropertyDefinition(PD_USE_SSL); 518 } 519 520 521 522 // Build the "use-tcp-keep-alive" property definition. 523 static { 524 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive"); 525 builder.setOption(PropertyOption.ADVANCED); 526 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive")); 527 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 528 builder.setDefaultBehaviorProvider(provider); 529 PD_USE_TCP_KEEP_ALIVE = builder.getInstance(); 530 INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE); 531 } 532 533 534 535 // Build the "use-tcp-no-delay" property definition. 536 static { 537 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay"); 538 builder.setOption(PropertyOption.ADVANCED); 539 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay")); 540 DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true"); 541 builder.setDefaultBehaviorProvider(provider); 542 PD_USE_TCP_NO_DELAY = builder.getInstance(); 543 INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY); 544 } 545 546 547 548 // Register the tags associated with this managed object definition. 549 static { 550 INSTANCE.registerTag(Tag.valueOf("core-server")); 551 } 552 553 554 555 // Register the constraints associated with this managed object definition. 556 static { 557 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("key-manager-provider"))))); 558 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("trust-manager-provider"))))); 559 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.not(Conditions.and(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")))))); 560 } 561 562 563 564 /** 565 * Get the LDAP Connection Handler configuration definition 566 * singleton. 567 * 568 * @return Returns the LDAP Connection Handler configuration 569 * definition singleton. 570 */ 571 public static LDAPConnectionHandlerCfgDefn getInstance() { 572 return INSTANCE; 573 } 574 575 576 577 /** 578 * Private constructor. 579 */ 580 private LDAPConnectionHandlerCfgDefn() { 581 super("ldap-connection-handler", ConnectionHandlerCfgDefn.getInstance()); 582 } 583 584 585 586 /** 587 * {@inheritDoc} 588 */ 589 public LDAPConnectionHandlerCfgClient createClientConfiguration( 590 ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) { 591 return new LDAPConnectionHandlerCfgClientImpl(impl); 592 } 593 594 595 596 /** 597 * {@inheritDoc} 598 */ 599 public LDAPConnectionHandlerCfg createServerConfiguration( 600 ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) { 601 return new LDAPConnectionHandlerCfgServerImpl(impl); 602 } 603 604 605 606 /** 607 * {@inheritDoc} 608 */ 609 public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass() { 610 return LDAPConnectionHandlerCfg.class; 611 } 612 613 614 615 /** 616 * Get the "accept-backlog" property definition. 617 * <p> 618 * Specifies the maximum number of pending connection attempts that 619 * are allowed to queue up in the accept backlog before the server 620 * starts rejecting new connection attempts. 621 * <p> 622 * This is primarily an issue for cases in which a large number of 623 * connections are established to the server in a very short period 624 * of time (for example, a benchmark utility that creates a large 625 * number of client threads that each have their own connection to 626 * the server) and the connection handler is unable to keep up with 627 * the rate at which the new connections are established. 628 * 629 * @return Returns the "accept-backlog" property definition. 630 */ 631 public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition() { 632 return PD_ACCEPT_BACKLOG; 633 } 634 635 636 637 /** 638 * Get the "allowed-client" property definition. 639 * <p> 640 * Specifies a set of host names or address masks that determine the 641 * clients that are allowed to establish connections to this LDAP 642 * Connection Handler. 643 * <p> 644 * Valid values include a host name, a fully qualified domain name, 645 * a domain name, an IP address, or a subnetwork with subnetwork 646 * mask. 647 * 648 * @return Returns the "allowed-client" property definition. 649 */ 650 public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition() { 651 return ConnectionHandlerCfgDefn.getInstance().getAllowedClientPropertyDefinition(); 652 } 653 654 655 656 /** 657 * Get the "allow-ldap-v2" property definition. 658 * <p> 659 * Indicates whether connections from LDAPv2 clients are allowed. 660 * <p> 661 * If LDAPv2 clients are allowed, then only a minimal degree of 662 * special support are provided for them to ensure that 663 * LDAPv3-specific protocol elements (for example, Configuration 664 * Guide 25 controls, extended response messages, intermediate 665 * response messages, referrals) are not sent to an LDAPv2 client. 666 * 667 * @return Returns the "allow-ldap-v2" property definition. 668 */ 669 public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition() { 670 return PD_ALLOW_LDAP_V2; 671 } 672 673 674 675 /** 676 * Get the "allow-start-tls" property definition. 677 * <p> 678 * Indicates whether clients are allowed to use StartTLS. 679 * <p> 680 * If enabled, the LDAP Connection Handler allows clients to use the 681 * StartTLS extended operation to initiate secure communication over 682 * an otherwise insecure channel. Note that this is only allowed if 683 * the LDAP Connection Handler is not configured to use SSL, and if 684 * the server is configured with a valid key manager provider and a 685 * valid trust manager provider. 686 * 687 * @return Returns the "allow-start-tls" property definition. 688 */ 689 public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition() { 690 return PD_ALLOW_START_TLS; 691 } 692 693 694 695 /** 696 * Get the "allow-tcp-reuse-address" property definition. 697 * <p> 698 * Indicates whether the LDAP Connection Handler should reuse socket 699 * descriptors. 700 * <p> 701 * If enabled, the SO_REUSEADDR socket option is used on the server 702 * listen socket to potentially allow the reuse of socket descriptors 703 * for clients in a TIME_WAIT state. This may help the server avoid 704 * temporarily running out of socket descriptors in cases in which a 705 * very large number of short-lived connections have been established 706 * from the same client system. 707 * 708 * @return Returns the "allow-tcp-reuse-address" property definition. 709 */ 710 public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition() { 711 return PD_ALLOW_TCP_REUSE_ADDRESS; 712 } 713 714 715 716 /** 717 * Get the "buffer-size" property definition. 718 * <p> 719 * Specifies the size in bytes of the LDAP response message write 720 * buffer. 721 * <p> 722 * This property specifies write buffer size allocated by the server 723 * for each client connection and used to buffer LDAP response 724 * messages data when writing. 725 * 726 * @return Returns the "buffer-size" property definition. 727 */ 728 public SizePropertyDefinition getBufferSizePropertyDefinition() { 729 return PD_BUFFER_SIZE; 730 } 731 732 733 734 /** 735 * Get the "denied-client" property definition. 736 * <p> 737 * Specifies a set of host names or address masks that determine the 738 * clients that are not allowed to establish connections to this LDAP 739 * Connection Handler. 740 * <p> 741 * Valid values include a host name, a fully qualified domain name, 742 * a domain name, an IP address, or a subnetwork with subnetwork 743 * mask. If both allowed and denied client masks are defined and a 744 * client connection matches one or more masks in both lists, then 745 * the connection is denied. If only a denied list is specified, then 746 * any client not matching a mask in that list is allowed. 747 * 748 * @return Returns the "denied-client" property definition. 749 */ 750 public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition() { 751 return ConnectionHandlerCfgDefn.getInstance().getDeniedClientPropertyDefinition(); 752 } 753 754 755 756 /** 757 * Get the "enabled" property definition. 758 * <p> 759 * Indicates whether the LDAP Connection Handler is enabled. 760 * 761 * @return Returns the "enabled" property definition. 762 */ 763 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 764 return ConnectionHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 765 } 766 767 768 769 /** 770 * Get the "java-class" property definition. 771 * <p> 772 * Specifies the fully-qualified name of the Java class that 773 * provides the LDAP Connection Handler implementation. 774 * 775 * @return Returns the "java-class" property definition. 776 */ 777 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 778 return PD_JAVA_CLASS; 779 } 780 781 782 783 /** 784 * Get the "keep-stats" property definition. 785 * <p> 786 * Indicates whether the LDAP Connection Handler should keep 787 * statistics. 788 * <p> 789 * If enabled, the LDAP Connection Handler maintains statistics 790 * about the number and types of operations requested over LDAP and 791 * the amount of data sent and received. 792 * 793 * @return Returns the "keep-stats" property definition. 794 */ 795 public BooleanPropertyDefinition getKeepStatsPropertyDefinition() { 796 return PD_KEEP_STATS; 797 } 798 799 800 801 /** 802 * Get the "key-manager-provider" property definition. 803 * <p> 804 * Specifies the name of the key manager that should be used with 805 * this LDAP Connection Handler . 806 * 807 * @return Returns the "key-manager-provider" property definition. 808 */ 809 public AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition() { 810 return PD_KEY_MANAGER_PROVIDER; 811 } 812 813 814 815 /** 816 * Get the "listen-address" property definition. 817 * <p> 818 * Specifies the address or set of addresses on which this LDAP 819 * Connection Handler should listen for connections from LDAP 820 * clients. 821 * <p> 822 * Multiple addresses may be provided as separate values for this 823 * attribute. If no values are provided, then the LDAP Connection 824 * Handler listens on all interfaces. 825 * 826 * @return Returns the "listen-address" property definition. 827 */ 828 public IPAddressPropertyDefinition getListenAddressPropertyDefinition() { 829 return PD_LISTEN_ADDRESS; 830 } 831 832 833 834 /** 835 * Get the "listen-port" property definition. 836 * <p> 837 * Specifies the port number on which the LDAP Connection Handler 838 * will listen for connections from clients. 839 * <p> 840 * Only a single port number may be provided. 841 * 842 * @return Returns the "listen-port" property definition. 843 */ 844 public IntegerPropertyDefinition getListenPortPropertyDefinition() { 845 return PD_LISTEN_PORT; 846 } 847 848 849 850 /** 851 * Get the "max-blocked-write-time-limit" property definition. 852 * <p> 853 * Specifies the maximum length of time that attempts to write data 854 * to LDAP clients should be allowed to block. 855 * <p> 856 * If an attempt to write data to a client takes longer than this 857 * length of time, then the client connection is terminated. 858 * 859 * @return Returns the "max-blocked-write-time-limit" property definition. 860 */ 861 public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition() { 862 return PD_MAX_BLOCKED_WRITE_TIME_LIMIT; 863 } 864 865 866 867 /** 868 * Get the "max-request-size" property definition. 869 * <p> 870 * Specifies the size in bytes of the largest LDAP request message 871 * that will be allowed by this LDAP Connection handler. 872 * <p> 873 * This property is analogous to the maxBERSize configuration 874 * attribute of the Sun Java System Directory Server. This can help 875 * prevent denial-of-service attacks by clients that indicate they 876 * send extremely large requests to the server causing it to attempt 877 * to allocate large amounts of memory. 878 * 879 * @return Returns the "max-request-size" property definition. 880 */ 881 public SizePropertyDefinition getMaxRequestSizePropertyDefinition() { 882 return PD_MAX_REQUEST_SIZE; 883 } 884 885 886 887 /** 888 * Get the "num-request-handlers" property definition. 889 * <p> 890 * Specifies the number of request handlers that are used to read 891 * requests from clients. 892 * <p> 893 * The LDAP Connection Handler uses one thread to accept new 894 * connections from clients, but uses one or more additional threads 895 * to read requests from existing client connections. This ensures 896 * that new requests are read efficiently and that the connection 897 * handler itself does not become a bottleneck when the server is 898 * under heavy load from many clients at the same time. 899 * 900 * @return Returns the "num-request-handlers" property definition. 901 */ 902 public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition() { 903 return PD_NUM_REQUEST_HANDLERS; 904 } 905 906 907 908 /** 909 * Get the "send-rejection-notice" property definition. 910 * <p> 911 * Indicates whether the LDAP Connection Handler should send a 912 * notice of disconnection extended response message to the client if 913 * a new connection is rejected for some reason. 914 * <p> 915 * The extended response message may provide an explanation 916 * indicating the reason that the connection was rejected. 917 * 918 * @return Returns the "send-rejection-notice" property definition. 919 */ 920 public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition() { 921 return PD_SEND_REJECTION_NOTICE; 922 } 923 924 925 926 /** 927 * Get the "ssl-cert-nickname" property definition. 928 * <p> 929 * Specifies the nickname (also called the alias) of the certificate 930 * that the LDAP Connection Handler should use when performing SSL 931 * communication. 932 * <p> 933 * This is only applicable when the LDAP Connection Handler is 934 * configured to use SSL. 935 * 936 * @return Returns the "ssl-cert-nickname" property definition. 937 */ 938 public StringPropertyDefinition getSSLCertNicknamePropertyDefinition() { 939 return PD_SSL_CERT_NICKNAME; 940 } 941 942 943 944 /** 945 * Get the "ssl-cipher-suite" property definition. 946 * <p> 947 * Specifies the names of the SSL cipher suites that are allowed for 948 * use in SSL or StartTLS communication. 949 * 950 * @return Returns the "ssl-cipher-suite" property definition. 951 */ 952 public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() { 953 return PD_SSL_CIPHER_SUITE; 954 } 955 956 957 958 /** 959 * Get the "ssl-client-auth-policy" property definition. 960 * <p> 961 * Specifies the policy that the LDAP Connection Handler should use 962 * regarding client SSL certificates. Clients can use the SASL 963 * EXTERNAL mechanism only if the policy is set to "optional" or 964 * "required". 965 * <p> 966 * This is only applicable if clients are allowed to use SSL. 967 * 968 * @return Returns the "ssl-client-auth-policy" property definition. 969 */ 970 public EnumPropertyDefinition<SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition() { 971 return PD_SSL_CLIENT_AUTH_POLICY; 972 } 973 974 975 976 /** 977 * Get the "ssl-protocol" property definition. 978 * <p> 979 * Specifies the names of the SSL protocols that are allowed for use 980 * in SSL or StartTLS communication. 981 * 982 * @return Returns the "ssl-protocol" property definition. 983 */ 984 public StringPropertyDefinition getSSLProtocolPropertyDefinition() { 985 return PD_SSL_PROTOCOL; 986 } 987 988 989 990 /** 991 * Get the "trust-manager-provider" property definition. 992 * <p> 993 * Specifies the name of the trust manager that should be used with 994 * the LDAP Connection Handler . 995 * 996 * @return Returns the "trust-manager-provider" property definition. 997 */ 998 public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() { 999 return PD_TRUST_MANAGER_PROVIDER; 1000 } 1001 1002 1003 1004 /** 1005 * Get the "use-ssl" property definition. 1006 * <p> 1007 * Indicates whether the LDAP Connection Handler should use SSL. 1008 * <p> 1009 * If enabled, the LDAP Connection Handler will use SSL to encrypt 1010 * communication with the clients. 1011 * 1012 * @return Returns the "use-ssl" property definition. 1013 */ 1014 public BooleanPropertyDefinition getUseSSLPropertyDefinition() { 1015 return PD_USE_SSL; 1016 } 1017 1018 1019 1020 /** 1021 * Get the "use-tcp-keep-alive" property definition. 1022 * <p> 1023 * Indicates whether the LDAP Connection Handler should use TCP 1024 * keep-alive. 1025 * <p> 1026 * If enabled, the SO_KEEPALIVE socket option is used to indicate 1027 * that TCP keepalive messages should periodically be sent to the 1028 * client to verify that the associated connection is still valid. 1029 * This may also help prevent cases in which intermediate network 1030 * hardware could silently drop an otherwise idle client connection, 1031 * provided that the keepalive interval configured in the underlying 1032 * operating system is smaller than the timeout enforced by the 1033 * network hardware. 1034 * 1035 * @return Returns the "use-tcp-keep-alive" property definition. 1036 */ 1037 public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() { 1038 return PD_USE_TCP_KEEP_ALIVE; 1039 } 1040 1041 1042 1043 /** 1044 * Get the "use-tcp-no-delay" property definition. 1045 * <p> 1046 * Indicates whether the LDAP Connection Handler should use TCP 1047 * no-delay. 1048 * <p> 1049 * If enabled, the TCP_NODELAY socket option is used to ensure that 1050 * response messages to the client are sent immediately rather than 1051 * potentially waiting to determine whether additional response 1052 * messages can be sent in the same packet. In most cases, using the 1053 * TCP_NODELAY socket option provides better performance and lower 1054 * response times, but disabling it may help for some cases in which 1055 * the server sends a large number of entries to a client in response 1056 * to a search request. 1057 * 1058 * @return Returns the "use-tcp-no-delay" property definition. 1059 */ 1060 public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() { 1061 return PD_USE_TCP_NO_DELAY; 1062 } 1063 1064 1065 1066 /** 1067 * Managed object client implementation. 1068 */ 1069 private static class LDAPConnectionHandlerCfgClientImpl implements 1070 LDAPConnectionHandlerCfgClient { 1071 1072 // Private implementation. 1073 private ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl; 1074 1075 1076 1077 // Private constructor. 1078 private LDAPConnectionHandlerCfgClientImpl( 1079 ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) { 1080 this.impl = impl; 1081 } 1082 1083 1084 1085 /** 1086 * {@inheritDoc} 1087 */ 1088 public int getAcceptBacklog() { 1089 return impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition()); 1090 } 1091 1092 1093 1094 /** 1095 * {@inheritDoc} 1096 */ 1097 public void setAcceptBacklog(Integer value) { 1098 impl.setPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition(), value); 1099 } 1100 1101 1102 1103 /** 1104 * {@inheritDoc} 1105 */ 1106 public SortedSet<AddressMask> getAllowedClient() { 1107 return impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition()); 1108 } 1109 1110 1111 1112 /** 1113 * {@inheritDoc} 1114 */ 1115 public void setAllowedClient(Collection<AddressMask> values) { 1116 impl.setPropertyValues(INSTANCE.getAllowedClientPropertyDefinition(), values); 1117 } 1118 1119 1120 1121 /** 1122 * {@inheritDoc} 1123 */ 1124 public boolean isAllowLDAPV2() { 1125 return impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition()); 1126 } 1127 1128 1129 1130 /** 1131 * {@inheritDoc} 1132 */ 1133 public void setAllowLDAPV2(Boolean value) { 1134 impl.setPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition(), value); 1135 } 1136 1137 1138 1139 /** 1140 * {@inheritDoc} 1141 */ 1142 public boolean isAllowStartTLS() { 1143 return impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition()); 1144 } 1145 1146 1147 1148 /** 1149 * {@inheritDoc} 1150 */ 1151 public void setAllowStartTLS(Boolean value) { 1152 impl.setPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition(), value); 1153 } 1154 1155 1156 1157 /** 1158 * {@inheritDoc} 1159 */ 1160 public boolean isAllowTCPReuseAddress() { 1161 return impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition()); 1162 } 1163 1164 1165 1166 /** 1167 * {@inheritDoc} 1168 */ 1169 public void setAllowTCPReuseAddress(Boolean value) { 1170 impl.setPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition(), value); 1171 } 1172 1173 1174 1175 /** 1176 * {@inheritDoc} 1177 */ 1178 public long getBufferSize() { 1179 return impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition()); 1180 } 1181 1182 1183 1184 /** 1185 * {@inheritDoc} 1186 */ 1187 public void setBufferSize(Long value) { 1188 impl.setPropertyValue(INSTANCE.getBufferSizePropertyDefinition(), value); 1189 } 1190 1191 1192 1193 /** 1194 * {@inheritDoc} 1195 */ 1196 public SortedSet<AddressMask> getDeniedClient() { 1197 return impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition()); 1198 } 1199 1200 1201 1202 /** 1203 * {@inheritDoc} 1204 */ 1205 public void setDeniedClient(Collection<AddressMask> values) { 1206 impl.setPropertyValues(INSTANCE.getDeniedClientPropertyDefinition(), values); 1207 } 1208 1209 1210 1211 /** 1212 * {@inheritDoc} 1213 */ 1214 public Boolean isEnabled() { 1215 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 1216 } 1217 1218 1219 1220 /** 1221 * {@inheritDoc} 1222 */ 1223 public void setEnabled(boolean value) { 1224 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 1225 } 1226 1227 1228 1229 /** 1230 * {@inheritDoc} 1231 */ 1232 public String getJavaClass() { 1233 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1234 } 1235 1236 1237 1238 /** 1239 * {@inheritDoc} 1240 */ 1241 public void setJavaClass(String value) { 1242 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 1243 } 1244 1245 1246 1247 /** 1248 * {@inheritDoc} 1249 */ 1250 public boolean isKeepStats() { 1251 return impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition()); 1252 } 1253 1254 1255 1256 /** 1257 * {@inheritDoc} 1258 */ 1259 public void setKeepStats(Boolean value) { 1260 impl.setPropertyValue(INSTANCE.getKeepStatsPropertyDefinition(), value); 1261 } 1262 1263 1264 1265 /** 1266 * {@inheritDoc} 1267 */ 1268 public String getKeyManagerProvider() { 1269 return impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition()); 1270 } 1271 1272 1273 1274 /** 1275 * {@inheritDoc} 1276 */ 1277 public void setKeyManagerProvider(String value) { 1278 impl.setPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition(), value); 1279 } 1280 1281 1282 1283 /** 1284 * {@inheritDoc} 1285 */ 1286 public SortedSet<InetAddress> getListenAddress() { 1287 return impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition()); 1288 } 1289 1290 1291 1292 /** 1293 * {@inheritDoc} 1294 */ 1295 public void setListenAddress(Collection<InetAddress> values) { 1296 impl.setPropertyValues(INSTANCE.getListenAddressPropertyDefinition(), values); 1297 } 1298 1299 1300 1301 /** 1302 * {@inheritDoc} 1303 */ 1304 public Integer getListenPort() { 1305 return impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition()); 1306 } 1307 1308 1309 1310 /** 1311 * {@inheritDoc} 1312 */ 1313 public void setListenPort(int value) { 1314 impl.setPropertyValue(INSTANCE.getListenPortPropertyDefinition(), value); 1315 } 1316 1317 1318 1319 /** 1320 * {@inheritDoc} 1321 */ 1322 public long getMaxBlockedWriteTimeLimit() { 1323 return impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition()); 1324 } 1325 1326 1327 1328 /** 1329 * {@inheritDoc} 1330 */ 1331 public void setMaxBlockedWriteTimeLimit(Long value) { 1332 impl.setPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition(), value); 1333 } 1334 1335 1336 1337 /** 1338 * {@inheritDoc} 1339 */ 1340 public long getMaxRequestSize() { 1341 return impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition()); 1342 } 1343 1344 1345 1346 /** 1347 * {@inheritDoc} 1348 */ 1349 public void setMaxRequestSize(Long value) { 1350 impl.setPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition(), value); 1351 } 1352 1353 1354 1355 /** 1356 * {@inheritDoc} 1357 */ 1358 public Integer getNumRequestHandlers() { 1359 return impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition()); 1360 } 1361 1362 1363 1364 /** 1365 * {@inheritDoc} 1366 */ 1367 public void setNumRequestHandlers(Integer value) { 1368 impl.setPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition(), value); 1369 } 1370 1371 1372 1373 /** 1374 * {@inheritDoc} 1375 */ 1376 public boolean isSendRejectionNotice() { 1377 return impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition()); 1378 } 1379 1380 1381 1382 /** 1383 * {@inheritDoc} 1384 */ 1385 public void setSendRejectionNotice(Boolean value) { 1386 impl.setPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition(), value); 1387 } 1388 1389 1390 1391 /** 1392 * {@inheritDoc} 1393 */ 1394 public String getSSLCertNickname() { 1395 return impl.getPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition()); 1396 } 1397 1398 1399 1400 /** 1401 * {@inheritDoc} 1402 */ 1403 public void setSSLCertNickname(String value) { 1404 impl.setPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition(), value); 1405 } 1406 1407 1408 1409 /** 1410 * {@inheritDoc} 1411 */ 1412 public SortedSet<String> getSSLCipherSuite() { 1413 return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1414 } 1415 1416 1417 1418 /** 1419 * {@inheritDoc} 1420 */ 1421 public void setSSLCipherSuite(Collection<String> values) { 1422 impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values); 1423 } 1424 1425 1426 1427 /** 1428 * {@inheritDoc} 1429 */ 1430 public SSLClientAuthPolicy getSSLClientAuthPolicy() { 1431 return impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition()); 1432 } 1433 1434 1435 1436 /** 1437 * {@inheritDoc} 1438 */ 1439 public void setSSLClientAuthPolicy(SSLClientAuthPolicy value) { 1440 impl.setPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition(), value); 1441 } 1442 1443 1444 1445 /** 1446 * {@inheritDoc} 1447 */ 1448 public SortedSet<String> getSSLProtocol() { 1449 return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1450 } 1451 1452 1453 1454 /** 1455 * {@inheritDoc} 1456 */ 1457 public void setSSLProtocol(Collection<String> values) { 1458 impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values); 1459 } 1460 1461 1462 1463 /** 1464 * {@inheritDoc} 1465 */ 1466 public String getTrustManagerProvider() { 1467 return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1468 } 1469 1470 1471 1472 /** 1473 * {@inheritDoc} 1474 */ 1475 public void setTrustManagerProvider(String value) { 1476 impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value); 1477 } 1478 1479 1480 1481 /** 1482 * {@inheritDoc} 1483 */ 1484 public boolean isUseSSL() { 1485 return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1486 } 1487 1488 1489 1490 /** 1491 * {@inheritDoc} 1492 */ 1493 public void setUseSSL(Boolean value) { 1494 impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value); 1495 } 1496 1497 1498 1499 /** 1500 * {@inheritDoc} 1501 */ 1502 public boolean isUseTCPKeepAlive() { 1503 return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1504 } 1505 1506 1507 1508 /** 1509 * {@inheritDoc} 1510 */ 1511 public void setUseTCPKeepAlive(Boolean value) { 1512 impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value); 1513 } 1514 1515 1516 1517 /** 1518 * {@inheritDoc} 1519 */ 1520 public boolean isUseTCPNoDelay() { 1521 return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1522 } 1523 1524 1525 1526 /** 1527 * {@inheritDoc} 1528 */ 1529 public void setUseTCPNoDelay(Boolean value) { 1530 impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value); 1531 } 1532 1533 1534 1535 /** 1536 * {@inheritDoc} 1537 */ 1538 public ManagedObjectDefinition<? extends LDAPConnectionHandlerCfgClient, ? extends LDAPConnectionHandlerCfg> definition() { 1539 return INSTANCE; 1540 } 1541 1542 1543 1544 /** 1545 * {@inheritDoc} 1546 */ 1547 public PropertyProvider properties() { 1548 return impl; 1549 } 1550 1551 1552 1553 /** 1554 * {@inheritDoc} 1555 */ 1556 public void commit() throws ManagedObjectAlreadyExistsException, 1557 MissingMandatoryPropertiesException, ConcurrentModificationException, 1558 OperationRejectedException, LdapException { 1559 impl.commit(); 1560 } 1561 1562 } 1563 1564 1565 1566 /** 1567 * Managed object server implementation. 1568 */ 1569 private static class LDAPConnectionHandlerCfgServerImpl implements 1570 LDAPConnectionHandlerCfg { 1571 1572 // Private implementation. 1573 private ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl; 1574 1575 // The value of the "accept-backlog" property. 1576 private final int pAcceptBacklog; 1577 1578 // The value of the "allowed-client" property. 1579 private final SortedSet<AddressMask> pAllowedClient; 1580 1581 // The value of the "allow-ldap-v2" property. 1582 private final boolean pAllowLDAPV2; 1583 1584 // The value of the "allow-start-tls" property. 1585 private final boolean pAllowStartTLS; 1586 1587 // The value of the "allow-tcp-reuse-address" property. 1588 private final boolean pAllowTCPReuseAddress; 1589 1590 // The value of the "buffer-size" property. 1591 private final long pBufferSize; 1592 1593 // The value of the "denied-client" property. 1594 private final SortedSet<AddressMask> pDeniedClient; 1595 1596 // The value of the "enabled" property. 1597 private final boolean pEnabled; 1598 1599 // The value of the "java-class" property. 1600 private final String pJavaClass; 1601 1602 // The value of the "keep-stats" property. 1603 private final boolean pKeepStats; 1604 1605 // The value of the "key-manager-provider" property. 1606 private final String pKeyManagerProvider; 1607 1608 // The value of the "listen-address" property. 1609 private final SortedSet<InetAddress> pListenAddress; 1610 1611 // The value of the "listen-port" property. 1612 private final int pListenPort; 1613 1614 // The value of the "max-blocked-write-time-limit" property. 1615 private final long pMaxBlockedWriteTimeLimit; 1616 1617 // The value of the "max-request-size" property. 1618 private final long pMaxRequestSize; 1619 1620 // The value of the "num-request-handlers" property. 1621 private final Integer pNumRequestHandlers; 1622 1623 // The value of the "send-rejection-notice" property. 1624 private final boolean pSendRejectionNotice; 1625 1626 // The value of the "ssl-cert-nickname" property. 1627 private final String pSSLCertNickname; 1628 1629 // The value of the "ssl-cipher-suite" property. 1630 private final SortedSet<String> pSSLCipherSuite; 1631 1632 // The value of the "ssl-client-auth-policy" property. 1633 private final SSLClientAuthPolicy pSSLClientAuthPolicy; 1634 1635 // The value of the "ssl-protocol" property. 1636 private final SortedSet<String> pSSLProtocol; 1637 1638 // The value of the "trust-manager-provider" property. 1639 private final String pTrustManagerProvider; 1640 1641 // The value of the "use-ssl" property. 1642 private final boolean pUseSSL; 1643 1644 // The value of the "use-tcp-keep-alive" property. 1645 private final boolean pUseTCPKeepAlive; 1646 1647 // The value of the "use-tcp-no-delay" property. 1648 private final boolean pUseTCPNoDelay; 1649 1650 1651 1652 // Private constructor. 1653 private LDAPConnectionHandlerCfgServerImpl(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) { 1654 this.impl = impl; 1655 this.pAcceptBacklog = impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition()); 1656 this.pAllowedClient = impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition()); 1657 this.pAllowLDAPV2 = impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition()); 1658 this.pAllowStartTLS = impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition()); 1659 this.pAllowTCPReuseAddress = impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition()); 1660 this.pBufferSize = impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition()); 1661 this.pDeniedClient = impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition()); 1662 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 1663 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 1664 this.pKeepStats = impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition()); 1665 this.pKeyManagerProvider = impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition()); 1666 this.pListenAddress = impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition()); 1667 this.pListenPort = impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition()); 1668 this.pMaxBlockedWriteTimeLimit = impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition()); 1669 this.pMaxRequestSize = impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition()); 1670 this.pNumRequestHandlers = impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition()); 1671 this.pSendRejectionNotice = impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition()); 1672 this.pSSLCertNickname = impl.getPropertyValue(INSTANCE.getSSLCertNicknamePropertyDefinition()); 1673 this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition()); 1674 this.pSSLClientAuthPolicy = impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition()); 1675 this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition()); 1676 this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition()); 1677 this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition()); 1678 this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition()); 1679 this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition()); 1680 } 1681 1682 1683 1684 /** 1685 * {@inheritDoc} 1686 */ 1687 public void addLDAPChangeListener( 1688 ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) { 1689 impl.registerChangeListener(listener); 1690 } 1691 1692 1693 1694 /** 1695 * {@inheritDoc} 1696 */ 1697 public void removeLDAPChangeListener( 1698 ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) { 1699 impl.deregisterChangeListener(listener); 1700 } 1701 /** 1702 * {@inheritDoc} 1703 */ 1704 public void addChangeListener( 1705 ConfigurationChangeListener<ConnectionHandlerCfg> listener) { 1706 impl.registerChangeListener(listener); 1707 } 1708 1709 1710 1711 /** 1712 * {@inheritDoc} 1713 */ 1714 public void removeChangeListener( 1715 ConfigurationChangeListener<ConnectionHandlerCfg> listener) { 1716 impl.deregisterChangeListener(listener); 1717 } 1718 1719 1720 1721 /** 1722 * {@inheritDoc} 1723 */ 1724 public int getAcceptBacklog() { 1725 return pAcceptBacklog; 1726 } 1727 1728 1729 1730 /** 1731 * {@inheritDoc} 1732 */ 1733 public SortedSet<AddressMask> getAllowedClient() { 1734 return pAllowedClient; 1735 } 1736 1737 1738 1739 /** 1740 * {@inheritDoc} 1741 */ 1742 public boolean isAllowLDAPV2() { 1743 return pAllowLDAPV2; 1744 } 1745 1746 1747 1748 /** 1749 * {@inheritDoc} 1750 */ 1751 public boolean isAllowStartTLS() { 1752 return pAllowStartTLS; 1753 } 1754 1755 1756 1757 /** 1758 * {@inheritDoc} 1759 */ 1760 public boolean isAllowTCPReuseAddress() { 1761 return pAllowTCPReuseAddress; 1762 } 1763 1764 1765 1766 /** 1767 * {@inheritDoc} 1768 */ 1769 public long getBufferSize() { 1770 return pBufferSize; 1771 } 1772 1773 1774 1775 /** 1776 * {@inheritDoc} 1777 */ 1778 public SortedSet<AddressMask> getDeniedClient() { 1779 return pDeniedClient; 1780 } 1781 1782 1783 1784 /** 1785 * {@inheritDoc} 1786 */ 1787 public boolean isEnabled() { 1788 return pEnabled; 1789 } 1790 1791 1792 1793 /** 1794 * {@inheritDoc} 1795 */ 1796 public String getJavaClass() { 1797 return pJavaClass; 1798 } 1799 1800 1801 1802 /** 1803 * {@inheritDoc} 1804 */ 1805 public boolean isKeepStats() { 1806 return pKeepStats; 1807 } 1808 1809 1810 1811 /** 1812 * {@inheritDoc} 1813 */ 1814 public String getKeyManagerProvider() { 1815 return pKeyManagerProvider; 1816 } 1817 1818 1819 1820 /** 1821 * {@inheritDoc} 1822 */ 1823 public DN getKeyManagerProviderDN() { 1824 String value = getKeyManagerProvider(); 1825 if (value == null) return null; 1826 return INSTANCE.getKeyManagerProviderPropertyDefinition().getChildDN(value); 1827 } 1828 1829 1830 1831 /** 1832 * {@inheritDoc} 1833 */ 1834 public SortedSet<InetAddress> getListenAddress() { 1835 return pListenAddress; 1836 } 1837 1838 1839 1840 /** 1841 * {@inheritDoc} 1842 */ 1843 public int getListenPort() { 1844 return pListenPort; 1845 } 1846 1847 1848 1849 /** 1850 * {@inheritDoc} 1851 */ 1852 public long getMaxBlockedWriteTimeLimit() { 1853 return pMaxBlockedWriteTimeLimit; 1854 } 1855 1856 1857 1858 /** 1859 * {@inheritDoc} 1860 */ 1861 public long getMaxRequestSize() { 1862 return pMaxRequestSize; 1863 } 1864 1865 1866 1867 /** 1868 * {@inheritDoc} 1869 */ 1870 public Integer getNumRequestHandlers() { 1871 return pNumRequestHandlers; 1872 } 1873 1874 1875 1876 /** 1877 * {@inheritDoc} 1878 */ 1879 public boolean isSendRejectionNotice() { 1880 return pSendRejectionNotice; 1881 } 1882 1883 1884 1885 /** 1886 * {@inheritDoc} 1887 */ 1888 public String getSSLCertNickname() { 1889 return pSSLCertNickname; 1890 } 1891 1892 1893 1894 /** 1895 * {@inheritDoc} 1896 */ 1897 public SortedSet<String> getSSLCipherSuite() { 1898 return pSSLCipherSuite; 1899 } 1900 1901 1902 1903 /** 1904 * {@inheritDoc} 1905 */ 1906 public SSLClientAuthPolicy getSSLClientAuthPolicy() { 1907 return pSSLClientAuthPolicy; 1908 } 1909 1910 1911 1912 /** 1913 * {@inheritDoc} 1914 */ 1915 public SortedSet<String> getSSLProtocol() { 1916 return pSSLProtocol; 1917 } 1918 1919 1920 1921 /** 1922 * {@inheritDoc} 1923 */ 1924 public String getTrustManagerProvider() { 1925 return pTrustManagerProvider; 1926 } 1927 1928 1929 1930 /** 1931 * {@inheritDoc} 1932 */ 1933 public DN getTrustManagerProviderDN() { 1934 String value = getTrustManagerProvider(); 1935 if (value == null) return null; 1936 return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value); 1937 } 1938 1939 1940 1941 /** 1942 * {@inheritDoc} 1943 */ 1944 public boolean isUseSSL() { 1945 return pUseSSL; 1946 } 1947 1948 1949 1950 /** 1951 * {@inheritDoc} 1952 */ 1953 public boolean isUseTCPKeepAlive() { 1954 return pUseTCPKeepAlive; 1955 } 1956 1957 1958 1959 /** 1960 * {@inheritDoc} 1961 */ 1962 public boolean isUseTCPNoDelay() { 1963 return pUseTCPNoDelay; 1964 } 1965 1966 1967 1968 /** 1969 * {@inheritDoc} 1970 */ 1971 public Class<? extends LDAPConnectionHandlerCfg> configurationClass() { 1972 return LDAPConnectionHandlerCfg.class; 1973 } 1974 1975 1976 1977 /** 1978 * {@inheritDoc} 1979 */ 1980 public DN dn() { 1981 return impl.getDN(); 1982 } 1983 1984 } 1985}