001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import org.forgerock.opendj.config.AdministratorAction;
031import org.forgerock.opendj.config.BooleanPropertyDefinition;
032import org.forgerock.opendj.config.ClassPropertyDefinition;
033import org.forgerock.opendj.config.client.ConcurrentModificationException;
034import org.forgerock.opendj.config.client.ManagedObject;
035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
036import org.forgerock.opendj.config.client.OperationRejectedException;
037import org.forgerock.opendj.config.DefaultBehaviorProvider;
038import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
039import org.forgerock.opendj.config.EnumPropertyDefinition;
040import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
041import org.forgerock.opendj.config.ManagedObjectDefinition;
042import org.forgerock.opendj.config.PropertyOption;
043import org.forgerock.opendj.config.PropertyProvider;
044import org.forgerock.opendj.config.server.ConfigurationChangeListener;
045import org.forgerock.opendj.config.server.ServerManagedObject;
046import org.forgerock.opendj.config.Tag;
047import org.forgerock.opendj.ldap.DN;
048import org.forgerock.opendj.ldap.LdapException;
049import org.forgerock.opendj.server.config.client.CryptPasswordStorageSchemeCfgClient;
050import org.forgerock.opendj.server.config.server.CryptPasswordStorageSchemeCfg;
051import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg;
052
053
054
055/**
056 * An interface for querying the Crypt Password Storage Scheme managed
057 * object definition meta information.
058 * <p>
059 * The Crypt Password Storage Scheme provides a mechanism for encoding
060 * user passwords like Unix crypt does. Like on most Unix systems, the
061 * password may be encrypted using different algorithms, either Unix
062 * crypt, md5, sha256 or sha512.
063 */
064public final class CryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<CryptPasswordStorageSchemeCfgClient, CryptPasswordStorageSchemeCfg> {
065
066  // The singleton configuration definition instance.
067  private static final CryptPasswordStorageSchemeCfgDefn INSTANCE = new CryptPasswordStorageSchemeCfgDefn();
068
069
070
071  /**
072   * Defines the set of permissable values for the "crypt-password-storage-encryption-algorithm" property.
073   * <p>
074   * Specifies the algorithm to use to encrypt new passwords.
075   * <p>
076   * Select the crypt algorithm to use to encrypt new passwords. The
077   * value can either be "unix", which means the password is encrypted
078   * with the weak Unix crypt algorithm, or "md5" which means the
079   * password is encrypted with the BSD MD5 algorithm and has a $1$
080   * prefix, or "sha256" which means the password is encrypted with the
081   * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the
082   * password is encrypted with the SHA512 algorithm and has a $6$
083   * prefix.
084   */
085  public static enum CryptPasswordStorageEncryptionAlgorithm {
086
087    /**
088     * New passwords are encrypted with the BSD MD5 algorithm.
089     */
090    MD5("md5"),
091
092
093
094    /**
095     * New passwords are encrypted with the Unix crypt SHA256
096     * algorithm.
097     */
098    SHA256("sha256"),
099
100
101
102    /**
103     * New passwords are encrypted with the Unix crypt SHA512
104     * algorithm.
105     */
106    SHA512("sha512"),
107
108
109
110    /**
111     * New passwords are encrypted with the Unix crypt algorithm.
112     * Passwords are truncated at 8 characters and the top bit of each
113     * character is ignored.
114     */
115    UNIX("unix");
116
117
118
119    // String representation of the value.
120    private final String name;
121
122
123
124    // Private constructor.
125    private CryptPasswordStorageEncryptionAlgorithm(String name) { this.name = name; }
126
127
128
129    /**
130     * {@inheritDoc}
131     */
132    public String toString() { return name; }
133
134  }
135
136
137
138  // The "crypt-password-storage-encryption-algorithm" property definition.
139  private static final EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM;
140
141
142
143  // The "java-class" property definition.
144  private static final ClassPropertyDefinition PD_JAVA_CLASS;
145
146
147
148  // Build the "crypt-password-storage-encryption-algorithm" property definition.
149  static {
150      EnumPropertyDefinition.Builder<CryptPasswordStorageEncryptionAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "crypt-password-storage-encryption-algorithm");
151      builder.setOption(PropertyOption.MANDATORY);
152      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "crypt-password-storage-encryption-algorithm"));
153      DefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm> provider = new DefinedDefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm>("unix");
154      builder.setDefaultBehaviorProvider(provider);
155      builder.setEnumClass(CryptPasswordStorageEncryptionAlgorithm.class);
156      PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM = builder.getInstance();
157      INSTANCE.registerPropertyDefinition(PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM);
158  }
159
160
161
162  // Build the "java-class" property definition.
163  static {
164      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
165      builder.setOption(PropertyOption.MANDATORY);
166      builder.setOption(PropertyOption.ADVANCED);
167      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class"));
168      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.CryptPasswordStorageScheme");
169      builder.setDefaultBehaviorProvider(provider);
170      builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme");
171      PD_JAVA_CLASS = builder.getInstance();
172      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
173  }
174
175
176
177  // Register the tags associated with this managed object definition.
178  static {
179    INSTANCE.registerTag(Tag.valueOf("user-management"));
180  }
181
182
183
184  /**
185   * Get the Crypt Password Storage Scheme configuration definition
186   * singleton.
187   *
188   * @return Returns the Crypt Password Storage Scheme configuration
189   *         definition singleton.
190   */
191  public static CryptPasswordStorageSchemeCfgDefn getInstance() {
192    return INSTANCE;
193  }
194
195
196
197  /**
198   * Private constructor.
199   */
200  private CryptPasswordStorageSchemeCfgDefn() {
201    super("crypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance());
202  }
203
204
205
206  /**
207   * {@inheritDoc}
208   */
209  public CryptPasswordStorageSchemeCfgClient createClientConfiguration(
210      ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) {
211    return new CryptPasswordStorageSchemeCfgClientImpl(impl);
212  }
213
214
215
216  /**
217   * {@inheritDoc}
218   */
219  public CryptPasswordStorageSchemeCfg createServerConfiguration(
220      ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) {
221    return new CryptPasswordStorageSchemeCfgServerImpl(impl);
222  }
223
224
225
226  /**
227   * {@inheritDoc}
228   */
229  public Class<CryptPasswordStorageSchemeCfg> getServerConfigurationClass() {
230    return CryptPasswordStorageSchemeCfg.class;
231  }
232
233
234
235  /**
236   * Get the "crypt-password-storage-encryption-algorithm" property definition.
237   * <p>
238   * Specifies the algorithm to use to encrypt new passwords.
239   * <p>
240   * Select the crypt algorithm to use to encrypt new passwords. The
241   * value can either be "unix", which means the password is encrypted
242   * with the weak Unix crypt algorithm, or "md5" which means the
243   * password is encrypted with the BSD MD5 algorithm and has a $1$
244   * prefix, or "sha256" which means the password is encrypted with the
245   * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the
246   * password is encrypted with the SHA512 algorithm and has a $6$
247   * prefix.
248   *
249   * @return Returns the "crypt-password-storage-encryption-algorithm" property definition.
250   */
251  public EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition() {
252    return PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM;
253  }
254
255
256
257  /**
258   * Get the "enabled" property definition.
259   * <p>
260   * Indicates whether the Crypt Password Storage Scheme is enabled
261   * for use.
262   *
263   * @return Returns the "enabled" property definition.
264   */
265  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
266    return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition();
267  }
268
269
270
271  /**
272   * Get the "java-class" property definition.
273   * <p>
274   * Specifies the fully-qualified name of the Java class that
275   * provides the Crypt Password Storage Scheme implementation.
276   *
277   * @return Returns the "java-class" property definition.
278   */
279  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
280    return PD_JAVA_CLASS;
281  }
282
283
284
285  /**
286   * Managed object client implementation.
287   */
288  private static class CryptPasswordStorageSchemeCfgClientImpl implements
289    CryptPasswordStorageSchemeCfgClient {
290
291    // Private implementation.
292    private ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl;
293
294
295
296    // Private constructor.
297    private CryptPasswordStorageSchemeCfgClientImpl(
298        ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) {
299      this.impl = impl;
300    }
301
302
303
304    /**
305     * {@inheritDoc}
306     */
307    public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() {
308      return impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition());
309    }
310
311
312
313    /**
314     * {@inheritDoc}
315     */
316    public void setCryptPasswordStorageEncryptionAlgorithm(CryptPasswordStorageEncryptionAlgorithm value) {
317      impl.setPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition(), value);
318    }
319
320
321
322    /**
323     * {@inheritDoc}
324     */
325    public Boolean isEnabled() {
326      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
327    }
328
329
330
331    /**
332     * {@inheritDoc}
333     */
334    public void setEnabled(boolean value) {
335      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
336    }
337
338
339
340    /**
341     * {@inheritDoc}
342     */
343    public String getJavaClass() {
344      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
345    }
346
347
348
349    /**
350     * {@inheritDoc}
351     */
352    public void setJavaClass(String value) {
353      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
354    }
355
356
357
358    /**
359     * {@inheritDoc}
360     */
361    public ManagedObjectDefinition<? extends CryptPasswordStorageSchemeCfgClient, ? extends CryptPasswordStorageSchemeCfg> definition() {
362      return INSTANCE;
363    }
364
365
366
367    /**
368     * {@inheritDoc}
369     */
370    public PropertyProvider properties() {
371      return impl;
372    }
373
374
375
376    /**
377     * {@inheritDoc}
378     */
379    public void commit() throws ManagedObjectAlreadyExistsException,
380        MissingMandatoryPropertiesException, ConcurrentModificationException,
381        OperationRejectedException, LdapException {
382      impl.commit();
383    }
384
385  }
386
387
388
389  /**
390   * Managed object server implementation.
391   */
392  private static class CryptPasswordStorageSchemeCfgServerImpl implements
393    CryptPasswordStorageSchemeCfg {
394
395    // Private implementation.
396    private ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl;
397
398    // The value of the "crypt-password-storage-encryption-algorithm" property.
399    private final CryptPasswordStorageEncryptionAlgorithm pCryptPasswordStorageEncryptionAlgorithm;
400
401    // The value of the "enabled" property.
402    private final boolean pEnabled;
403
404    // The value of the "java-class" property.
405    private final String pJavaClass;
406
407
408
409    // Private constructor.
410    private CryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) {
411      this.impl = impl;
412      this.pCryptPasswordStorageEncryptionAlgorithm = impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition());
413      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
414      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
415    }
416
417
418
419    /**
420     * {@inheritDoc}
421     */
422    public void addCryptChangeListener(
423        ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) {
424      impl.registerChangeListener(listener);
425    }
426
427
428
429    /**
430     * {@inheritDoc}
431     */
432    public void removeCryptChangeListener(
433        ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) {
434      impl.deregisterChangeListener(listener);
435    }
436    /**
437     * {@inheritDoc}
438     */
439    public void addChangeListener(
440        ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) {
441      impl.registerChangeListener(listener);
442    }
443
444
445
446    /**
447     * {@inheritDoc}
448     */
449    public void removeChangeListener(
450        ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) {
451      impl.deregisterChangeListener(listener);
452    }
453
454
455
456    /**
457     * {@inheritDoc}
458     */
459    public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() {
460      return pCryptPasswordStorageEncryptionAlgorithm;
461    }
462
463
464
465    /**
466     * {@inheritDoc}
467     */
468    public boolean isEnabled() {
469      return pEnabled;
470    }
471
472
473
474    /**
475     * {@inheritDoc}
476     */
477    public String getJavaClass() {
478      return pJavaClass;
479    }
480
481
482
483    /**
484     * {@inheritDoc}
485     */
486    public Class<? extends CryptPasswordStorageSchemeCfg> configurationClass() {
487      return CryptPasswordStorageSchemeCfg.class;
488    }
489
490
491
492    /**
493     * {@inheritDoc}
494     */
495    public DN dn() {
496      return impl.getDN();
497    }
498
499  }
500}