001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import org.forgerock.opendj.config.AdministratorAction; 031import org.forgerock.opendj.config.BooleanPropertyDefinition; 032import org.forgerock.opendj.config.ClassPropertyDefinition; 033import org.forgerock.opendj.config.client.ConcurrentModificationException; 034import org.forgerock.opendj.config.client.ManagedObject; 035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 036import org.forgerock.opendj.config.client.OperationRejectedException; 037import org.forgerock.opendj.config.DefaultBehaviorProvider; 038import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 039import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 040import org.forgerock.opendj.config.ManagedObjectDefinition; 041import org.forgerock.opendj.config.PropertyOption; 042import org.forgerock.opendj.config.PropertyProvider; 043import org.forgerock.opendj.config.server.ConfigurationChangeListener; 044import org.forgerock.opendj.config.server.ServerManagedObject; 045import org.forgerock.opendj.config.StringPropertyDefinition; 046import org.forgerock.opendj.config.Tag; 047import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 048import org.forgerock.opendj.ldap.DN; 049import org.forgerock.opendj.ldap.LdapException; 050import org.forgerock.opendj.server.config.client.FileBasedTrustManagerProviderCfgClient; 051import org.forgerock.opendj.server.config.server.FileBasedTrustManagerProviderCfg; 052import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg; 053 054 055 056/** 057 * An interface for querying the File Based Trust Manager Provider 058 * managed object definition meta information. 059 * <p> 060 * The file-based trust manager provider determines whether to trust a 061 * presented certificate based on whether that certificate exists in a 062 * server trust store file. 063 */ 064public final class FileBasedTrustManagerProviderCfgDefn extends ManagedObjectDefinition<FileBasedTrustManagerProviderCfgClient, FileBasedTrustManagerProviderCfg> { 065 066 // The singleton configuration definition instance. 067 private static final FileBasedTrustManagerProviderCfgDefn INSTANCE = new FileBasedTrustManagerProviderCfgDefn(); 068 069 070 071 // The "java-class" property definition. 072 private static final ClassPropertyDefinition PD_JAVA_CLASS; 073 074 075 076 // The "trust-store-file" property definition. 077 private static final StringPropertyDefinition PD_TRUST_STORE_FILE; 078 079 080 081 // The "trust-store-pin" property definition. 082 private static final StringPropertyDefinition PD_TRUST_STORE_PIN; 083 084 085 086 // The "trust-store-pin-environment-variable" property definition. 087 private static final StringPropertyDefinition PD_TRUST_STORE_PIN_ENVIRONMENT_VARIABLE; 088 089 090 091 // The "trust-store-pin-file" property definition. 092 private static final StringPropertyDefinition PD_TRUST_STORE_PIN_FILE; 093 094 095 096 // The "trust-store-pin-property" property definition. 097 private static final StringPropertyDefinition PD_TRUST_STORE_PIN_PROPERTY; 098 099 100 101 // The "trust-store-type" property definition. 102 private static final StringPropertyDefinition PD_TRUST_STORE_TYPE; 103 104 105 106 // Build the "java-class" property definition. 107 static { 108 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 109 builder.setOption(PropertyOption.MANDATORY); 110 builder.setOption(PropertyOption.ADVANCED); 111 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 112 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.FileBasedTrustManagerProvider"); 113 builder.setDefaultBehaviorProvider(provider); 114 builder.addInstanceOf("org.opends.server.api.TrustManagerProvider"); 115 PD_JAVA_CLASS = builder.getInstance(); 116 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 117 } 118 119 120 121 // Build the "trust-store-file" property definition. 122 static { 123 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "trust-store-file"); 124 builder.setOption(PropertyOption.MANDATORY); 125 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-store-file")); 126 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 127 builder.setPattern(".*", "STRING"); 128 PD_TRUST_STORE_FILE = builder.getInstance(); 129 INSTANCE.registerPropertyDefinition(PD_TRUST_STORE_FILE); 130 } 131 132 133 134 // Build the "trust-store-pin" property definition. 135 static { 136 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "trust-store-pin"); 137 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-store-pin")); 138 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 139 PD_TRUST_STORE_PIN = builder.getInstance(); 140 INSTANCE.registerPropertyDefinition(PD_TRUST_STORE_PIN); 141 } 142 143 144 145 // Build the "trust-store-pin-environment-variable" property definition. 146 static { 147 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "trust-store-pin-environment-variable"); 148 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-store-pin-environment-variable")); 149 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 150 PD_TRUST_STORE_PIN_ENVIRONMENT_VARIABLE = builder.getInstance(); 151 INSTANCE.registerPropertyDefinition(PD_TRUST_STORE_PIN_ENVIRONMENT_VARIABLE); 152 } 153 154 155 156 // Build the "trust-store-pin-file" property definition. 157 static { 158 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "trust-store-pin-file"); 159 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-store-pin-file")); 160 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 161 PD_TRUST_STORE_PIN_FILE = builder.getInstance(); 162 INSTANCE.registerPropertyDefinition(PD_TRUST_STORE_PIN_FILE); 163 } 164 165 166 167 // Build the "trust-store-pin-property" property definition. 168 static { 169 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "trust-store-pin-property"); 170 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-store-pin-property")); 171 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 172 PD_TRUST_STORE_PIN_PROPERTY = builder.getInstance(); 173 INSTANCE.registerPropertyDefinition(PD_TRUST_STORE_PIN_PROPERTY); 174 } 175 176 177 178 // Build the "trust-store-type" property definition. 179 static { 180 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "trust-store-type"); 181 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-store-type")); 182 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 183 builder.setPattern(".*", "STRING"); 184 PD_TRUST_STORE_TYPE = builder.getInstance(); 185 INSTANCE.registerPropertyDefinition(PD_TRUST_STORE_TYPE); 186 } 187 188 189 190 // Register the tags associated with this managed object definition. 191 static { 192 INSTANCE.registerTag(Tag.valueOf("security")); 193 } 194 195 196 197 /** 198 * Get the File Based Trust Manager Provider configuration 199 * definition singleton. 200 * 201 * @return Returns the File Based Trust Manager Provider 202 * configuration definition singleton. 203 */ 204 public static FileBasedTrustManagerProviderCfgDefn getInstance() { 205 return INSTANCE; 206 } 207 208 209 210 /** 211 * Private constructor. 212 */ 213 private FileBasedTrustManagerProviderCfgDefn() { 214 super("file-based-trust-manager-provider", TrustManagerProviderCfgDefn.getInstance()); 215 } 216 217 218 219 /** 220 * {@inheritDoc} 221 */ 222 public FileBasedTrustManagerProviderCfgClient createClientConfiguration( 223 ManagedObject<? extends FileBasedTrustManagerProviderCfgClient> impl) { 224 return new FileBasedTrustManagerProviderCfgClientImpl(impl); 225 } 226 227 228 229 /** 230 * {@inheritDoc} 231 */ 232 public FileBasedTrustManagerProviderCfg createServerConfiguration( 233 ServerManagedObject<? extends FileBasedTrustManagerProviderCfg> impl) { 234 return new FileBasedTrustManagerProviderCfgServerImpl(impl); 235 } 236 237 238 239 /** 240 * {@inheritDoc} 241 */ 242 public Class<FileBasedTrustManagerProviderCfg> getServerConfigurationClass() { 243 return FileBasedTrustManagerProviderCfg.class; 244 } 245 246 247 248 /** 249 * Get the "enabled" property definition. 250 * <p> 251 * Indicate whether the File Based Trust Manager Provider is enabled 252 * for use. 253 * 254 * @return Returns the "enabled" property definition. 255 */ 256 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 257 return TrustManagerProviderCfgDefn.getInstance().getEnabledPropertyDefinition(); 258 } 259 260 261 262 /** 263 * Get the "java-class" property definition. 264 * <p> 265 * The fully-qualified name of the Java class that provides the File 266 * Based Trust Manager Provider implementation. 267 * 268 * @return Returns the "java-class" property definition. 269 */ 270 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 271 return PD_JAVA_CLASS; 272 } 273 274 275 276 /** 277 * Get the "trust-store-file" property definition. 278 * <p> 279 * Specifies the path to the file containing the trust information. 280 * It can be an absolute path or a path that is relative to the 281 * OpenDJ instance root. 282 * <p> 283 * Changes to this configuration attribute take effect the next time 284 * that the trust manager is accessed. 285 * 286 * @return Returns the "trust-store-file" property definition. 287 */ 288 public StringPropertyDefinition getTrustStoreFilePropertyDefinition() { 289 return PD_TRUST_STORE_FILE; 290 } 291 292 293 294 /** 295 * Get the "trust-store-pin" property definition. 296 * <p> 297 * Specifies the clear-text PIN needed to access the File Based 298 * Trust Manager Provider . 299 * 300 * @return Returns the "trust-store-pin" property definition. 301 */ 302 public StringPropertyDefinition getTrustStorePinPropertyDefinition() { 303 return PD_TRUST_STORE_PIN; 304 } 305 306 307 308 /** 309 * Get the "trust-store-pin-environment-variable" property definition. 310 * <p> 311 * Specifies the name of the environment variable that contains the 312 * clear-text PIN needed to access the File Based Trust Manager 313 * Provider . 314 * 315 * @return Returns the "trust-store-pin-environment-variable" property definition. 316 */ 317 public StringPropertyDefinition getTrustStorePinEnvironmentVariablePropertyDefinition() { 318 return PD_TRUST_STORE_PIN_ENVIRONMENT_VARIABLE; 319 } 320 321 322 323 /** 324 * Get the "trust-store-pin-file" property definition. 325 * <p> 326 * Specifies the path to the text file whose only contents should be 327 * a single line containing the clear-text PIN needed to access the 328 * File Based Trust Manager Provider . 329 * 330 * @return Returns the "trust-store-pin-file" property definition. 331 */ 332 public StringPropertyDefinition getTrustStorePinFilePropertyDefinition() { 333 return PD_TRUST_STORE_PIN_FILE; 334 } 335 336 337 338 /** 339 * Get the "trust-store-pin-property" property definition. 340 * <p> 341 * Specifies the name of the Java property that contains the 342 * clear-text PIN needed to access the File Based Trust Manager 343 * Provider . 344 * 345 * @return Returns the "trust-store-pin-property" property definition. 346 */ 347 public StringPropertyDefinition getTrustStorePinPropertyPropertyDefinition() { 348 return PD_TRUST_STORE_PIN_PROPERTY; 349 } 350 351 352 353 /** 354 * Get the "trust-store-type" property definition. 355 * <p> 356 * Specifies the format for the data in the trust store file. 357 * <p> 358 * Valid values always include 'JKS' and 'PKCS12', but different 359 * implementations can allow other values as well. If no value is 360 * provided, then the JVM default value is used. Changes to this 361 * configuration attribute take effect the next time that the trust 362 * manager is accessed. 363 * 364 * @return Returns the "trust-store-type" property definition. 365 */ 366 public StringPropertyDefinition getTrustStoreTypePropertyDefinition() { 367 return PD_TRUST_STORE_TYPE; 368 } 369 370 371 372 /** 373 * Managed object client implementation. 374 */ 375 private static class FileBasedTrustManagerProviderCfgClientImpl implements 376 FileBasedTrustManagerProviderCfgClient { 377 378 // Private implementation. 379 private ManagedObject<? extends FileBasedTrustManagerProviderCfgClient> impl; 380 381 382 383 // Private constructor. 384 private FileBasedTrustManagerProviderCfgClientImpl( 385 ManagedObject<? extends FileBasedTrustManagerProviderCfgClient> impl) { 386 this.impl = impl; 387 } 388 389 390 391 /** 392 * {@inheritDoc} 393 */ 394 public Boolean isEnabled() { 395 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 396 } 397 398 399 400 /** 401 * {@inheritDoc} 402 */ 403 public void setEnabled(boolean value) { 404 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 405 } 406 407 408 409 /** 410 * {@inheritDoc} 411 */ 412 public String getJavaClass() { 413 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 414 } 415 416 417 418 /** 419 * {@inheritDoc} 420 */ 421 public void setJavaClass(String value) { 422 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 423 } 424 425 426 427 /** 428 * {@inheritDoc} 429 */ 430 public String getTrustStoreFile() { 431 return impl.getPropertyValue(INSTANCE.getTrustStoreFilePropertyDefinition()); 432 } 433 434 435 436 /** 437 * {@inheritDoc} 438 */ 439 public void setTrustStoreFile(String value) { 440 impl.setPropertyValue(INSTANCE.getTrustStoreFilePropertyDefinition(), value); 441 } 442 443 444 445 /** 446 * {@inheritDoc} 447 */ 448 public String getTrustStorePin() { 449 return impl.getPropertyValue(INSTANCE.getTrustStorePinPropertyDefinition()); 450 } 451 452 453 454 /** 455 * {@inheritDoc} 456 */ 457 public void setTrustStorePin(String value) { 458 impl.setPropertyValue(INSTANCE.getTrustStorePinPropertyDefinition(), value); 459 } 460 461 462 463 /** 464 * {@inheritDoc} 465 */ 466 public String getTrustStorePinEnvironmentVariable() { 467 return impl.getPropertyValue(INSTANCE.getTrustStorePinEnvironmentVariablePropertyDefinition()); 468 } 469 470 471 472 /** 473 * {@inheritDoc} 474 */ 475 public void setTrustStorePinEnvironmentVariable(String value) { 476 impl.setPropertyValue(INSTANCE.getTrustStorePinEnvironmentVariablePropertyDefinition(), value); 477 } 478 479 480 481 /** 482 * {@inheritDoc} 483 */ 484 public String getTrustStorePinFile() { 485 return impl.getPropertyValue(INSTANCE.getTrustStorePinFilePropertyDefinition()); 486 } 487 488 489 490 /** 491 * {@inheritDoc} 492 */ 493 public void setTrustStorePinFile(String value) { 494 impl.setPropertyValue(INSTANCE.getTrustStorePinFilePropertyDefinition(), value); 495 } 496 497 498 499 /** 500 * {@inheritDoc} 501 */ 502 public String getTrustStorePinProperty() { 503 return impl.getPropertyValue(INSTANCE.getTrustStorePinPropertyPropertyDefinition()); 504 } 505 506 507 508 /** 509 * {@inheritDoc} 510 */ 511 public void setTrustStorePinProperty(String value) { 512 impl.setPropertyValue(INSTANCE.getTrustStorePinPropertyPropertyDefinition(), value); 513 } 514 515 516 517 /** 518 * {@inheritDoc} 519 */ 520 public String getTrustStoreType() { 521 return impl.getPropertyValue(INSTANCE.getTrustStoreTypePropertyDefinition()); 522 } 523 524 525 526 /** 527 * {@inheritDoc} 528 */ 529 public void setTrustStoreType(String value) { 530 impl.setPropertyValue(INSTANCE.getTrustStoreTypePropertyDefinition(), value); 531 } 532 533 534 535 /** 536 * {@inheritDoc} 537 */ 538 public ManagedObjectDefinition<? extends FileBasedTrustManagerProviderCfgClient, ? extends FileBasedTrustManagerProviderCfg> definition() { 539 return INSTANCE; 540 } 541 542 543 544 /** 545 * {@inheritDoc} 546 */ 547 public PropertyProvider properties() { 548 return impl; 549 } 550 551 552 553 /** 554 * {@inheritDoc} 555 */ 556 public void commit() throws ManagedObjectAlreadyExistsException, 557 MissingMandatoryPropertiesException, ConcurrentModificationException, 558 OperationRejectedException, LdapException { 559 impl.commit(); 560 } 561 562 } 563 564 565 566 /** 567 * Managed object server implementation. 568 */ 569 private static class FileBasedTrustManagerProviderCfgServerImpl implements 570 FileBasedTrustManagerProviderCfg { 571 572 // Private implementation. 573 private ServerManagedObject<? extends FileBasedTrustManagerProviderCfg> impl; 574 575 // The value of the "enabled" property. 576 private final boolean pEnabled; 577 578 // The value of the "java-class" property. 579 private final String pJavaClass; 580 581 // The value of the "trust-store-file" property. 582 private final String pTrustStoreFile; 583 584 // The value of the "trust-store-pin" property. 585 private final String pTrustStorePin; 586 587 // The value of the "trust-store-pin-environment-variable" property. 588 private final String pTrustStorePinEnvironmentVariable; 589 590 // The value of the "trust-store-pin-file" property. 591 private final String pTrustStorePinFile; 592 593 // The value of the "trust-store-pin-property" property. 594 private final String pTrustStorePinProperty; 595 596 // The value of the "trust-store-type" property. 597 private final String pTrustStoreType; 598 599 600 601 // Private constructor. 602 private FileBasedTrustManagerProviderCfgServerImpl(ServerManagedObject<? extends FileBasedTrustManagerProviderCfg> impl) { 603 this.impl = impl; 604 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 605 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 606 this.pTrustStoreFile = impl.getPropertyValue(INSTANCE.getTrustStoreFilePropertyDefinition()); 607 this.pTrustStorePin = impl.getPropertyValue(INSTANCE.getTrustStorePinPropertyDefinition()); 608 this.pTrustStorePinEnvironmentVariable = impl.getPropertyValue(INSTANCE.getTrustStorePinEnvironmentVariablePropertyDefinition()); 609 this.pTrustStorePinFile = impl.getPropertyValue(INSTANCE.getTrustStorePinFilePropertyDefinition()); 610 this.pTrustStorePinProperty = impl.getPropertyValue(INSTANCE.getTrustStorePinPropertyPropertyDefinition()); 611 this.pTrustStoreType = impl.getPropertyValue(INSTANCE.getTrustStoreTypePropertyDefinition()); 612 } 613 614 615 616 /** 617 * {@inheritDoc} 618 */ 619 public void addFileBasedChangeListener( 620 ConfigurationChangeListener<FileBasedTrustManagerProviderCfg> listener) { 621 impl.registerChangeListener(listener); 622 } 623 624 625 626 /** 627 * {@inheritDoc} 628 */ 629 public void removeFileBasedChangeListener( 630 ConfigurationChangeListener<FileBasedTrustManagerProviderCfg> listener) { 631 impl.deregisterChangeListener(listener); 632 } 633 /** 634 * {@inheritDoc} 635 */ 636 public void addChangeListener( 637 ConfigurationChangeListener<TrustManagerProviderCfg> listener) { 638 impl.registerChangeListener(listener); 639 } 640 641 642 643 /** 644 * {@inheritDoc} 645 */ 646 public void removeChangeListener( 647 ConfigurationChangeListener<TrustManagerProviderCfg> listener) { 648 impl.deregisterChangeListener(listener); 649 } 650 651 652 653 /** 654 * {@inheritDoc} 655 */ 656 public boolean isEnabled() { 657 return pEnabled; 658 } 659 660 661 662 /** 663 * {@inheritDoc} 664 */ 665 public String getJavaClass() { 666 return pJavaClass; 667 } 668 669 670 671 /** 672 * {@inheritDoc} 673 */ 674 public String getTrustStoreFile() { 675 return pTrustStoreFile; 676 } 677 678 679 680 /** 681 * {@inheritDoc} 682 */ 683 public String getTrustStorePin() { 684 return pTrustStorePin; 685 } 686 687 688 689 /** 690 * {@inheritDoc} 691 */ 692 public String getTrustStorePinEnvironmentVariable() { 693 return pTrustStorePinEnvironmentVariable; 694 } 695 696 697 698 /** 699 * {@inheritDoc} 700 */ 701 public String getTrustStorePinFile() { 702 return pTrustStorePinFile; 703 } 704 705 706 707 /** 708 * {@inheritDoc} 709 */ 710 public String getTrustStorePinProperty() { 711 return pTrustStorePinProperty; 712 } 713 714 715 716 /** 717 * {@inheritDoc} 718 */ 719 public String getTrustStoreType() { 720 return pTrustStoreType; 721 } 722 723 724 725 /** 726 * {@inheritDoc} 727 */ 728 public Class<? extends FileBasedTrustManagerProviderCfg> configurationClass() { 729 return FileBasedTrustManagerProviderCfg.class; 730 } 731 732 733 734 /** 735 * {@inheritDoc} 736 */ 737 public DN dn() { 738 return impl.getDN(); 739 } 740 741 } 742}