001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import org.forgerock.opendj.config.AdministratorAction; 031import org.forgerock.opendj.config.BooleanPropertyDefinition; 032import org.forgerock.opendj.config.ClassPropertyDefinition; 033import org.forgerock.opendj.config.client.ConcurrentModificationException; 034import org.forgerock.opendj.config.client.ManagedObject; 035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 036import org.forgerock.opendj.config.client.OperationRejectedException; 037import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 038import org.forgerock.opendj.config.ManagedObjectDefinition; 039import org.forgerock.opendj.config.PropertyOption; 040import org.forgerock.opendj.config.PropertyProvider; 041import org.forgerock.opendj.config.server.ConfigurationChangeListener; 042import org.forgerock.opendj.config.server.ServerManagedObject; 043import org.forgerock.opendj.config.Tag; 044import org.forgerock.opendj.config.TopCfgDefn; 045import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider; 046import org.forgerock.opendj.ldap.DN; 047import org.forgerock.opendj.ldap.LdapException; 048import org.forgerock.opendj.server.config.client.AccessControlHandlerCfgClient; 049import org.forgerock.opendj.server.config.server.AccessControlHandlerCfg; 050 051 052 053/** 054 * An interface for querying the Access Control Handler managed object 055 * definition meta information. 056 * <p> 057 * Access Control Handlers manage the application-wide access control. 058 * The OpenDJ access control handler is defined through an extensible 059 * interface, so that alternate implementations can be created. Only 060 * one access control handler may be active in the server at any given 061 * time. 062 */ 063public final class AccessControlHandlerCfgDefn extends ManagedObjectDefinition<AccessControlHandlerCfgClient, AccessControlHandlerCfg> { 064 065 // The singleton configuration definition instance. 066 private static final AccessControlHandlerCfgDefn INSTANCE = new AccessControlHandlerCfgDefn(); 067 068 069 070 // The "enabled" property definition. 071 private static final BooleanPropertyDefinition PD_ENABLED; 072 073 074 075 // The "java-class" property definition. 076 private static final ClassPropertyDefinition PD_JAVA_CLASS; 077 078 079 080 // Build the "enabled" property definition. 081 static { 082 BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "enabled"); 083 builder.setOption(PropertyOption.MANDATORY); 084 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "enabled")); 085 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Boolean>()); 086 PD_ENABLED = builder.getInstance(); 087 INSTANCE.registerPropertyDefinition(PD_ENABLED); 088 } 089 090 091 092 // Build the "java-class" property definition. 093 static { 094 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 095 builder.setOption(PropertyOption.MANDATORY); 096 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 097 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 098 builder.addInstanceOf("org.opends.server.api.AccessControlHandler"); 099 PD_JAVA_CLASS = builder.getInstance(); 100 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 101 } 102 103 104 105 // Register the tags associated with this managed object definition. 106 static { 107 INSTANCE.registerTag(Tag.valueOf("security")); 108 } 109 110 111 112 /** 113 * Get the Access Control Handler configuration definition 114 * singleton. 115 * 116 * @return Returns the Access Control Handler configuration 117 * definition singleton. 118 */ 119 public static AccessControlHandlerCfgDefn getInstance() { 120 return INSTANCE; 121 } 122 123 124 125 /** 126 * Private constructor. 127 */ 128 private AccessControlHandlerCfgDefn() { 129 super("access-control-handler", TopCfgDefn.getInstance()); 130 } 131 132 133 134 /** 135 * {@inheritDoc} 136 */ 137 public AccessControlHandlerCfgClient createClientConfiguration( 138 ManagedObject<? extends AccessControlHandlerCfgClient> impl) { 139 return new AccessControlHandlerCfgClientImpl(impl); 140 } 141 142 143 144 /** 145 * {@inheritDoc} 146 */ 147 public AccessControlHandlerCfg createServerConfiguration( 148 ServerManagedObject<? extends AccessControlHandlerCfg> impl) { 149 return new AccessControlHandlerCfgServerImpl(impl); 150 } 151 152 153 154 /** 155 * {@inheritDoc} 156 */ 157 public Class<AccessControlHandlerCfg> getServerConfigurationClass() { 158 return AccessControlHandlerCfg.class; 159 } 160 161 162 163 /** 164 * Get the "enabled" property definition. 165 * <p> 166 * Indicates whether the Access Control Handler is enabled. If set 167 * to FALSE, then no access control is enforced, and any client 168 * (including unauthenticated or anonymous clients) could be allowed 169 * to perform any operation if not subject to other restrictions, 170 * such as those enforced by the privilege subsystem. 171 * 172 * @return Returns the "enabled" property definition. 173 */ 174 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 175 return PD_ENABLED; 176 } 177 178 179 180 /** 181 * Get the "java-class" property definition. 182 * <p> 183 * Specifies the fully-qualified name of the Java class that 184 * provides the Access Control Handler implementation. 185 * 186 * @return Returns the "java-class" property definition. 187 */ 188 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 189 return PD_JAVA_CLASS; 190 } 191 192 193 194 /** 195 * Managed object client implementation. 196 */ 197 private static class AccessControlHandlerCfgClientImpl implements 198 AccessControlHandlerCfgClient { 199 200 // Private implementation. 201 private ManagedObject<? extends AccessControlHandlerCfgClient> impl; 202 203 204 205 // Private constructor. 206 private AccessControlHandlerCfgClientImpl( 207 ManagedObject<? extends AccessControlHandlerCfgClient> impl) { 208 this.impl = impl; 209 } 210 211 212 213 /** 214 * {@inheritDoc} 215 */ 216 public Boolean isEnabled() { 217 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 218 } 219 220 221 222 /** 223 * {@inheritDoc} 224 */ 225 public void setEnabled(boolean value) { 226 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 227 } 228 229 230 231 /** 232 * {@inheritDoc} 233 */ 234 public String getJavaClass() { 235 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 236 } 237 238 239 240 /** 241 * {@inheritDoc} 242 */ 243 public void setJavaClass(String value) { 244 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 245 } 246 247 248 249 /** 250 * {@inheritDoc} 251 */ 252 public ManagedObjectDefinition<? extends AccessControlHandlerCfgClient, ? extends AccessControlHandlerCfg> definition() { 253 return INSTANCE; 254 } 255 256 257 258 /** 259 * {@inheritDoc} 260 */ 261 public PropertyProvider properties() { 262 return impl; 263 } 264 265 266 267 /** 268 * {@inheritDoc} 269 */ 270 public void commit() throws ManagedObjectAlreadyExistsException, 271 MissingMandatoryPropertiesException, ConcurrentModificationException, 272 OperationRejectedException, LdapException { 273 impl.commit(); 274 } 275 276 } 277 278 279 280 /** 281 * Managed object server implementation. 282 */ 283 private static class AccessControlHandlerCfgServerImpl implements 284 AccessControlHandlerCfg { 285 286 // Private implementation. 287 private ServerManagedObject<? extends AccessControlHandlerCfg> impl; 288 289 // The value of the "enabled" property. 290 private final boolean pEnabled; 291 292 // The value of the "java-class" property. 293 private final String pJavaClass; 294 295 296 297 // Private constructor. 298 private AccessControlHandlerCfgServerImpl(ServerManagedObject<? extends AccessControlHandlerCfg> impl) { 299 this.impl = impl; 300 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 301 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 302 } 303 304 305 306 /** 307 * {@inheritDoc} 308 */ 309 public void addChangeListener( 310 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 311 impl.registerChangeListener(listener); 312 } 313 314 315 316 /** 317 * {@inheritDoc} 318 */ 319 public void removeChangeListener( 320 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 321 impl.deregisterChangeListener(listener); 322 } 323 324 325 326 /** 327 * {@inheritDoc} 328 */ 329 public boolean isEnabled() { 330 return pEnabled; 331 } 332 333 334 335 /** 336 * {@inheritDoc} 337 */ 338 public String getJavaClass() { 339 return pJavaClass; 340 } 341 342 343 344 /** 345 * {@inheritDoc} 346 */ 347 public Class<? extends AccessControlHandlerCfg> configurationClass() { 348 return AccessControlHandlerCfg.class; 349 } 350 351 352 353 /** 354 * {@inheritDoc} 355 */ 356 public DN dn() { 357 return impl.getDN(); 358 } 359 360 } 361}