001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import org.forgerock.opendj.config.AdministratorAction; 031import org.forgerock.opendj.config.BooleanPropertyDefinition; 032import org.forgerock.opendj.config.ClassPropertyDefinition; 033import org.forgerock.opendj.config.client.ConcurrentModificationException; 034import org.forgerock.opendj.config.client.ManagedObject; 035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 036import org.forgerock.opendj.config.client.OperationRejectedException; 037import org.forgerock.opendj.config.DefaultBehaviorProvider; 038import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 039import org.forgerock.opendj.config.EnumPropertyDefinition; 040import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 041import org.forgerock.opendj.config.ManagedObjectDefinition; 042import org.forgerock.opendj.config.PropertyOption; 043import org.forgerock.opendj.config.PropertyProvider; 044import org.forgerock.opendj.config.server.ConfigurationChangeListener; 045import org.forgerock.opendj.config.server.ServerManagedObject; 046import org.forgerock.opendj.config.Tag; 047import org.forgerock.opendj.ldap.DN; 048import org.forgerock.opendj.ldap.LdapException; 049import org.forgerock.opendj.server.config.client.CryptPasswordStorageSchemeCfgClient; 050import org.forgerock.opendj.server.config.server.CryptPasswordStorageSchemeCfg; 051import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 052 053 054 055/** 056 * An interface for querying the Crypt Password Storage Scheme managed 057 * object definition meta information. 058 * <p> 059 * The Crypt Password Storage Scheme provides a mechanism for encoding 060 * user passwords like Unix crypt does. Like on most Unix systems, the 061 * password may be encrypted using different algorithms, either Unix 062 * crypt, md5, sha256 or sha512. 063 */ 064public final class CryptPasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<CryptPasswordStorageSchemeCfgClient, CryptPasswordStorageSchemeCfg> { 065 066 // The singleton configuration definition instance. 067 private static final CryptPasswordStorageSchemeCfgDefn INSTANCE = new CryptPasswordStorageSchemeCfgDefn(); 068 069 070 071 /** 072 * Defines the set of permissable values for the "crypt-password-storage-encryption-algorithm" property. 073 * <p> 074 * Specifies the algorithm to use to encrypt new passwords. 075 * <p> 076 * Select the crypt algorithm to use to encrypt new passwords. The 077 * value can either be "unix", which means the password is encrypted 078 * with the weak Unix crypt algorithm, or "md5" which means the 079 * password is encrypted with the BSD MD5 algorithm and has a $1$ 080 * prefix, or "sha256" which means the password is encrypted with the 081 * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the 082 * password is encrypted with the SHA512 algorithm and has a $6$ 083 * prefix. 084 */ 085 public static enum CryptPasswordStorageEncryptionAlgorithm { 086 087 /** 088 * New passwords are encrypted with the BSD MD5 algorithm. 089 */ 090 MD5("md5"), 091 092 093 094 /** 095 * New passwords are encrypted with the Unix crypt SHA256 096 * algorithm. 097 */ 098 SHA256("sha256"), 099 100 101 102 /** 103 * New passwords are encrypted with the Unix crypt SHA512 104 * algorithm. 105 */ 106 SHA512("sha512"), 107 108 109 110 /** 111 * New passwords are encrypted with the Unix crypt algorithm. 112 * Passwords are truncated at 8 characters and the top bit of each 113 * character is ignored. 114 */ 115 UNIX("unix"); 116 117 118 119 // String representation of the value. 120 private final String name; 121 122 123 124 // Private constructor. 125 private CryptPasswordStorageEncryptionAlgorithm(String name) { this.name = name; } 126 127 128 129 /** 130 * {@inheritDoc} 131 */ 132 public String toString() { return name; } 133 134 } 135 136 137 138 // The "crypt-password-storage-encryption-algorithm" property definition. 139 private static final EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM; 140 141 142 143 // The "java-class" property definition. 144 private static final ClassPropertyDefinition PD_JAVA_CLASS; 145 146 147 148 // Build the "crypt-password-storage-encryption-algorithm" property definition. 149 static { 150 EnumPropertyDefinition.Builder<CryptPasswordStorageEncryptionAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "crypt-password-storage-encryption-algorithm"); 151 builder.setOption(PropertyOption.MANDATORY); 152 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "crypt-password-storage-encryption-algorithm")); 153 DefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm> provider = new DefinedDefaultBehaviorProvider<CryptPasswordStorageEncryptionAlgorithm>("unix"); 154 builder.setDefaultBehaviorProvider(provider); 155 builder.setEnumClass(CryptPasswordStorageEncryptionAlgorithm.class); 156 PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM = builder.getInstance(); 157 INSTANCE.registerPropertyDefinition(PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM); 158 } 159 160 161 162 // Build the "java-class" property definition. 163 static { 164 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 165 builder.setOption(PropertyOption.MANDATORY); 166 builder.setOption(PropertyOption.ADVANCED); 167 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 168 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.CryptPasswordStorageScheme"); 169 builder.setDefaultBehaviorProvider(provider); 170 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 171 PD_JAVA_CLASS = builder.getInstance(); 172 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 173 } 174 175 176 177 // Register the tags associated with this managed object definition. 178 static { 179 INSTANCE.registerTag(Tag.valueOf("user-management")); 180 } 181 182 183 184 /** 185 * Get the Crypt Password Storage Scheme configuration definition 186 * singleton. 187 * 188 * @return Returns the Crypt Password Storage Scheme configuration 189 * definition singleton. 190 */ 191 public static CryptPasswordStorageSchemeCfgDefn getInstance() { 192 return INSTANCE; 193 } 194 195 196 197 /** 198 * Private constructor. 199 */ 200 private CryptPasswordStorageSchemeCfgDefn() { 201 super("crypt-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 202 } 203 204 205 206 /** 207 * {@inheritDoc} 208 */ 209 public CryptPasswordStorageSchemeCfgClient createClientConfiguration( 210 ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) { 211 return new CryptPasswordStorageSchemeCfgClientImpl(impl); 212 } 213 214 215 216 /** 217 * {@inheritDoc} 218 */ 219 public CryptPasswordStorageSchemeCfg createServerConfiguration( 220 ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) { 221 return new CryptPasswordStorageSchemeCfgServerImpl(impl); 222 } 223 224 225 226 /** 227 * {@inheritDoc} 228 */ 229 public Class<CryptPasswordStorageSchemeCfg> getServerConfigurationClass() { 230 return CryptPasswordStorageSchemeCfg.class; 231 } 232 233 234 235 /** 236 * Get the "crypt-password-storage-encryption-algorithm" property definition. 237 * <p> 238 * Specifies the algorithm to use to encrypt new passwords. 239 * <p> 240 * Select the crypt algorithm to use to encrypt new passwords. The 241 * value can either be "unix", which means the password is encrypted 242 * with the weak Unix crypt algorithm, or "md5" which means the 243 * password is encrypted with the BSD MD5 algorithm and has a $1$ 244 * prefix, or "sha256" which means the password is encrypted with the 245 * SHA256 algorithm and has a $5$ prefix, or "sha512" which means the 246 * password is encrypted with the SHA512 algorithm and has a $6$ 247 * prefix. 248 * 249 * @return Returns the "crypt-password-storage-encryption-algorithm" property definition. 250 */ 251 public EnumPropertyDefinition<CryptPasswordStorageEncryptionAlgorithm> getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition() { 252 return PD_CRYPT_PASSWORD_STORAGE_ENCRYPTION_ALGORITHM; 253 } 254 255 256 257 /** 258 * Get the "enabled" property definition. 259 * <p> 260 * Indicates whether the Crypt Password Storage Scheme is enabled 261 * for use. 262 * 263 * @return Returns the "enabled" property definition. 264 */ 265 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 266 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 267 } 268 269 270 271 /** 272 * Get the "java-class" property definition. 273 * <p> 274 * Specifies the fully-qualified name of the Java class that 275 * provides the Crypt Password Storage Scheme implementation. 276 * 277 * @return Returns the "java-class" property definition. 278 */ 279 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 280 return PD_JAVA_CLASS; 281 } 282 283 284 285 /** 286 * Managed object client implementation. 287 */ 288 private static class CryptPasswordStorageSchemeCfgClientImpl implements 289 CryptPasswordStorageSchemeCfgClient { 290 291 // Private implementation. 292 private ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl; 293 294 295 296 // Private constructor. 297 private CryptPasswordStorageSchemeCfgClientImpl( 298 ManagedObject<? extends CryptPasswordStorageSchemeCfgClient> impl) { 299 this.impl = impl; 300 } 301 302 303 304 /** 305 * {@inheritDoc} 306 */ 307 public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() { 308 return impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition()); 309 } 310 311 312 313 /** 314 * {@inheritDoc} 315 */ 316 public void setCryptPasswordStorageEncryptionAlgorithm(CryptPasswordStorageEncryptionAlgorithm value) { 317 impl.setPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition(), value); 318 } 319 320 321 322 /** 323 * {@inheritDoc} 324 */ 325 public Boolean isEnabled() { 326 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 327 } 328 329 330 331 /** 332 * {@inheritDoc} 333 */ 334 public void setEnabled(boolean value) { 335 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 336 } 337 338 339 340 /** 341 * {@inheritDoc} 342 */ 343 public String getJavaClass() { 344 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 345 } 346 347 348 349 /** 350 * {@inheritDoc} 351 */ 352 public void setJavaClass(String value) { 353 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 354 } 355 356 357 358 /** 359 * {@inheritDoc} 360 */ 361 public ManagedObjectDefinition<? extends CryptPasswordStorageSchemeCfgClient, ? extends CryptPasswordStorageSchemeCfg> definition() { 362 return INSTANCE; 363 } 364 365 366 367 /** 368 * {@inheritDoc} 369 */ 370 public PropertyProvider properties() { 371 return impl; 372 } 373 374 375 376 /** 377 * {@inheritDoc} 378 */ 379 public void commit() throws ManagedObjectAlreadyExistsException, 380 MissingMandatoryPropertiesException, ConcurrentModificationException, 381 OperationRejectedException, LdapException { 382 impl.commit(); 383 } 384 385 } 386 387 388 389 /** 390 * Managed object server implementation. 391 */ 392 private static class CryptPasswordStorageSchemeCfgServerImpl implements 393 CryptPasswordStorageSchemeCfg { 394 395 // Private implementation. 396 private ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl; 397 398 // The value of the "crypt-password-storage-encryption-algorithm" property. 399 private final CryptPasswordStorageEncryptionAlgorithm pCryptPasswordStorageEncryptionAlgorithm; 400 401 // The value of the "enabled" property. 402 private final boolean pEnabled; 403 404 // The value of the "java-class" property. 405 private final String pJavaClass; 406 407 408 409 // Private constructor. 410 private CryptPasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends CryptPasswordStorageSchemeCfg> impl) { 411 this.impl = impl; 412 this.pCryptPasswordStorageEncryptionAlgorithm = impl.getPropertyValue(INSTANCE.getCryptPasswordStorageEncryptionAlgorithmPropertyDefinition()); 413 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 414 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 415 } 416 417 418 419 /** 420 * {@inheritDoc} 421 */ 422 public void addCryptChangeListener( 423 ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) { 424 impl.registerChangeListener(listener); 425 } 426 427 428 429 /** 430 * {@inheritDoc} 431 */ 432 public void removeCryptChangeListener( 433 ConfigurationChangeListener<CryptPasswordStorageSchemeCfg> listener) { 434 impl.deregisterChangeListener(listener); 435 } 436 /** 437 * {@inheritDoc} 438 */ 439 public void addChangeListener( 440 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 441 impl.registerChangeListener(listener); 442 } 443 444 445 446 /** 447 * {@inheritDoc} 448 */ 449 public void removeChangeListener( 450 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 451 impl.deregisterChangeListener(listener); 452 } 453 454 455 456 /** 457 * {@inheritDoc} 458 */ 459 public CryptPasswordStorageEncryptionAlgorithm getCryptPasswordStorageEncryptionAlgorithm() { 460 return pCryptPasswordStorageEncryptionAlgorithm; 461 } 462 463 464 465 /** 466 * {@inheritDoc} 467 */ 468 public boolean isEnabled() { 469 return pEnabled; 470 } 471 472 473 474 /** 475 * {@inheritDoc} 476 */ 477 public String getJavaClass() { 478 return pJavaClass; 479 } 480 481 482 483 /** 484 * {@inheritDoc} 485 */ 486 public Class<? extends CryptPasswordStorageSchemeCfg> configurationClass() { 487 return CryptPasswordStorageSchemeCfg.class; 488 } 489 490 491 492 /** 493 * {@inheritDoc} 494 */ 495 public DN dn() { 496 return impl.getDN(); 497 } 498 499 } 500}