001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import java.util.Collection;
031import java.util.SortedSet;
032import org.forgerock.opendj.config.AdministratorAction;
033import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
034import org.forgerock.opendj.config.AttributeTypePropertyDefinition;
035import org.forgerock.opendj.config.BooleanPropertyDefinition;
036import org.forgerock.opendj.config.ClassPropertyDefinition;
037import org.forgerock.opendj.config.client.ConcurrentModificationException;
038import org.forgerock.opendj.config.client.ManagedObject;
039import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
040import org.forgerock.opendj.config.client.OperationRejectedException;
041import org.forgerock.opendj.config.DefaultBehaviorProvider;
042import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
043import org.forgerock.opendj.config.DNPropertyDefinition;
044import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
045import org.forgerock.opendj.config.ManagedObjectDefinition;
046import org.forgerock.opendj.config.PropertyOption;
047import org.forgerock.opendj.config.PropertyProvider;
048import org.forgerock.opendj.config.server.ConfigurationChangeListener;
049import org.forgerock.opendj.config.server.ServerManagedObject;
050import org.forgerock.opendj.config.Tag;
051import org.forgerock.opendj.config.UndefinedDefaultBehaviorProvider;
052import org.forgerock.opendj.ldap.DN;
053import org.forgerock.opendj.ldap.LdapException;
054import org.forgerock.opendj.ldap.schema.AttributeType;
055import org.forgerock.opendj.server.config.client.SubjectDNToUserAttributeCertificateMapperCfgClient;
056import org.forgerock.opendj.server.config.server.CertificateMapperCfg;
057import org.forgerock.opendj.server.config.server.SubjectDNToUserAttributeCertificateMapperCfg;
058
059
060
061/**
062 * An interface for querying the Subject DN To User Attribute
063 * Certificate Mapper managed object definition meta information.
064 * <p>
065 * The Subject DN To User Attribute Certificate Mapper maps client
066 * certificates to user entries by looking for the certificate subject
067 * DN in a specified attribute of user entries.
068 */
069public final class SubjectDNToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectDNToUserAttributeCertificateMapperCfgClient, SubjectDNToUserAttributeCertificateMapperCfg> {
070
071  // The singleton configuration definition instance.
072  private static final SubjectDNToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectDNToUserAttributeCertificateMapperCfgDefn();
073
074
075
076  // The "java-class" property definition.
077  private static final ClassPropertyDefinition PD_JAVA_CLASS;
078
079
080
081  // The "subject-attribute" property definition.
082  private static final AttributeTypePropertyDefinition PD_SUBJECT_ATTRIBUTE;
083
084
085
086  // The "user-base-dn" property definition.
087  private static final DNPropertyDefinition PD_USER_BASE_DN;
088
089
090
091  // Build the "java-class" property definition.
092  static {
093      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
094      builder.setOption(PropertyOption.MANDATORY);
095      builder.setOption(PropertyOption.ADVANCED);
096      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
097      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper");
098      builder.setDefaultBehaviorProvider(provider);
099      builder.addInstanceOf("org.opends.server.api.CertificateMapper");
100      PD_JAVA_CLASS = builder.getInstance();
101      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
102  }
103
104
105
106  // Build the "subject-attribute" property definition.
107  static {
108      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "subject-attribute");
109      builder.setOption(PropertyOption.MANDATORY);
110      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute"));
111      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
112      PD_SUBJECT_ATTRIBUTE = builder.getInstance();
113      INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE);
114  }
115
116
117
118  // Build the "user-base-dn" property definition.
119  static {
120      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn");
121      builder.setOption(PropertyOption.MULTI_VALUED);
122      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn"));
123      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn"));
124      PD_USER_BASE_DN = builder.getInstance();
125      INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN);
126  }
127
128
129
130  // Register the tags associated with this managed object definition.
131  static {
132    INSTANCE.registerTag(Tag.valueOf("security"));
133    INSTANCE.registerTag(Tag.valueOf("user-management"));
134  }
135
136
137
138  /**
139   * Get the Subject DN To User Attribute Certificate Mapper
140   * configuration definition singleton.
141   *
142   * @return Returns the Subject DN To User Attribute Certificate
143   *         Mapper configuration definition singleton.
144   */
145  public static SubjectDNToUserAttributeCertificateMapperCfgDefn getInstance() {
146    return INSTANCE;
147  }
148
149
150
151  /**
152   * Private constructor.
153   */
154  private SubjectDNToUserAttributeCertificateMapperCfgDefn() {
155    super("subject-dn-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance());
156  }
157
158
159
160  /**
161   * {@inheritDoc}
162   */
163  public SubjectDNToUserAttributeCertificateMapperCfgClient createClientConfiguration(
164      ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) {
165    return new SubjectDNToUserAttributeCertificateMapperCfgClientImpl(impl);
166  }
167
168
169
170  /**
171   * {@inheritDoc}
172   */
173  public SubjectDNToUserAttributeCertificateMapperCfg createServerConfiguration(
174      ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) {
175    return new SubjectDNToUserAttributeCertificateMapperCfgServerImpl(impl);
176  }
177
178
179
180  /**
181   * {@inheritDoc}
182   */
183  public Class<SubjectDNToUserAttributeCertificateMapperCfg> getServerConfigurationClass() {
184    return SubjectDNToUserAttributeCertificateMapperCfg.class;
185  }
186
187
188
189  /**
190   * Get the "enabled" property definition.
191   * <p>
192   * Indicates whether the Subject DN To User Attribute Certificate
193   * Mapper is enabled.
194   *
195   * @return Returns the "enabled" property definition.
196   */
197  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
198    return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition();
199  }
200
201
202
203  /**
204   * Get the "java-class" property definition.
205   * <p>
206   * Specifies the fully-qualified name of the Java class that
207   * provides the Subject DN To User Attribute Certificate Mapper
208   * implementation.
209   *
210   * @return Returns the "java-class" property definition.
211   */
212  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
213    return PD_JAVA_CLASS;
214  }
215
216
217
218  /**
219   * Get the "subject-attribute" property definition.
220   * <p>
221   * Specifies the name or OID of the attribute whose value should
222   * exactly match the certificate subject DN.
223   *
224   * @return Returns the "subject-attribute" property definition.
225   */
226  public AttributeTypePropertyDefinition getSubjectAttributePropertyDefinition() {
227    return PD_SUBJECT_ATTRIBUTE;
228  }
229
230
231
232  /**
233   * Get the "user-base-dn" property definition.
234   * <p>
235   * Specifies the base DNs that should be used when performing
236   * searches to map the client certificate to a user entry.
237   *
238   * @return Returns the "user-base-dn" property definition.
239   */
240  public DNPropertyDefinition getUserBaseDNPropertyDefinition() {
241    return PD_USER_BASE_DN;
242  }
243
244
245
246  /**
247   * Managed object client implementation.
248   */
249  private static class SubjectDNToUserAttributeCertificateMapperCfgClientImpl implements
250    SubjectDNToUserAttributeCertificateMapperCfgClient {
251
252    // Private implementation.
253    private ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl;
254
255
256
257    // Private constructor.
258    private SubjectDNToUserAttributeCertificateMapperCfgClientImpl(
259        ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) {
260      this.impl = impl;
261    }
262
263
264
265    /**
266     * {@inheritDoc}
267     */
268    public Boolean isEnabled() {
269      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
270    }
271
272
273
274    /**
275     * {@inheritDoc}
276     */
277    public void setEnabled(boolean value) {
278      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
279    }
280
281
282
283    /**
284     * {@inheritDoc}
285     */
286    public String getJavaClass() {
287      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
288    }
289
290
291
292    /**
293     * {@inheritDoc}
294     */
295    public void setJavaClass(String value) {
296      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
297    }
298
299
300
301    /**
302     * {@inheritDoc}
303     */
304    public AttributeType getSubjectAttribute() {
305      return impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition());
306    }
307
308
309
310    /**
311     * {@inheritDoc}
312     */
313    public void setSubjectAttribute(AttributeType value) {
314      impl.setPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition(), value);
315    }
316
317
318
319    /**
320     * {@inheritDoc}
321     */
322    public SortedSet<DN> getUserBaseDN() {
323      return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
324    }
325
326
327
328    /**
329     * {@inheritDoc}
330     */
331    public void setUserBaseDN(Collection<DN> values) {
332      impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values);
333    }
334
335
336
337    /**
338     * {@inheritDoc}
339     */
340    public ManagedObjectDefinition<? extends SubjectDNToUserAttributeCertificateMapperCfgClient, ? extends SubjectDNToUserAttributeCertificateMapperCfg> definition() {
341      return INSTANCE;
342    }
343
344
345
346    /**
347     * {@inheritDoc}
348     */
349    public PropertyProvider properties() {
350      return impl;
351    }
352
353
354
355    /**
356     * {@inheritDoc}
357     */
358    public void commit() throws ManagedObjectAlreadyExistsException,
359        MissingMandatoryPropertiesException, ConcurrentModificationException,
360        OperationRejectedException, LdapException {
361      impl.commit();
362    }
363
364  }
365
366
367
368  /**
369   * Managed object server implementation.
370   */
371  private static class SubjectDNToUserAttributeCertificateMapperCfgServerImpl implements
372    SubjectDNToUserAttributeCertificateMapperCfg {
373
374    // Private implementation.
375    private ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl;
376
377    // The value of the "enabled" property.
378    private final boolean pEnabled;
379
380    // The value of the "java-class" property.
381    private final String pJavaClass;
382
383    // The value of the "subject-attribute" property.
384    private final AttributeType pSubjectAttribute;
385
386    // The value of the "user-base-dn" property.
387    private final SortedSet<DN> pUserBaseDN;
388
389
390
391    // Private constructor.
392    private SubjectDNToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) {
393      this.impl = impl;
394      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
395      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
396      this.pSubjectAttribute = impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition());
397      this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
398    }
399
400
401
402    /**
403     * {@inheritDoc}
404     */
405    public void addSubjectDNToUserAttributeChangeListener(
406        ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) {
407      impl.registerChangeListener(listener);
408    }
409
410
411
412    /**
413     * {@inheritDoc}
414     */
415    public void removeSubjectDNToUserAttributeChangeListener(
416        ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) {
417      impl.deregisterChangeListener(listener);
418    }
419    /**
420     * {@inheritDoc}
421     */
422    public void addChangeListener(
423        ConfigurationChangeListener<CertificateMapperCfg> listener) {
424      impl.registerChangeListener(listener);
425    }
426
427
428
429    /**
430     * {@inheritDoc}
431     */
432    public void removeChangeListener(
433        ConfigurationChangeListener<CertificateMapperCfg> listener) {
434      impl.deregisterChangeListener(listener);
435    }
436
437
438
439    /**
440     * {@inheritDoc}
441     */
442    public boolean isEnabled() {
443      return pEnabled;
444    }
445
446
447
448    /**
449     * {@inheritDoc}
450     */
451    public String getJavaClass() {
452      return pJavaClass;
453    }
454
455
456
457    /**
458     * {@inheritDoc}
459     */
460    public AttributeType getSubjectAttribute() {
461      return pSubjectAttribute;
462    }
463
464
465
466    /**
467     * {@inheritDoc}
468     */
469    public SortedSet<DN> getUserBaseDN() {
470      return pUserBaseDN;
471    }
472
473
474
475    /**
476     * {@inheritDoc}
477     */
478    public Class<? extends SubjectDNToUserAttributeCertificateMapperCfg> configurationClass() {
479      return SubjectDNToUserAttributeCertificateMapperCfg.class;
480    }
481
482
483
484    /**
485     * {@inheritDoc}
486     */
487    public DN dn() {
488      return impl.getDN();
489    }
490
491  }
492}