001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.forgerock.opendj.server.config.meta; 027 028 029 030import org.forgerock.opendj.config.AdministratorAction; 031import org.forgerock.opendj.config.BooleanPropertyDefinition; 032import org.forgerock.opendj.config.ClassPropertyDefinition; 033import org.forgerock.opendj.config.client.ConcurrentModificationException; 034import org.forgerock.opendj.config.client.ManagedObject; 035import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException; 036import org.forgerock.opendj.config.client.OperationRejectedException; 037import org.forgerock.opendj.config.DefaultBehaviorProvider; 038import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider; 039import org.forgerock.opendj.config.IntegerPropertyDefinition; 040import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException; 041import org.forgerock.opendj.config.ManagedObjectDefinition; 042import org.forgerock.opendj.config.PropertyOption; 043import org.forgerock.opendj.config.PropertyProvider; 044import org.forgerock.opendj.config.server.ConfigurationChangeListener; 045import org.forgerock.opendj.config.server.ServerManagedObject; 046import org.forgerock.opendj.config.Tag; 047import org.forgerock.opendj.ldap.DN; 048import org.forgerock.opendj.ldap.LdapException; 049import org.forgerock.opendj.server.config.client.PBKDF2PasswordStorageSchemeCfgClient; 050import org.forgerock.opendj.server.config.server.PasswordStorageSchemeCfg; 051import org.forgerock.opendj.server.config.server.PBKDF2PasswordStorageSchemeCfg; 052 053 054 055/** 056 * An interface for querying the PBKDF2 Password Storage Scheme 057 * managed object definition meta information. 058 * <p> 059 * The PBKDF2 Password Storage Scheme provides a mechanism for 060 * encoding user passwords using the PBKDF2 message digest algorithm. 061 */ 062public final class PBKDF2PasswordStorageSchemeCfgDefn extends ManagedObjectDefinition<PBKDF2PasswordStorageSchemeCfgClient, PBKDF2PasswordStorageSchemeCfg> { 063 064 /** The singleton configuration definition instance. */ 065 private static final PBKDF2PasswordStorageSchemeCfgDefn INSTANCE = new PBKDF2PasswordStorageSchemeCfgDefn(); 066 067 068 069 /** The "java-class" property definition. */ 070 private static final ClassPropertyDefinition PD_JAVA_CLASS; 071 072 073 074 /** The "pbkdf2-iterations" property definition. */ 075 private static final IntegerPropertyDefinition PD_PBKDF2_ITERATIONS; 076 077 078 079 /** Build the "java-class" property definition. */ 080 static { 081 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 082 builder.setOption(PropertyOption.MANDATORY); 083 builder.setOption(PropertyOption.ADVANCED); 084 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "java-class")); 085 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.PBKDF2PasswordStorageScheme"); 086 builder.setDefaultBehaviorProvider(provider); 087 builder.addInstanceOf("org.opends.server.api.PasswordStorageScheme"); 088 PD_JAVA_CLASS = builder.getInstance(); 089 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 090 } 091 092 093 094 /** Build the "pbkdf2-iterations" property definition. */ 095 static { 096 IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "pbkdf2-iterations"); 097 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "pbkdf2-iterations")); 098 DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("10000"); 099 builder.setDefaultBehaviorProvider(provider); 100 builder.setLowerLimit(1); 101 PD_PBKDF2_ITERATIONS = builder.getInstance(); 102 INSTANCE.registerPropertyDefinition(PD_PBKDF2_ITERATIONS); 103 } 104 105 106 107 // Register the tags associated with this managed object definition. 108 static { 109 INSTANCE.registerTag(Tag.valueOf("user-management")); 110 } 111 112 113 114 /** 115 * Get the PBKDF2 Password Storage Scheme configuration definition 116 * singleton. 117 * 118 * @return Returns the PBKDF2 Password Storage Scheme configuration 119 * definition singleton. 120 */ 121 public static PBKDF2PasswordStorageSchemeCfgDefn getInstance() { 122 return INSTANCE; 123 } 124 125 126 127 /** 128 * Private constructor. 129 */ 130 private PBKDF2PasswordStorageSchemeCfgDefn() { 131 super("pbkdf2-password-storage-scheme", PasswordStorageSchemeCfgDefn.getInstance()); 132 } 133 134 135 136 /** {@inheritDoc} */ 137 public PBKDF2PasswordStorageSchemeCfgClient createClientConfiguration( 138 ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl) { 139 return new PBKDF2PasswordStorageSchemeCfgClientImpl(impl); 140 } 141 142 143 144 /** {@inheritDoc} */ 145 public PBKDF2PasswordStorageSchemeCfg createServerConfiguration( 146 ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl) { 147 return new PBKDF2PasswordStorageSchemeCfgServerImpl(impl); 148 } 149 150 151 152 /** {@inheritDoc} */ 153 public Class<PBKDF2PasswordStorageSchemeCfg> getServerConfigurationClass() { 154 return PBKDF2PasswordStorageSchemeCfg.class; 155 } 156 157 158 159 /** 160 * Get the "enabled" property definition. 161 * <p> 162 * Indicates whether the PBKDF2 Password Storage Scheme is enabled 163 * for use. 164 * 165 * @return Returns the "enabled" property definition. 166 */ 167 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 168 return PasswordStorageSchemeCfgDefn.getInstance().getEnabledPropertyDefinition(); 169 } 170 171 172 173 /** 174 * Get the "java-class" property definition. 175 * <p> 176 * Specifies the fully-qualified name of the Java class that 177 * provides the PBKDF2 Password Storage Scheme implementation. 178 * 179 * @return Returns the "java-class" property definition. 180 */ 181 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 182 return PD_JAVA_CLASS; 183 } 184 185 186 187 /** 188 * Get the "pbkdf2-iterations" property definition. 189 * <p> 190 * The number of algorithm iterations to make. NIST recommends at 191 * least 1000. 192 * 193 * @return Returns the "pbkdf2-iterations" property definition. 194 */ 195 public IntegerPropertyDefinition getPBKDF2IterationsPropertyDefinition() { 196 return PD_PBKDF2_ITERATIONS; 197 } 198 199 200 201 /** 202 * Managed object client implementation. 203 */ 204 private static class PBKDF2PasswordStorageSchemeCfgClientImpl implements 205 PBKDF2PasswordStorageSchemeCfgClient { 206 207 /** Private implementation. */ 208 private ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl; 209 210 211 212 /** Private constructor. */ 213 private PBKDF2PasswordStorageSchemeCfgClientImpl( 214 ManagedObject<? extends PBKDF2PasswordStorageSchemeCfgClient> impl) { 215 this.impl = impl; 216 } 217 218 219 220 /** {@inheritDoc} */ 221 public Boolean isEnabled() { 222 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 223 } 224 225 226 227 /** {@inheritDoc} */ 228 public void setEnabled(boolean value) { 229 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 230 } 231 232 233 234 /** {@inheritDoc} */ 235 public String getJavaClass() { 236 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 237 } 238 239 240 241 /** {@inheritDoc} */ 242 public void setJavaClass(String value) { 243 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 244 } 245 246 247 248 /** {@inheritDoc} */ 249 public int getPBKDF2Iterations() { 250 return impl.getPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition()); 251 } 252 253 254 255 /** {@inheritDoc} */ 256 public void setPBKDF2Iterations(Integer value) { 257 impl.setPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition(), value); 258 } 259 260 261 262 /** {@inheritDoc} */ 263 public ManagedObjectDefinition<? extends PBKDF2PasswordStorageSchemeCfgClient, ? extends PBKDF2PasswordStorageSchemeCfg> definition() { 264 return INSTANCE; 265 } 266 267 268 269 /** {@inheritDoc} */ 270 public PropertyProvider properties() { 271 return impl; 272 } 273 274 275 276 /** {@inheritDoc} */ 277 public void commit() throws ManagedObjectAlreadyExistsException, 278 MissingMandatoryPropertiesException, ConcurrentModificationException, 279 OperationRejectedException, LdapException { 280 impl.commit(); 281 } 282 283 284 285 /** {@inheritDoc} */ 286 public String toString() { 287 return impl.toString(); 288 } 289 } 290 291 292 293 /** 294 * Managed object server implementation. 295 */ 296 private static class PBKDF2PasswordStorageSchemeCfgServerImpl implements 297 PBKDF2PasswordStorageSchemeCfg { 298 299 /** Private implementation. */ 300 private ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl; 301 302 /** The value of the "enabled" property. */ 303 private final boolean pEnabled; 304 305 /** The value of the "java-class" property. */ 306 private final String pJavaClass; 307 308 /** The value of the "pbkdf2-iterations" property. */ 309 private final int pPBKDF2Iterations; 310 311 312 313 /** Private constructor. */ 314 private PBKDF2PasswordStorageSchemeCfgServerImpl(ServerManagedObject<? extends PBKDF2PasswordStorageSchemeCfg> impl) { 315 this.impl = impl; 316 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 317 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 318 this.pPBKDF2Iterations = impl.getPropertyValue(INSTANCE.getPBKDF2IterationsPropertyDefinition()); 319 } 320 321 322 323 /** {@inheritDoc} */ 324 public void addPBKDF2ChangeListener( 325 ConfigurationChangeListener<PBKDF2PasswordStorageSchemeCfg> listener) { 326 impl.registerChangeListener(listener); 327 } 328 329 330 331 /** {@inheritDoc} */ 332 public void removePBKDF2ChangeListener( 333 ConfigurationChangeListener<PBKDF2PasswordStorageSchemeCfg> listener) { 334 impl.deregisterChangeListener(listener); 335 } 336 /** {@inheritDoc} */ 337 public void addChangeListener( 338 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 339 impl.registerChangeListener(listener); 340 } 341 342 343 344 /** {@inheritDoc} */ 345 public void removeChangeListener( 346 ConfigurationChangeListener<PasswordStorageSchemeCfg> listener) { 347 impl.deregisterChangeListener(listener); 348 } 349 350 351 352 /** {@inheritDoc} */ 353 public boolean isEnabled() { 354 return pEnabled; 355 } 356 357 358 359 /** {@inheritDoc} */ 360 public String getJavaClass() { 361 return pJavaClass; 362 } 363 364 365 366 /** {@inheritDoc} */ 367 public int getPBKDF2Iterations() { 368 return pPBKDF2Iterations; 369 } 370 371 372 373 /** {@inheritDoc} */ 374 public Class<? extends PBKDF2PasswordStorageSchemeCfg> configurationClass() { 375 return PBKDF2PasswordStorageSchemeCfg.class; 376 } 377 378 379 380 /** {@inheritDoc} */ 381 public DN dn() { 382 return impl.getDN(); 383 } 384 385 386 387 /** {@inheritDoc} */ 388 public String toString() { 389 return impl.toString(); 390 } 391 } 392}