Source code

001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.opends.server.admin.std.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.ldap.DN;
023import org.forgerock.opendj.ldap.schema.AttributeType;
024import org.opends.server.admin.AdministratorAction;
025import org.opends.server.admin.AliasDefaultBehaviorProvider;
026import org.opends.server.admin.AttributeTypePropertyDefinition;
027import org.opends.server.admin.BooleanPropertyDefinition;
028import org.opends.server.admin.ClassPropertyDefinition;
029import org.opends.server.admin.client.AuthorizationException;
030import org.opends.server.admin.client.CommunicationException;
031import org.opends.server.admin.client.ConcurrentModificationException;
032import org.opends.server.admin.client.ManagedObject;
033import org.opends.server.admin.client.MissingMandatoryPropertiesException;
034import org.opends.server.admin.client.OperationRejectedException;
035import org.opends.server.admin.DefaultBehaviorProvider;
036import org.opends.server.admin.DefinedDefaultBehaviorProvider;
037import org.opends.server.admin.DNPropertyDefinition;
038import org.opends.server.admin.EnumPropertyDefinition;
039import org.opends.server.admin.ManagedObjectAlreadyExistsException;
040import org.opends.server.admin.ManagedObjectDefinition;
041import org.opends.server.admin.PropertyOption;
042import org.opends.server.admin.PropertyProvider;
043import org.opends.server.admin.server.ConfigurationChangeListener;
044import org.opends.server.admin.server.ServerManagedObject;
045import org.opends.server.admin.std.client.FingerprintCertificateMapperCfgClient;
046import org.opends.server.admin.std.server.CertificateMapperCfg;
047import org.opends.server.admin.std.server.FingerprintCertificateMapperCfg;
048import org.opends.server.admin.Tag;
049import org.opends.server.admin.UndefinedDefaultBehaviorProvider;
050
051
052
053/**
054 * An interface for querying the Fingerprint Certificate Mapper
055 * managed object definition meta information.
056 * <p>
057 * The Fingerprint Certificate Mapper maps client certificates to user
058 * entries by looking for the MD5 or SHA1 fingerprint in a specified
059 * attribute of user entries.
060 */
061public final class FingerprintCertificateMapperCfgDefn extends ManagedObjectDefinition<FingerprintCertificateMapperCfgClient, FingerprintCertificateMapperCfg> {
062
063  // The singleton configuration definition instance.
064  private static final FingerprintCertificateMapperCfgDefn INSTANCE = new FingerprintCertificateMapperCfgDefn();
065
066
067
068  /**
069   * Defines the set of permissable values for the "fingerprint-algorithm" property.
070   * <p>
071   * Specifies the name of the digest algorithm to compute the
072   * fingerprint of client certificates.
073   */
074  public static enum FingerprintAlgorithm {
075
076    /**
077     * Use the MD5 digest algorithm to compute certificate
078     * fingerprints.
079     */
080    MD5("md5"),
081
082
083
084    /**
085     * Use the SHA-1 digest algorithm to compute certificate
086     * fingerprints.
087     */
088    SHA1("sha1");
089
090
091
092    // String representation of the value.
093    private final String name;
094
095
096
097    // Private constructor.
098    private FingerprintAlgorithm(String name) { this.name = name; }
099
100
101
102    /**
103     * {@inheritDoc}
104     */
105    public String toString() { return name; }
106
107  }
108
109
110
111  // The "fingerprint-algorithm" property definition.
112  private static final EnumPropertyDefinition<FingerprintAlgorithm> PD_FINGERPRINT_ALGORITHM;
113
114
115
116  // The "fingerprint-attribute" property definition.
117  private static final AttributeTypePropertyDefinition PD_FINGERPRINT_ATTRIBUTE;
118
119
120
121  // The "java-class" property definition.
122  private static final ClassPropertyDefinition PD_JAVA_CLASS;
123
124
125
126  // The "user-base-dn" property definition.
127  private static final DNPropertyDefinition PD_USER_BASE_DN;
128
129
130
131  // Build the "fingerprint-algorithm" property definition.
132  static {
133      EnumPropertyDefinition.Builder<FingerprintAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "fingerprint-algorithm");
134      builder.setOption(PropertyOption.MANDATORY);
135      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "fingerprint-algorithm"));
136      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<FingerprintAlgorithm>());
137      builder.setEnumClass(FingerprintAlgorithm.class);
138      PD_FINGERPRINT_ALGORITHM = builder.getInstance();
139      INSTANCE.registerPropertyDefinition(PD_FINGERPRINT_ALGORITHM);
140  }
141
142
143
144  // Build the "fingerprint-attribute" property definition.
145  static {
146      AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "fingerprint-attribute");
147      builder.setOption(PropertyOption.MANDATORY);
148      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "fingerprint-attribute"));
149      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
150      PD_FINGERPRINT_ATTRIBUTE = builder.getInstance();
151      INSTANCE.registerPropertyDefinition(PD_FINGERPRINT_ATTRIBUTE);
152  }
153
154
155
156  // Build the "java-class" property definition.
157  static {
158      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
159      builder.setOption(PropertyOption.MANDATORY);
160      builder.setOption(PropertyOption.ADVANCED);
161      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
162      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.FingerprintCertificateMapper");
163      builder.setDefaultBehaviorProvider(provider);
164      builder.addInstanceOf("org.opends.server.api.CertificateMapper");
165      PD_JAVA_CLASS = builder.getInstance();
166      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
167  }
168
169
170
171  // Build the "user-base-dn" property definition.
172  static {
173      DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn");
174      builder.setOption(PropertyOption.MULTI_VALUED);
175      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn"));
176      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn"));
177      PD_USER_BASE_DN = builder.getInstance();
178      INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN);
179  }
180
181
182
183  // Register the tags associated with this managed object definition.
184  static {
185    INSTANCE.registerTag(Tag.valueOf("security"));
186    INSTANCE.registerTag(Tag.valueOf("user-management"));
187  }
188
189
190
191  /**
192   * Get the Fingerprint Certificate Mapper configuration definition
193   * singleton.
194   *
195   * @return Returns the Fingerprint Certificate Mapper configuration
196   *         definition singleton.
197   */
198  public static FingerprintCertificateMapperCfgDefn getInstance() {
199    return INSTANCE;
200  }
201
202
203
204  /**
205   * Private constructor.
206   */
207  private FingerprintCertificateMapperCfgDefn() {
208    super("fingerprint-certificate-mapper", CertificateMapperCfgDefn.getInstance());
209  }
210
211
212
213  /**
214   * {@inheritDoc}
215   */
216  public FingerprintCertificateMapperCfgClient createClientConfiguration(
217      ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl) {
218    return new FingerprintCertificateMapperCfgClientImpl(impl);
219  }
220
221
222
223  /**
224   * {@inheritDoc}
225   */
226  public FingerprintCertificateMapperCfg createServerConfiguration(
227      ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl) {
228    return new FingerprintCertificateMapperCfgServerImpl(impl);
229  }
230
231
232
233  /**
234   * {@inheritDoc}
235   */
236  public Class<FingerprintCertificateMapperCfg> getServerConfigurationClass() {
237    return FingerprintCertificateMapperCfg.class;
238  }
239
240
241
242  /**
243   * Get the "enabled" property definition.
244   * <p>
245   * Indicates whether the Fingerprint Certificate Mapper is enabled.
246   *
247   * @return Returns the "enabled" property definition.
248   */
249  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
250    return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition();
251  }
252
253
254
255  /**
256   * Get the "fingerprint-algorithm" property definition.
257   * <p>
258   * Specifies the name of the digest algorithm to compute the
259   * fingerprint of client certificates.
260   *
261   * @return Returns the "fingerprint-algorithm" property definition.
262   */
263  public EnumPropertyDefinition<FingerprintAlgorithm> getFingerprintAlgorithmPropertyDefinition() {
264    return PD_FINGERPRINT_ALGORITHM;
265  }
266
267
268
269  /**
270   * Get the "fingerprint-attribute" property definition.
271   * <p>
272   * Specifies the attribute in which to look for the fingerprint.
273   * <p>
274   * Values of the fingerprint attribute should exactly match the MD5
275   * or SHA1 representation of the certificate fingerprint.
276   *
277   * @return Returns the "fingerprint-attribute" property definition.
278   */
279  public AttributeTypePropertyDefinition getFingerprintAttributePropertyDefinition() {
280    return PD_FINGERPRINT_ATTRIBUTE;
281  }
282
283
284
285  /**
286   * Get the "java-class" property definition.
287   * <p>
288   * Specifies the fully-qualified name of the Java class that
289   * provides the Fingerprint Certificate Mapper implementation.
290   *
291   * @return Returns the "java-class" property definition.
292   */
293  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
294    return PD_JAVA_CLASS;
295  }
296
297
298
299  /**
300   * Get the "user-base-dn" property definition.
301   * <p>
302   * Specifies the set of base DNs below which to search for users.
303   * <p>
304   * The base DNs are used when performing searches to map the client
305   * certificates to a user entry.
306   *
307   * @return Returns the "user-base-dn" property definition.
308   */
309  public DNPropertyDefinition getUserBaseDNPropertyDefinition() {
310    return PD_USER_BASE_DN;
311  }
312
313
314
315  /**
316   * Managed object client implementation.
317   */
318  private static class FingerprintCertificateMapperCfgClientImpl implements
319    FingerprintCertificateMapperCfgClient {
320
321    // Private implementation.
322    private ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl;
323
324
325
326    // Private constructor.
327    private FingerprintCertificateMapperCfgClientImpl(
328        ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl) {
329      this.impl = impl;
330    }
331
332
333
334    /**
335     * {@inheritDoc}
336     */
337    public Boolean isEnabled() {
338      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
339    }
340
341
342
343    /**
344     * {@inheritDoc}
345     */
346    public void setEnabled(boolean value) {
347      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
348    }
349
350
351
352    /**
353     * {@inheritDoc}
354     */
355    public FingerprintAlgorithm getFingerprintAlgorithm() {
356      return impl.getPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition());
357    }
358
359
360
361    /**
362     * {@inheritDoc}
363     */
364    public void setFingerprintAlgorithm(FingerprintAlgorithm value) {
365      impl.setPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition(), value);
366    }
367
368
369
370    /**
371     * {@inheritDoc}
372     */
373    public AttributeType getFingerprintAttribute() {
374      return impl.getPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition());
375    }
376
377
378
379    /**
380     * {@inheritDoc}
381     */
382    public void setFingerprintAttribute(AttributeType value) {
383      impl.setPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition(), value);
384    }
385
386
387
388    /**
389     * {@inheritDoc}
390     */
391    public String getJavaClass() {
392      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
393    }
394
395
396
397    /**
398     * {@inheritDoc}
399     */
400    public void setJavaClass(String value) {
401      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
402    }
403
404
405
406    /**
407     * {@inheritDoc}
408     */
409    public SortedSet<DN> getUserBaseDN() {
410      return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
411    }
412
413
414
415    /**
416     * {@inheritDoc}
417     */
418    public void setUserBaseDN(Collection<DN> values) {
419      impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values);
420    }
421
422
423
424    /**
425     * {@inheritDoc}
426     */
427    public ManagedObjectDefinition<? extends FingerprintCertificateMapperCfgClient, ? extends FingerprintCertificateMapperCfg> definition() {
428      return INSTANCE;
429    }
430
431
432
433    /**
434     * {@inheritDoc}
435     */
436    public PropertyProvider properties() {
437      return impl;
438    }
439
440
441
442    /**
443     * {@inheritDoc}
444     */
445    public void commit() throws ManagedObjectAlreadyExistsException,
446        MissingMandatoryPropertiesException, ConcurrentModificationException,
447        OperationRejectedException, AuthorizationException,
448        CommunicationException {
449      impl.commit();
450    }
451
452
453
454    /** {@inheritDoc} */
455    public String toString() {
456      return impl.toString();
457    }
458  }
459
460
461
462  /**
463   * Managed object server implementation.
464   */
465  private static class FingerprintCertificateMapperCfgServerImpl implements
466    FingerprintCertificateMapperCfg {
467
468    // Private implementation.
469    private ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl;
470
471    // The value of the "enabled" property.
472    private final boolean pEnabled;
473
474    // The value of the "fingerprint-algorithm" property.
475    private final FingerprintAlgorithm pFingerprintAlgorithm;
476
477    // The value of the "fingerprint-attribute" property.
478    private final AttributeType pFingerprintAttribute;
479
480    // The value of the "java-class" property.
481    private final String pJavaClass;
482
483    // The value of the "user-base-dn" property.
484    private final SortedSet<DN> pUserBaseDN;
485
486
487
488    // Private constructor.
489    private FingerprintCertificateMapperCfgServerImpl(ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl) {
490      this.impl = impl;
491      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
492      this.pFingerprintAlgorithm = impl.getPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition());
493      this.pFingerprintAttribute = impl.getPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition());
494      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
495      this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
496    }
497
498
499
500    /**
501     * {@inheritDoc}
502     */
503    public void addFingerprintChangeListener(
504        ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener) {
505      impl.registerChangeListener(listener);
506    }
507
508
509
510    /**
511     * {@inheritDoc}
512     */
513    public void removeFingerprintChangeListener(
514        ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener) {
515      impl.deregisterChangeListener(listener);
516    }
517    /**
518     * {@inheritDoc}
519     */
520    public void addChangeListener(
521        ConfigurationChangeListener<CertificateMapperCfg> listener) {
522      impl.registerChangeListener(listener);
523    }
524
525
526
527    /**
528     * {@inheritDoc}
529     */
530    public void removeChangeListener(
531        ConfigurationChangeListener<CertificateMapperCfg> listener) {
532      impl.deregisterChangeListener(listener);
533    }
534
535
536
537    /**
538     * {@inheritDoc}
539     */
540    public boolean isEnabled() {
541      return pEnabled;
542    }
543
544
545
546    /**
547     * {@inheritDoc}
548     */
549    public FingerprintAlgorithm getFingerprintAlgorithm() {
550      return pFingerprintAlgorithm;
551    }
552
553
554
555    /**
556     * {@inheritDoc}
557     */
558    public AttributeType getFingerprintAttribute() {
559      return pFingerprintAttribute;
560    }
561
562
563
564    /**
565     * {@inheritDoc}
566     */
567    public String getJavaClass() {
568      return pJavaClass;
569    }
570
571
572
573    /**
574     * {@inheritDoc}
575     */
576    public SortedSet<DN> getUserBaseDN() {
577      return pUserBaseDN;
578    }
579
580
581
582    /**
583     * {@inheritDoc}
584     */
585    public Class<? extends FingerprintCertificateMapperCfg> configurationClass() {
586      return FingerprintCertificateMapperCfg.class;
587    }
588
589
590
591    /**
592     * {@inheritDoc}
593     */
594    public DN dn() {
595      return impl.getDN();
596    }
597
598
599
600    /** {@inheritDoc} */
601    public String toString() {
602      return impl.toString();
603    }
604  }
605}