Source code

001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 * Portions Copyright 2013-2015 ForgeRock AS.
016 */
017package org.opends.server.authorization.dseecompat;
018import static org.opends.messages.AccessControlMessages.*;
019import org.forgerock.i18n.slf4j.LocalizedLogger;
020import org.forgerock.i18n.LocalizableMessage;
021import org.opends.server.core.DirectoryServer;
022
023/**
024 * The AuthMethod class represents an authmethod bind rule keyword expression.
025 */
026public class AuthMethod implements KeywordBindRule {
027
028  private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
029
030
031    /**
032     * Enumeration representing the authentication method.
033     */
034    private EnumAuthMethod authMethod;
035
036    /**
037     * The SASL mechanism if the authentication method is SASL.
038     */
039    private String saslMech;
040
041    /**
042     * Enumeration representing the bind rule operation type.
043     */
044    private EnumBindRuleType type;
045
046    /**
047     * Create a class representing an authmethod bind rule keyword from the
048     * provided method and bind rule type.
049     * @param type An enumeration representing the type of the expression.
050     * @param saslMech The string representation of the SASL Mechanism.
051     * @param method  An Enumeration of the authentication method.
052     */
053    private AuthMethod(EnumAuthMethod method, String saslMech,
054                       EnumBindRuleType type) {
055        this.authMethod=method;
056        this.saslMech = saslMech;
057        this.type=type;
058    }
059
060    /**
061     * Decode a string representing an authmethod bind rule.
062     * @param expr  The string representing the bind rule.
063     * @param type An enumeration representing the bind rule type.
064     * @return  A keyword bind rule class that can be used to evaluate the
065     * bind rule.
066     * @throws AciException If the expression string is invalid.
067     */
068    public static KeywordBindRule decode(String expr, EnumBindRuleType type)
069    throws AciException  {
070      String lowerExpr = expr.toLowerCase();
071      if (lowerExpr.equals("none"))
072      {
073        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_NONE, null, type);
074      }
075      else if (lowerExpr.equals("simple"))
076      {
077        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SIMPLE, null, type);
078      }
079      else if (lowerExpr.equals("ssl"))
080      {
081        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SSL, "EXTERNAL", type);
082      }
083      else if (expr.length() > 5 && lowerExpr.startsWith("sasl "))
084      {
085        String saslMech = expr.substring(5);
086        if (DirectoryServer.getSASLMechanismHandler(saslMech) == null) {
087          logger.info(NOTE_ACI_SYNTAX_DUBIOUS_AUTHMETHOD_SASL_MECHANISM, saslMech);
088        }
089        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SASL, saslMech, type);
090      }
091
092      LocalizableMessage message = WARN_ACI_SYNTAX_INVALID_AUTHMETHOD_EXPRESSION.get(expr);
093      throw new AciException(message);
094    }
095
096    /**
097     * Evaluate authmethod bind rule using the provided evaluation context.
098     * @param evalCtx  An evaluation context to use.
099     * @return  An enumeration evaluation result.
100     */
101    @Override
102    public EnumEvalResult evaluate(AciEvalContext evalCtx) {
103        EnumEvalResult matched =
104             evalCtx.hasAuthenticationMethod(authMethod, saslMech);
105        return matched.getRet(type, false);
106    }
107
108    /** {@inheritDoc} */
109    @Override
110    public String toString()
111    {
112      final StringBuilder sb = new StringBuilder();
113      toString(sb);
114      return sb.toString();
115    }
116
117    /** {@inheritDoc} */
118    @Override
119    public final void toString(StringBuilder buffer)
120    {
121      buffer.append(super.toString());
122    }
123
124}