Source code

001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2015 ForgeRock AS.
016 */
017package org.opends.server.types;
018
019
020
021/**
022 * This enumeration defines a policy that indicates how the server
023 * should deal with SSL/TLS-based client connections.  It is used to
024 * determine whether the server should request that clients provide
025 * their own certificates, and whether or not to accept client
026 * connections in which the client did not provide a certificate.
027 */
028@org.opends.server.types.PublicAPI(
029     stability=org.opends.server.types.StabilityLevel.UNCOMMITTED,
030     mayInstantiate=false,
031     mayExtend=false,
032     mayInvoke=true)
033public enum SSLClientAuthPolicy
034{
035  /**
036   * Indicates that the server will not request a certificate from the
037   * client.
038   */
039  DISABLED("Disabled"),
040
041
042
043  /**
044   * Indicates that the server will request a certificate from the
045   * client but will not require that one be provided.
046   */
047  OPTIONAL("Optional"),
048
049
050
051  /**
052   * Indicates that the server will request a certificate from the
053   * client and will reject any connection attempt in which the client
054   * did not provide one.
055   */
056  REQUIRED("Required");
057
058
059
060  /** The human-readable name for this policy. */
061  private String policyName;
062
063
064
065  /**
066   * Creates a new SSL client auth policy with the provided name.
067   *
068   * @param  policyName  The human-readable name for this policy.
069   */
070  private SSLClientAuthPolicy(String policyName)
071  {
072    this.policyName = policyName;
073  }
074
075
076
077  /**
078   * Retrieves the SSL client authentication policy for the specified
079   * name.
080   *
081   * @param  policyName  The name of the SSL client authentication
082   *                     policy to retrieve.
083   *
084   * @return  The requested SSL client authentication policy, or
085   *          <CODE>null</CODE> if the provided value is not the name
086   *          of a valid client authentication policy.
087   */
088  public static SSLClientAuthPolicy policyForName(String policyName)
089  {
090    String lowerName = policyName.toLowerCase();
091    if (lowerName.equals("disabled") || lowerName.equals("off") ||
092        lowerName.equals("never"))
093    {
094      return SSLClientAuthPolicy.DISABLED;
095    }
096    else if (lowerName.equals("optional") ||
097             lowerName.equals("allowed"))
098    {
099      return SSLClientAuthPolicy.OPTIONAL;
100    }
101    else if (lowerName.equals("required") ||
102             lowerName.equals("on") ||
103             lowerName.equals("always"))
104    {
105      return SSLClientAuthPolicy.REQUIRED;
106    }
107    else
108    {
109      return null;
110    }
111  }
112
113
114
115  /**
116   * Retrieves the human-readable name for this SSL client auth
117   * policy.
118   *
119   * @return  The human-readable name for this SSL client auth policy.
120   */
121  public String toString()
122  {
123    return policyName;
124  }
125}
126