001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.admin.std.meta;
028
029
030
031 import java.util.Collection;
032 import java.util.SortedSet;
033 import org.opends.server.admin.AdministratorAction;
034 import org.opends.server.admin.AliasDefaultBehaviorProvider;
035 import org.opends.server.admin.AttributeTypePropertyDefinition;
036 import org.opends.server.admin.BooleanPropertyDefinition;
037 import org.opends.server.admin.ClassPropertyDefinition;
038 import org.opends.server.admin.client.AuthorizationException;
039 import org.opends.server.admin.client.CommunicationException;
040 import org.opends.server.admin.client.ConcurrentModificationException;
041 import org.opends.server.admin.client.ManagedObject;
042 import org.opends.server.admin.client.MissingMandatoryPropertiesException;
043 import org.opends.server.admin.client.OperationRejectedException;
044 import org.opends.server.admin.DefaultBehaviorProvider;
045 import org.opends.server.admin.DefinedDefaultBehaviorProvider;
046 import org.opends.server.admin.DNPropertyDefinition;
047 import org.opends.server.admin.EnumPropertyDefinition;
048 import org.opends.server.admin.ManagedObjectAlreadyExistsException;
049 import org.opends.server.admin.ManagedObjectDefinition;
050 import org.opends.server.admin.PropertyOption;
051 import org.opends.server.admin.PropertyProvider;
052 import org.opends.server.admin.server.ConfigurationChangeListener;
053 import org.opends.server.admin.server.ServerManagedObject;
054 import org.opends.server.admin.std.client.FingerprintCertificateMapperCfgClient;
055 import org.opends.server.admin.std.server.CertificateMapperCfg;
056 import org.opends.server.admin.std.server.FingerprintCertificateMapperCfg;
057 import org.opends.server.admin.Tag;
058 import org.opends.server.admin.UndefinedDefaultBehaviorProvider;
059 import org.opends.server.types.AttributeType;
060 import org.opends.server.types.DN;
061
062
063
064 /**
065 * An interface for querying the Fingerprint Certificate Mapper
066 * managed object definition meta information.
067 * <p>
068 * The Fingerprint Certificate Mapper maps client certificates to user
069 * entries by looking for the MD5 or SHA1 fingerprint in a specified
070 * attribute of user entries.
071 */
072 public final class FingerprintCertificateMapperCfgDefn extends ManagedObjectDefinition<FingerprintCertificateMapperCfgClient, FingerprintCertificateMapperCfg> {
073
074 // The singleton configuration definition instance.
075 private static final FingerprintCertificateMapperCfgDefn INSTANCE = new FingerprintCertificateMapperCfgDefn();
076
077
078
079 /**
080 * Defines the set of permissable values for the "fingerprint-algorithm" property.
081 * <p>
082 * Specifies the name of the digest algorithm to compute the
083 * fingerprint of client certificates.
084 */
085 public static enum FingerprintAlgorithm {
086
087 /**
088 * Use the MD5 digest algorithm to compute certificate
089 * fingerprints.
090 */
091 MD5("md5"),
092
093
094
095 /**
096 * Use the SHA-1 digest algorithm to compute certificate
097 * fingerprints.
098 */
099 SHA1("sha1");
100
101
102
103 // String representation of the value.
104 private final String name;
105
106
107
108 // Private constructor.
109 private FingerprintAlgorithm(String name) { this.name = name; }
110
111
112
113 /**
114 * {@inheritDoc}
115 */
116 public String toString() { return name; }
117
118 }
119
120
121
122 // The "fingerprint-algorithm" property definition.
123 private static final EnumPropertyDefinition<FingerprintAlgorithm> PD_FINGERPRINT_ALGORITHM;
124
125
126
127 // The "fingerprint-attribute" property definition.
128 private static final AttributeTypePropertyDefinition PD_FINGERPRINT_ATTRIBUTE;
129
130
131
132 // The "java-class" property definition.
133 private static final ClassPropertyDefinition PD_JAVA_CLASS;
134
135
136
137 // The "user-base-dn" property definition.
138 private static final DNPropertyDefinition PD_USER_BASE_DN;
139
140
141
142 // Build the "fingerprint-algorithm" property definition.
143 static {
144 EnumPropertyDefinition.Builder<FingerprintAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "fingerprint-algorithm");
145 builder.setOption(PropertyOption.MANDATORY);
146 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "fingerprint-algorithm"));
147 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<FingerprintAlgorithm>());
148 builder.setEnumClass(FingerprintAlgorithm.class);
149 PD_FINGERPRINT_ALGORITHM = builder.getInstance();
150 INSTANCE.registerPropertyDefinition(PD_FINGERPRINT_ALGORITHM);
151 }
152
153
154
155 // Build the "fingerprint-attribute" property definition.
156 static {
157 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "fingerprint-attribute");
158 builder.setOption(PropertyOption.MANDATORY);
159 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "fingerprint-attribute"));
160 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
161 PD_FINGERPRINT_ATTRIBUTE = builder.getInstance();
162 INSTANCE.registerPropertyDefinition(PD_FINGERPRINT_ATTRIBUTE);
163 }
164
165
166
167 // Build the "java-class" property definition.
168 static {
169 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
170 builder.setOption(PropertyOption.MANDATORY);
171 builder.setOption(PropertyOption.ADVANCED);
172 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
173 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.FingerprintCertificateMapper");
174 builder.setDefaultBehaviorProvider(provider);
175 builder.addInstanceOf("org.opends.server.api.CertificateMapper");
176 PD_JAVA_CLASS = builder.getInstance();
177 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
178 }
179
180
181
182 // Build the "user-base-dn" property definition.
183 static {
184 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn");
185 builder.setOption(PropertyOption.MULTI_VALUED);
186 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn"));
187 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn"));
188 PD_USER_BASE_DN = builder.getInstance();
189 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN);
190 }
191
192
193
194 // Register the tags associated with this managed object definition.
195 static {
196 INSTANCE.registerTag(Tag.valueOf("security"));
197 INSTANCE.registerTag(Tag.valueOf("user-management"));
198 }
199
200
201
202 /**
203 * Get the Fingerprint Certificate Mapper configuration definition
204 * singleton.
205 *
206 * @return Returns the Fingerprint Certificate Mapper configuration
207 * definition singleton.
208 */
209 public static FingerprintCertificateMapperCfgDefn getInstance() {
210 return INSTANCE;
211 }
212
213
214
215 /**
216 * Private constructor.
217 */
218 private FingerprintCertificateMapperCfgDefn() {
219 super("fingerprint-certificate-mapper", CertificateMapperCfgDefn.getInstance());
220 }
221
222
223
224 /**
225 * {@inheritDoc}
226 */
227 public FingerprintCertificateMapperCfgClient createClientConfiguration(
228 ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl) {
229 return new FingerprintCertificateMapperCfgClientImpl(impl);
230 }
231
232
233
234 /**
235 * {@inheritDoc}
236 */
237 public FingerprintCertificateMapperCfg createServerConfiguration(
238 ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl) {
239 return new FingerprintCertificateMapperCfgServerImpl(impl);
240 }
241
242
243
244 /**
245 * {@inheritDoc}
246 */
247 public Class<FingerprintCertificateMapperCfg> getServerConfigurationClass() {
248 return FingerprintCertificateMapperCfg.class;
249 }
250
251
252
253 /**
254 * Get the "enabled" property definition.
255 * <p>
256 * Indicates whether the Fingerprint Certificate Mapper is enabled.
257 *
258 * @return Returns the "enabled" property definition.
259 */
260 public BooleanPropertyDefinition getEnabledPropertyDefinition() {
261 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition();
262 }
263
264
265
266 /**
267 * Get the "fingerprint-algorithm" property definition.
268 * <p>
269 * Specifies the name of the digest algorithm to compute the
270 * fingerprint of client certificates.
271 *
272 * @return Returns the "fingerprint-algorithm" property definition.
273 */
274 public EnumPropertyDefinition<FingerprintAlgorithm> getFingerprintAlgorithmPropertyDefinition() {
275 return PD_FINGERPRINT_ALGORITHM;
276 }
277
278
279
280 /**
281 * Get the "fingerprint-attribute" property definition.
282 * <p>
283 * Specifies the attribute in which to look for the fingerprint.
284 * <p>
285 * Values of the fingerprint attribute should exactly match the MD5
286 * or SHA1 representation of the certificate fingerprint.
287 *
288 * @return Returns the "fingerprint-attribute" property definition.
289 */
290 public AttributeTypePropertyDefinition getFingerprintAttributePropertyDefinition() {
291 return PD_FINGERPRINT_ATTRIBUTE;
292 }
293
294
295
296 /**
297 * Get the "java-class" property definition.
298 * <p>
299 * Specifies the fully-qualified name of the Java class that
300 * provides the Fingerprint Certificate Mapper implementation.
301 *
302 * @return Returns the "java-class" property definition.
303 */
304 public ClassPropertyDefinition getJavaClassPropertyDefinition() {
305 return PD_JAVA_CLASS;
306 }
307
308
309
310 /**
311 * Get the "user-base-dn" property definition.
312 * <p>
313 * Specifies the set of base DNs below which to search for users.
314 * <p>
315 * The base DNs are used when performing searches to map the client
316 * certificates to a user entry.
317 *
318 * @return Returns the "user-base-dn" property definition.
319 */
320 public DNPropertyDefinition getUserBaseDNPropertyDefinition() {
321 return PD_USER_BASE_DN;
322 }
323
324
325
326 /**
327 * Managed object client implementation.
328 */
329 private static class FingerprintCertificateMapperCfgClientImpl implements
330 FingerprintCertificateMapperCfgClient {
331
332 // Private implementation.
333 private ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl;
334
335
336
337 // Private constructor.
338 private FingerprintCertificateMapperCfgClientImpl(
339 ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl) {
340 this.impl = impl;
341 }
342
343
344
345 /**
346 * {@inheritDoc}
347 */
348 public Boolean isEnabled() {
349 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
350 }
351
352
353
354 /**
355 * {@inheritDoc}
356 */
357 public void setEnabled(boolean value) {
358 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
359 }
360
361
362
363 /**
364 * {@inheritDoc}
365 */
366 public FingerprintAlgorithm getFingerprintAlgorithm() {
367 return impl.getPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition());
368 }
369
370
371
372 /**
373 * {@inheritDoc}
374 */
375 public void setFingerprintAlgorithm(FingerprintAlgorithm value) {
376 impl.setPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition(), value);
377 }
378
379
380
381 /**
382 * {@inheritDoc}
383 */
384 public AttributeType getFingerprintAttribute() {
385 return impl.getPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition());
386 }
387
388
389
390 /**
391 * {@inheritDoc}
392 */
393 public void setFingerprintAttribute(AttributeType value) {
394 impl.setPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition(), value);
395 }
396
397
398
399 /**
400 * {@inheritDoc}
401 */
402 public String getJavaClass() {
403 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
404 }
405
406
407
408 /**
409 * {@inheritDoc}
410 */
411 public void setJavaClass(String value) {
412 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
413 }
414
415
416
417 /**
418 * {@inheritDoc}
419 */
420 public SortedSet<DN> getUserBaseDN() {
421 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
422 }
423
424
425
426 /**
427 * {@inheritDoc}
428 */
429 public void setUserBaseDN(Collection<DN> values) {
430 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values);
431 }
432
433
434
435 /**
436 * {@inheritDoc}
437 */
438 public ManagedObjectDefinition<? extends FingerprintCertificateMapperCfgClient, ? extends FingerprintCertificateMapperCfg> definition() {
439 return INSTANCE;
440 }
441
442
443
444 /**
445 * {@inheritDoc}
446 */
447 public PropertyProvider properties() {
448 return impl;
449 }
450
451
452
453 /**
454 * {@inheritDoc}
455 */
456 public void commit() throws ManagedObjectAlreadyExistsException,
457 MissingMandatoryPropertiesException, ConcurrentModificationException,
458 OperationRejectedException, AuthorizationException,
459 CommunicationException {
460 impl.commit();
461 }
462
463 }
464
465
466
467 /**
468 * Managed object server implementation.
469 */
470 private static class FingerprintCertificateMapperCfgServerImpl implements
471 FingerprintCertificateMapperCfg {
472
473 // Private implementation.
474 private ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl;
475
476 // The value of the "enabled" property.
477 private final boolean pEnabled;
478
479 // The value of the "fingerprint-algorithm" property.
480 private final FingerprintAlgorithm pFingerprintAlgorithm;
481
482 // The value of the "fingerprint-attribute" property.
483 private final AttributeType pFingerprintAttribute;
484
485 // The value of the "java-class" property.
486 private final String pJavaClass;
487
488 // The value of the "user-base-dn" property.
489 private final SortedSet<DN> pUserBaseDN;
490
491
492
493 // Private constructor.
494 private FingerprintCertificateMapperCfgServerImpl(ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl) {
495 this.impl = impl;
496 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
497 this.pFingerprintAlgorithm = impl.getPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition());
498 this.pFingerprintAttribute = impl.getPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition());
499 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
500 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
501 }
502
503
504
505 /**
506 * {@inheritDoc}
507 */
508 public void addFingerprintChangeListener(
509 ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener) {
510 impl.registerChangeListener(listener);
511 }
512
513
514
515 /**
516 * {@inheritDoc}
517 */
518 public void removeFingerprintChangeListener(
519 ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener) {
520 impl.deregisterChangeListener(listener);
521 }
522 /**
523 * {@inheritDoc}
524 */
525 public void addChangeListener(
526 ConfigurationChangeListener<CertificateMapperCfg> listener) {
527 impl.registerChangeListener(listener);
528 }
529
530
531
532 /**
533 * {@inheritDoc}
534 */
535 public void removeChangeListener(
536 ConfigurationChangeListener<CertificateMapperCfg> listener) {
537 impl.deregisterChangeListener(listener);
538 }
539
540
541
542 /**
543 * {@inheritDoc}
544 */
545 public boolean isEnabled() {
546 return pEnabled;
547 }
548
549
550
551 /**
552 * {@inheritDoc}
553 */
554 public FingerprintAlgorithm getFingerprintAlgorithm() {
555 return pFingerprintAlgorithm;
556 }
557
558
559
560 /**
561 * {@inheritDoc}
562 */
563 public AttributeType getFingerprintAttribute() {
564 return pFingerprintAttribute;
565 }
566
567
568
569 /**
570 * {@inheritDoc}
571 */
572 public String getJavaClass() {
573 return pJavaClass;
574 }
575
576
577
578 /**
579 * {@inheritDoc}
580 */
581 public SortedSet<DN> getUserBaseDN() {
582 return pUserBaseDN;
583 }
584
585
586
587 /**
588 * {@inheritDoc}
589 */
590 public Class<? extends FingerprintCertificateMapperCfg> configurationClass() {
591 return FingerprintCertificateMapperCfg.class;
592 }
593
594
595
596 /**
597 * {@inheritDoc}
598 */
599 public DN dn() {
600 return impl.getDN();
601 }
602
603 }
604 }