001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.admin.std.meta;
028
029
030
031 import org.opends.server.admin.AdministratorAction;
032 import org.opends.server.admin.AggregationPropertyDefinition;
033 import org.opends.server.admin.AliasDefaultBehaviorProvider;
034 import org.opends.server.admin.BooleanPropertyDefinition;
035 import org.opends.server.admin.ClassPropertyDefinition;
036 import org.opends.server.admin.client.AuthorizationException;
037 import org.opends.server.admin.client.CommunicationException;
038 import org.opends.server.admin.client.ConcurrentModificationException;
039 import org.opends.server.admin.client.ManagedObject;
040 import org.opends.server.admin.client.MissingMandatoryPropertiesException;
041 import org.opends.server.admin.client.OperationRejectedException;
042 import org.opends.server.admin.DefaultBehaviorProvider;
043 import org.opends.server.admin.DefinedDefaultBehaviorProvider;
044 import org.opends.server.admin.ManagedObjectAlreadyExistsException;
045 import org.opends.server.admin.ManagedObjectDefinition;
046 import org.opends.server.admin.PropertyOption;
047 import org.opends.server.admin.PropertyProvider;
048 import org.opends.server.admin.server.ConfigurationChangeListener;
049 import org.opends.server.admin.server.ServerManagedObject;
050 import org.opends.server.admin.std.client.GSSAPISASLMechanismHandlerCfgClient;
051 import org.opends.server.admin.std.client.IdentityMapperCfgClient;
052 import org.opends.server.admin.std.server.GSSAPISASLMechanismHandlerCfg;
053 import org.opends.server.admin.std.server.IdentityMapperCfg;
054 import org.opends.server.admin.std.server.SASLMechanismHandlerCfg;
055 import org.opends.server.admin.StringPropertyDefinition;
056 import org.opends.server.admin.Tag;
057 import org.opends.server.admin.UndefinedDefaultBehaviorProvider;
058 import org.opends.server.types.DN;
059
060
061
062 /**
063 * An interface for querying the GSSAPI SASL Mechanism Handler managed
064 * object definition meta information.
065 * <p>
066 * The GSSAPI SASL mechanism performs all processing related to SASL
067 * GSSAPI authentication using Kerberos V5.
068 */
069 public final class GSSAPISASLMechanismHandlerCfgDefn extends ManagedObjectDefinition<GSSAPISASLMechanismHandlerCfgClient, GSSAPISASLMechanismHandlerCfg> {
070
071 // The singleton configuration definition instance.
072 private static final GSSAPISASLMechanismHandlerCfgDefn INSTANCE = new GSSAPISASLMechanismHandlerCfgDefn();
073
074
075
076 // The "identity-mapper" property definition.
077 private static final AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> PD_IDENTITY_MAPPER;
078
079
080
081 // The "java-class" property definition.
082 private static final ClassPropertyDefinition PD_JAVA_CLASS;
083
084
085
086 // The "kdc-address" property definition.
087 private static final StringPropertyDefinition PD_KDC_ADDRESS;
088
089
090
091 // The "keytab" property definition.
092 private static final StringPropertyDefinition PD_KEYTAB;
093
094
095
096 // The "realm" property definition.
097 private static final StringPropertyDefinition PD_REALM;
098
099
100
101 // The "server-fqdn" property definition.
102 private static final StringPropertyDefinition PD_SERVER_FQDN;
103
104
105
106 // Build the "identity-mapper" property definition.
107 static {
108 AggregationPropertyDefinition.Builder<IdentityMapperCfgClient, IdentityMapperCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "identity-mapper");
109 builder.setOption(PropertyOption.MANDATORY);
110 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "identity-mapper"));
111 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
112 builder.setParentPath("/");
113 builder.setRelationDefinition("identity-mapper");
114 PD_IDENTITY_MAPPER = builder.getInstance();
115 INSTANCE.registerPropertyDefinition(PD_IDENTITY_MAPPER);
116 INSTANCE.registerConstraint(PD_IDENTITY_MAPPER.getSourceConstraint());
117 }
118
119
120
121 // Build the "java-class" property definition.
122 static {
123 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
124 builder.setOption(PropertyOption.MANDATORY);
125 builder.setOption(PropertyOption.ADVANCED);
126 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
127 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.GSSAPISASLMechanismHandler");
128 builder.setDefaultBehaviorProvider(provider);
129 builder.addInstanceOf("org.opends.server.api.SASLMechanismHandler");
130 PD_JAVA_CLASS = builder.getInstance();
131 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
132 }
133
134
135
136 // Build the "kdc-address" property definition.
137 static {
138 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "kdc-address");
139 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "kdc-address"));
140 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "kdc-address"));
141 PD_KDC_ADDRESS = builder.getInstance();
142 INSTANCE.registerPropertyDefinition(PD_KDC_ADDRESS);
143 }
144
145
146
147 // Build the "keytab" property definition.
148 static {
149 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "keytab");
150 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keytab"));
151 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "keytab"));
152 PD_KEYTAB = builder.getInstance();
153 INSTANCE.registerPropertyDefinition(PD_KEYTAB);
154 }
155
156
157
158 // Build the "realm" property definition.
159 static {
160 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "realm");
161 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "realm"));
162 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "realm"));
163 PD_REALM = builder.getInstance();
164 INSTANCE.registerPropertyDefinition(PD_REALM);
165 }
166
167
168
169 // Build the "server-fqdn" property definition.
170 static {
171 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "server-fqdn");
172 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "server-fqdn"));
173 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "server-fqdn"));
174 PD_SERVER_FQDN = builder.getInstance();
175 INSTANCE.registerPropertyDefinition(PD_SERVER_FQDN);
176 }
177
178
179
180 // Register the tags associated with this managed object definition.
181 static {
182 INSTANCE.registerTag(Tag.valueOf("security"));
183 }
184
185
186
187 /**
188 * Get the GSSAPI SASL Mechanism Handler configuration definition
189 * singleton.
190 *
191 * @return Returns the GSSAPI SASL Mechanism Handler configuration
192 * definition singleton.
193 */
194 public static GSSAPISASLMechanismHandlerCfgDefn getInstance() {
195 return INSTANCE;
196 }
197
198
199
200 /**
201 * Private constructor.
202 */
203 private GSSAPISASLMechanismHandlerCfgDefn() {
204 super("gssapi-sasl-mechanism-handler", SASLMechanismHandlerCfgDefn.getInstance());
205 }
206
207
208
209 /**
210 * {@inheritDoc}
211 */
212 public GSSAPISASLMechanismHandlerCfgClient createClientConfiguration(
213 ManagedObject<? extends GSSAPISASLMechanismHandlerCfgClient> impl) {
214 return new GSSAPISASLMechanismHandlerCfgClientImpl(impl);
215 }
216
217
218
219 /**
220 * {@inheritDoc}
221 */
222 public GSSAPISASLMechanismHandlerCfg createServerConfiguration(
223 ServerManagedObject<? extends GSSAPISASLMechanismHandlerCfg> impl) {
224 return new GSSAPISASLMechanismHandlerCfgServerImpl(impl);
225 }
226
227
228
229 /**
230 * {@inheritDoc}
231 */
232 public Class<GSSAPISASLMechanismHandlerCfg> getServerConfigurationClass() {
233 return GSSAPISASLMechanismHandlerCfg.class;
234 }
235
236
237
238 /**
239 * Get the "enabled" property definition.
240 * <p>
241 * Indicates whether the SASL mechanism handler is enabled for use.
242 *
243 * @return Returns the "enabled" property definition.
244 */
245 public BooleanPropertyDefinition getEnabledPropertyDefinition() {
246 return SASLMechanismHandlerCfgDefn.getInstance().getEnabledPropertyDefinition();
247 }
248
249
250
251 /**
252 * Get the "identity-mapper" property definition.
253 * <p>
254 * Specifies the name of the identity mapper that is to be used with
255 * this SASL mechanism handler to match the Kerberos principal
256 * included in the SASL bind request to the corresponding user in the
257 * directory.
258 *
259 * @return Returns the "identity-mapper" property definition.
260 */
261 public AggregationPropertyDefinition<IdentityMapperCfgClient, IdentityMapperCfg> getIdentityMapperPropertyDefinition() {
262 return PD_IDENTITY_MAPPER;
263 }
264
265
266
267 /**
268 * Get the "java-class" property definition.
269 * <p>
270 * Specifies the fully-qualified name of the Java class that
271 * provides the SASL mechanism handler implementation.
272 *
273 * @return Returns the "java-class" property definition.
274 */
275 public ClassPropertyDefinition getJavaClassPropertyDefinition() {
276 return PD_JAVA_CLASS;
277 }
278
279
280
281 /**
282 * Get the "kdc-address" property definition.
283 * <p>
284 * Specifies the address of the KDC that is to be used for Kerberos
285 * processing.
286 * <p>
287 * If provided, this property must be a fully-qualified
288 * DNS-resolvable name. If this property is not provided, then the
289 * server attempts to determine it from the system-wide Kerberos
290 * configuration.
291 *
292 * @return Returns the "kdc-address" property definition.
293 */
294 public StringPropertyDefinition getKdcAddressPropertyDefinition() {
295 return PD_KDC_ADDRESS;
296 }
297
298
299
300 /**
301 * Get the "keytab" property definition.
302 * <p>
303 * Specifies the path to the keytab file that should be used for
304 * Kerberos processing.
305 * <p>
306 * If provided, this is either an absolute path or one that is
307 * relative to the server instance root.
308 *
309 * @return Returns the "keytab" property definition.
310 */
311 public StringPropertyDefinition getKeytabPropertyDefinition() {
312 return PD_KEYTAB;
313 }
314
315
316
317 /**
318 * Get the "realm" property definition.
319 * <p>
320 * Specifies the realm to be used for GSSAPI authentication.
321 *
322 * @return Returns the "realm" property definition.
323 */
324 public StringPropertyDefinition getRealmPropertyDefinition() {
325 return PD_REALM;
326 }
327
328
329
330 /**
331 * Get the "server-fqdn" property definition.
332 * <p>
333 * Specifies the DNS-resolvable fully-qualified domain name for the
334 * system.
335 *
336 * @return Returns the "server-fqdn" property definition.
337 */
338 public StringPropertyDefinition getServerFqdnPropertyDefinition() {
339 return PD_SERVER_FQDN;
340 }
341
342
343
344 /**
345 * Managed object client implementation.
346 */
347 private static class GSSAPISASLMechanismHandlerCfgClientImpl implements
348 GSSAPISASLMechanismHandlerCfgClient {
349
350 // Private implementation.
351 private ManagedObject<? extends GSSAPISASLMechanismHandlerCfgClient> impl;
352
353
354
355 // Private constructor.
356 private GSSAPISASLMechanismHandlerCfgClientImpl(
357 ManagedObject<? extends GSSAPISASLMechanismHandlerCfgClient> impl) {
358 this.impl = impl;
359 }
360
361
362
363 /**
364 * {@inheritDoc}
365 */
366 public Boolean isEnabled() {
367 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
368 }
369
370
371
372 /**
373 * {@inheritDoc}
374 */
375 public void setEnabled(boolean value) {
376 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
377 }
378
379
380
381 /**
382 * {@inheritDoc}
383 */
384 public String getIdentityMapper() {
385 return impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
386 }
387
388
389
390 /**
391 * {@inheritDoc}
392 */
393 public void setIdentityMapper(String value) {
394 impl.setPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition(), value);
395 }
396
397
398
399 /**
400 * {@inheritDoc}
401 */
402 public String getJavaClass() {
403 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
404 }
405
406
407
408 /**
409 * {@inheritDoc}
410 */
411 public void setJavaClass(String value) {
412 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
413 }
414
415
416
417 /**
418 * {@inheritDoc}
419 */
420 public String getKdcAddress() {
421 return impl.getPropertyValue(INSTANCE.getKdcAddressPropertyDefinition());
422 }
423
424
425
426 /**
427 * {@inheritDoc}
428 */
429 public void setKdcAddress(String value) {
430 impl.setPropertyValue(INSTANCE.getKdcAddressPropertyDefinition(), value);
431 }
432
433
434
435 /**
436 * {@inheritDoc}
437 */
438 public String getKeytab() {
439 return impl.getPropertyValue(INSTANCE.getKeytabPropertyDefinition());
440 }
441
442
443
444 /**
445 * {@inheritDoc}
446 */
447 public void setKeytab(String value) {
448 impl.setPropertyValue(INSTANCE.getKeytabPropertyDefinition(), value);
449 }
450
451
452
453 /**
454 * {@inheritDoc}
455 */
456 public String getRealm() {
457 return impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition());
458 }
459
460
461
462 /**
463 * {@inheritDoc}
464 */
465 public void setRealm(String value) {
466 impl.setPropertyValue(INSTANCE.getRealmPropertyDefinition(), value);
467 }
468
469
470
471 /**
472 * {@inheritDoc}
473 */
474 public String getServerFqdn() {
475 return impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition());
476 }
477
478
479
480 /**
481 * {@inheritDoc}
482 */
483 public void setServerFqdn(String value) {
484 impl.setPropertyValue(INSTANCE.getServerFqdnPropertyDefinition(), value);
485 }
486
487
488
489 /**
490 * {@inheritDoc}
491 */
492 public ManagedObjectDefinition<? extends GSSAPISASLMechanismHandlerCfgClient, ? extends GSSAPISASLMechanismHandlerCfg> definition() {
493 return INSTANCE;
494 }
495
496
497
498 /**
499 * {@inheritDoc}
500 */
501 public PropertyProvider properties() {
502 return impl;
503 }
504
505
506
507 /**
508 * {@inheritDoc}
509 */
510 public void commit() throws ManagedObjectAlreadyExistsException,
511 MissingMandatoryPropertiesException, ConcurrentModificationException,
512 OperationRejectedException, AuthorizationException,
513 CommunicationException {
514 impl.commit();
515 }
516
517 }
518
519
520
521 /**
522 * Managed object server implementation.
523 */
524 private static class GSSAPISASLMechanismHandlerCfgServerImpl implements
525 GSSAPISASLMechanismHandlerCfg {
526
527 // Private implementation.
528 private ServerManagedObject<? extends GSSAPISASLMechanismHandlerCfg> impl;
529
530 // The value of the "enabled" property.
531 private final boolean pEnabled;
532
533 // The value of the "identity-mapper" property.
534 private final String pIdentityMapper;
535
536 // The value of the "java-class" property.
537 private final String pJavaClass;
538
539 // The value of the "kdc-address" property.
540 private final String pKdcAddress;
541
542 // The value of the "keytab" property.
543 private final String pKeytab;
544
545 // The value of the "realm" property.
546 private final String pRealm;
547
548 // The value of the "server-fqdn" property.
549 private final String pServerFqdn;
550
551
552
553 // Private constructor.
554 private GSSAPISASLMechanismHandlerCfgServerImpl(ServerManagedObject<? extends GSSAPISASLMechanismHandlerCfg> impl) {
555 this.impl = impl;
556 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
557 this.pIdentityMapper = impl.getPropertyValue(INSTANCE.getIdentityMapperPropertyDefinition());
558 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
559 this.pKdcAddress = impl.getPropertyValue(INSTANCE.getKdcAddressPropertyDefinition());
560 this.pKeytab = impl.getPropertyValue(INSTANCE.getKeytabPropertyDefinition());
561 this.pRealm = impl.getPropertyValue(INSTANCE.getRealmPropertyDefinition());
562 this.pServerFqdn = impl.getPropertyValue(INSTANCE.getServerFqdnPropertyDefinition());
563 }
564
565
566
567 /**
568 * {@inheritDoc}
569 */
570 public void addGSSAPIChangeListener(
571 ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener) {
572 impl.registerChangeListener(listener);
573 }
574
575
576
577 /**
578 * {@inheritDoc}
579 */
580 public void removeGSSAPIChangeListener(
581 ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener) {
582 impl.deregisterChangeListener(listener);
583 }
584 /**
585 * {@inheritDoc}
586 */
587 public void addChangeListener(
588 ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) {
589 impl.registerChangeListener(listener);
590 }
591
592
593
594 /**
595 * {@inheritDoc}
596 */
597 public void removeChangeListener(
598 ConfigurationChangeListener<SASLMechanismHandlerCfg> listener) {
599 impl.deregisterChangeListener(listener);
600 }
601
602
603
604 /**
605 * {@inheritDoc}
606 */
607 public boolean isEnabled() {
608 return pEnabled;
609 }
610
611
612
613 /**
614 * {@inheritDoc}
615 */
616 public String getIdentityMapper() {
617 return pIdentityMapper;
618 }
619
620
621
622 /**
623 * {@inheritDoc}
624 */
625 public DN getIdentityMapperDN() {
626 String value = getIdentityMapper();
627 if (value == null) return null;
628 return INSTANCE.getIdentityMapperPropertyDefinition().getChildDN(value);
629 }
630
631
632
633 /**
634 * {@inheritDoc}
635 */
636 public String getJavaClass() {
637 return pJavaClass;
638 }
639
640
641
642 /**
643 * {@inheritDoc}
644 */
645 public String getKdcAddress() {
646 return pKdcAddress;
647 }
648
649
650
651 /**
652 * {@inheritDoc}
653 */
654 public String getKeytab() {
655 return pKeytab;
656 }
657
658
659
660 /**
661 * {@inheritDoc}
662 */
663 public String getRealm() {
664 return pRealm;
665 }
666
667
668
669 /**
670 * {@inheritDoc}
671 */
672 public String getServerFqdn() {
673 return pServerFqdn;
674 }
675
676
677
678 /**
679 * {@inheritDoc}
680 */
681 public Class<? extends GSSAPISASLMechanismHandlerCfg> configurationClass() {
682 return GSSAPISASLMechanismHandlerCfg.class;
683 }
684
685
686
687 /**
688 * {@inheritDoc}
689 */
690 public DN dn() {
691 return impl.getDN();
692 }
693
694 }
695 }