001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027
028 package org.opends.server.authorization.dseecompat;
029 import org.opends.messages.Message;
030
031 import static org.opends.messages.AccessControlMessages.*;
032 import org.opends.server.core.DirectoryServer;
033 import static org.opends.server.loggers.ErrorLogger.logError;
034
035
036
037 /**
038 * The AuthMethod class represents an authmethod bind rule keyword expression.
039 */
040 public class AuthMethod implements KeywordBindRule {
041
042 /*
043 * Enumeration representing the authentication method.
044 */
045 private EnumAuthMethod authMethod=null;
046
047 /**
048 * The SASL mechanism if the authentication method is SASL.
049 */
050 private String saslMech = null;
051
052 /*
053 * Enumeration representing the bind rule operation type.
054 */
055 private EnumBindRuleType type=null;
056
057 /**
058 * Create a class representing an authmethod bind rule keyword from the
059 * provided method and bind rule type.
060 * @param type An enumeration representing the type of the expression.
061 * @param saslMech The string representation of the SASL Mechanism.
062 * @param method An Enumeration of the authentication method.
063 */
064 private AuthMethod(EnumAuthMethod method, String saslMech,
065 EnumBindRuleType type) {
066 this.authMethod=method;
067 this.saslMech = saslMech;
068 this.type=type;
069 }
070
071 /**
072 * Decode a string representing an authmethod bind rule.
073 * @param expr The string representing the bind rule.
074 * @param type An enumeration representing the bind rule type.
075 * @return A keyword bind rule class that can be used to evaluate the
076 * bind rule.
077 * @throws AciException If the expression string is invalid.
078 */
079 public static KeywordBindRule decode(String expr, EnumBindRuleType type)
080 throws AciException {
081 String lowerExpr = expr.toLowerCase();
082 if (lowerExpr.equals("none"))
083 {
084 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_NONE, null, type);
085 }
086 else if (lowerExpr.equals("simple"))
087 {
088 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SIMPLE, null, type);
089 }
090 else if (lowerExpr.equals("ssl"))
091 {
092 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SSL, "EXTERNAL", type);
093 }
094 else if (expr.length() > 5 && lowerExpr.startsWith("sasl "))
095 {
096 String saslMech = expr.substring(5);
097 if (DirectoryServer.getSASLMechanismHandler(saslMech) == null) {
098 logError(NOTE_ACI_SYNTAX_DUBIOUS_AUTHMETHOD_SASL_MECHANISM.
099 get(saslMech));
100 }
101 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SASL, saslMech, type);
102 }
103
104 Message message = WARN_ACI_SYNTAX_INVALID_AUTHMETHOD_EXPRESSION.get(expr);
105 throw new AciException(message);
106 }
107
108 /**
109 * Evaluate authmethod bind rule using the provided evaluation context.
110 * @param evalCtx An evaluation context to use.
111 * @return An enumeration evaluation result.
112 */
113 public EnumEvalResult evaluate(AciEvalContext evalCtx) {
114 EnumEvalResult matched =
115 evalCtx.hasAuthenticationMethod(authMethod, saslMech);
116 return matched.getRet(type, false);
117 }
118 }