001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2008 Sun Microsystems, Inc.
026     */
027    package org.opends.server.admin.std.meta;
028    
029    
030    
031    import java.util.Collection;
032    import java.util.SortedSet;
033    import org.opends.server.admin.AdministratorAction;
034    import org.opends.server.admin.AliasDefaultBehaviorProvider;
035    import org.opends.server.admin.AttributeTypePropertyDefinition;
036    import org.opends.server.admin.BooleanPropertyDefinition;
037    import org.opends.server.admin.ClassPropertyDefinition;
038    import org.opends.server.admin.client.AuthorizationException;
039    import org.opends.server.admin.client.CommunicationException;
040    import org.opends.server.admin.client.ConcurrentModificationException;
041    import org.opends.server.admin.client.ManagedObject;
042    import org.opends.server.admin.client.MissingMandatoryPropertiesException;
043    import org.opends.server.admin.client.OperationRejectedException;
044    import org.opends.server.admin.DefaultBehaviorProvider;
045    import org.opends.server.admin.DefinedDefaultBehaviorProvider;
046    import org.opends.server.admin.DNPropertyDefinition;
047    import org.opends.server.admin.EnumPropertyDefinition;
048    import org.opends.server.admin.ManagedObjectAlreadyExistsException;
049    import org.opends.server.admin.ManagedObjectDefinition;
050    import org.opends.server.admin.PropertyOption;
051    import org.opends.server.admin.PropertyProvider;
052    import org.opends.server.admin.server.ConfigurationChangeListener;
053    import org.opends.server.admin.server.ServerManagedObject;
054    import org.opends.server.admin.std.client.FingerprintCertificateMapperCfgClient;
055    import org.opends.server.admin.std.server.CertificateMapperCfg;
056    import org.opends.server.admin.std.server.FingerprintCertificateMapperCfg;
057    import org.opends.server.admin.Tag;
058    import org.opends.server.admin.UndefinedDefaultBehaviorProvider;
059    import org.opends.server.types.AttributeType;
060    import org.opends.server.types.DN;
061    
062    
063    
064    /**
065     * An interface for querying the Fingerprint Certificate Mapper
066     * managed object definition meta information.
067     * <p>
068     * The Fingerprint Certificate Mapper maps client certificates to user
069     * entries by looking for the MD5 or SHA1 fingerprint in a specified
070     * attribute of user entries.
071     */
072    public final class FingerprintCertificateMapperCfgDefn extends ManagedObjectDefinition<FingerprintCertificateMapperCfgClient, FingerprintCertificateMapperCfg> {
073    
074      // The singleton configuration definition instance.
075      private static final FingerprintCertificateMapperCfgDefn INSTANCE = new FingerprintCertificateMapperCfgDefn();
076    
077    
078    
079      /**
080       * Defines the set of permissable values for the "fingerprint-algorithm" property.
081       * <p>
082       * Specifies the name of the digest algorithm to compute the
083       * fingerprint of client certificates.
084       */
085      public static enum FingerprintAlgorithm {
086    
087        /**
088         * Use the MD5 digest algorithm to compute certificate
089         * fingerprints.
090         */
091        MD5("md5"),
092    
093    
094    
095        /**
096         * Use the SHA-1 digest algorithm to compute certificate
097         * fingerprints.
098         */
099        SHA1("sha1");
100    
101    
102    
103        // String representation of the value.
104        private final String name;
105    
106    
107    
108        // Private constructor.
109        private FingerprintAlgorithm(String name) { this.name = name; }
110    
111    
112    
113        /**
114         * {@inheritDoc}
115         */
116        public String toString() { return name; }
117    
118      }
119    
120    
121    
122      // The "fingerprint-algorithm" property definition.
123      private static final EnumPropertyDefinition<FingerprintAlgorithm> PD_FINGERPRINT_ALGORITHM;
124    
125    
126    
127      // The "fingerprint-attribute" property definition.
128      private static final AttributeTypePropertyDefinition PD_FINGERPRINT_ATTRIBUTE;
129    
130    
131    
132      // The "java-class" property definition.
133      private static final ClassPropertyDefinition PD_JAVA_CLASS;
134    
135    
136    
137      // The "user-base-dn" property definition.
138      private static final DNPropertyDefinition PD_USER_BASE_DN;
139    
140    
141    
142      // Build the "fingerprint-algorithm" property definition.
143      static {
144          EnumPropertyDefinition.Builder<FingerprintAlgorithm> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "fingerprint-algorithm");
145          builder.setOption(PropertyOption.MANDATORY);
146          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "fingerprint-algorithm"));
147          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<FingerprintAlgorithm>());
148          builder.setEnumClass(FingerprintAlgorithm.class);
149          PD_FINGERPRINT_ALGORITHM = builder.getInstance();
150          INSTANCE.registerPropertyDefinition(PD_FINGERPRINT_ALGORITHM);
151      }
152    
153    
154    
155      // Build the "fingerprint-attribute" property definition.
156      static {
157          AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "fingerprint-attribute");
158          builder.setOption(PropertyOption.MANDATORY);
159          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "fingerprint-attribute"));
160          builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>());
161          PD_FINGERPRINT_ATTRIBUTE = builder.getInstance();
162          INSTANCE.registerPropertyDefinition(PD_FINGERPRINT_ATTRIBUTE);
163      }
164    
165    
166    
167      // Build the "java-class" property definition.
168      static {
169          ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
170          builder.setOption(PropertyOption.MANDATORY);
171          builder.setOption(PropertyOption.ADVANCED);
172          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
173          DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.FingerprintCertificateMapper");
174          builder.setDefaultBehaviorProvider(provider);
175          builder.addInstanceOf("org.opends.server.api.CertificateMapper");
176          PD_JAVA_CLASS = builder.getInstance();
177          INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
178      }
179    
180    
181    
182      // Build the "user-base-dn" property definition.
183      static {
184          DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn");
185          builder.setOption(PropertyOption.MULTI_VALUED);
186          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn"));
187          builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn"));
188          PD_USER_BASE_DN = builder.getInstance();
189          INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN);
190      }
191    
192    
193    
194      // Register the tags associated with this managed object definition.
195      static {
196        INSTANCE.registerTag(Tag.valueOf("security"));
197        INSTANCE.registerTag(Tag.valueOf("user-management"));
198      }
199    
200    
201    
202      /**
203       * Get the Fingerprint Certificate Mapper configuration definition
204       * singleton.
205       *
206       * @return Returns the Fingerprint Certificate Mapper configuration
207       *         definition singleton.
208       */
209      public static FingerprintCertificateMapperCfgDefn getInstance() {
210        return INSTANCE;
211      }
212    
213    
214    
215      /**
216       * Private constructor.
217       */
218      private FingerprintCertificateMapperCfgDefn() {
219        super("fingerprint-certificate-mapper", CertificateMapperCfgDefn.getInstance());
220      }
221    
222    
223    
224      /**
225       * {@inheritDoc}
226       */
227      public FingerprintCertificateMapperCfgClient createClientConfiguration(
228          ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl) {
229        return new FingerprintCertificateMapperCfgClientImpl(impl);
230      }
231    
232    
233    
234      /**
235       * {@inheritDoc}
236       */
237      public FingerprintCertificateMapperCfg createServerConfiguration(
238          ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl) {
239        return new FingerprintCertificateMapperCfgServerImpl(impl);
240      }
241    
242    
243    
244      /**
245       * {@inheritDoc}
246       */
247      public Class<FingerprintCertificateMapperCfg> getServerConfigurationClass() {
248        return FingerprintCertificateMapperCfg.class;
249      }
250    
251    
252    
253      /**
254       * Get the "enabled" property definition.
255       * <p>
256       * Indicates whether the Fingerprint Certificate Mapper is enabled.
257       *
258       * @return Returns the "enabled" property definition.
259       */
260      public BooleanPropertyDefinition getEnabledPropertyDefinition() {
261        return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition();
262      }
263    
264    
265    
266      /**
267       * Get the "fingerprint-algorithm" property definition.
268       * <p>
269       * Specifies the name of the digest algorithm to compute the
270       * fingerprint of client certificates.
271       *
272       * @return Returns the "fingerprint-algorithm" property definition.
273       */
274      public EnumPropertyDefinition<FingerprintAlgorithm> getFingerprintAlgorithmPropertyDefinition() {
275        return PD_FINGERPRINT_ALGORITHM;
276      }
277    
278    
279    
280      /**
281       * Get the "fingerprint-attribute" property definition.
282       * <p>
283       * Specifies the attribute in which to look for the fingerprint.
284       * <p>
285       * Values of the fingerprint attribute should exactly match the MD5
286       * or SHA1 representation of the certificate fingerprint.
287       *
288       * @return Returns the "fingerprint-attribute" property definition.
289       */
290      public AttributeTypePropertyDefinition getFingerprintAttributePropertyDefinition() {
291        return PD_FINGERPRINT_ATTRIBUTE;
292      }
293    
294    
295    
296      /**
297       * Get the "java-class" property definition.
298       * <p>
299       * Specifies the fully-qualified name of the Java class that
300       * provides the Fingerprint Certificate Mapper implementation.
301       *
302       * @return Returns the "java-class" property definition.
303       */
304      public ClassPropertyDefinition getJavaClassPropertyDefinition() {
305        return PD_JAVA_CLASS;
306      }
307    
308    
309    
310      /**
311       * Get the "user-base-dn" property definition.
312       * <p>
313       * Specifies the set of base DNs below which to search for users.
314       * <p>
315       * The base DNs are used when performing searches to map the client
316       * certificates to a user entry.
317       *
318       * @return Returns the "user-base-dn" property definition.
319       */
320      public DNPropertyDefinition getUserBaseDNPropertyDefinition() {
321        return PD_USER_BASE_DN;
322      }
323    
324    
325    
326      /**
327       * Managed object client implementation.
328       */
329      private static class FingerprintCertificateMapperCfgClientImpl implements
330        FingerprintCertificateMapperCfgClient {
331    
332        // Private implementation.
333        private ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl;
334    
335    
336    
337        // Private constructor.
338        private FingerprintCertificateMapperCfgClientImpl(
339            ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl) {
340          this.impl = impl;
341        }
342    
343    
344    
345        /**
346         * {@inheritDoc}
347         */
348        public Boolean isEnabled() {
349          return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
350        }
351    
352    
353    
354        /**
355         * {@inheritDoc}
356         */
357        public void setEnabled(boolean value) {
358          impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
359        }
360    
361    
362    
363        /**
364         * {@inheritDoc}
365         */
366        public FingerprintAlgorithm getFingerprintAlgorithm() {
367          return impl.getPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition());
368        }
369    
370    
371    
372        /**
373         * {@inheritDoc}
374         */
375        public void setFingerprintAlgorithm(FingerprintAlgorithm value) {
376          impl.setPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition(), value);
377        }
378    
379    
380    
381        /**
382         * {@inheritDoc}
383         */
384        public AttributeType getFingerprintAttribute() {
385          return impl.getPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition());
386        }
387    
388    
389    
390        /**
391         * {@inheritDoc}
392         */
393        public void setFingerprintAttribute(AttributeType value) {
394          impl.setPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition(), value);
395        }
396    
397    
398    
399        /**
400         * {@inheritDoc}
401         */
402        public String getJavaClass() {
403          return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
404        }
405    
406    
407    
408        /**
409         * {@inheritDoc}
410         */
411        public void setJavaClass(String value) {
412          impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
413        }
414    
415    
416    
417        /**
418         * {@inheritDoc}
419         */
420        public SortedSet<DN> getUserBaseDN() {
421          return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
422        }
423    
424    
425    
426        /**
427         * {@inheritDoc}
428         */
429        public void setUserBaseDN(Collection<DN> values) {
430          impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values);
431        }
432    
433    
434    
435        /**
436         * {@inheritDoc}
437         */
438        public ManagedObjectDefinition<? extends FingerprintCertificateMapperCfgClient, ? extends FingerprintCertificateMapperCfg> definition() {
439          return INSTANCE;
440        }
441    
442    
443    
444        /**
445         * {@inheritDoc}
446         */
447        public PropertyProvider properties() {
448          return impl;
449        }
450    
451    
452    
453        /**
454         * {@inheritDoc}
455         */
456        public void commit() throws ManagedObjectAlreadyExistsException,
457            MissingMandatoryPropertiesException, ConcurrentModificationException,
458            OperationRejectedException, AuthorizationException,
459            CommunicationException {
460          impl.commit();
461        }
462    
463      }
464    
465    
466    
467      /**
468       * Managed object server implementation.
469       */
470      private static class FingerprintCertificateMapperCfgServerImpl implements
471        FingerprintCertificateMapperCfg {
472    
473        // Private implementation.
474        private ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl;
475    
476        // The value of the "enabled" property.
477        private final boolean pEnabled;
478    
479        // The value of the "fingerprint-algorithm" property.
480        private final FingerprintAlgorithm pFingerprintAlgorithm;
481    
482        // The value of the "fingerprint-attribute" property.
483        private final AttributeType pFingerprintAttribute;
484    
485        // The value of the "java-class" property.
486        private final String pJavaClass;
487    
488        // The value of the "user-base-dn" property.
489        private final SortedSet<DN> pUserBaseDN;
490    
491    
492    
493        // Private constructor.
494        private FingerprintCertificateMapperCfgServerImpl(ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl) {
495          this.impl = impl;
496          this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
497          this.pFingerprintAlgorithm = impl.getPropertyValue(INSTANCE.getFingerprintAlgorithmPropertyDefinition());
498          this.pFingerprintAttribute = impl.getPropertyValue(INSTANCE.getFingerprintAttributePropertyDefinition());
499          this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
500          this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition());
501        }
502    
503    
504    
505        /**
506         * {@inheritDoc}
507         */
508        public void addFingerprintChangeListener(
509            ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener) {
510          impl.registerChangeListener(listener);
511        }
512    
513    
514    
515        /**
516         * {@inheritDoc}
517         */
518        public void removeFingerprintChangeListener(
519            ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener) {
520          impl.deregisterChangeListener(listener);
521        }
522        /**
523         * {@inheritDoc}
524         */
525        public void addChangeListener(
526            ConfigurationChangeListener<CertificateMapperCfg> listener) {
527          impl.registerChangeListener(listener);
528        }
529    
530    
531    
532        /**
533         * {@inheritDoc}
534         */
535        public void removeChangeListener(
536            ConfigurationChangeListener<CertificateMapperCfg> listener) {
537          impl.deregisterChangeListener(listener);
538        }
539    
540    
541    
542        /**
543         * {@inheritDoc}
544         */
545        public boolean isEnabled() {
546          return pEnabled;
547        }
548    
549    
550    
551        /**
552         * {@inheritDoc}
553         */
554        public FingerprintAlgorithm getFingerprintAlgorithm() {
555          return pFingerprintAlgorithm;
556        }
557    
558    
559    
560        /**
561         * {@inheritDoc}
562         */
563        public AttributeType getFingerprintAttribute() {
564          return pFingerprintAttribute;
565        }
566    
567    
568    
569        /**
570         * {@inheritDoc}
571         */
572        public String getJavaClass() {
573          return pJavaClass;
574        }
575    
576    
577    
578        /**
579         * {@inheritDoc}
580         */
581        public SortedSet<DN> getUserBaseDN() {
582          return pUserBaseDN;
583        }
584    
585    
586    
587        /**
588         * {@inheritDoc}
589         */
590        public Class<? extends FingerprintCertificateMapperCfg> configurationClass() {
591          return FingerprintCertificateMapperCfg.class;
592        }
593    
594    
595    
596        /**
597         * {@inheritDoc}
598         */
599        public DN dn() {
600          return impl.getDN();
601        }
602    
603      }
604    }