001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2006-2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.extensions; 028 029 030 031 /** 032 * This class implements an enumeration that may be used to indicate if/how a 033 * client's certificate should be validated against the corresponding user entry 034 * in the Directory Server. 035 */ 036 public enum CertificateValidationPolicy 037 { 038 /** 039 * Indicates that the server should always attempt to validate the client 040 * certificate against the version in the corresponding user's entry. If no 041 * certificates exist in the user's entry, then the validation will fail. 042 */ 043 ALWAYS("always"), 044 045 046 047 /** 048 * Indicates that the server should not attempt to validate the client 049 * certificate against the version in the corresponding user's entry. 050 */ 051 NEVER("never"), 052 053 054 055 /** 056 * Indicates that the server should attempt to validate the client certificate 057 * against the version in the corresponding user's entry if there are any 058 * certificates in that user's entry. If the user's entry does not contain 059 * any certificates, then no validation will be attempted. 060 */ 061 IFPRESENT("ifpresent"); 062 063 064 065 // The human-readable name for this policy. 066 private String policyName; 067 068 069 070 /** 071 * Creates a new certificate validation policy with the provided name. 072 * 073 * @param policyName The human-readable name for this policy. 074 */ 075 private CertificateValidationPolicy(String policyName) 076 { 077 this.policyName = policyName; 078 } 079 080 081 082 /** 083 * Retrieves the certificate validation policy for the specified name. 084 * 085 * @param policyName The name of the policy to retrieve. 086 * 087 * @return The requested certificate validation policy, or <CODE>null</CODE> 088 * if the provided value is not the name of a valid policy. 089 */ 090 public static CertificateValidationPolicy policyForName(String policyName) 091 { 092 String lowerName = policyName.toLowerCase(); 093 if (lowerName.equals("always")) 094 { 095 return CertificateValidationPolicy.ALWAYS; 096 } 097 else if (lowerName.equals("never")) 098 { 099 return CertificateValidationPolicy.NEVER; 100 } 101 else if (lowerName.equals("ifpresent")) 102 { 103 return CertificateValidationPolicy.IFPRESENT; 104 } 105 else 106 { 107 return null; 108 } 109 } 110 111 112 113 /** 114 * Retrieves the human-readable name for this certificate validation policy. 115 * 116 * @return The human-readable name for this certificate validation policy. 117 */ 118 public String toString() 119 { 120 return policyName; 121 } 122 } 123