001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 028 package org.opends.server.authorization.dseecompat; 029 import org.opends.messages.Message; 030 031 import static org.opends.messages.AccessControlMessages.*; 032 import org.opends.server.core.DirectoryServer; 033 import static org.opends.server.loggers.ErrorLogger.logError; 034 035 036 037 /** 038 * The AuthMethod class represents an authmethod bind rule keyword expression. 039 */ 040 public class AuthMethod implements KeywordBindRule { 041 042 /* 043 * Enumeration representing the authentication method. 044 */ 045 private EnumAuthMethod authMethod=null; 046 047 /** 048 * The SASL mechanism if the authentication method is SASL. 049 */ 050 private String saslMech = null; 051 052 /* 053 * Enumeration representing the bind rule operation type. 054 */ 055 private EnumBindRuleType type=null; 056 057 /** 058 * Create a class representing an authmethod bind rule keyword from the 059 * provided method and bind rule type. 060 * @param type An enumeration representing the type of the expression. 061 * @param saslMech The string representation of the SASL Mechanism. 062 * @param method An Enumeration of the authentication method. 063 */ 064 private AuthMethod(EnumAuthMethod method, String saslMech, 065 EnumBindRuleType type) { 066 this.authMethod=method; 067 this.saslMech = saslMech; 068 this.type=type; 069 } 070 071 /** 072 * Decode a string representing an authmethod bind rule. 073 * @param expr The string representing the bind rule. 074 * @param type An enumeration representing the bind rule type. 075 * @return A keyword bind rule class that can be used to evaluate the 076 * bind rule. 077 * @throws AciException If the expression string is invalid. 078 */ 079 public static KeywordBindRule decode(String expr, EnumBindRuleType type) 080 throws AciException { 081 String lowerExpr = expr.toLowerCase(); 082 if (lowerExpr.equals("none")) 083 { 084 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_NONE, null, type); 085 } 086 else if (lowerExpr.equals("simple")) 087 { 088 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SIMPLE, null, type); 089 } 090 else if (lowerExpr.equals("ssl")) 091 { 092 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SSL, "EXTERNAL", type); 093 } 094 else if (expr.length() > 5 && lowerExpr.startsWith("sasl ")) 095 { 096 String saslMech = expr.substring(5); 097 if (DirectoryServer.getSASLMechanismHandler(saslMech) == null) { 098 logError(NOTE_ACI_SYNTAX_DUBIOUS_AUTHMETHOD_SASL_MECHANISM. 099 get(saslMech)); 100 } 101 return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SASL, saslMech, type); 102 } 103 104 Message message = WARN_ACI_SYNTAX_INVALID_AUTHMETHOD_EXPRESSION.get(expr); 105 throw new AciException(message); 106 } 107 108 /** 109 * Evaluate authmethod bind rule using the provided evaluation context. 110 * @param evalCtx An evaluation context to use. 111 * @return An enumeration evaluation result. 112 */ 113 public EnumEvalResult evaluate(AciEvalContext evalCtx) { 114 EnumEvalResult matched = 115 evalCtx.hasAuthenticationMethod(authMethod, saslMech); 116 return matched.getRet(type, false); 117 } 118 }