001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.meta; 028 029 030 031 import java.util.Collection; 032 import java.util.SortedSet; 033 import org.opends.server.admin.AdministratorAction; 034 import org.opends.server.admin.AliasDefaultBehaviorProvider; 035 import org.opends.server.admin.AttributeTypePropertyDefinition; 036 import org.opends.server.admin.BooleanPropertyDefinition; 037 import org.opends.server.admin.ClassPropertyDefinition; 038 import org.opends.server.admin.client.AuthorizationException; 039 import org.opends.server.admin.client.CommunicationException; 040 import org.opends.server.admin.client.ConcurrentModificationException; 041 import org.opends.server.admin.client.ManagedObject; 042 import org.opends.server.admin.client.MissingMandatoryPropertiesException; 043 import org.opends.server.admin.client.OperationRejectedException; 044 import org.opends.server.admin.DefaultBehaviorProvider; 045 import org.opends.server.admin.DefinedDefaultBehaviorProvider; 046 import org.opends.server.admin.DNPropertyDefinition; 047 import org.opends.server.admin.ManagedObjectAlreadyExistsException; 048 import org.opends.server.admin.ManagedObjectDefinition; 049 import org.opends.server.admin.PropertyOption; 050 import org.opends.server.admin.PropertyProvider; 051 import org.opends.server.admin.server.ConfigurationChangeListener; 052 import org.opends.server.admin.server.ServerManagedObject; 053 import org.opends.server.admin.std.client.SubjectDNToUserAttributeCertificateMapperCfgClient; 054 import org.opends.server.admin.std.server.CertificateMapperCfg; 055 import org.opends.server.admin.std.server.SubjectDNToUserAttributeCertificateMapperCfg; 056 import org.opends.server.admin.Tag; 057 import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 058 import org.opends.server.types.AttributeType; 059 import org.opends.server.types.DN; 060 061 062 063 /** 064 * An interface for querying the Subject DN To User Attribute 065 * Certificate Mapper managed object definition meta information. 066 * <p> 067 * The Subject DN To User Attribute Certificate Mapper maps client 068 * certificates to user entries by looking for the certificate subject 069 * DN in a specified attribute of user entries. 070 */ 071 public final class SubjectDNToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectDNToUserAttributeCertificateMapperCfgClient, SubjectDNToUserAttributeCertificateMapperCfg> { 072 073 // The singleton configuration definition instance. 074 private static final SubjectDNToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectDNToUserAttributeCertificateMapperCfgDefn(); 075 076 077 078 // The "java-class" property definition. 079 private static final ClassPropertyDefinition PD_JAVA_CLASS; 080 081 082 083 // The "subject-attribute" property definition. 084 private static final AttributeTypePropertyDefinition PD_SUBJECT_ATTRIBUTE; 085 086 087 088 // The "user-base-dn" property definition. 089 private static final DNPropertyDefinition PD_USER_BASE_DN; 090 091 092 093 // Build the "java-class" property definition. 094 static { 095 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 096 builder.setOption(PropertyOption.MANDATORY); 097 builder.setOption(PropertyOption.ADVANCED); 098 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 099 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectDNToUserAttributeCertificateMapper"); 100 builder.setDefaultBehaviorProvider(provider); 101 builder.addInstanceOf("org.opends.server.api.CertificateMapper"); 102 PD_JAVA_CLASS = builder.getInstance(); 103 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 104 } 105 106 107 108 // Build the "subject-attribute" property definition. 109 static { 110 AttributeTypePropertyDefinition.Builder builder = AttributeTypePropertyDefinition.createBuilder(INSTANCE, "subject-attribute"); 111 builder.setOption(PropertyOption.MANDATORY); 112 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute")); 113 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<AttributeType>()); 114 PD_SUBJECT_ATTRIBUTE = builder.getInstance(); 115 INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE); 116 } 117 118 119 120 // Build the "user-base-dn" property definition. 121 static { 122 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn"); 123 builder.setOption(PropertyOption.MULTI_VALUED); 124 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn")); 125 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn")); 126 PD_USER_BASE_DN = builder.getInstance(); 127 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN); 128 } 129 130 131 132 // Register the tags associated with this managed object definition. 133 static { 134 INSTANCE.registerTag(Tag.valueOf("security")); 135 INSTANCE.registerTag(Tag.valueOf("user-management")); 136 } 137 138 139 140 /** 141 * Get the Subject DN To User Attribute Certificate Mapper 142 * configuration definition singleton. 143 * 144 * @return Returns the Subject DN To User Attribute Certificate 145 * Mapper configuration definition singleton. 146 */ 147 public static SubjectDNToUserAttributeCertificateMapperCfgDefn getInstance() { 148 return INSTANCE; 149 } 150 151 152 153 /** 154 * Private constructor. 155 */ 156 private SubjectDNToUserAttributeCertificateMapperCfgDefn() { 157 super("subject-dn-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance()); 158 } 159 160 161 162 /** 163 * {@inheritDoc} 164 */ 165 public SubjectDNToUserAttributeCertificateMapperCfgClient createClientConfiguration( 166 ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) { 167 return new SubjectDNToUserAttributeCertificateMapperCfgClientImpl(impl); 168 } 169 170 171 172 /** 173 * {@inheritDoc} 174 */ 175 public SubjectDNToUserAttributeCertificateMapperCfg createServerConfiguration( 176 ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) { 177 return new SubjectDNToUserAttributeCertificateMapperCfgServerImpl(impl); 178 } 179 180 181 182 /** 183 * {@inheritDoc} 184 */ 185 public Class<SubjectDNToUserAttributeCertificateMapperCfg> getServerConfigurationClass() { 186 return SubjectDNToUserAttributeCertificateMapperCfg.class; 187 } 188 189 190 191 /** 192 * Get the "enabled" property definition. 193 * <p> 194 * Indicates whether the Subject DN To User Attribute Certificate 195 * Mapper is enabled. 196 * 197 * @return Returns the "enabled" property definition. 198 */ 199 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 200 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition(); 201 } 202 203 204 205 /** 206 * Get the "java-class" property definition. 207 * <p> 208 * Specifies the fully-qualified name of the Java class that 209 * provides the Subject DN To User Attribute Certificate Mapper 210 * implementation. 211 * 212 * @return Returns the "java-class" property definition. 213 */ 214 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 215 return PD_JAVA_CLASS; 216 } 217 218 219 220 /** 221 * Get the "subject-attribute" property definition. 222 * <p> 223 * Specifies the name or OID of the attribute whose value should 224 * exactly match the certificate subject DN. 225 * 226 * @return Returns the "subject-attribute" property definition. 227 */ 228 public AttributeTypePropertyDefinition getSubjectAttributePropertyDefinition() { 229 return PD_SUBJECT_ATTRIBUTE; 230 } 231 232 233 234 /** 235 * Get the "user-base-dn" property definition. 236 * <p> 237 * Specifies the base DNs that should be used when performing 238 * searches to map the client certificate to a user entry. 239 * 240 * @return Returns the "user-base-dn" property definition. 241 */ 242 public DNPropertyDefinition getUserBaseDNPropertyDefinition() { 243 return PD_USER_BASE_DN; 244 } 245 246 247 248 /** 249 * Managed object client implementation. 250 */ 251 private static class SubjectDNToUserAttributeCertificateMapperCfgClientImpl implements 252 SubjectDNToUserAttributeCertificateMapperCfgClient { 253 254 // Private implementation. 255 private ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl; 256 257 258 259 // Private constructor. 260 private SubjectDNToUserAttributeCertificateMapperCfgClientImpl( 261 ManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfgClient> impl) { 262 this.impl = impl; 263 } 264 265 266 267 /** 268 * {@inheritDoc} 269 */ 270 public Boolean isEnabled() { 271 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 272 } 273 274 275 276 /** 277 * {@inheritDoc} 278 */ 279 public void setEnabled(boolean value) { 280 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 281 } 282 283 284 285 /** 286 * {@inheritDoc} 287 */ 288 public String getJavaClass() { 289 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 290 } 291 292 293 294 /** 295 * {@inheritDoc} 296 */ 297 public void setJavaClass(String value) { 298 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 299 } 300 301 302 303 /** 304 * {@inheritDoc} 305 */ 306 public AttributeType getSubjectAttribute() { 307 return impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition()); 308 } 309 310 311 312 /** 313 * {@inheritDoc} 314 */ 315 public void setSubjectAttribute(AttributeType value) { 316 impl.setPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition(), value); 317 } 318 319 320 321 /** 322 * {@inheritDoc} 323 */ 324 public SortedSet<DN> getUserBaseDN() { 325 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 326 } 327 328 329 330 /** 331 * {@inheritDoc} 332 */ 333 public void setUserBaseDN(Collection<DN> values) { 334 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values); 335 } 336 337 338 339 /** 340 * {@inheritDoc} 341 */ 342 public ManagedObjectDefinition<? extends SubjectDNToUserAttributeCertificateMapperCfgClient, ? extends SubjectDNToUserAttributeCertificateMapperCfg> definition() { 343 return INSTANCE; 344 } 345 346 347 348 /** 349 * {@inheritDoc} 350 */ 351 public PropertyProvider properties() { 352 return impl; 353 } 354 355 356 357 /** 358 * {@inheritDoc} 359 */ 360 public void commit() throws ManagedObjectAlreadyExistsException, 361 MissingMandatoryPropertiesException, ConcurrentModificationException, 362 OperationRejectedException, AuthorizationException, 363 CommunicationException { 364 impl.commit(); 365 } 366 367 } 368 369 370 371 /** 372 * Managed object server implementation. 373 */ 374 private static class SubjectDNToUserAttributeCertificateMapperCfgServerImpl implements 375 SubjectDNToUserAttributeCertificateMapperCfg { 376 377 // Private implementation. 378 private ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl; 379 380 // The value of the "enabled" property. 381 private final boolean pEnabled; 382 383 // The value of the "java-class" property. 384 private final String pJavaClass; 385 386 // The value of the "subject-attribute" property. 387 private final AttributeType pSubjectAttribute; 388 389 // The value of the "user-base-dn" property. 390 private final SortedSet<DN> pUserBaseDN; 391 392 393 394 // Private constructor. 395 private SubjectDNToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectDNToUserAttributeCertificateMapperCfg> impl) { 396 this.impl = impl; 397 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 398 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 399 this.pSubjectAttribute = impl.getPropertyValue(INSTANCE.getSubjectAttributePropertyDefinition()); 400 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 401 } 402 403 404 405 /** 406 * {@inheritDoc} 407 */ 408 public void addSubjectDNToUserAttributeChangeListener( 409 ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) { 410 impl.registerChangeListener(listener); 411 } 412 413 414 415 /** 416 * {@inheritDoc} 417 */ 418 public void removeSubjectDNToUserAttributeChangeListener( 419 ConfigurationChangeListener<SubjectDNToUserAttributeCertificateMapperCfg> listener) { 420 impl.deregisterChangeListener(listener); 421 } 422 /** 423 * {@inheritDoc} 424 */ 425 public void addChangeListener( 426 ConfigurationChangeListener<CertificateMapperCfg> listener) { 427 impl.registerChangeListener(listener); 428 } 429 430 431 432 /** 433 * {@inheritDoc} 434 */ 435 public void removeChangeListener( 436 ConfigurationChangeListener<CertificateMapperCfg> listener) { 437 impl.deregisterChangeListener(listener); 438 } 439 440 441 442 /** 443 * {@inheritDoc} 444 */ 445 public boolean isEnabled() { 446 return pEnabled; 447 } 448 449 450 451 /** 452 * {@inheritDoc} 453 */ 454 public String getJavaClass() { 455 return pJavaClass; 456 } 457 458 459 460 /** 461 * {@inheritDoc} 462 */ 463 public AttributeType getSubjectAttribute() { 464 return pSubjectAttribute; 465 } 466 467 468 469 /** 470 * {@inheritDoc} 471 */ 472 public SortedSet<DN> getUserBaseDN() { 473 return pUserBaseDN; 474 } 475 476 477 478 /** 479 * {@inheritDoc} 480 */ 481 public Class<? extends SubjectDNToUserAttributeCertificateMapperCfg> configurationClass() { 482 return SubjectDNToUserAttributeCertificateMapperCfg.class; 483 } 484 485 486 487 /** 488 * {@inheritDoc} 489 */ 490 public DN dn() { 491 return impl.getDN(); 492 } 493 494 } 495 }