001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.meta; 028 029 030 031 import java.util.Collection; 032 import java.util.SortedSet; 033 import org.opends.server.admin.AdministratorAction; 034 import org.opends.server.admin.AliasDefaultBehaviorProvider; 035 import org.opends.server.admin.BooleanPropertyDefinition; 036 import org.opends.server.admin.ClassPropertyDefinition; 037 import org.opends.server.admin.client.AuthorizationException; 038 import org.opends.server.admin.client.CommunicationException; 039 import org.opends.server.admin.client.ConcurrentModificationException; 040 import org.opends.server.admin.client.ManagedObject; 041 import org.opends.server.admin.client.MissingMandatoryPropertiesException; 042 import org.opends.server.admin.client.OperationRejectedException; 043 import org.opends.server.admin.DefaultBehaviorProvider; 044 import org.opends.server.admin.DefinedDefaultBehaviorProvider; 045 import org.opends.server.admin.DNPropertyDefinition; 046 import org.opends.server.admin.ManagedObjectAlreadyExistsException; 047 import org.opends.server.admin.ManagedObjectDefinition; 048 import org.opends.server.admin.PropertyOption; 049 import org.opends.server.admin.PropertyProvider; 050 import org.opends.server.admin.server.ConfigurationChangeListener; 051 import org.opends.server.admin.server.ServerManagedObject; 052 import org.opends.server.admin.std.client.SubjectAttributeToUserAttributeCertificateMapperCfgClient; 053 import org.opends.server.admin.std.server.CertificateMapperCfg; 054 import org.opends.server.admin.std.server.SubjectAttributeToUserAttributeCertificateMapperCfg; 055 import org.opends.server.admin.StringPropertyDefinition; 056 import org.opends.server.admin.Tag; 057 import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 058 import org.opends.server.types.DN; 059 060 061 062 /** 063 * An interface for querying the Subject Attribute To User Attribute 064 * Certificate Mapper managed object definition meta information. 065 * <p> 066 * The Subject Attribute To User Attribute Certificate Mapper maps 067 * client certificates to user entries by mapping the values of 068 * attributes contained in the certificate subject to attributes 069 * contained in user entries. 070 */ 071 public final class SubjectAttributeToUserAttributeCertificateMapperCfgDefn extends ManagedObjectDefinition<SubjectAttributeToUserAttributeCertificateMapperCfgClient, SubjectAttributeToUserAttributeCertificateMapperCfg> { 072 073 // The singleton configuration definition instance. 074 private static final SubjectAttributeToUserAttributeCertificateMapperCfgDefn INSTANCE = new SubjectAttributeToUserAttributeCertificateMapperCfgDefn(); 075 076 077 078 // The "java-class" property definition. 079 private static final ClassPropertyDefinition PD_JAVA_CLASS; 080 081 082 083 // The "subject-attribute-mapping" property definition. 084 private static final StringPropertyDefinition PD_SUBJECT_ATTRIBUTE_MAPPING; 085 086 087 088 // The "user-base-dn" property definition. 089 private static final DNPropertyDefinition PD_USER_BASE_DN; 090 091 092 093 // Build the "java-class" property definition. 094 static { 095 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 096 builder.setOption(PropertyOption.MANDATORY); 097 builder.setOption(PropertyOption.ADVANCED); 098 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 099 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper"); 100 builder.setDefaultBehaviorProvider(provider); 101 builder.addInstanceOf("org.opends.server.api.CertificateMapper"); 102 PD_JAVA_CLASS = builder.getInstance(); 103 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 104 } 105 106 107 108 // Build the "subject-attribute-mapping" property definition. 109 static { 110 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "subject-attribute-mapping"); 111 builder.setOption(PropertyOption.MULTI_VALUED); 112 builder.setOption(PropertyOption.MANDATORY); 113 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "subject-attribute-mapping")); 114 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 115 PD_SUBJECT_ATTRIBUTE_MAPPING = builder.getInstance(); 116 INSTANCE.registerPropertyDefinition(PD_SUBJECT_ATTRIBUTE_MAPPING); 117 } 118 119 120 121 // Build the "user-base-dn" property definition. 122 static { 123 DNPropertyDefinition.Builder builder = DNPropertyDefinition.createBuilder(INSTANCE, "user-base-dn"); 124 builder.setOption(PropertyOption.MULTI_VALUED); 125 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "user-base-dn")); 126 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<DN>(INSTANCE, "user-base-dn")); 127 PD_USER_BASE_DN = builder.getInstance(); 128 INSTANCE.registerPropertyDefinition(PD_USER_BASE_DN); 129 } 130 131 132 133 // Register the tags associated with this managed object definition. 134 static { 135 INSTANCE.registerTag(Tag.valueOf("security")); 136 INSTANCE.registerTag(Tag.valueOf("user-management")); 137 } 138 139 140 141 /** 142 * Get the Subject Attribute To User Attribute Certificate Mapper 143 * configuration definition singleton. 144 * 145 * @return Returns the Subject Attribute To User Attribute 146 * Certificate Mapper configuration definition singleton. 147 */ 148 public static SubjectAttributeToUserAttributeCertificateMapperCfgDefn getInstance() { 149 return INSTANCE; 150 } 151 152 153 154 /** 155 * Private constructor. 156 */ 157 private SubjectAttributeToUserAttributeCertificateMapperCfgDefn() { 158 super("subject-attribute-to-user-attribute-certificate-mapper", CertificateMapperCfgDefn.getInstance()); 159 } 160 161 162 163 /** 164 * {@inheritDoc} 165 */ 166 public SubjectAttributeToUserAttributeCertificateMapperCfgClient createClientConfiguration( 167 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 168 return new SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl(impl); 169 } 170 171 172 173 /** 174 * {@inheritDoc} 175 */ 176 public SubjectAttributeToUserAttributeCertificateMapperCfg createServerConfiguration( 177 ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 178 return new SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(impl); 179 } 180 181 182 183 /** 184 * {@inheritDoc} 185 */ 186 public Class<SubjectAttributeToUserAttributeCertificateMapperCfg> getServerConfigurationClass() { 187 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 188 } 189 190 191 192 /** 193 * Get the "enabled" property definition. 194 * <p> 195 * Indicates whether the Subject Attribute To User Attribute 196 * Certificate Mapper is enabled. 197 * 198 * @return Returns the "enabled" property definition. 199 */ 200 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 201 return CertificateMapperCfgDefn.getInstance().getEnabledPropertyDefinition(); 202 } 203 204 205 206 /** 207 * Get the "java-class" property definition. 208 * <p> 209 * Specifies the fully-qualified name of the Java class that 210 * provides the Subject Attribute To User Attribute Certificate 211 * Mapper implementation. 212 * 213 * @return Returns the "java-class" property definition. 214 */ 215 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 216 return PD_JAVA_CLASS; 217 } 218 219 220 221 /** 222 * Get the "subject-attribute-mapping" property definition. 223 * <p> 224 * Specifies a mapping between certificate attributes and user 225 * attributes. 226 * <p> 227 * Each value should be in the form "certattr:userattr" where 228 * certattr is the name of the attribute in the certificate subject 229 * and userattr is the name of the corresponding attribute in user 230 * entries. There may be multiple mappings defined, and when 231 * performing the mapping values for all attributes present in the 232 * certificate subject that have mappings defined must be present in 233 * the corresponding user entries. 234 * 235 * @return Returns the "subject-attribute-mapping" property definition. 236 */ 237 public StringPropertyDefinition getSubjectAttributeMappingPropertyDefinition() { 238 return PD_SUBJECT_ATTRIBUTE_MAPPING; 239 } 240 241 242 243 /** 244 * Get the "user-base-dn" property definition. 245 * <p> 246 * Specifies the base DNs that should be used when performing 247 * searches to map the client certificate to a user entry. 248 * 249 * @return Returns the "user-base-dn" property definition. 250 */ 251 public DNPropertyDefinition getUserBaseDNPropertyDefinition() { 252 return PD_USER_BASE_DN; 253 } 254 255 256 257 /** 258 * Managed object client implementation. 259 */ 260 private static class SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl implements 261 SubjectAttributeToUserAttributeCertificateMapperCfgClient { 262 263 // Private implementation. 264 private ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl; 265 266 267 268 // Private constructor. 269 private SubjectAttributeToUserAttributeCertificateMapperCfgClientImpl( 270 ManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient> impl) { 271 this.impl = impl; 272 } 273 274 275 276 /** 277 * {@inheritDoc} 278 */ 279 public Boolean isEnabled() { 280 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 281 } 282 283 284 285 /** 286 * {@inheritDoc} 287 */ 288 public void setEnabled(boolean value) { 289 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 290 } 291 292 293 294 /** 295 * {@inheritDoc} 296 */ 297 public String getJavaClass() { 298 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 299 } 300 301 302 303 /** 304 * {@inheritDoc} 305 */ 306 public void setJavaClass(String value) { 307 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 308 } 309 310 311 312 /** 313 * {@inheritDoc} 314 */ 315 public SortedSet<String> getSubjectAttributeMapping() { 316 return impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 317 } 318 319 320 321 /** 322 * {@inheritDoc} 323 */ 324 public void setSubjectAttributeMapping(Collection<String> values) { 325 impl.setPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition(), values); 326 } 327 328 329 330 /** 331 * {@inheritDoc} 332 */ 333 public SortedSet<DN> getUserBaseDN() { 334 return impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 335 } 336 337 338 339 /** 340 * {@inheritDoc} 341 */ 342 public void setUserBaseDN(Collection<DN> values) { 343 impl.setPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition(), values); 344 } 345 346 347 348 /** 349 * {@inheritDoc} 350 */ 351 public ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient, ? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition() { 352 return INSTANCE; 353 } 354 355 356 357 /** 358 * {@inheritDoc} 359 */ 360 public PropertyProvider properties() { 361 return impl; 362 } 363 364 365 366 /** 367 * {@inheritDoc} 368 */ 369 public void commit() throws ManagedObjectAlreadyExistsException, 370 MissingMandatoryPropertiesException, ConcurrentModificationException, 371 OperationRejectedException, AuthorizationException, 372 CommunicationException { 373 impl.commit(); 374 } 375 376 } 377 378 379 380 /** 381 * Managed object server implementation. 382 */ 383 private static class SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl implements 384 SubjectAttributeToUserAttributeCertificateMapperCfg { 385 386 // Private implementation. 387 private ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl; 388 389 // The value of the "enabled" property. 390 private final boolean pEnabled; 391 392 // The value of the "java-class" property. 393 private final String pJavaClass; 394 395 // The value of the "subject-attribute-mapping" property. 396 private final SortedSet<String> pSubjectAttributeMapping; 397 398 // The value of the "user-base-dn" property. 399 private final SortedSet<DN> pUserBaseDN; 400 401 402 403 // Private constructor. 404 private SubjectAttributeToUserAttributeCertificateMapperCfgServerImpl(ServerManagedObject<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> impl) { 405 this.impl = impl; 406 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 407 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 408 this.pSubjectAttributeMapping = impl.getPropertyValues(INSTANCE.getSubjectAttributeMappingPropertyDefinition()); 409 this.pUserBaseDN = impl.getPropertyValues(INSTANCE.getUserBaseDNPropertyDefinition()); 410 } 411 412 413 414 /** 415 * {@inheritDoc} 416 */ 417 public void addSubjectAttributeToUserAttributeChangeListener( 418 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 419 impl.registerChangeListener(listener); 420 } 421 422 423 424 /** 425 * {@inheritDoc} 426 */ 427 public void removeSubjectAttributeToUserAttributeChangeListener( 428 ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener) { 429 impl.deregisterChangeListener(listener); 430 } 431 /** 432 * {@inheritDoc} 433 */ 434 public void addChangeListener( 435 ConfigurationChangeListener<CertificateMapperCfg> listener) { 436 impl.registerChangeListener(listener); 437 } 438 439 440 441 /** 442 * {@inheritDoc} 443 */ 444 public void removeChangeListener( 445 ConfigurationChangeListener<CertificateMapperCfg> listener) { 446 impl.deregisterChangeListener(listener); 447 } 448 449 450 451 /** 452 * {@inheritDoc} 453 */ 454 public boolean isEnabled() { 455 return pEnabled; 456 } 457 458 459 460 /** 461 * {@inheritDoc} 462 */ 463 public String getJavaClass() { 464 return pJavaClass; 465 } 466 467 468 469 /** 470 * {@inheritDoc} 471 */ 472 public SortedSet<String> getSubjectAttributeMapping() { 473 return pSubjectAttributeMapping; 474 } 475 476 477 478 /** 479 * {@inheritDoc} 480 */ 481 public SortedSet<DN> getUserBaseDN() { 482 return pUserBaseDN; 483 } 484 485 486 487 /** 488 * {@inheritDoc} 489 */ 490 public Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass() { 491 return SubjectAttributeToUserAttributeCertificateMapperCfg.class; 492 } 493 494 495 496 /** 497 * {@inheritDoc} 498 */ 499 public DN dn() { 500 return impl.getDN(); 501 } 502 503 } 504 }