001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.meta;
027
028
029
030import java.net.InetAddress;
031import java.util.Collection;
032import java.util.SortedSet;
033import org.forgerock.opendj.ldap.AddressMask;
034import org.opends.server.admin.AdministratorAction;
035import org.opends.server.admin.AggregationPropertyDefinition;
036import org.opends.server.admin.AliasDefaultBehaviorProvider;
037import org.opends.server.admin.BooleanPropertyDefinition;
038import org.opends.server.admin.ClassPropertyDefinition;
039import org.opends.server.admin.client.AuthorizationException;
040import org.opends.server.admin.client.CommunicationException;
041import org.opends.server.admin.client.ConcurrentModificationException;
042import org.opends.server.admin.client.ManagedObject;
043import org.opends.server.admin.client.MissingMandatoryPropertiesException;
044import org.opends.server.admin.client.OperationRejectedException;
045import org.opends.server.admin.condition.Conditions;
046import org.opends.server.admin.DefaultBehaviorProvider;
047import org.opends.server.admin.DefinedDefaultBehaviorProvider;
048import org.opends.server.admin.DurationPropertyDefinition;
049import org.opends.server.admin.EnumPropertyDefinition;
050import org.opends.server.admin.GenericConstraint;
051import org.opends.server.admin.IntegerPropertyDefinition;
052import org.opends.server.admin.IPAddressMaskPropertyDefinition;
053import org.opends.server.admin.IPAddressPropertyDefinition;
054import org.opends.server.admin.ManagedObjectAlreadyExistsException;
055import org.opends.server.admin.ManagedObjectDefinition;
056import org.opends.server.admin.PropertyOption;
057import org.opends.server.admin.PropertyProvider;
058import org.opends.server.admin.server.ConfigurationChangeListener;
059import org.opends.server.admin.server.ServerManagedObject;
060import org.opends.server.admin.SizePropertyDefinition;
061import org.opends.server.admin.std.client.KeyManagerProviderCfgClient;
062import org.opends.server.admin.std.client.LDAPConnectionHandlerCfgClient;
063import org.opends.server.admin.std.client.TrustManagerProviderCfgClient;
064import org.opends.server.admin.std.server.ConnectionHandlerCfg;
065import org.opends.server.admin.std.server.KeyManagerProviderCfg;
066import org.opends.server.admin.std.server.LDAPConnectionHandlerCfg;
067import org.opends.server.admin.std.server.TrustManagerProviderCfg;
068import org.opends.server.admin.StringPropertyDefinition;
069import org.opends.server.admin.Tag;
070import org.opends.server.admin.UndefinedDefaultBehaviorProvider;
071import org.opends.server.types.DN;
072
073
074
075/**
076 * An interface for querying the LDAP Connection Handler managed
077 * object definition meta information.
078 * <p>
079 * The LDAP Connection Handler is used to interact with clients using
080 * LDAP.
081 */
082public final class LDAPConnectionHandlerCfgDefn extends ManagedObjectDefinition<LDAPConnectionHandlerCfgClient, LDAPConnectionHandlerCfg> {
083
084  // The singleton configuration definition instance.
085  private static final LDAPConnectionHandlerCfgDefn INSTANCE = new LDAPConnectionHandlerCfgDefn();
086
087
088
089  /**
090   * Defines the set of permissable values for the "ssl-client-auth-policy" property.
091   * <p>
092   * Specifies the policy that the LDAP Connection Handler should use
093   * regarding client SSL certificates. Clients can use the SASL
094   * EXTERNAL mechanism only if the policy is set to "optional" or
095   * "required".
096   * <p>
097   * This is only applicable if clients are allowed to use SSL.
098   */
099  public static enum SSLClientAuthPolicy {
100
101    /**
102     * Clients must not provide their own certificates when performing
103     * SSL negotiation.
104     */
105    DISABLED("disabled"),
106
107
108
109    /**
110     * Clients are requested to provide their own certificates when
111     * performing SSL negotiation. The connection is nevertheless
112     * accepted if the client does not provide a certificate.
113     */
114    OPTIONAL("optional"),
115
116
117
118    /**
119     * Clients are required to provide their own certificates when
120     * performing SSL negotiation and are refused access if they do not
121     * provide a certificate.
122     */
123    REQUIRED("required");
124
125
126
127    // String representation of the value.
128    private final String name;
129
130
131
132    // Private constructor.
133    private SSLClientAuthPolicy(String name) { this.name = name; }
134
135
136
137    /**
138     * {@inheritDoc}
139     */
140    public String toString() { return name; }
141
142  }
143
144
145
146  // The "accept-backlog" property definition.
147  private static final IntegerPropertyDefinition PD_ACCEPT_BACKLOG;
148
149
150
151  // The "allow-ldap-v2" property definition.
152  private static final BooleanPropertyDefinition PD_ALLOW_LDAP_V2;
153
154
155
156  // The "allow-start-tls" property definition.
157  private static final BooleanPropertyDefinition PD_ALLOW_START_TLS;
158
159
160
161  // The "allow-tcp-reuse-address" property definition.
162  private static final BooleanPropertyDefinition PD_ALLOW_TCP_REUSE_ADDRESS;
163
164
165
166  // The "buffer-size" property definition.
167  private static final SizePropertyDefinition PD_BUFFER_SIZE;
168
169
170
171  // The "java-class" property definition.
172  private static final ClassPropertyDefinition PD_JAVA_CLASS;
173
174
175
176  // The "keep-stats" property definition.
177  private static final BooleanPropertyDefinition PD_KEEP_STATS;
178
179
180
181  // The "key-manager-provider" property definition.
182  private static final AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> PD_KEY_MANAGER_PROVIDER;
183
184
185
186  // The "listen-address" property definition.
187  private static final IPAddressPropertyDefinition PD_LISTEN_ADDRESS;
188
189
190
191  // The "listen-port" property definition.
192  private static final IntegerPropertyDefinition PD_LISTEN_PORT;
193
194
195
196  // The "max-blocked-write-time-limit" property definition.
197  private static final DurationPropertyDefinition PD_MAX_BLOCKED_WRITE_TIME_LIMIT;
198
199
200
201  // The "max-request-size" property definition.
202  private static final SizePropertyDefinition PD_MAX_REQUEST_SIZE;
203
204
205
206  // The "num-request-handlers" property definition.
207  private static final IntegerPropertyDefinition PD_NUM_REQUEST_HANDLERS;
208
209
210
211  // The "send-rejection-notice" property definition.
212  private static final BooleanPropertyDefinition PD_SEND_REJECTION_NOTICE;
213
214
215
216  // The "ssl-cert-nickname" property definition.
217  private static final StringPropertyDefinition PD_SSL_CERT_NICKNAME;
218
219
220
221  // The "ssl-cipher-suite" property definition.
222  private static final StringPropertyDefinition PD_SSL_CIPHER_SUITE;
223
224
225
226  // The "ssl-client-auth-policy" property definition.
227  private static final EnumPropertyDefinition<SSLClientAuthPolicy> PD_SSL_CLIENT_AUTH_POLICY;
228
229
230
231  // The "ssl-protocol" property definition.
232  private static final StringPropertyDefinition PD_SSL_PROTOCOL;
233
234
235
236  // The "trust-manager-provider" property definition.
237  private static final AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> PD_TRUST_MANAGER_PROVIDER;
238
239
240
241  // The "use-ssl" property definition.
242  private static final BooleanPropertyDefinition PD_USE_SSL;
243
244
245
246  // The "use-tcp-keep-alive" property definition.
247  private static final BooleanPropertyDefinition PD_USE_TCP_KEEP_ALIVE;
248
249
250
251  // The "use-tcp-no-delay" property definition.
252  private static final BooleanPropertyDefinition PD_USE_TCP_NO_DELAY;
253
254
255
256  // Build the "accept-backlog" property definition.
257  static {
258      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "accept-backlog");
259      builder.setOption(PropertyOption.ADVANCED);
260      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "accept-backlog"));
261      DefaultBehaviorProvider<Integer> provider = new DefinedDefaultBehaviorProvider<Integer>("128");
262      builder.setDefaultBehaviorProvider(provider);
263      builder.setLowerLimit(1);
264      PD_ACCEPT_BACKLOG = builder.getInstance();
265      INSTANCE.registerPropertyDefinition(PD_ACCEPT_BACKLOG);
266  }
267
268
269
270  // Build the "allow-ldap-v2" property definition.
271  static {
272      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-ldap-v2");
273      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-ldap-v2"));
274      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
275      builder.setDefaultBehaviorProvider(provider);
276      PD_ALLOW_LDAP_V2 = builder.getInstance();
277      INSTANCE.registerPropertyDefinition(PD_ALLOW_LDAP_V2);
278  }
279
280
281
282  // Build the "allow-start-tls" property definition.
283  static {
284      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-start-tls");
285      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "allow-start-tls"));
286      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
287      builder.setDefaultBehaviorProvider(provider);
288      PD_ALLOW_START_TLS = builder.getInstance();
289      INSTANCE.registerPropertyDefinition(PD_ALLOW_START_TLS);
290  }
291
292
293
294  // Build the "allow-tcp-reuse-address" property definition.
295  static {
296      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "allow-tcp-reuse-address");
297      builder.setOption(PropertyOption.ADVANCED);
298      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "allow-tcp-reuse-address"));
299      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
300      builder.setDefaultBehaviorProvider(provider);
301      PD_ALLOW_TCP_REUSE_ADDRESS = builder.getInstance();
302      INSTANCE.registerPropertyDefinition(PD_ALLOW_TCP_REUSE_ADDRESS);
303  }
304
305
306
307  // Build the "buffer-size" property definition.
308  static {
309      SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "buffer-size");
310      builder.setOption(PropertyOption.ADVANCED);
311      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "buffer-size"));
312      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("4096 bytes");
313      builder.setDefaultBehaviorProvider(provider);
314      builder.setUpperLimit("2147483647b");
315      builder.setLowerLimit("1b");
316      PD_BUFFER_SIZE = builder.getInstance();
317      INSTANCE.registerPropertyDefinition(PD_BUFFER_SIZE);
318  }
319
320
321
322  // Build the "java-class" property definition.
323  static {
324      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
325      builder.setOption(PropertyOption.MANDATORY);
326      builder.setOption(PropertyOption.ADVANCED);
327      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
328      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.protocols.ldap.LDAPConnectionHandler");
329      builder.setDefaultBehaviorProvider(provider);
330      builder.addInstanceOf("org.opends.server.api.ConnectionHandler");
331      PD_JAVA_CLASS = builder.getInstance();
332      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
333  }
334
335
336
337  // Build the "keep-stats" property definition.
338  static {
339      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "keep-stats");
340      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "keep-stats"));
341      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
342      builder.setDefaultBehaviorProvider(provider);
343      PD_KEEP_STATS = builder.getInstance();
344      INSTANCE.registerPropertyDefinition(PD_KEEP_STATS);
345  }
346
347
348
349  // Build the "key-manager-provider" property definition.
350  static {
351      AggregationPropertyDefinition.Builder<KeyManagerProviderCfgClient, KeyManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "key-manager-provider");
352      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-manager-provider"));
353      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
354      builder.setParentPath("/");
355      builder.setRelationDefinition("key-manager-provider");
356      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))));
357      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
358      PD_KEY_MANAGER_PROVIDER = builder.getInstance();
359      INSTANCE.registerPropertyDefinition(PD_KEY_MANAGER_PROVIDER);
360      INSTANCE.registerConstraint(PD_KEY_MANAGER_PROVIDER.getSourceConstraint());
361  }
362
363
364
365  // Build the "listen-address" property definition.
366  static {
367      IPAddressPropertyDefinition.Builder builder = IPAddressPropertyDefinition.createBuilder(INSTANCE, "listen-address");
368      builder.setOption(PropertyOption.MULTI_VALUED);
369      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-address"));
370      DefaultBehaviorProvider<InetAddress> provider = new DefinedDefaultBehaviorProvider<InetAddress>("0.0.0.0");
371      builder.setDefaultBehaviorProvider(provider);
372      PD_LISTEN_ADDRESS = builder.getInstance();
373      INSTANCE.registerPropertyDefinition(PD_LISTEN_ADDRESS);
374  }
375
376
377
378  // Build the "listen-port" property definition.
379  static {
380      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "listen-port");
381      builder.setOption(PropertyOption.MANDATORY);
382      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "listen-port"));
383      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<Integer>());
384      builder.setUpperLimit(65535);
385      builder.setLowerLimit(1);
386      PD_LISTEN_PORT = builder.getInstance();
387      INSTANCE.registerPropertyDefinition(PD_LISTEN_PORT);
388  }
389
390
391
392  // Build the "max-blocked-write-time-limit" property definition.
393  static {
394      DurationPropertyDefinition.Builder builder = DurationPropertyDefinition.createBuilder(INSTANCE, "max-blocked-write-time-limit");
395      builder.setOption(PropertyOption.ADVANCED);
396      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-blocked-write-time-limit"));
397      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("2 minutes");
398      builder.setDefaultBehaviorProvider(provider);
399      builder.setBaseUnit("ms");
400      builder.setLowerLimit("0");
401      PD_MAX_BLOCKED_WRITE_TIME_LIMIT = builder.getInstance();
402      INSTANCE.registerPropertyDefinition(PD_MAX_BLOCKED_WRITE_TIME_LIMIT);
403  }
404
405
406
407  // Build the "max-request-size" property definition.
408  static {
409      SizePropertyDefinition.Builder builder = SizePropertyDefinition.createBuilder(INSTANCE, "max-request-size");
410      builder.setOption(PropertyOption.ADVANCED);
411      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "max-request-size"));
412      DefaultBehaviorProvider<Long> provider = new DefinedDefaultBehaviorProvider<Long>("5 megabytes");
413      builder.setDefaultBehaviorProvider(provider);
414      builder.setUpperLimit("2147483647b");
415      PD_MAX_REQUEST_SIZE = builder.getInstance();
416      INSTANCE.registerPropertyDefinition(PD_MAX_REQUEST_SIZE);
417  }
418
419
420
421  // Build the "num-request-handlers" property definition.
422  static {
423      IntegerPropertyDefinition.Builder builder = IntegerPropertyDefinition.createBuilder(INSTANCE, "num-request-handlers");
424      builder.setOption(PropertyOption.ADVANCED);
425      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "num-request-handlers"));
426      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Integer>(INSTANCE, "num-request-handlers"));
427      builder.setLowerLimit(1);
428      PD_NUM_REQUEST_HANDLERS = builder.getInstance();
429      INSTANCE.registerPropertyDefinition(PD_NUM_REQUEST_HANDLERS);
430  }
431
432
433
434  // Build the "send-rejection-notice" property definition.
435  static {
436      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "send-rejection-notice");
437      builder.setOption(PropertyOption.ADVANCED);
438      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "send-rejection-notice"));
439      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
440      builder.setDefaultBehaviorProvider(provider);
441      PD_SEND_REJECTION_NOTICE = builder.getInstance();
442      INSTANCE.registerPropertyDefinition(PD_SEND_REJECTION_NOTICE);
443  }
444
445
446
447  // Build the "ssl-cert-nickname" property definition.
448  static {
449      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cert-nickname");
450      builder.setOption(PropertyOption.MULTI_VALUED);
451      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-cert-nickname"));
452      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cert-nickname"));
453      PD_SSL_CERT_NICKNAME = builder.getInstance();
454      INSTANCE.registerPropertyDefinition(PD_SSL_CERT_NICKNAME);
455  }
456
457
458
459  // Build the "ssl-cipher-suite" property definition.
460  static {
461      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-cipher-suite");
462      builder.setOption(PropertyOption.MULTI_VALUED);
463      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-cipher-suite"));
464      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-cipher-suite"));
465      PD_SSL_CIPHER_SUITE = builder.getInstance();
466      INSTANCE.registerPropertyDefinition(PD_SSL_CIPHER_SUITE);
467  }
468
469
470
471  // Build the "ssl-client-auth-policy" property definition.
472  static {
473      EnumPropertyDefinition.Builder<SSLClientAuthPolicy> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "ssl-client-auth-policy");
474      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "ssl-client-auth-policy"));
475      DefaultBehaviorProvider<SSLClientAuthPolicy> provider = new DefinedDefaultBehaviorProvider<SSLClientAuthPolicy>("optional");
476      builder.setDefaultBehaviorProvider(provider);
477      builder.setEnumClass(SSLClientAuthPolicy.class);
478      PD_SSL_CLIENT_AUTH_POLICY = builder.getInstance();
479      INSTANCE.registerPropertyDefinition(PD_SSL_CLIENT_AUTH_POLICY);
480  }
481
482
483
484  // Build the "ssl-protocol" property definition.
485  static {
486      StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "ssl-protocol");
487      builder.setOption(PropertyOption.MULTI_VALUED);
488      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "ssl-protocol"));
489      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "ssl-protocol"));
490      PD_SSL_PROTOCOL = builder.getInstance();
491      INSTANCE.registerPropertyDefinition(PD_SSL_PROTOCOL);
492  }
493
494
495
496  // Build the "trust-manager-provider" property definition.
497  static {
498      AggregationPropertyDefinition.Builder<TrustManagerProviderCfgClient, TrustManagerProviderCfg> builder = AggregationPropertyDefinition.createBuilder(INSTANCE, "trust-manager-provider");
499      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "trust-manager-provider"));
500      builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>());
501      builder.setParentPath("/");
502      builder.setRelationDefinition("trust-manager-provider");
503      builder.setTargetNeedsEnablingCondition(Conditions.and(Conditions.contains("enabled", "true"), Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))));
504      builder.setTargetIsEnabledCondition(Conditions.contains("enabled", "true"));
505      PD_TRUST_MANAGER_PROVIDER = builder.getInstance();
506      INSTANCE.registerPropertyDefinition(PD_TRUST_MANAGER_PROVIDER);
507      INSTANCE.registerConstraint(PD_TRUST_MANAGER_PROVIDER.getSourceConstraint());
508  }
509
510
511
512  // Build the "use-ssl" property definition.
513  static {
514      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-ssl");
515      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "use-ssl"));
516      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("false");
517      builder.setDefaultBehaviorProvider(provider);
518      PD_USE_SSL = builder.getInstance();
519      INSTANCE.registerPropertyDefinition(PD_USE_SSL);
520  }
521
522
523
524  // Build the "use-tcp-keep-alive" property definition.
525  static {
526      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-keep-alive");
527      builder.setOption(PropertyOption.ADVANCED);
528      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-keep-alive"));
529      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
530      builder.setDefaultBehaviorProvider(provider);
531      PD_USE_TCP_KEEP_ALIVE = builder.getInstance();
532      INSTANCE.registerPropertyDefinition(PD_USE_TCP_KEEP_ALIVE);
533  }
534
535
536
537  // Build the "use-tcp-no-delay" property definition.
538  static {
539      BooleanPropertyDefinition.Builder builder = BooleanPropertyDefinition.createBuilder(INSTANCE, "use-tcp-no-delay");
540      builder.setOption(PropertyOption.ADVANCED);
541      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "use-tcp-no-delay"));
542      DefaultBehaviorProvider<Boolean> provider = new DefinedDefaultBehaviorProvider<Boolean>("true");
543      builder.setDefaultBehaviorProvider(provider);
544      PD_USE_TCP_NO_DELAY = builder.getInstance();
545      INSTANCE.registerPropertyDefinition(PD_USE_TCP_NO_DELAY);
546  }
547
548
549
550  // Register the tags associated with this managed object definition.
551  static {
552    INSTANCE.registerTag(Tag.valueOf("core-server"));
553  }
554
555
556
557  // Register the constraints associated with this managed object definition.
558  static {
559    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("key-manager-provider")))));
560    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 2, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.implies(Conditions.or(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true")), Conditions.isPresent("trust-manager-provider")))));
561    INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 3, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.not(Conditions.and(Conditions.contains("use-ssl", "true"), Conditions.contains("allow-start-tls", "true"))))));
562  }
563
564
565
566  /**
567   * Get the LDAP Connection Handler configuration definition
568   * singleton.
569   *
570   * @return Returns the LDAP Connection Handler configuration
571   *         definition singleton.
572   */
573  public static LDAPConnectionHandlerCfgDefn getInstance() {
574    return INSTANCE;
575  }
576
577
578
579  /**
580   * Private constructor.
581   */
582  private LDAPConnectionHandlerCfgDefn() {
583    super("ldap-connection-handler", ConnectionHandlerCfgDefn.getInstance());
584  }
585
586
587
588  /**
589   * {@inheritDoc}
590   */
591  public LDAPConnectionHandlerCfgClient createClientConfiguration(
592      ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) {
593    return new LDAPConnectionHandlerCfgClientImpl(impl);
594  }
595
596
597
598  /**
599   * {@inheritDoc}
600   */
601  public LDAPConnectionHandlerCfg createServerConfiguration(
602      ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) {
603    return new LDAPConnectionHandlerCfgServerImpl(impl);
604  }
605
606
607
608  /**
609   * {@inheritDoc}
610   */
611  public Class<LDAPConnectionHandlerCfg> getServerConfigurationClass() {
612    return LDAPConnectionHandlerCfg.class;
613  }
614
615
616
617  /**
618   * Get the "accept-backlog" property definition.
619   * <p>
620   * Specifies the maximum number of pending connection attempts that
621   * are allowed to queue up in the accept backlog before the server
622   * starts rejecting new connection attempts.
623   * <p>
624   * This is primarily an issue for cases in which a large number of
625   * connections are established to the server in a very short period
626   * of time (for example, a benchmark utility that creates a large
627   * number of client threads that each have their own connection to
628   * the server) and the connection handler is unable to keep up with
629   * the rate at which the new connections are established.
630   *
631   * @return Returns the "accept-backlog" property definition.
632   */
633  public IntegerPropertyDefinition getAcceptBacklogPropertyDefinition() {
634    return PD_ACCEPT_BACKLOG;
635  }
636
637
638
639  /**
640   * Get the "allowed-client" property definition.
641   * <p>
642   * Specifies a set of host names or address masks that determine the
643   * clients that are allowed to establish connections to this LDAP
644   * Connection Handler.
645   * <p>
646   * Valid values include a host name, a fully qualified domain name,
647   * a domain name, an IP address, or a subnetwork with subnetwork
648   * mask.
649   *
650   * @return Returns the "allowed-client" property definition.
651   */
652  public IPAddressMaskPropertyDefinition getAllowedClientPropertyDefinition() {
653    return ConnectionHandlerCfgDefn.getInstance().getAllowedClientPropertyDefinition();
654  }
655
656
657
658  /**
659   * Get the "allow-ldap-v2" property definition.
660   * <p>
661   * Indicates whether connections from LDAPv2 clients are allowed.
662   * <p>
663   * If LDAPv2 clients are allowed, then only a minimal degree of
664   * special support are provided for them to ensure that
665   * LDAPv3-specific protocol elements (for example, Configuration
666   * Guide 25 controls, extended response messages, intermediate
667   * response messages, referrals) are not sent to an LDAPv2 client.
668   *
669   * @return Returns the "allow-ldap-v2" property definition.
670   */
671  public BooleanPropertyDefinition getAllowLDAPV2PropertyDefinition() {
672    return PD_ALLOW_LDAP_V2;
673  }
674
675
676
677  /**
678   * Get the "allow-start-tls" property definition.
679   * <p>
680   * Indicates whether clients are allowed to use StartTLS.
681   * <p>
682   * If enabled, the LDAP Connection Handler allows clients to use the
683   * StartTLS extended operation to initiate secure communication over
684   * an otherwise insecure channel. Note that this is only allowed if
685   * the LDAP Connection Handler is not configured to use SSL, and if
686   * the server is configured with a valid key manager provider and a
687   * valid trust manager provider.
688   *
689   * @return Returns the "allow-start-tls" property definition.
690   */
691  public BooleanPropertyDefinition getAllowStartTLSPropertyDefinition() {
692    return PD_ALLOW_START_TLS;
693  }
694
695
696
697  /**
698   * Get the "allow-tcp-reuse-address" property definition.
699   * <p>
700   * Indicates whether the LDAP Connection Handler should reuse socket
701   * descriptors.
702   * <p>
703   * If enabled, the SO_REUSEADDR socket option is used on the server
704   * listen socket to potentially allow the reuse of socket descriptors
705   * for clients in a TIME_WAIT state. This may help the server avoid
706   * temporarily running out of socket descriptors in cases in which a
707   * very large number of short-lived connections have been established
708   * from the same client system.
709   *
710   * @return Returns the "allow-tcp-reuse-address" property definition.
711   */
712  public BooleanPropertyDefinition getAllowTCPReuseAddressPropertyDefinition() {
713    return PD_ALLOW_TCP_REUSE_ADDRESS;
714  }
715
716
717
718  /**
719   * Get the "buffer-size" property definition.
720   * <p>
721   * Specifies the size in bytes of the LDAP response message write
722   * buffer.
723   * <p>
724   * This property specifies write buffer size allocated by the server
725   * for each client connection and used to buffer LDAP response
726   * messages data when writing.
727   *
728   * @return Returns the "buffer-size" property definition.
729   */
730  public SizePropertyDefinition getBufferSizePropertyDefinition() {
731    return PD_BUFFER_SIZE;
732  }
733
734
735
736  /**
737   * Get the "denied-client" property definition.
738   * <p>
739   * Specifies a set of host names or address masks that determine the
740   * clients that are not allowed to establish connections to this LDAP
741   * Connection Handler.
742   * <p>
743   * Valid values include a host name, a fully qualified domain name,
744   * a domain name, an IP address, or a subnetwork with subnetwork
745   * mask. If both allowed and denied client masks are defined and a
746   * client connection matches one or more masks in both lists, then
747   * the connection is denied. If only a denied list is specified, then
748   * any client not matching a mask in that list is allowed.
749   *
750   * @return Returns the "denied-client" property definition.
751   */
752  public IPAddressMaskPropertyDefinition getDeniedClientPropertyDefinition() {
753    return ConnectionHandlerCfgDefn.getInstance().getDeniedClientPropertyDefinition();
754  }
755
756
757
758  /**
759   * Get the "enabled" property definition.
760   * <p>
761   * Indicates whether the LDAP Connection Handler is enabled.
762   *
763   * @return Returns the "enabled" property definition.
764   */
765  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
766    return ConnectionHandlerCfgDefn.getInstance().getEnabledPropertyDefinition();
767  }
768
769
770
771  /**
772   * Get the "java-class" property definition.
773   * <p>
774   * Specifies the fully-qualified name of the Java class that
775   * provides the LDAP Connection Handler implementation.
776   *
777   * @return Returns the "java-class" property definition.
778   */
779  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
780    return PD_JAVA_CLASS;
781  }
782
783
784
785  /**
786   * Get the "keep-stats" property definition.
787   * <p>
788   * Indicates whether the LDAP Connection Handler should keep
789   * statistics.
790   * <p>
791   * If enabled, the LDAP Connection Handler maintains statistics
792   * about the number and types of operations requested over LDAP and
793   * the amount of data sent and received.
794   *
795   * @return Returns the "keep-stats" property definition.
796   */
797  public BooleanPropertyDefinition getKeepStatsPropertyDefinition() {
798    return PD_KEEP_STATS;
799  }
800
801
802
803  /**
804   * Get the "key-manager-provider" property definition.
805   * <p>
806   * Specifies the name of the key manager that should be used with
807   * this LDAP Connection Handler .
808   *
809   * @return Returns the "key-manager-provider" property definition.
810   */
811  public AggregationPropertyDefinition<KeyManagerProviderCfgClient, KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition() {
812    return PD_KEY_MANAGER_PROVIDER;
813  }
814
815
816
817  /**
818   * Get the "listen-address" property definition.
819   * <p>
820   * Specifies the address or set of addresses on which this LDAP
821   * Connection Handler should listen for connections from LDAP
822   * clients.
823   * <p>
824   * Multiple addresses may be provided as separate values for this
825   * attribute. If no values are provided, then the LDAP Connection
826   * Handler listens on all interfaces.
827   *
828   * @return Returns the "listen-address" property definition.
829   */
830  public IPAddressPropertyDefinition getListenAddressPropertyDefinition() {
831    return PD_LISTEN_ADDRESS;
832  }
833
834
835
836  /**
837   * Get the "listen-port" property definition.
838   * <p>
839   * Specifies the port number on which the LDAP Connection Handler
840   * will listen for connections from clients.
841   * <p>
842   * Only a single port number may be provided.
843   *
844   * @return Returns the "listen-port" property definition.
845   */
846  public IntegerPropertyDefinition getListenPortPropertyDefinition() {
847    return PD_LISTEN_PORT;
848  }
849
850
851
852  /**
853   * Get the "max-blocked-write-time-limit" property definition.
854   * <p>
855   * Specifies the maximum length of time that attempts to write data
856   * to LDAP clients should be allowed to block.
857   * <p>
858   * If an attempt to write data to a client takes longer than this
859   * length of time, then the client connection is terminated.
860   *
861   * @return Returns the "max-blocked-write-time-limit" property definition.
862   */
863  public DurationPropertyDefinition getMaxBlockedWriteTimeLimitPropertyDefinition() {
864    return PD_MAX_BLOCKED_WRITE_TIME_LIMIT;
865  }
866
867
868
869  /**
870   * Get the "max-request-size" property definition.
871   * <p>
872   * Specifies the size in bytes of the largest LDAP request message
873   * that will be allowed by this LDAP Connection handler.
874   * <p>
875   * This property is analogous to the maxBERSize configuration
876   * attribute of the Sun Java System Directory Server. This can help
877   * prevent denial-of-service attacks by clients that indicate they
878   * send extremely large requests to the server causing it to attempt
879   * to allocate large amounts of memory.
880   *
881   * @return Returns the "max-request-size" property definition.
882   */
883  public SizePropertyDefinition getMaxRequestSizePropertyDefinition() {
884    return PD_MAX_REQUEST_SIZE;
885  }
886
887
888
889  /**
890   * Get the "num-request-handlers" property definition.
891   * <p>
892   * Specifies the number of request handlers that are used to read
893   * requests from clients.
894   * <p>
895   * The LDAP Connection Handler uses one thread to accept new
896   * connections from clients, but uses one or more additional threads
897   * to read requests from existing client connections. This ensures
898   * that new requests are read efficiently and that the connection
899   * handler itself does not become a bottleneck when the server is
900   * under heavy load from many clients at the same time.
901   *
902   * @return Returns the "num-request-handlers" property definition.
903   */
904  public IntegerPropertyDefinition getNumRequestHandlersPropertyDefinition() {
905    return PD_NUM_REQUEST_HANDLERS;
906  }
907
908
909
910  /**
911   * Get the "send-rejection-notice" property definition.
912   * <p>
913   * Indicates whether the LDAP Connection Handler should send a
914   * notice of disconnection extended response message to the client if
915   * a new connection is rejected for some reason.
916   * <p>
917   * The extended response message may provide an explanation
918   * indicating the reason that the connection was rejected.
919   *
920   * @return Returns the "send-rejection-notice" property definition.
921   */
922  public BooleanPropertyDefinition getSendRejectionNoticePropertyDefinition() {
923    return PD_SEND_REJECTION_NOTICE;
924  }
925
926
927
928  /**
929   * Get the "ssl-cert-nickname" property definition.
930   * <p>
931   * Specifies the nicknames (also called the aliases) of the
932   * certificates that the LDAP Connection Handler should use when
933   * performing SSL communication. The property can be used multiple
934   * times (referencing different nicknames) when an RSA, a DSA, and an
935   * ECC based server certificate is used in parallel.
936   * <p>
937   * This is only applicable when the LDAP Connection Handler is
938   * configured to use SSL.
939   *
940   * @return Returns the "ssl-cert-nickname" property definition.
941   */
942  public StringPropertyDefinition getSSLCertNicknamePropertyDefinition() {
943    return PD_SSL_CERT_NICKNAME;
944  }
945
946
947
948  /**
949   * Get the "ssl-cipher-suite" property definition.
950   * <p>
951   * Specifies the names of the SSL cipher suites that are allowed for
952   * use in SSL or StartTLS communication.
953   *
954   * @return Returns the "ssl-cipher-suite" property definition.
955   */
956  public StringPropertyDefinition getSSLCipherSuitePropertyDefinition() {
957    return PD_SSL_CIPHER_SUITE;
958  }
959
960
961
962  /**
963   * Get the "ssl-client-auth-policy" property definition.
964   * <p>
965   * Specifies the policy that the LDAP Connection Handler should use
966   * regarding client SSL certificates. Clients can use the SASL
967   * EXTERNAL mechanism only if the policy is set to "optional" or
968   * "required".
969   * <p>
970   * This is only applicable if clients are allowed to use SSL.
971   *
972   * @return Returns the "ssl-client-auth-policy" property definition.
973   */
974  public EnumPropertyDefinition<SSLClientAuthPolicy> getSSLClientAuthPolicyPropertyDefinition() {
975    return PD_SSL_CLIENT_AUTH_POLICY;
976  }
977
978
979
980  /**
981   * Get the "ssl-protocol" property definition.
982   * <p>
983   * Specifies the names of the SSL protocols that are allowed for use
984   * in SSL or StartTLS communication.
985   *
986   * @return Returns the "ssl-protocol" property definition.
987   */
988  public StringPropertyDefinition getSSLProtocolPropertyDefinition() {
989    return PD_SSL_PROTOCOL;
990  }
991
992
993
994  /**
995   * Get the "trust-manager-provider" property definition.
996   * <p>
997   * Specifies the name of the trust manager that should be used with
998   * the LDAP Connection Handler .
999   *
1000   * @return Returns the "trust-manager-provider" property definition.
1001   */
1002  public AggregationPropertyDefinition<TrustManagerProviderCfgClient, TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition() {
1003    return PD_TRUST_MANAGER_PROVIDER;
1004  }
1005
1006
1007
1008  /**
1009   * Get the "use-ssl" property definition.
1010   * <p>
1011   * Indicates whether the LDAP Connection Handler should use SSL.
1012   * <p>
1013   * If enabled, the LDAP Connection Handler will use SSL to encrypt
1014   * communication with the clients.
1015   *
1016   * @return Returns the "use-ssl" property definition.
1017   */
1018  public BooleanPropertyDefinition getUseSSLPropertyDefinition() {
1019    return PD_USE_SSL;
1020  }
1021
1022
1023
1024  /**
1025   * Get the "use-tcp-keep-alive" property definition.
1026   * <p>
1027   * Indicates whether the LDAP Connection Handler should use TCP
1028   * keep-alive.
1029   * <p>
1030   * If enabled, the SO_KEEPALIVE socket option is used to indicate
1031   * that TCP keepalive messages should periodically be sent to the
1032   * client to verify that the associated connection is still valid.
1033   * This may also help prevent cases in which intermediate network
1034   * hardware could silently drop an otherwise idle client connection,
1035   * provided that the keepalive interval configured in the underlying
1036   * operating system is smaller than the timeout enforced by the
1037   * network hardware.
1038   *
1039   * @return Returns the "use-tcp-keep-alive" property definition.
1040   */
1041  public BooleanPropertyDefinition getUseTCPKeepAlivePropertyDefinition() {
1042    return PD_USE_TCP_KEEP_ALIVE;
1043  }
1044
1045
1046
1047  /**
1048   * Get the "use-tcp-no-delay" property definition.
1049   * <p>
1050   * Indicates whether the LDAP Connection Handler should use TCP
1051   * no-delay.
1052   * <p>
1053   * If enabled, the TCP_NODELAY socket option is used to ensure that
1054   * response messages to the client are sent immediately rather than
1055   * potentially waiting to determine whether additional response
1056   * messages can be sent in the same packet. In most cases, using the
1057   * TCP_NODELAY socket option provides better performance and lower
1058   * response times, but disabling it may help for some cases in which
1059   * the server sends a large number of entries to a client in response
1060   * to a search request.
1061   *
1062   * @return Returns the "use-tcp-no-delay" property definition.
1063   */
1064  public BooleanPropertyDefinition getUseTCPNoDelayPropertyDefinition() {
1065    return PD_USE_TCP_NO_DELAY;
1066  }
1067
1068
1069
1070  /**
1071   * Managed object client implementation.
1072   */
1073  private static class LDAPConnectionHandlerCfgClientImpl implements
1074    LDAPConnectionHandlerCfgClient {
1075
1076    // Private implementation.
1077    private ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl;
1078
1079
1080
1081    // Private constructor.
1082    private LDAPConnectionHandlerCfgClientImpl(
1083        ManagedObject<? extends LDAPConnectionHandlerCfgClient> impl) {
1084      this.impl = impl;
1085    }
1086
1087
1088
1089    /**
1090     * {@inheritDoc}
1091     */
1092    public int getAcceptBacklog() {
1093      return impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition());
1094    }
1095
1096
1097
1098    /**
1099     * {@inheritDoc}
1100     */
1101    public void setAcceptBacklog(Integer value) {
1102      impl.setPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition(), value);
1103    }
1104
1105
1106
1107    /**
1108     * {@inheritDoc}
1109     */
1110    public SortedSet<AddressMask> getAllowedClient() {
1111      return impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition());
1112    }
1113
1114
1115
1116    /**
1117     * {@inheritDoc}
1118     */
1119    public void setAllowedClient(Collection<AddressMask> values) {
1120      impl.setPropertyValues(INSTANCE.getAllowedClientPropertyDefinition(), values);
1121    }
1122
1123
1124
1125    /**
1126     * {@inheritDoc}
1127     */
1128    public boolean isAllowLDAPV2() {
1129      return impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition());
1130    }
1131
1132
1133
1134    /**
1135     * {@inheritDoc}
1136     */
1137    public void setAllowLDAPV2(Boolean value) {
1138      impl.setPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition(), value);
1139    }
1140
1141
1142
1143    /**
1144     * {@inheritDoc}
1145     */
1146    public boolean isAllowStartTLS() {
1147      return impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition());
1148    }
1149
1150
1151
1152    /**
1153     * {@inheritDoc}
1154     */
1155    public void setAllowStartTLS(Boolean value) {
1156      impl.setPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition(), value);
1157    }
1158
1159
1160
1161    /**
1162     * {@inheritDoc}
1163     */
1164    public boolean isAllowTCPReuseAddress() {
1165      return impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition());
1166    }
1167
1168
1169
1170    /**
1171     * {@inheritDoc}
1172     */
1173    public void setAllowTCPReuseAddress(Boolean value) {
1174      impl.setPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition(), value);
1175    }
1176
1177
1178
1179    /**
1180     * {@inheritDoc}
1181     */
1182    public long getBufferSize() {
1183      return impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition());
1184    }
1185
1186
1187
1188    /**
1189     * {@inheritDoc}
1190     */
1191    public void setBufferSize(Long value) {
1192      impl.setPropertyValue(INSTANCE.getBufferSizePropertyDefinition(), value);
1193    }
1194
1195
1196
1197    /**
1198     * {@inheritDoc}
1199     */
1200    public SortedSet<AddressMask> getDeniedClient() {
1201      return impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition());
1202    }
1203
1204
1205
1206    /**
1207     * {@inheritDoc}
1208     */
1209    public void setDeniedClient(Collection<AddressMask> values) {
1210      impl.setPropertyValues(INSTANCE.getDeniedClientPropertyDefinition(), values);
1211    }
1212
1213
1214
1215    /**
1216     * {@inheritDoc}
1217     */
1218    public Boolean isEnabled() {
1219      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
1220    }
1221
1222
1223
1224    /**
1225     * {@inheritDoc}
1226     */
1227    public void setEnabled(boolean value) {
1228      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
1229    }
1230
1231
1232
1233    /**
1234     * {@inheritDoc}
1235     */
1236    public String getJavaClass() {
1237      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1238    }
1239
1240
1241
1242    /**
1243     * {@inheritDoc}
1244     */
1245    public void setJavaClass(String value) {
1246      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
1247    }
1248
1249
1250
1251    /**
1252     * {@inheritDoc}
1253     */
1254    public boolean isKeepStats() {
1255      return impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition());
1256    }
1257
1258
1259
1260    /**
1261     * {@inheritDoc}
1262     */
1263    public void setKeepStats(Boolean value) {
1264      impl.setPropertyValue(INSTANCE.getKeepStatsPropertyDefinition(), value);
1265    }
1266
1267
1268
1269    /**
1270     * {@inheritDoc}
1271     */
1272    public String getKeyManagerProvider() {
1273      return impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition());
1274    }
1275
1276
1277
1278    /**
1279     * {@inheritDoc}
1280     */
1281    public void setKeyManagerProvider(String value) {
1282      impl.setPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition(), value);
1283    }
1284
1285
1286
1287    /**
1288     * {@inheritDoc}
1289     */
1290    public SortedSet<InetAddress> getListenAddress() {
1291      return impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition());
1292    }
1293
1294
1295
1296    /**
1297     * {@inheritDoc}
1298     */
1299    public void setListenAddress(Collection<InetAddress> values) {
1300      impl.setPropertyValues(INSTANCE.getListenAddressPropertyDefinition(), values);
1301    }
1302
1303
1304
1305    /**
1306     * {@inheritDoc}
1307     */
1308    public Integer getListenPort() {
1309      return impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition());
1310    }
1311
1312
1313
1314    /**
1315     * {@inheritDoc}
1316     */
1317    public void setListenPort(int value) {
1318      impl.setPropertyValue(INSTANCE.getListenPortPropertyDefinition(), value);
1319    }
1320
1321
1322
1323    /**
1324     * {@inheritDoc}
1325     */
1326    public long getMaxBlockedWriteTimeLimit() {
1327      return impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition());
1328    }
1329
1330
1331
1332    /**
1333     * {@inheritDoc}
1334     */
1335    public void setMaxBlockedWriteTimeLimit(Long value) {
1336      impl.setPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition(), value);
1337    }
1338
1339
1340
1341    /**
1342     * {@inheritDoc}
1343     */
1344    public long getMaxRequestSize() {
1345      return impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition());
1346    }
1347
1348
1349
1350    /**
1351     * {@inheritDoc}
1352     */
1353    public void setMaxRequestSize(Long value) {
1354      impl.setPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition(), value);
1355    }
1356
1357
1358
1359    /**
1360     * {@inheritDoc}
1361     */
1362    public Integer getNumRequestHandlers() {
1363      return impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition());
1364    }
1365
1366
1367
1368    /**
1369     * {@inheritDoc}
1370     */
1371    public void setNumRequestHandlers(Integer value) {
1372      impl.setPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition(), value);
1373    }
1374
1375
1376
1377    /**
1378     * {@inheritDoc}
1379     */
1380    public boolean isSendRejectionNotice() {
1381      return impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition());
1382    }
1383
1384
1385
1386    /**
1387     * {@inheritDoc}
1388     */
1389    public void setSendRejectionNotice(Boolean value) {
1390      impl.setPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition(), value);
1391    }
1392
1393
1394
1395    /**
1396     * {@inheritDoc}
1397     */
1398    public SortedSet<String> getSSLCertNickname() {
1399      return impl.getPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition());
1400    }
1401
1402
1403
1404    /**
1405     * {@inheritDoc}
1406     */
1407    public void setSSLCertNickname(Collection<String> values) {
1408      impl.setPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition(), values);
1409    }
1410
1411
1412
1413    /**
1414     * {@inheritDoc}
1415     */
1416    public SortedSet<String> getSSLCipherSuite() {
1417      return impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1418    }
1419
1420
1421
1422    /**
1423     * {@inheritDoc}
1424     */
1425    public void setSSLCipherSuite(Collection<String> values) {
1426      impl.setPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition(), values);
1427    }
1428
1429
1430
1431    /**
1432     * {@inheritDoc}
1433     */
1434    public SSLClientAuthPolicy getSSLClientAuthPolicy() {
1435      return impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition());
1436    }
1437
1438
1439
1440    /**
1441     * {@inheritDoc}
1442     */
1443    public void setSSLClientAuthPolicy(SSLClientAuthPolicy value) {
1444      impl.setPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition(), value);
1445    }
1446
1447
1448
1449    /**
1450     * {@inheritDoc}
1451     */
1452    public SortedSet<String> getSSLProtocol() {
1453      return impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1454    }
1455
1456
1457
1458    /**
1459     * {@inheritDoc}
1460     */
1461    public void setSSLProtocol(Collection<String> values) {
1462      impl.setPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition(), values);
1463    }
1464
1465
1466
1467    /**
1468     * {@inheritDoc}
1469     */
1470    public String getTrustManagerProvider() {
1471      return impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1472    }
1473
1474
1475
1476    /**
1477     * {@inheritDoc}
1478     */
1479    public void setTrustManagerProvider(String value) {
1480      impl.setPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition(), value);
1481    }
1482
1483
1484
1485    /**
1486     * {@inheritDoc}
1487     */
1488    public boolean isUseSSL() {
1489      return impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1490    }
1491
1492
1493
1494    /**
1495     * {@inheritDoc}
1496     */
1497    public void setUseSSL(Boolean value) {
1498      impl.setPropertyValue(INSTANCE.getUseSSLPropertyDefinition(), value);
1499    }
1500
1501
1502
1503    /**
1504     * {@inheritDoc}
1505     */
1506    public boolean isUseTCPKeepAlive() {
1507      return impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1508    }
1509
1510
1511
1512    /**
1513     * {@inheritDoc}
1514     */
1515    public void setUseTCPKeepAlive(Boolean value) {
1516      impl.setPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition(), value);
1517    }
1518
1519
1520
1521    /**
1522     * {@inheritDoc}
1523     */
1524    public boolean isUseTCPNoDelay() {
1525      return impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1526    }
1527
1528
1529
1530    /**
1531     * {@inheritDoc}
1532     */
1533    public void setUseTCPNoDelay(Boolean value) {
1534      impl.setPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition(), value);
1535    }
1536
1537
1538
1539    /**
1540     * {@inheritDoc}
1541     */
1542    public ManagedObjectDefinition<? extends LDAPConnectionHandlerCfgClient, ? extends LDAPConnectionHandlerCfg> definition() {
1543      return INSTANCE;
1544    }
1545
1546
1547
1548    /**
1549     * {@inheritDoc}
1550     */
1551    public PropertyProvider properties() {
1552      return impl;
1553    }
1554
1555
1556
1557    /**
1558     * {@inheritDoc}
1559     */
1560    public void commit() throws ManagedObjectAlreadyExistsException,
1561        MissingMandatoryPropertiesException, ConcurrentModificationException,
1562        OperationRejectedException, AuthorizationException,
1563        CommunicationException {
1564      impl.commit();
1565    }
1566
1567
1568
1569    /** {@inheritDoc} */
1570    public String toString() {
1571      return impl.toString();
1572    }
1573  }
1574
1575
1576
1577  /**
1578   * Managed object server implementation.
1579   */
1580  private static class LDAPConnectionHandlerCfgServerImpl implements
1581    LDAPConnectionHandlerCfg {
1582
1583    // Private implementation.
1584    private ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl;
1585
1586    // The value of the "accept-backlog" property.
1587    private final int pAcceptBacklog;
1588
1589    // The value of the "allowed-client" property.
1590    private final SortedSet<AddressMask> pAllowedClient;
1591
1592    // The value of the "allow-ldap-v2" property.
1593    private final boolean pAllowLDAPV2;
1594
1595    // The value of the "allow-start-tls" property.
1596    private final boolean pAllowStartTLS;
1597
1598    // The value of the "allow-tcp-reuse-address" property.
1599    private final boolean pAllowTCPReuseAddress;
1600
1601    // The value of the "buffer-size" property.
1602    private final long pBufferSize;
1603
1604    // The value of the "denied-client" property.
1605    private final SortedSet<AddressMask> pDeniedClient;
1606
1607    // The value of the "enabled" property.
1608    private final boolean pEnabled;
1609
1610    // The value of the "java-class" property.
1611    private final String pJavaClass;
1612
1613    // The value of the "keep-stats" property.
1614    private final boolean pKeepStats;
1615
1616    // The value of the "key-manager-provider" property.
1617    private final String pKeyManagerProvider;
1618
1619    // The value of the "listen-address" property.
1620    private final SortedSet<InetAddress> pListenAddress;
1621
1622    // The value of the "listen-port" property.
1623    private final int pListenPort;
1624
1625    // The value of the "max-blocked-write-time-limit" property.
1626    private final long pMaxBlockedWriteTimeLimit;
1627
1628    // The value of the "max-request-size" property.
1629    private final long pMaxRequestSize;
1630
1631    // The value of the "num-request-handlers" property.
1632    private final Integer pNumRequestHandlers;
1633
1634    // The value of the "send-rejection-notice" property.
1635    private final boolean pSendRejectionNotice;
1636
1637    // The value of the "ssl-cert-nickname" property.
1638    private final SortedSet<String> pSSLCertNickname;
1639
1640    // The value of the "ssl-cipher-suite" property.
1641    private final SortedSet<String> pSSLCipherSuite;
1642
1643    // The value of the "ssl-client-auth-policy" property.
1644    private final SSLClientAuthPolicy pSSLClientAuthPolicy;
1645
1646    // The value of the "ssl-protocol" property.
1647    private final SortedSet<String> pSSLProtocol;
1648
1649    // The value of the "trust-manager-provider" property.
1650    private final String pTrustManagerProvider;
1651
1652    // The value of the "use-ssl" property.
1653    private final boolean pUseSSL;
1654
1655    // The value of the "use-tcp-keep-alive" property.
1656    private final boolean pUseTCPKeepAlive;
1657
1658    // The value of the "use-tcp-no-delay" property.
1659    private final boolean pUseTCPNoDelay;
1660
1661
1662
1663    // Private constructor.
1664    private LDAPConnectionHandlerCfgServerImpl(ServerManagedObject<? extends LDAPConnectionHandlerCfg> impl) {
1665      this.impl = impl;
1666      this.pAcceptBacklog = impl.getPropertyValue(INSTANCE.getAcceptBacklogPropertyDefinition());
1667      this.pAllowedClient = impl.getPropertyValues(INSTANCE.getAllowedClientPropertyDefinition());
1668      this.pAllowLDAPV2 = impl.getPropertyValue(INSTANCE.getAllowLDAPV2PropertyDefinition());
1669      this.pAllowStartTLS = impl.getPropertyValue(INSTANCE.getAllowStartTLSPropertyDefinition());
1670      this.pAllowTCPReuseAddress = impl.getPropertyValue(INSTANCE.getAllowTCPReuseAddressPropertyDefinition());
1671      this.pBufferSize = impl.getPropertyValue(INSTANCE.getBufferSizePropertyDefinition());
1672      this.pDeniedClient = impl.getPropertyValues(INSTANCE.getDeniedClientPropertyDefinition());
1673      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
1674      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
1675      this.pKeepStats = impl.getPropertyValue(INSTANCE.getKeepStatsPropertyDefinition());
1676      this.pKeyManagerProvider = impl.getPropertyValue(INSTANCE.getKeyManagerProviderPropertyDefinition());
1677      this.pListenAddress = impl.getPropertyValues(INSTANCE.getListenAddressPropertyDefinition());
1678      this.pListenPort = impl.getPropertyValue(INSTANCE.getListenPortPropertyDefinition());
1679      this.pMaxBlockedWriteTimeLimit = impl.getPropertyValue(INSTANCE.getMaxBlockedWriteTimeLimitPropertyDefinition());
1680      this.pMaxRequestSize = impl.getPropertyValue(INSTANCE.getMaxRequestSizePropertyDefinition());
1681      this.pNumRequestHandlers = impl.getPropertyValue(INSTANCE.getNumRequestHandlersPropertyDefinition());
1682      this.pSendRejectionNotice = impl.getPropertyValue(INSTANCE.getSendRejectionNoticePropertyDefinition());
1683      this.pSSLCertNickname = impl.getPropertyValues(INSTANCE.getSSLCertNicknamePropertyDefinition());
1684      this.pSSLCipherSuite = impl.getPropertyValues(INSTANCE.getSSLCipherSuitePropertyDefinition());
1685      this.pSSLClientAuthPolicy = impl.getPropertyValue(INSTANCE.getSSLClientAuthPolicyPropertyDefinition());
1686      this.pSSLProtocol = impl.getPropertyValues(INSTANCE.getSSLProtocolPropertyDefinition());
1687      this.pTrustManagerProvider = impl.getPropertyValue(INSTANCE.getTrustManagerProviderPropertyDefinition());
1688      this.pUseSSL = impl.getPropertyValue(INSTANCE.getUseSSLPropertyDefinition());
1689      this.pUseTCPKeepAlive = impl.getPropertyValue(INSTANCE.getUseTCPKeepAlivePropertyDefinition());
1690      this.pUseTCPNoDelay = impl.getPropertyValue(INSTANCE.getUseTCPNoDelayPropertyDefinition());
1691    }
1692
1693
1694
1695    /**
1696     * {@inheritDoc}
1697     */
1698    public void addLDAPChangeListener(
1699        ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) {
1700      impl.registerChangeListener(listener);
1701    }
1702
1703
1704
1705    /**
1706     * {@inheritDoc}
1707     */
1708    public void removeLDAPChangeListener(
1709        ConfigurationChangeListener<LDAPConnectionHandlerCfg> listener) {
1710      impl.deregisterChangeListener(listener);
1711    }
1712    /**
1713     * {@inheritDoc}
1714     */
1715    public void addChangeListener(
1716        ConfigurationChangeListener<ConnectionHandlerCfg> listener) {
1717      impl.registerChangeListener(listener);
1718    }
1719
1720
1721
1722    /**
1723     * {@inheritDoc}
1724     */
1725    public void removeChangeListener(
1726        ConfigurationChangeListener<ConnectionHandlerCfg> listener) {
1727      impl.deregisterChangeListener(listener);
1728    }
1729
1730
1731
1732    /**
1733     * {@inheritDoc}
1734     */
1735    public int getAcceptBacklog() {
1736      return pAcceptBacklog;
1737    }
1738
1739
1740
1741    /**
1742     * {@inheritDoc}
1743     */
1744    public SortedSet<AddressMask> getAllowedClient() {
1745      return pAllowedClient;
1746    }
1747
1748
1749
1750    /**
1751     * {@inheritDoc}
1752     */
1753    public boolean isAllowLDAPV2() {
1754      return pAllowLDAPV2;
1755    }
1756
1757
1758
1759    /**
1760     * {@inheritDoc}
1761     */
1762    public boolean isAllowStartTLS() {
1763      return pAllowStartTLS;
1764    }
1765
1766
1767
1768    /**
1769     * {@inheritDoc}
1770     */
1771    public boolean isAllowTCPReuseAddress() {
1772      return pAllowTCPReuseAddress;
1773    }
1774
1775
1776
1777    /**
1778     * {@inheritDoc}
1779     */
1780    public long getBufferSize() {
1781      return pBufferSize;
1782    }
1783
1784
1785
1786    /**
1787     * {@inheritDoc}
1788     */
1789    public SortedSet<AddressMask> getDeniedClient() {
1790      return pDeniedClient;
1791    }
1792
1793
1794
1795    /**
1796     * {@inheritDoc}
1797     */
1798    public boolean isEnabled() {
1799      return pEnabled;
1800    }
1801
1802
1803
1804    /**
1805     * {@inheritDoc}
1806     */
1807    public String getJavaClass() {
1808      return pJavaClass;
1809    }
1810
1811
1812
1813    /**
1814     * {@inheritDoc}
1815     */
1816    public boolean isKeepStats() {
1817      return pKeepStats;
1818    }
1819
1820
1821
1822    /**
1823     * {@inheritDoc}
1824     */
1825    public String getKeyManagerProvider() {
1826      return pKeyManagerProvider;
1827    }
1828
1829
1830
1831    /**
1832     * {@inheritDoc}
1833     */
1834    public DN getKeyManagerProviderDN() {
1835      String value = getKeyManagerProvider();
1836      if (value == null) return null;
1837      return INSTANCE.getKeyManagerProviderPropertyDefinition().getChildDN(value);
1838    }
1839
1840
1841
1842    /**
1843     * {@inheritDoc}
1844     */
1845    public SortedSet<InetAddress> getListenAddress() {
1846      return pListenAddress;
1847    }
1848
1849
1850
1851    /**
1852     * {@inheritDoc}
1853     */
1854    public int getListenPort() {
1855      return pListenPort;
1856    }
1857
1858
1859
1860    /**
1861     * {@inheritDoc}
1862     */
1863    public long getMaxBlockedWriteTimeLimit() {
1864      return pMaxBlockedWriteTimeLimit;
1865    }
1866
1867
1868
1869    /**
1870     * {@inheritDoc}
1871     */
1872    public long getMaxRequestSize() {
1873      return pMaxRequestSize;
1874    }
1875
1876
1877
1878    /**
1879     * {@inheritDoc}
1880     */
1881    public Integer getNumRequestHandlers() {
1882      return pNumRequestHandlers;
1883    }
1884
1885
1886
1887    /**
1888     * {@inheritDoc}
1889     */
1890    public boolean isSendRejectionNotice() {
1891      return pSendRejectionNotice;
1892    }
1893
1894
1895
1896    /**
1897     * {@inheritDoc}
1898     */
1899    public SortedSet<String> getSSLCertNickname() {
1900      return pSSLCertNickname;
1901    }
1902
1903
1904
1905    /**
1906     * {@inheritDoc}
1907     */
1908    public SortedSet<String> getSSLCipherSuite() {
1909      return pSSLCipherSuite;
1910    }
1911
1912
1913
1914    /**
1915     * {@inheritDoc}
1916     */
1917    public SSLClientAuthPolicy getSSLClientAuthPolicy() {
1918      return pSSLClientAuthPolicy;
1919    }
1920
1921
1922
1923    /**
1924     * {@inheritDoc}
1925     */
1926    public SortedSet<String> getSSLProtocol() {
1927      return pSSLProtocol;
1928    }
1929
1930
1931
1932    /**
1933     * {@inheritDoc}
1934     */
1935    public String getTrustManagerProvider() {
1936      return pTrustManagerProvider;
1937    }
1938
1939
1940
1941    /**
1942     * {@inheritDoc}
1943     */
1944    public DN getTrustManagerProviderDN() {
1945      String value = getTrustManagerProvider();
1946      if (value == null) return null;
1947      return INSTANCE.getTrustManagerProviderPropertyDefinition().getChildDN(value);
1948    }
1949
1950
1951
1952    /**
1953     * {@inheritDoc}
1954     */
1955    public boolean isUseSSL() {
1956      return pUseSSL;
1957    }
1958
1959
1960
1961    /**
1962     * {@inheritDoc}
1963     */
1964    public boolean isUseTCPKeepAlive() {
1965      return pUseTCPKeepAlive;
1966    }
1967
1968
1969
1970    /**
1971     * {@inheritDoc}
1972     */
1973    public boolean isUseTCPNoDelay() {
1974      return pUseTCPNoDelay;
1975    }
1976
1977
1978
1979    /**
1980     * {@inheritDoc}
1981     */
1982    public Class<? extends LDAPConnectionHandlerCfg> configurationClass() {
1983      return LDAPConnectionHandlerCfg.class;
1984    }
1985
1986
1987
1988    /**
1989     * {@inheritDoc}
1990     */
1991    public DN dn() {
1992      return impl.getDN();
1993    }
1994
1995
1996
1997    /** {@inheritDoc} */
1998    public String toString() {
1999      return impl.toString();
2000    }
2001  }
2002}