Source code

001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 *      Portions Copyright 2013-2015 ForgeRock AS
026 */
027package org.opends.server.authorization.dseecompat;
028import static org.opends.messages.AccessControlMessages.*;
029import org.forgerock.i18n.slf4j.LocalizedLogger;
030import org.forgerock.i18n.LocalizableMessage;
031import org.opends.server.core.DirectoryServer;
032
033/**
034 * The AuthMethod class represents an authmethod bind rule keyword expression.
035 */
036public class AuthMethod implements KeywordBindRule {
037
038  private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
039
040
041    /**
042     * Enumeration representing the authentication method.
043     */
044    private EnumAuthMethod authMethod;
045
046    /**
047     * The SASL mechanism if the authentication method is SASL.
048     */
049    private String saslMech;
050
051    /**
052     * Enumeration representing the bind rule operation type.
053     */
054    private EnumBindRuleType type;
055
056    /**
057     * Create a class representing an authmethod bind rule keyword from the
058     * provided method and bind rule type.
059     * @param type An enumeration representing the type of the expression.
060     * @param saslMech The string representation of the SASL Mechanism.
061     * @param method  An Enumeration of the authentication method.
062     */
063    private AuthMethod(EnumAuthMethod method, String saslMech,
064                       EnumBindRuleType type) {
065        this.authMethod=method;
066        this.saslMech = saslMech;
067        this.type=type;
068    }
069
070    /**
071     * Decode a string representing an authmethod bind rule.
072     * @param expr  The string representing the bind rule.
073     * @param type An enumeration representing the bind rule type.
074     * @return  A keyword bind rule class that can be used to evaluate the
075     * bind rule.
076     * @throws AciException If the expression string is invalid.
077     */
078    public static KeywordBindRule decode(String expr, EnumBindRuleType type)
079    throws AciException  {
080      String lowerExpr = expr.toLowerCase();
081      if (lowerExpr.equals("none"))
082      {
083        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_NONE, null, type);
084      }
085      else if (lowerExpr.equals("simple"))
086      {
087        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SIMPLE, null, type);
088      }
089      else if (lowerExpr.equals("ssl"))
090      {
091        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SSL, "EXTERNAL", type);
092      }
093      else if (expr.length() > 5 && lowerExpr.startsWith("sasl "))
094      {
095        String saslMech = expr.substring(5);
096        if (DirectoryServer.getSASLMechanismHandler(saslMech) == null) {
097          logger.info(NOTE_ACI_SYNTAX_DUBIOUS_AUTHMETHOD_SASL_MECHANISM, saslMech);
098        }
099        return new AuthMethod(EnumAuthMethod.AUTHMETHOD_SASL, saslMech, type);
100      }
101
102      LocalizableMessage message = WARN_ACI_SYNTAX_INVALID_AUTHMETHOD_EXPRESSION.get(expr);
103      throw new AciException(message);
104    }
105
106    /**
107     * Evaluate authmethod bind rule using the provided evaluation context.
108     * @param evalCtx  An evaluation context to use.
109     * @return  An enumeration evaluation result.
110     */
111    @Override
112    public EnumEvalResult evaluate(AciEvalContext evalCtx) {
113        EnumEvalResult matched =
114             evalCtx.hasAuthenticationMethod(authMethod, saslMech);
115        return matched.getRet(type, false);
116    }
117
118    /** {@inheritDoc} */
119    @Override
120    public String toString()
121    {
122      final StringBuilder sb = new StringBuilder();
123      toString(sb);
124      return sb.toString();
125    }
126
127    /** {@inheritDoc} */
128    @Override
129    public final void toString(StringBuilder buffer)
130    {
131      buffer.append(super.toString());
132    }
133
134}