001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2006-2008 Sun Microsystems, Inc. 025 * Portions Copyright 2015 ForgeRock AS 026 */ 027package org.opends.server.tools; 028 029 030import java.util.ArrayList; 031import java.util.HashMap; 032import java.util.List; 033import java.util.Map; 034 035 036 037 038/** 039 * This class defines options used while creating an LDAP connection 040 * to the server. 041 */ 042public class LDAPConnectionOptions 043{ 044 045 private boolean reportAuthzID; 046 private boolean useSSL; 047 private boolean startTLS; 048 private boolean saslExternal; 049 private boolean usePasswordPolicyControl; 050 private SSLConnectionFactory sslConnectionFactory; 051 private String saslMechanism; 052 private int versionNumber = 3; 053 private Map<String, List<String>> saslProperties = new HashMap<> (); 054 private boolean verbose; 055 056 /** Creates a the connection options instance. */ 057 public LDAPConnectionOptions() 058 { 059 } 060 061 /** 062 * Set whether to use SSL for the connection or not. 063 * 064 * @param useSSL True if SSL should be used, false otherwise. 065 */ 066 public void setUseSSL(boolean useSSL) 067 { 068 this.useSSL = useSSL; 069 } 070 071 /** 072 * Return the useSSL flag value. 073 * 074 * @return {@code true} if SSL should be used, or {@code false} if not. 075 */ 076 public boolean useSSL() 077 { 078 return useSSL; 079 } 080 081 /** 082 * Set whether to use startTLS for the connection or not. 083 * 084 * @param startTLS True if startTLS should be used, false otherwise. 085 * 086 */ 087 088 public void setStartTLS(boolean startTLS) 089 { 090 this.startTLS = startTLS; 091 } 092 093 /** 094 * Return the startTLS flag value. 095 * 096 * @return <CODE>true</CODE> if StartTLS should be used, or 097 * <CODE>false</CODE> if not. 098 */ 099 public boolean useStartTLS() 100 { 101 return startTLS; 102 } 103 104 /** 105 * Set whether to use SASL EXTERNAL for the connection or not. 106 * 107 * @param saslExternal True if SASL EXTERNAL should be used, 108 * false otherwise. 109 * 110 */ 111 112 public void setSASLExternal(boolean saslExternal) 113 { 114 this.saslExternal = saslExternal; 115 } 116 117 /** 118 * Return the saslExternal flag value. 119 * 120 * @return <CODE>true</CODE> if SASL EXTERNAL should be used, or 121 * <CODE>false</CODE> if not. 122 */ 123 public boolean useSASLExternal() 124 { 125 return saslExternal; 126 } 127 128 /** 129 * Set the SSL connection factory to use to create SSL connections. 130 * 131 * @param sslConnectionFactory The SSL connection factory. 132 * 133 */ 134 135 public void setSSLConnectionFactory(SSLConnectionFactory sslConnectionFactory) 136 { 137 this.sslConnectionFactory = sslConnectionFactory; 138 } 139 140 /** 141 * Return the SSLConnectionFactory instance. 142 * 143 * @return The SSL connection factory to use when establishing secure 144 * connections. 145 */ 146 public SSLConnectionFactory getSSLConnectionFactory() 147 { 148 return sslConnectionFactory; 149 } 150 151 /** 152 * Set the SASL mechanism used for authentication. 153 * 154 * @param mechanism The SASL mechanism string, in "name=value" form. 155 * 156 * @return <CODE>true</CODE> if the SASL mechanism was set, or 157 * <CODE>false</CODE> if not. 158 */ 159 public boolean setSASLMechanism(String mechanism) 160 { 161 int idx = mechanism.indexOf("="); 162 if(idx == -1) 163 { 164 System.err.println("Invalid SASL mechanism property:" + mechanism); 165 return false; 166 } 167 this.saslMechanism = mechanism.substring(idx+1, mechanism.length()); 168 if(saslMechanism.equalsIgnoreCase("EXTERNAL")) 169 { 170 setSASLExternal(true); 171 } 172 return true; 173 } 174 175 /** 176 * Get the SASL mechanism used for authentication. 177 * 178 * @return The SASL mechanism used for authentication. 179 */ 180 public String getSASLMechanism() 181 { 182 return saslMechanism; 183 } 184 185 /** 186 * Get the SASL options used for authentication. 187 * 188 * @return The SASL options used for authentication. 189 */ 190 public Map<String, List<String>> getSASLProperties() 191 { 192 return saslProperties; 193 } 194 195 /** 196 * Add a property to the list of SASL properties. 197 * 198 * @param property The property (in name=value form) to add to the set of 199 * SASL properties. 200 * 201 * @return <CODE>true</CODE> if the property was set properly, or 202 * <CODE>false</CODE> if not. 203 */ 204 205 public boolean addSASLProperty(String property) 206 { 207 int idx = property.indexOf("="); 208 if(idx == -1) 209 { 210 System.err.println("Invalid SASL property format:" + property); 211 return false; 212 } 213 String key = property.substring(0, idx); 214 String value = property.substring(idx+1, property.length()); 215 List<String> valList = saslProperties.get(key); 216 if(valList == null) 217 { 218 valList = new ArrayList<>(); 219 } 220 valList.add(value); 221 222 saslProperties.put(key, valList); 223 return true; 224 } 225 226 /** 227 * Set the LDAP version number. 228 * 229 * @param version The LDAP version number. 230 */ 231 public void setVersionNumber(int version) 232 { 233 this.versionNumber = version; 234 } 235 236 /** 237 * Get the LDAP version number. 238 * 239 * @return The LDAP version number. 240 */ 241 public int getVersionNumber() 242 { 243 return this.versionNumber; 244 } 245 246 247 248 /** 249 * Indicates whether to request that the server return the authorization ID in 250 * the bind response. 251 * 252 * @return <CODE>true</CODE> if the server should include the authorization 253 * ID in the bind response, or <CODE>false</CODE> if not. 254 */ 255 public boolean getReportAuthzID() 256 { 257 return reportAuthzID; 258 } 259 260 261 262 /** 263 * Specifies whether to request that the server return the authorization ID in 264 * the bind response. 265 * 266 * @param reportAuthzID Specifies whether to request that the server return 267 * the authorization ID in the bind response. 268 */ 269 public void setReportAuthzID(boolean reportAuthzID) 270 { 271 this.reportAuthzID = reportAuthzID; 272 } 273 274 275 276 /** 277 * Indicates whether to use the password policy control in the bind request. 278 * 279 * @return <CODE>true</CODE> if the password policy control should be 280 * included in the bind request, or <CODE>false</CODE> if not. 281 */ 282 public boolean usePasswordPolicyControl() 283 { 284 return usePasswordPolicyControl; 285 } 286 287 288 289 /** 290 * Specifies whether to use the password policy control in the bind request. 291 * 292 * @param usePasswordPolicyControl Specifies whether to use the password 293 * policy control in the bind request. 294 */ 295 public void setUsePasswordPolicyControl(boolean usePasswordPolicyControl) 296 { 297 this.usePasswordPolicyControl = usePasswordPolicyControl; 298 } 299 300 /** 301 * Indicates whether verbose tracing is enabled. 302 * 303 * @return <CODE>true</CODE> if verbose tracing is enabled. 304 */ 305 public boolean isVerbose() 306 { 307 return verbose; 308 } 309 310 /** 311 * Specifies whether verbose tracing should be enabled. 312 * @param verbose Specifies whether verbose tracing should be enabled. 313 */ 314 public void setVerbose(boolean verbose) 315 { 316 this.verbose = verbose; 317 } 318} 319