コード例 #1
0
  /** {@inheritDoc} */
  @Override
  public void initializeSASLMechanismHandler(ExternalSASLMechanismHandlerCfg configuration)
      throws ConfigException, InitializationException {
    configuration.addExternalChangeListener(this);
    currentConfig = configuration;

    // See if we should attempt to validate client certificates against those in
    // the corresponding user's entry.
    switch (configuration.getCertificateValidationPolicy()) {
      case NEVER:
        validationPolicy = CertificateValidationPolicy.NEVER;
        break;
      case IFPRESENT:
        validationPolicy = CertificateValidationPolicy.IFPRESENT;
        break;
      case ALWAYS:
        validationPolicy = CertificateValidationPolicy.ALWAYS;
        break;
    }

    // Get the attribute type to use for validating the certificates.  If none
    // is provided, then default to the userCertificate type.
    certificateAttributeType = configuration.getCertificateAttribute();
    if (certificateAttributeType == null) {
      certificateAttributeType =
          DirectoryServer.getAttributeType(DEFAULT_VALIDATION_CERT_ATTRIBUTE, true);
    }

    DirectoryServer.registerSASLMechanismHandler(SASL_MECHANISM_EXTERNAL, this);
  }
コード例 #2
0
  /** {@inheritDoc} */
  public ConfigChangeResult applyConfigurationChange(
      ExternalSASLMechanismHandlerCfg configuration) {
    final ConfigChangeResult ccr = new ConfigChangeResult();

    // See if we should attempt to validate client certificates against those in
    // the corresponding user's entry.
    CertificateValidationPolicy newValidationPolicy = CertificateValidationPolicy.ALWAYS;
    switch (configuration.getCertificateValidationPolicy()) {
      case NEVER:
        newValidationPolicy = CertificateValidationPolicy.NEVER;
        break;
      case IFPRESENT:
        newValidationPolicy = CertificateValidationPolicy.IFPRESENT;
        break;
      case ALWAYS:
        newValidationPolicy = CertificateValidationPolicy.ALWAYS;
        break;
    }

    // Get the attribute type to use for validating the certificates.  If none
    // is provided, then default to the userCertificate type.
    AttributeType newCertificateType = configuration.getCertificateAttribute();
    if (newCertificateType == null) {
      newCertificateType =
          DirectoryServer.getAttributeType(DEFAULT_VALIDATION_CERT_ATTRIBUTE, true);
    }

    if (ccr.getResultCode() == ResultCode.SUCCESS) {
      validationPolicy = newValidationPolicy;
      certificateAttributeType = newCertificateType;
      currentConfig = configuration;
    }

    return ccr;
  }