public final class FingerprintCertificateMapperCfgDefn extends ManagedObjectDefinition<FingerprintCertificateMapperCfgClient,FingerprintCertificateMapperCfg>
The Fingerprint Certificate Mapper maps client certificates to user entries by looking for the MD5 or SHA1 fingerprint in a specified attribute of user entries.
Modifier and Type | Class and Description |
---|---|
static class |
FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm
Defines the set of permissable values for the "fingerprint-algorithm" property.
|
getAggregationPropertyDefinition, getAggregationPropertyDefinitions, getAllAggregationPropertyDefinitions, getAllChildren, getAllConstraints, getAllPropertyDefinitions, getAllRelationDefinitions, getAllReverseAggregationPropertyDefinitions, getAllReverseRelationDefinitions, getAllTags, getChild, getChildren, getConstraints, getDescription, getDescription, getName, getParent, getPropertyDefinition, getPropertyDefinitions, getRelationDefinition, getRelationDefinitions, getReverseAggregationPropertyDefinitions, getReverseRelationDefinitions, getSynopsis, getSynopsis, getUserFriendlyName, getUserFriendlyName, getUserFriendlyPluralName, getUserFriendlyPluralName, hasChildren, hasOption, hasTag, initialize, isChildOf, isParentOf, isTop, registerConstraint, registerOption, registerPropertyDefinition, registerRelationDefinition, registerTag, resolveManagedObjectDefinition, toString, toString
public static FingerprintCertificateMapperCfgDefn getInstance()
public FingerprintCertificateMapperCfgClient createClientConfiguration(ManagedObject<? extends FingerprintCertificateMapperCfgClient> impl)
ManagedObjectDefinition
createClientConfiguration
in class ManagedObjectDefinition<FingerprintCertificateMapperCfgClient,FingerprintCertificateMapperCfg>
impl
- The managed object.public FingerprintCertificateMapperCfg createServerConfiguration(ServerManagedObject<? extends FingerprintCertificateMapperCfg> impl)
ManagedObjectDefinition
createServerConfiguration
in class ManagedObjectDefinition<FingerprintCertificateMapperCfgClient,FingerprintCertificateMapperCfg>
impl
- The server managed object.public Class<FingerprintCertificateMapperCfg> getServerConfigurationClass()
ManagedObjectDefinition
getServerConfigurationClass
in class ManagedObjectDefinition<FingerprintCertificateMapperCfgClient,FingerprintCertificateMapperCfg>
public BooleanPropertyDefinition getEnabledPropertyDefinition()
Indicates whether the Fingerprint Certificate Mapper is enabled.
public EnumPropertyDefinition<FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm> getFingerprintAlgorithmPropertyDefinition()
Specifies the name of the digest algorithm to compute the fingerprint of client certificates.
public AttributeTypePropertyDefinition getFingerprintAttributePropertyDefinition()
Specifies the attribute in which to look for the fingerprint.
Values of the fingerprint attribute should exactly match the MD5 or SHA1 representation of the certificate fingerprint.
public AttributeTypePropertyDefinition getIssuerAttributePropertyDefinition()
Specifies the name or OID of the attribute whose value should exactly match the certificate issuer DN.
Certificate issuer verification should be enabled whenever multiple CAs are trusted in order to prevent impersonation. In particular, it is possible for different CAs to issue certificates having the same subject DN.
public ClassPropertyDefinition getJavaClassPropertyDefinition()
Specifies the fully-qualified name of the Java class that provides the Fingerprint Certificate Mapper implementation.
public DnPropertyDefinition getUserBaseDnPropertyDefinition()
Specifies the set of base DNs below which to search for users.
The base DNs are used when performing searches to map the client certificates to a user entry.
Copyright 2010-2018 ForgeRock AS.