001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import java.util.SortedSet;
021import org.forgerock.opendj.config.server.ConfigurationChangeListener;
022import org.forgerock.opendj.ldap.DN;
023
024
025
026/**
027 * A server-side interface for querying Subject Attribute To User
028 * Attribute Certificate Mapper settings.
029 * <p>
030 * The Subject Attribute To User Attribute Certificate Mapper maps
031 * client certificates to user entries by mapping the values of
032 * attributes contained in the certificate subject to attributes
033 * contained in user entries.
034 */
035public interface SubjectAttributeToUserAttributeCertificateMapperCfg extends CertificateMapperCfg {
036
037  /**
038   * Gets the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper.
039   *
040   * @return Returns the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper.
041   */
042  Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass();
043
044
045
046  /**
047   * Register to be notified when this Subject Attribute To User Attribute Certificate Mapper is changed.
048   *
049   * @param listener
050   *          The Subject Attribute To User Attribute Certificate Mapper configuration change listener.
051   */
052  void addSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener);
053
054
055
056  /**
057   * Deregister an existing Subject Attribute To User Attribute Certificate Mapper configuration change listener.
058   *
059   * @param listener
060   *          The Subject Attribute To User Attribute Certificate Mapper configuration change listener.
061   */
062  void removeSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener);
063
064
065
066  /**
067   * Gets the "java-class" property.
068   * <p>
069   * Specifies the fully-qualified name of the Java class that
070   * provides the Subject Attribute To User Attribute Certificate
071   * Mapper implementation.
072   *
073   * @return Returns the value of the "java-class" property.
074   */
075  String getJavaClass();
076
077
078
079  /**
080   * Gets the "subject-attribute-mapping" property.
081   * <p>
082   * Specifies a mapping between certificate attributes and user
083   * attributes.
084   * <p>
085   * Each value should be in the form "certattr:userattr" where
086   * certattr is the name of the attribute in the certificate subject
087   * and userattr is the name of the corresponding attribute in user
088   * entries. There may be multiple mappings defined, and when
089   * performing the mapping values for all attributes present in the
090   * certificate subject that have mappings defined must be present in
091   * the corresponding user entries.
092   *
093   * @return Returns an unmodifiable set containing the values of the "subject-attribute-mapping" property.
094   */
095  SortedSet<String> getSubjectAttributeMapping();
096
097
098
099  /**
100   * Gets the "user-base-dn" property.
101   * <p>
102   * Specifies the base DNs that should be used when performing
103   * searches to map the client certificate to a user entry.
104   *
105   * @return Returns an unmodifiable set containing the values of the "user-base-dn" property.
106   */
107  SortedSet<DN> getUserBaseDN();
108
109}