001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.client;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.ManagedObjectDefinition;
023import org.forgerock.opendj.config.PropertyException;
024import org.forgerock.opendj.ldap.DN;
025import org.forgerock.opendj.ldap.schema.AttributeType;
026import org.forgerock.opendj.server.config.meta.FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm;
027import org.forgerock.opendj.server.config.server.FingerprintCertificateMapperCfg;
028
029
030
031/**
032 * A client-side interface for reading and modifying Fingerprint
033 * Certificate Mapper settings.
034 * <p>
035 * The Fingerprint Certificate Mapper maps client certificates to user
036 * entries by looking for the MD5 or SHA1 fingerprint in a specified
037 * attribute of user entries.
038 */
039public interface FingerprintCertificateMapperCfgClient extends CertificateMapperCfgClient {
040
041  /**
042   * Get the configuration definition associated with this Fingerprint Certificate Mapper.
043   *
044   * @return Returns the configuration definition associated with this Fingerprint Certificate Mapper.
045   */
046  ManagedObjectDefinition<? extends FingerprintCertificateMapperCfgClient, ? extends FingerprintCertificateMapperCfg> definition();
047
048
049
050  /**
051   * Gets the "fingerprint-algorithm" property.
052   * <p>
053   * Specifies the name of the digest algorithm to compute the
054   * fingerprint of client certificates.
055   *
056   * @return Returns the value of the "fingerprint-algorithm" property.
057   */
058  FingerprintAlgorithm getFingerprintAlgorithm();
059
060
061
062  /**
063   * Sets the "fingerprint-algorithm" property.
064   * <p>
065   * Specifies the name of the digest algorithm to compute the
066   * fingerprint of client certificates.
067   *
068   * @param value The value of the "fingerprint-algorithm" property.
069   * @throws PropertyException
070   *           If the new value is invalid.
071   */
072  void setFingerprintAlgorithm(FingerprintAlgorithm value) throws PropertyException;
073
074
075
076  /**
077   * Gets the "fingerprint-attribute" property.
078   * <p>
079   * Specifies the attribute in which to look for the fingerprint.
080   * <p>
081   * Values of the fingerprint attribute should exactly match the MD5
082   * or SHA1 representation of the certificate fingerprint.
083   *
084   * @return Returns the value of the "fingerprint-attribute" property.
085   */
086  AttributeType getFingerprintAttribute();
087
088
089
090  /**
091   * Sets the "fingerprint-attribute" property.
092   * <p>
093   * Specifies the attribute in which to look for the fingerprint.
094   * <p>
095   * Values of the fingerprint attribute should exactly match the MD5
096   * or SHA1 representation of the certificate fingerprint.
097   *
098   * @param value The value of the "fingerprint-attribute" property.
099   * @throws PropertyException
100   *           If the new value is invalid.
101   */
102  void setFingerprintAttribute(AttributeType value) throws PropertyException;
103
104
105
106  /**
107   * Gets the "java-class" property.
108   * <p>
109   * Specifies the fully-qualified name of the Java class that
110   * provides the Fingerprint Certificate Mapper implementation.
111   *
112   * @return Returns the value of the "java-class" property.
113   */
114  String getJavaClass();
115
116
117
118  /**
119   * Sets the "java-class" property.
120   * <p>
121   * Specifies the fully-qualified name of the Java class that
122   * provides the Fingerprint Certificate Mapper implementation.
123   *
124   * @param value The value of the "java-class" property.
125   * @throws PropertyException
126   *           If the new value is invalid.
127   */
128  void setJavaClass(String value) throws PropertyException;
129
130
131
132  /**
133   * Gets the "user-base-dn" property.
134   * <p>
135   * Specifies the set of base DNs below which to search for users.
136   * <p>
137   * The base DNs are used when performing searches to map the client
138   * certificates to a user entry.
139   *
140   * @return Returns the values of the "user-base-dn" property.
141   */
142  SortedSet<DN> getUserBaseDN();
143
144
145
146  /**
147   * Sets the "user-base-dn" property.
148   * <p>
149   * Specifies the set of base DNs below which to search for users.
150   * <p>
151   * The base DNs are used when performing searches to map the client
152   * certificates to a user entry.
153   *
154   * @param values The values of the "user-base-dn" property.
155   * @throws PropertyException
156   *           If one or more of the new values are invalid.
157   */
158  void setUserBaseDN(Collection<DN> values) throws PropertyException;
159
160}