001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.client;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.ManagedObjectDefinition;
023import org.forgerock.opendj.config.PropertyException;
024import org.forgerock.opendj.ldap.DN;
025import org.forgerock.opendj.server.config.server.SubjectAttributeToUserAttributeCertificateMapperCfg;
026
027
028
029/**
030 * A client-side interface for reading and modifying Subject Attribute
031 * To User Attribute Certificate Mapper settings.
032 * <p>
033 * The Subject Attribute To User Attribute Certificate Mapper maps
034 * client certificates to user entries by mapping the values of
035 * attributes contained in the certificate subject to attributes
036 * contained in user entries.
037 */
038public interface SubjectAttributeToUserAttributeCertificateMapperCfgClient extends CertificateMapperCfgClient {
039
040  /**
041   * Get the configuration definition associated with this Subject Attribute To User Attribute Certificate Mapper.
042   *
043   * @return Returns the configuration definition associated with this Subject Attribute To User Attribute Certificate Mapper.
044   */
045  ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient, ? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition();
046
047
048
049  /**
050   * Gets the "java-class" property.
051   * <p>
052   * Specifies the fully-qualified name of the Java class that
053   * provides the Subject Attribute To User Attribute Certificate
054   * Mapper implementation.
055   *
056   * @return Returns the value of the "java-class" property.
057   */
058  String getJavaClass();
059
060
061
062  /**
063   * Sets the "java-class" property.
064   * <p>
065   * Specifies the fully-qualified name of the Java class that
066   * provides the Subject Attribute To User Attribute Certificate
067   * Mapper implementation.
068   *
069   * @param value The value of the "java-class" property.
070   * @throws PropertyException
071   *           If the new value is invalid.
072   */
073  void setJavaClass(String value) throws PropertyException;
074
075
076
077  /**
078   * Gets the "subject-attribute-mapping" property.
079   * <p>
080   * Specifies a mapping between certificate attributes and user
081   * attributes.
082   * <p>
083   * Each value should be in the form "certattr:userattr" where
084   * certattr is the name of the attribute in the certificate subject
085   * and userattr is the name of the corresponding attribute in user
086   * entries. There may be multiple mappings defined, and when
087   * performing the mapping values for all attributes present in the
088   * certificate subject that have mappings defined must be present in
089   * the corresponding user entries.
090   *
091   * @return Returns the values of the "subject-attribute-mapping" property.
092   */
093  SortedSet<String> getSubjectAttributeMapping();
094
095
096
097  /**
098   * Sets the "subject-attribute-mapping" property.
099   * <p>
100   * Specifies a mapping between certificate attributes and user
101   * attributes.
102   * <p>
103   * Each value should be in the form "certattr:userattr" where
104   * certattr is the name of the attribute in the certificate subject
105   * and userattr is the name of the corresponding attribute in user
106   * entries. There may be multiple mappings defined, and when
107   * performing the mapping values for all attributes present in the
108   * certificate subject that have mappings defined must be present in
109   * the corresponding user entries.
110   *
111   * @param values The values of the "subject-attribute-mapping" property.
112   * @throws PropertyException
113   *           If one or more of the new values are invalid.
114   */
115  void setSubjectAttributeMapping(Collection<String> values) throws PropertyException;
116
117
118
119  /**
120   * Gets the "user-base-dn" property.
121   * <p>
122   * Specifies the base DNs that should be used when performing
123   * searches to map the client certificate to a user entry.
124   *
125   * @return Returns the values of the "user-base-dn" property.
126   */
127  SortedSet<DN> getUserBaseDN();
128
129
130
131  /**
132   * Sets the "user-base-dn" property.
133   * <p>
134   * Specifies the base DNs that should be used when performing
135   * searches to map the client certificate to a user entry.
136   *
137   * @param values The values of the "user-base-dn" property.
138   * @throws PropertyException
139   *           If one or more of the new values are invalid.
140   */
141  void setUserBaseDN(Collection<DN> values) throws PropertyException;
142
143}