001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.client; 017 018 019 020import org.forgerock.opendj.config.ManagedObjectDefinition; 021import org.forgerock.opendj.config.PropertyException; 022import org.forgerock.opendj.server.config.meta.GSSAPISASLMechanismHandlerCfgDefn.QualityOfProtection; 023import org.forgerock.opendj.server.config.server.GSSAPISASLMechanismHandlerCfg; 024 025 026 027/** 028 * A client-side interface for reading and modifying GSSAPI SASL 029 * Mechanism Handler settings. 030 * <p> 031 * The GSSAPI SASL mechanism performs all processing related to SASL 032 * GSSAPI authentication using Kerberos V5. 033 */ 034public interface GSSAPISASLMechanismHandlerCfgClient extends SASLMechanismHandlerCfgClient { 035 036 /** 037 * Get the configuration definition associated with this GSSAPI SASL Mechanism Handler. 038 * 039 * @return Returns the configuration definition associated with this GSSAPI SASL Mechanism Handler. 040 */ 041 ManagedObjectDefinition<? extends GSSAPISASLMechanismHandlerCfgClient, ? extends GSSAPISASLMechanismHandlerCfg> definition(); 042 043 044 045 /** 046 * Gets the "identity-mapper" property. 047 * <p> 048 * Specifies the name of the identity mapper that is to be used with 049 * this SASL mechanism handler to match the Kerberos principal 050 * included in the SASL bind request to the corresponding user in the 051 * directory. 052 * 053 * @return Returns the value of the "identity-mapper" property. 054 */ 055 String getIdentityMapper(); 056 057 058 059 /** 060 * Sets the "identity-mapper" property. 061 * <p> 062 * Specifies the name of the identity mapper that is to be used with 063 * this SASL mechanism handler to match the Kerberos principal 064 * included in the SASL bind request to the corresponding user in the 065 * directory. 066 * 067 * @param value The value of the "identity-mapper" property. 068 * @throws PropertyException 069 * If the new value is invalid. 070 */ 071 void setIdentityMapper(String value) throws PropertyException; 072 073 074 075 /** 076 * Gets the "java-class" property. 077 * <p> 078 * Specifies the fully-qualified name of the Java class that 079 * provides the SASL mechanism handler implementation. 080 * 081 * @return Returns the value of the "java-class" property. 082 */ 083 String getJavaClass(); 084 085 086 087 /** 088 * Sets the "java-class" property. 089 * <p> 090 * Specifies the fully-qualified name of the Java class that 091 * provides the SASL mechanism handler implementation. 092 * 093 * @param value The value of the "java-class" property. 094 * @throws PropertyException 095 * If the new value is invalid. 096 */ 097 void setJavaClass(String value) throws PropertyException; 098 099 100 101 /** 102 * Gets the "kdc-address" property. 103 * <p> 104 * Specifies the address of the KDC that is to be used for Kerberos 105 * processing. 106 * <p> 107 * If provided, this property must be a fully-qualified 108 * DNS-resolvable name. If this property is not provided, then the 109 * server attempts to determine it from the system-wide Kerberos 110 * configuration. 111 * 112 * @return Returns the value of the "kdc-address" property. 113 */ 114 String getKdcAddress(); 115 116 117 118 /** 119 * Sets the "kdc-address" property. 120 * <p> 121 * Specifies the address of the KDC that is to be used for Kerberos 122 * processing. 123 * <p> 124 * If provided, this property must be a fully-qualified 125 * DNS-resolvable name. If this property is not provided, then the 126 * server attempts to determine it from the system-wide Kerberos 127 * configuration. 128 * 129 * @param value The value of the "kdc-address" property. 130 * @throws PropertyException 131 * If the new value is invalid. 132 */ 133 void setKdcAddress(String value) throws PropertyException; 134 135 136 137 /** 138 * Gets the "keytab" property. 139 * <p> 140 * Specifies the path to the keytab file that should be used for 141 * Kerberos processing. 142 * <p> 143 * If provided, this is either an absolute path or one that is 144 * relative to the server instance root. 145 * 146 * @return Returns the value of the "keytab" property. 147 */ 148 String getKeytab(); 149 150 151 152 /** 153 * Sets the "keytab" property. 154 * <p> 155 * Specifies the path to the keytab file that should be used for 156 * Kerberos processing. 157 * <p> 158 * If provided, this is either an absolute path or one that is 159 * relative to the server instance root. 160 * 161 * @param value The value of the "keytab" property. 162 * @throws PropertyException 163 * If the new value is invalid. 164 */ 165 void setKeytab(String value) throws PropertyException; 166 167 168 169 /** 170 * Gets the "principal-name" property. 171 * <p> 172 * Specifies the principal name. 173 * <p> 174 * It can either be a simple user name or a service name such as 175 * host/example.com. If this property is not provided, then the 176 * server attempts to build the principal name by appending the fully 177 * qualified domain name to the string "ldap/". 178 * 179 * @return Returns the value of the "principal-name" property. 180 */ 181 String getPrincipalName(); 182 183 184 185 /** 186 * Sets the "principal-name" property. 187 * <p> 188 * Specifies the principal name. 189 * <p> 190 * It can either be a simple user name or a service name such as 191 * host/example.com. If this property is not provided, then the 192 * server attempts to build the principal name by appending the fully 193 * qualified domain name to the string "ldap/". 194 * 195 * @param value The value of the "principal-name" property. 196 * @throws PropertyException 197 * If the new value is invalid. 198 */ 199 void setPrincipalName(String value) throws PropertyException; 200 201 202 203 /** 204 * Gets the "quality-of-protection" property. 205 * <p> 206 * The name of a property that specifies the quality of protection 207 * the server will support. 208 * 209 * @return Returns the value of the "quality-of-protection" property. 210 */ 211 QualityOfProtection getQualityOfProtection(); 212 213 214 215 /** 216 * Sets the "quality-of-protection" property. 217 * <p> 218 * The name of a property that specifies the quality of protection 219 * the server will support. 220 * 221 * @param value The value of the "quality-of-protection" property. 222 * @throws PropertyException 223 * If the new value is invalid. 224 */ 225 void setQualityOfProtection(QualityOfProtection value) throws PropertyException; 226 227 228 229 /** 230 * Gets the "realm" property. 231 * <p> 232 * Specifies the realm to be used for GSSAPI authentication. 233 * 234 * @return Returns the value of the "realm" property. 235 */ 236 String getRealm(); 237 238 239 240 /** 241 * Sets the "realm" property. 242 * <p> 243 * Specifies the realm to be used for GSSAPI authentication. 244 * 245 * @param value The value of the "realm" property. 246 * @throws PropertyException 247 * If the new value is invalid. 248 */ 249 void setRealm(String value) throws PropertyException; 250 251 252 253 /** 254 * Gets the "server-fqdn" property. 255 * <p> 256 * Specifies the DNS-resolvable fully-qualified domain name for the 257 * system. 258 * 259 * @return Returns the value of the "server-fqdn" property. 260 */ 261 String getServerFqdn(); 262 263 264 265 /** 266 * Sets the "server-fqdn" property. 267 * <p> 268 * Specifies the DNS-resolvable fully-qualified domain name for the 269 * system. 270 * 271 * @param value The value of the "server-fqdn" property. 272 * @throws PropertyException 273 * If the new value is invalid. 274 */ 275 void setServerFqdn(String value) throws PropertyException; 276 277}