001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.client;
017
018
019
020import org.forgerock.opendj.config.ManagedObjectDefinition;
021import org.forgerock.opendj.config.PropertyException;
022import org.forgerock.opendj.server.config.meta.GSSAPISASLMechanismHandlerCfgDefn.QualityOfProtection;
023import org.forgerock.opendj.server.config.server.GSSAPISASLMechanismHandlerCfg;
024
025
026
027/**
028 * A client-side interface for reading and modifying GSSAPI SASL
029 * Mechanism Handler settings.
030 * <p>
031 * The GSSAPI SASL mechanism performs all processing related to SASL
032 * GSSAPI authentication using Kerberos V5.
033 */
034public interface GSSAPISASLMechanismHandlerCfgClient extends SASLMechanismHandlerCfgClient {
035
036  /**
037   * Get the configuration definition associated with this GSSAPI SASL Mechanism Handler.
038   *
039   * @return Returns the configuration definition associated with this GSSAPI SASL Mechanism Handler.
040   */
041  ManagedObjectDefinition<? extends GSSAPISASLMechanismHandlerCfgClient, ? extends GSSAPISASLMechanismHandlerCfg> definition();
042
043
044
045  /**
046   * Gets the "identity-mapper" property.
047   * <p>
048   * Specifies the name of the identity mapper that is to be used with
049   * this SASL mechanism handler to match the Kerberos principal
050   * included in the SASL bind request to the corresponding user in the
051   * directory.
052   *
053   * @return Returns the value of the "identity-mapper" property.
054   */
055  String getIdentityMapper();
056
057
058
059  /**
060   * Sets the "identity-mapper" property.
061   * <p>
062   * Specifies the name of the identity mapper that is to be used with
063   * this SASL mechanism handler to match the Kerberos principal
064   * included in the SASL bind request to the corresponding user in the
065   * directory.
066   *
067   * @param value The value of the "identity-mapper" property.
068   * @throws PropertyException
069   *           If the new value is invalid.
070   */
071  void setIdentityMapper(String value) throws PropertyException;
072
073
074
075  /**
076   * Gets the "java-class" property.
077   * <p>
078   * Specifies the fully-qualified name of the Java class that
079   * provides the SASL mechanism handler implementation.
080   *
081   * @return Returns the value of the "java-class" property.
082   */
083  String getJavaClass();
084
085
086
087  /**
088   * Sets the "java-class" property.
089   * <p>
090   * Specifies the fully-qualified name of the Java class that
091   * provides the SASL mechanism handler implementation.
092   *
093   * @param value The value of the "java-class" property.
094   * @throws PropertyException
095   *           If the new value is invalid.
096   */
097  void setJavaClass(String value) throws PropertyException;
098
099
100
101  /**
102   * Gets the "kdc-address" property.
103   * <p>
104   * Specifies the address of the KDC that is to be used for Kerberos
105   * processing.
106   * <p>
107   * If provided, this property must be a fully-qualified
108   * DNS-resolvable name. If this property is not provided, then the
109   * server attempts to determine it from the system-wide Kerberos
110   * configuration.
111   *
112   * @return Returns the value of the "kdc-address" property.
113   */
114  String getKdcAddress();
115
116
117
118  /**
119   * Sets the "kdc-address" property.
120   * <p>
121   * Specifies the address of the KDC that is to be used for Kerberos
122   * processing.
123   * <p>
124   * If provided, this property must be a fully-qualified
125   * DNS-resolvable name. If this property is not provided, then the
126   * server attempts to determine it from the system-wide Kerberos
127   * configuration.
128   *
129   * @param value The value of the "kdc-address" property.
130   * @throws PropertyException
131   *           If the new value is invalid.
132   */
133  void setKdcAddress(String value) throws PropertyException;
134
135
136
137  /**
138   * Gets the "keytab" property.
139   * <p>
140   * Specifies the path to the keytab file that should be used for
141   * Kerberos processing.
142   * <p>
143   * If provided, this is either an absolute path or one that is
144   * relative to the server instance root.
145   *
146   * @return Returns the value of the "keytab" property.
147   */
148  String getKeytab();
149
150
151
152  /**
153   * Sets the "keytab" property.
154   * <p>
155   * Specifies the path to the keytab file that should be used for
156   * Kerberos processing.
157   * <p>
158   * If provided, this is either an absolute path or one that is
159   * relative to the server instance root.
160   *
161   * @param value The value of the "keytab" property.
162   * @throws PropertyException
163   *           If the new value is invalid.
164   */
165  void setKeytab(String value) throws PropertyException;
166
167
168
169  /**
170   * Gets the "principal-name" property.
171   * <p>
172   * Specifies the principal name.
173   * <p>
174   * It can either be a simple user name or a service name such as
175   * host/example.com. If this property is not provided, then the
176   * server attempts to build the principal name by appending the fully
177   * qualified domain name to the string "ldap/".
178   *
179   * @return Returns the value of the "principal-name" property.
180   */
181  String getPrincipalName();
182
183
184
185  /**
186   * Sets the "principal-name" property.
187   * <p>
188   * Specifies the principal name.
189   * <p>
190   * It can either be a simple user name or a service name such as
191   * host/example.com. If this property is not provided, then the
192   * server attempts to build the principal name by appending the fully
193   * qualified domain name to the string "ldap/".
194   *
195   * @param value The value of the "principal-name" property.
196   * @throws PropertyException
197   *           If the new value is invalid.
198   */
199  void setPrincipalName(String value) throws PropertyException;
200
201
202
203  /**
204   * Gets the "quality-of-protection" property.
205   * <p>
206   * The name of a property that specifies the quality of protection
207   * the server will support.
208   *
209   * @return Returns the value of the "quality-of-protection" property.
210   */
211  QualityOfProtection getQualityOfProtection();
212
213
214
215  /**
216   * Sets the "quality-of-protection" property.
217   * <p>
218   * The name of a property that specifies the quality of protection
219   * the server will support.
220   *
221   * @param value The value of the "quality-of-protection" property.
222   * @throws PropertyException
223   *           If the new value is invalid.
224   */
225  void setQualityOfProtection(QualityOfProtection value) throws PropertyException;
226
227
228
229  /**
230   * Gets the "realm" property.
231   * <p>
232   * Specifies the realm to be used for GSSAPI authentication.
233   *
234   * @return Returns the value of the "realm" property.
235   */
236  String getRealm();
237
238
239
240  /**
241   * Sets the "realm" property.
242   * <p>
243   * Specifies the realm to be used for GSSAPI authentication.
244   *
245   * @param value The value of the "realm" property.
246   * @throws PropertyException
247   *           If the new value is invalid.
248   */
249  void setRealm(String value) throws PropertyException;
250
251
252
253  /**
254   * Gets the "server-fqdn" property.
255   * <p>
256   * Specifies the DNS-resolvable fully-qualified domain name for the
257   * system.
258   *
259   * @return Returns the value of the "server-fqdn" property.
260   */
261  String getServerFqdn();
262
263
264
265  /**
266   * Sets the "server-fqdn" property.
267   * <p>
268   * Specifies the DNS-resolvable fully-qualified domain name for the
269   * system.
270   *
271   * @param value The value of the "server-fqdn" property.
272   * @throws PropertyException
273   *           If the new value is invalid.
274   */
275  void setServerFqdn(String value) throws PropertyException;
276
277}