001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.server; 017 018 019 020import java.util.SortedSet; 021import org.forgerock.opendj.config.server.ConfigurationChangeListener; 022import org.forgerock.opendj.ldap.DN; 023 024 025 026/** 027 * A server-side interface for querying Subject Attribute To User 028 * Attribute Certificate Mapper settings. 029 * <p> 030 * The Subject Attribute To User Attribute Certificate Mapper maps 031 * client certificates to user entries by mapping the values of 032 * attributes contained in the certificate subject to attributes 033 * contained in user entries. 034 */ 035public interface SubjectAttributeToUserAttributeCertificateMapperCfg extends CertificateMapperCfg { 036 037 /** 038 * Gets the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper. 039 * 040 * @return Returns the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper. 041 */ 042 Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass(); 043 044 045 046 /** 047 * Register to be notified when this Subject Attribute To User Attribute Certificate Mapper is changed. 048 * 049 * @param listener 050 * The Subject Attribute To User Attribute Certificate Mapper configuration change listener. 051 */ 052 void addSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener); 053 054 055 056 /** 057 * Deregister an existing Subject Attribute To User Attribute Certificate Mapper configuration change listener. 058 * 059 * @param listener 060 * The Subject Attribute To User Attribute Certificate Mapper configuration change listener. 061 */ 062 void removeSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener); 063 064 065 066 /** 067 * Gets the "java-class" property. 068 * <p> 069 * Specifies the fully-qualified name of the Java class that 070 * provides the Subject Attribute To User Attribute Certificate 071 * Mapper implementation. 072 * 073 * @return Returns the value of the "java-class" property. 074 */ 075 String getJavaClass(); 076 077 078 079 /** 080 * Gets the "subject-attribute-mapping" property. 081 * <p> 082 * Specifies a mapping between certificate attributes and user 083 * attributes. 084 * <p> 085 * Each value should be in the form "certattr:userattr" where 086 * certattr is the name of the attribute in the certificate subject 087 * and userattr is the name of the corresponding attribute in user 088 * entries. There may be multiple mappings defined, and when 089 * performing the mapping values for all attributes present in the 090 * certificate subject that have mappings defined must be present in 091 * the corresponding user entries. 092 * 093 * @return Returns an unmodifiable set containing the values of the "subject-attribute-mapping" property. 094 */ 095 SortedSet<String> getSubjectAttributeMapping(); 096 097 098 099 /** 100 * Gets the "user-base-dn" property. 101 * <p> 102 * Specifies the base DNs that should be used when performing 103 * searches to map the client certificate to a user entry. 104 * 105 * @return Returns an unmodifiable set containing the values of the "user-base-dn" property. 106 */ 107 SortedSet<DN> getUserBaseDN(); 108 109}