001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import org.forgerock.opendj.config.server.ConfigurationChangeListener;
021import org.forgerock.opendj.ldap.DN;
022import org.forgerock.opendj.server.config.meta.DigestMD5SASLMechanismHandlerCfgDefn.QualityOfProtection;
023
024
025
026/**
027 * A server-side interface for querying Digest MD5 SASL Mechanism
028 * Handler settings.
029 * <p>
030 * The DIGEST-MD5 SASL mechanism is used to perform all processing
031 * related to SASL DIGEST-MD5 authentication.
032 */
033public interface DigestMD5SASLMechanismHandlerCfg extends SASLMechanismHandlerCfg {
034
035  /**
036   * Gets the configuration class associated with this Digest MD5 SASL Mechanism Handler.
037   *
038   * @return Returns the configuration class associated with this Digest MD5 SASL Mechanism Handler.
039   */
040  Class<? extends DigestMD5SASLMechanismHandlerCfg> configurationClass();
041
042
043
044  /**
045   * Register to be notified when this Digest MD5 SASL Mechanism Handler is changed.
046   *
047   * @param listener
048   *          The Digest MD5 SASL Mechanism Handler configuration change listener.
049   */
050  void addDigestMD5ChangeListener(ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener);
051
052
053
054  /**
055   * Deregister an existing Digest MD5 SASL Mechanism Handler configuration change listener.
056   *
057   * @param listener
058   *          The Digest MD5 SASL Mechanism Handler configuration change listener.
059   */
060  void removeDigestMD5ChangeListener(ConfigurationChangeListener<DigestMD5SASLMechanismHandlerCfg> listener);
061
062
063
064  /**
065   * Gets the "identity-mapper" property.
066   * <p>
067   * Specifies the name of the identity mapper that is to be used with
068   * this SASL mechanism handler to match the authentication or
069   * authorization ID included in the SASL bind request to the
070   * corresponding user in the directory.
071   *
072   * @return Returns the value of the "identity-mapper" property.
073   */
074  String getIdentityMapper();
075
076
077
078  /**
079   * Gets the "identity-mapper" property as a DN.
080   * <p>
081   * Specifies the name of the identity mapper that is to be used with
082   * this SASL mechanism handler to match the authentication or
083   * authorization ID included in the SASL bind request to the
084   * corresponding user in the directory.
085   *
086   * @return Returns the DN value of the "identity-mapper" property.
087   */
088  DN getIdentityMapperDN();
089
090
091
092  /**
093   * Gets the "java-class" property.
094   * <p>
095   * Specifies the fully-qualified name of the Java class that
096   * provides the SASL mechanism handler implementation.
097   *
098   * @return Returns the value of the "java-class" property.
099   */
100  String getJavaClass();
101
102
103
104  /**
105   * Gets the "quality-of-protection" property.
106   * <p>
107   * The name of a property that specifies the quality of protection
108   * the server will support.
109   *
110   * @return Returns the value of the "quality-of-protection" property.
111   */
112  QualityOfProtection getQualityOfProtection();
113
114
115
116  /**
117   * Gets the "realm" property.
118   * <p>
119   * Specifies the realms that is to be used by the server for
120   * DIGEST-MD5 authentication.
121   * <p>
122   * If this value is not provided, then the server defaults to use
123   * the fully qualified hostname of the machine.
124   *
125   * @return Returns the value of the "realm" property.
126   */
127  String getRealm();
128
129
130
131  /**
132   * Gets the "server-fqdn" property.
133   * <p>
134   * Specifies the DNS-resolvable fully-qualified domain name for the
135   * server that is used when validating the digest-uri parameter
136   * during the authentication process.
137   * <p>
138   * If this configuration attribute is present, then the server
139   * expects that clients use a digest-uri equal to "ldap/" followed by
140   * the value of this attribute. For example, if the attribute has a
141   * value of "directory.example.com", then the server expects clients
142   * to use a digest-uri of "ldap/directory.example.com". If no value
143   * is provided, then the server does not attempt to validate the
144   * digest-uri provided by the client and accepts any value.
145   *
146   * @return Returns the value of the "server-fqdn" property.
147   */
148  String getServerFqdn();
149
150}