001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import java.net.InetAddress;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.Configuration;
023import org.forgerock.opendj.config.server.ConfigurationChangeListener;
024import org.forgerock.opendj.ldap.AddressMask;
025import org.forgerock.opendj.ldap.DN;
026
027
028
029/**
030 * A server-side interface for querying Administration Connector
031 * settings.
032 * <p>
033 * The Administration Connector is used to interact with
034 * administration tools using LDAP.
035 */
036public interface AdministrationConnectorCfg extends Configuration {
037
038  /**
039   * Gets the configuration class associated with this Administration Connector.
040   *
041   * @return Returns the configuration class associated with this Administration Connector.
042   */
043  Class<? extends AdministrationConnectorCfg> configurationClass();
044
045
046
047  /**
048   * Register to be notified when this Administration Connector is changed.
049   *
050   * @param listener
051   *          The Administration Connector configuration change listener.
052   */
053  void addChangeListener(ConfigurationChangeListener<AdministrationConnectorCfg> listener);
054
055
056
057  /**
058   * Deregister an existing Administration Connector configuration change listener.
059   *
060   * @param listener
061   *          The Administration Connector configuration change listener.
062   */
063  void removeChangeListener(ConfigurationChangeListener<AdministrationConnectorCfg> listener);
064
065
066
067  /**
068   * Gets the "allowed-client" property.
069   * <p>
070   * Specifies a set of host names or address masks that determine the
071   * clients that are allowed to establish connections to this
072   * Administration Connector.
073   * <p>
074   * Valid values include a host name, a fully qualified domain name,
075   * a domain name, an IP address, or a subnetwork with subnetwork
076   * mask.
077   *
078   * @return Returns an unmodifiable set containing the values of the "allowed-client" property.
079   */
080  SortedSet<AddressMask> getAllowedClient();
081
082
083
084  /**
085   * Gets the "denied-client" property.
086   * <p>
087   * Specifies a set of host names or address masks that determine the
088   * clients that are not allowed to establish connections to this
089   * Administration Connector.
090   * <p>
091   * Valid values include a host name, a fully qualified domain name,
092   * a domain name, an IP address, or a subnetwork with subnetwork
093   * mask. If both allowed and denied client masks are defined and a
094   * client connection matches one or more masks in both lists, then
095   * the connection is denied. If only a denied list is specified, then
096   * any client not matching a mask in that list is allowed.
097   *
098   * @return Returns an unmodifiable set containing the values of the "denied-client" property.
099   */
100  SortedSet<AddressMask> getDeniedClient();
101
102
103
104  /**
105   * Gets the "key-manager-provider" property.
106   * <p>
107   * Specifies the name of the key manager that is used with the
108   * Administration Connector .
109   *
110   * @return Returns the value of the "key-manager-provider" property.
111   */
112  String getKeyManagerProvider();
113
114
115
116  /**
117   * Gets the "key-manager-provider" property as a DN.
118   * <p>
119   * Specifies the name of the key manager that is used with the
120   * Administration Connector .
121   *
122   * @return Returns the DN value of the "key-manager-provider"
123   *         property.
124   */
125  DN getKeyManagerProviderDN();
126
127
128
129  /**
130   * Gets the "listen-address" property.
131   * <p>
132   * Specifies the address or set of addresses on which this
133   * Administration Connector should listen for connections from LDAP
134   * clients.
135   * <p>
136   * Multiple addresses may be provided as separate values for this
137   * attribute. If no values are provided, then the Administration
138   * Connector listens on all interfaces.
139   *
140   * @return Returns an unmodifiable set containing the values of the "listen-address" property.
141   */
142  SortedSet<InetAddress> getListenAddress();
143
144
145
146  /**
147   * Gets the "listen-port" property.
148   * <p>
149   * Specifies the port number on which the Administration Connector
150   * will listen for connections from clients.
151   * <p>
152   * Only a single port number may be provided.
153   *
154   * @return Returns the value of the "listen-port" property.
155   */
156  int getListenPort();
157
158
159
160  /**
161   * Gets the "ssl-cert-nickname" property.
162   * <p>
163   * Specifies the nicknames (also called the aliases) of the keys or
164   * key pairs that the Administration Connector should use when
165   * performing SSL communication. The property can be used multiple
166   * times (referencing different nicknames) when server certificates
167   * with different public key algorithms are used in parallel (for
168   * example, RSA, DSA, and ECC-based algorithms). When a nickname
169   * refers to an asymmetric (public/private) key pair, the nickname
170   * for the public key certificate and associated private key entry
171   * must match exactly. A single nickname is used to retrieve both the
172   * public key and the private key.
173   *
174   * @return Returns an unmodifiable set containing the values of the "ssl-cert-nickname" property.
175   */
176  SortedSet<String> getSSLCertNickname();
177
178
179
180  /**
181   * Gets the "ssl-cipher-suite" property.
182   * <p>
183   * Specifies the names of the SSL cipher suites that are allowed for
184   * use in SSL communication.
185   *
186   * @return Returns an unmodifiable set containing the values of the "ssl-cipher-suite" property.
187   */
188  SortedSet<String> getSSLCipherSuite();
189
190
191
192  /**
193   * Gets the "ssl-protocol" property.
194   * <p>
195   * Specifies the names of the SSL protocols that are allowed for use
196   * in SSL or StartTLS communication.
197   *
198   * @return Returns an unmodifiable set containing the values of the "ssl-protocol" property.
199   */
200  SortedSet<String> getSSLProtocol();
201
202
203
204  /**
205   * Gets the "trust-manager-provider" property.
206   * <p>
207   * Specifies the name of the trust manager that is used with the
208   * Administration Connector .
209   *
210   * @return Returns the value of the "trust-manager-provider" property.
211   */
212  String getTrustManagerProvider();
213
214
215
216  /**
217   * Gets the "trust-manager-provider" property as a DN.
218   * <p>
219   * Specifies the name of the trust manager that is used with the
220   * Administration Connector .
221   *
222   * @return Returns the DN value of the "trust-manager-provider"
223   *         property.
224   */
225  DN getTrustManagerProviderDN();
226
227}