001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.forgerock.opendj.server.config.server;
017
018
019
020import java.util.SortedSet;
021import org.forgerock.opendj.config.server.ConfigurationChangeListener;
022import org.forgerock.opendj.ldap.DN;
023import org.forgerock.opendj.ldap.schema.AttributeType;
024import org.forgerock.opendj.server.config.meta.FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm;
025
026
027
028/**
029 * A server-side interface for querying Fingerprint Certificate Mapper
030 * settings.
031 * <p>
032 * The Fingerprint Certificate Mapper maps client certificates to user
033 * entries by looking for the MD5 or SHA1 fingerprint in a specified
034 * attribute of user entries.
035 */
036public interface FingerprintCertificateMapperCfg extends CertificateMapperCfg {
037
038  /**
039   * Gets the configuration class associated with this Fingerprint Certificate Mapper.
040   *
041   * @return Returns the configuration class associated with this Fingerprint Certificate Mapper.
042   */
043  Class<? extends FingerprintCertificateMapperCfg> configurationClass();
044
045
046
047  /**
048   * Register to be notified when this Fingerprint Certificate Mapper is changed.
049   *
050   * @param listener
051   *          The Fingerprint Certificate Mapper configuration change listener.
052   */
053  void addFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener);
054
055
056
057  /**
058   * Deregister an existing Fingerprint Certificate Mapper configuration change listener.
059   *
060   * @param listener
061   *          The Fingerprint Certificate Mapper configuration change listener.
062   */
063  void removeFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener);
064
065
066
067  /**
068   * Gets the "fingerprint-algorithm" property.
069   * <p>
070   * Specifies the name of the digest algorithm to compute the
071   * fingerprint of client certificates.
072   *
073   * @return Returns the value of the "fingerprint-algorithm" property.
074   */
075  FingerprintAlgorithm getFingerprintAlgorithm();
076
077
078
079  /**
080   * Gets the "fingerprint-attribute" property.
081   * <p>
082   * Specifies the attribute in which to look for the fingerprint.
083   * <p>
084   * Values of the fingerprint attribute should exactly match the MD5
085   * or SHA1 representation of the certificate fingerprint.
086   *
087   * @return Returns the value of the "fingerprint-attribute" property.
088   */
089  AttributeType getFingerprintAttribute();
090
091
092
093  /**
094   * Gets the "java-class" property.
095   * <p>
096   * Specifies the fully-qualified name of the Java class that
097   * provides the Fingerprint Certificate Mapper implementation.
098   *
099   * @return Returns the value of the "java-class" property.
100   */
101  String getJavaClass();
102
103
104
105  /**
106   * Gets the "user-base-dn" property.
107   * <p>
108   * Specifies the set of base DNs below which to search for users.
109   * <p>
110   * The base DNs are used when performing searches to map the client
111   * certificates to a user entry.
112   *
113   * @return Returns an unmodifiable set containing the values of the "user-base-dn" property.
114   */
115  SortedSet<DN> getUserBaseDN();
116
117}