001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.server; 017 018 019 020import java.net.InetAddress; 021import java.util.SortedSet; 022import org.forgerock.opendj.config.Configuration; 023import org.forgerock.opendj.config.server.ConfigurationChangeListener; 024import org.forgerock.opendj.ldap.AddressMask; 025import org.forgerock.opendj.ldap.DN; 026 027 028 029/** 030 * A server-side interface for querying Administration Connector 031 * settings. 032 * <p> 033 * The Administration Connector is used to interact with 034 * administration tools using LDAP. 035 */ 036public interface AdministrationConnectorCfg extends Configuration { 037 038 /** 039 * Gets the configuration class associated with this Administration Connector. 040 * 041 * @return Returns the configuration class associated with this Administration Connector. 042 */ 043 Class<? extends AdministrationConnectorCfg> configurationClass(); 044 045 046 047 /** 048 * Register to be notified when this Administration Connector is changed. 049 * 050 * @param listener 051 * The Administration Connector configuration change listener. 052 */ 053 void addChangeListener(ConfigurationChangeListener<AdministrationConnectorCfg> listener); 054 055 056 057 /** 058 * Deregister an existing Administration Connector configuration change listener. 059 * 060 * @param listener 061 * The Administration Connector configuration change listener. 062 */ 063 void removeChangeListener(ConfigurationChangeListener<AdministrationConnectorCfg> listener); 064 065 066 067 /** 068 * Gets the "allowed-client" property. 069 * <p> 070 * Specifies a set of host names or address masks that determine the 071 * clients that are allowed to establish connections to this 072 * Administration Connector. 073 * <p> 074 * Valid values include a host name, a fully qualified domain name, 075 * a domain name, an IP address, or a subnetwork with subnetwork 076 * mask. 077 * 078 * @return Returns an unmodifiable set containing the values of the "allowed-client" property. 079 */ 080 SortedSet<AddressMask> getAllowedClient(); 081 082 083 084 /** 085 * Gets the "denied-client" property. 086 * <p> 087 * Specifies a set of host names or address masks that determine the 088 * clients that are not allowed to establish connections to this 089 * Administration Connector. 090 * <p> 091 * Valid values include a host name, a fully qualified domain name, 092 * a domain name, an IP address, or a subnetwork with subnetwork 093 * mask. If both allowed and denied client masks are defined and a 094 * client connection matches one or more masks in both lists, then 095 * the connection is denied. If only a denied list is specified, then 096 * any client not matching a mask in that list is allowed. 097 * 098 * @return Returns an unmodifiable set containing the values of the "denied-client" property. 099 */ 100 SortedSet<AddressMask> getDeniedClient(); 101 102 103 104 /** 105 * Gets the "key-manager-provider" property. 106 * <p> 107 * Specifies the name of the key manager that is used with the 108 * Administration Connector . 109 * 110 * @return Returns the value of the "key-manager-provider" property. 111 */ 112 String getKeyManagerProvider(); 113 114 115 116 /** 117 * Gets the "key-manager-provider" property as a DN. 118 * <p> 119 * Specifies the name of the key manager that is used with the 120 * Administration Connector . 121 * 122 * @return Returns the DN value of the "key-manager-provider" 123 * property. 124 */ 125 DN getKeyManagerProviderDN(); 126 127 128 129 /** 130 * Gets the "listen-address" property. 131 * <p> 132 * Specifies the address or set of addresses on which this 133 * Administration Connector should listen for connections from LDAP 134 * clients. 135 * <p> 136 * Multiple addresses may be provided as separate values for this 137 * attribute. If no values are provided, then the Administration 138 * Connector listens on all interfaces. 139 * 140 * @return Returns an unmodifiable set containing the values of the "listen-address" property. 141 */ 142 SortedSet<InetAddress> getListenAddress(); 143 144 145 146 /** 147 * Gets the "listen-port" property. 148 * <p> 149 * Specifies the port number on which the Administration Connector 150 * will listen for connections from clients. 151 * <p> 152 * Only a single port number may be provided. 153 * 154 * @return Returns the value of the "listen-port" property. 155 */ 156 int getListenPort(); 157 158 159 160 /** 161 * Gets the "ssl-cert-nickname" property. 162 * <p> 163 * Specifies the nicknames (also called the aliases) of the keys or 164 * key pairs that the Administration Connector should use when 165 * performing SSL communication. The property can be used multiple 166 * times (referencing different nicknames) when server certificates 167 * with different public key algorithms are used in parallel (for 168 * example, RSA, DSA, and ECC-based algorithms). When a nickname 169 * refers to an asymmetric (public/private) key pair, the nickname 170 * for the public key certificate and associated private key entry 171 * must match exactly. A single nickname is used to retrieve both the 172 * public key and the private key. 173 * 174 * @return Returns an unmodifiable set containing the values of the "ssl-cert-nickname" property. 175 */ 176 SortedSet<String> getSSLCertNickname(); 177 178 179 180 /** 181 * Gets the "ssl-cipher-suite" property. 182 * <p> 183 * Specifies the names of the SSL cipher suites that are allowed for 184 * use in SSL communication. 185 * 186 * @return Returns an unmodifiable set containing the values of the "ssl-cipher-suite" property. 187 */ 188 SortedSet<String> getSSLCipherSuite(); 189 190 191 192 /** 193 * Gets the "ssl-protocol" property. 194 * <p> 195 * Specifies the names of the SSL protocols that are allowed for use 196 * in SSL or StartTLS communication. 197 * 198 * @return Returns an unmodifiable set containing the values of the "ssl-protocol" property. 199 */ 200 SortedSet<String> getSSLProtocol(); 201 202 203 204 /** 205 * Gets the "trust-manager-provider" property. 206 * <p> 207 * Specifies the name of the trust manager that is used with the 208 * Administration Connector . 209 * 210 * @return Returns the value of the "trust-manager-provider" property. 211 */ 212 String getTrustManagerProvider(); 213 214 215 216 /** 217 * Gets the "trust-manager-provider" property as a DN. 218 * <p> 219 * Specifies the name of the trust manager that is used with the 220 * Administration Connector . 221 * 222 * @return Returns the DN value of the "trust-manager-provider" 223 * property. 224 */ 225 DN getTrustManagerProviderDN(); 226 227}