001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 */ 016package org.forgerock.opendj.server.config.server; 017 018 019 020import java.util.SortedSet; 021import org.forgerock.opendj.config.server.ConfigurationChangeListener; 022import org.forgerock.opendj.ldap.DN; 023import org.forgerock.opendj.ldap.schema.AttributeType; 024import org.forgerock.opendj.server.config.meta.FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm; 025 026 027 028/** 029 * A server-side interface for querying Fingerprint Certificate Mapper 030 * settings. 031 * <p> 032 * The Fingerprint Certificate Mapper maps client certificates to user 033 * entries by looking for the MD5 or SHA1 fingerprint in a specified 034 * attribute of user entries. 035 */ 036public interface FingerprintCertificateMapperCfg extends CertificateMapperCfg { 037 038 /** 039 * Gets the configuration class associated with this Fingerprint Certificate Mapper. 040 * 041 * @return Returns the configuration class associated with this Fingerprint Certificate Mapper. 042 */ 043 Class<? extends FingerprintCertificateMapperCfg> configurationClass(); 044 045 046 047 /** 048 * Register to be notified when this Fingerprint Certificate Mapper is changed. 049 * 050 * @param listener 051 * The Fingerprint Certificate Mapper configuration change listener. 052 */ 053 void addFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener); 054 055 056 057 /** 058 * Deregister an existing Fingerprint Certificate Mapper configuration change listener. 059 * 060 * @param listener 061 * The Fingerprint Certificate Mapper configuration change listener. 062 */ 063 void removeFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener); 064 065 066 067 /** 068 * Gets the "fingerprint-algorithm" property. 069 * <p> 070 * Specifies the name of the digest algorithm to compute the 071 * fingerprint of client certificates. 072 * 073 * @return Returns the value of the "fingerprint-algorithm" property. 074 */ 075 FingerprintAlgorithm getFingerprintAlgorithm(); 076 077 078 079 /** 080 * Gets the "fingerprint-attribute" property. 081 * <p> 082 * Specifies the attribute in which to look for the fingerprint. 083 * <p> 084 * Values of the fingerprint attribute should exactly match the MD5 085 * or SHA1 representation of the certificate fingerprint. 086 * 087 * @return Returns the value of the "fingerprint-attribute" property. 088 */ 089 AttributeType getFingerprintAttribute(); 090 091 092 093 /** 094 * Gets the "java-class" property. 095 * <p> 096 * Specifies the fully-qualified name of the Java class that 097 * provides the Fingerprint Certificate Mapper implementation. 098 * 099 * @return Returns the value of the "java-class" property. 100 */ 101 String getJavaClass(); 102 103 104 105 /** 106 * Gets the "user-base-dn" property. 107 * <p> 108 * Specifies the set of base DNs below which to search for users. 109 * <p> 110 * The base DNs are used when performing searches to map the client 111 * certificates to a user entry. 112 * 113 * @return Returns an unmodifiable set containing the values of the "user-base-dn" property. 114 */ 115 SortedSet<DN> getUserBaseDN(); 116 117}