001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.admin.std.server;
028
029
030
031 import java.util.SortedSet;
032 import org.opends.server.admin.server.ConfigurationChangeListener;
033 import org.opends.server.admin.std.meta.FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm;
034 import org.opends.server.types.AttributeType;
035 import org.opends.server.types.DN;
036
037
038
039 /**
040 * A server-side interface for querying Fingerprint Certificate Mapper
041 * settings.
042 * <p>
043 * The Fingerprint Certificate Mapper maps client certificates to user
044 * entries by looking for the MD5 or SHA1 fingerprint in a specified
045 * attribute of user entries.
046 */
047 public interface FingerprintCertificateMapperCfg extends CertificateMapperCfg {
048
049 /**
050 * Gets the configuration class associated with this Fingerprint Certificate Mapper.
051 *
052 * @return Returns the configuration class associated with this Fingerprint Certificate Mapper.
053 */
054 Class<? extends FingerprintCertificateMapperCfg> configurationClass();
055
056
057
058 /**
059 * Register to be notified when this Fingerprint Certificate Mapper is changed.
060 *
061 * @param listener
062 * The Fingerprint Certificate Mapper configuration change listener.
063 */
064 void addFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener);
065
066
067
068 /**
069 * Deregister an existing Fingerprint Certificate Mapper configuration change listener.
070 *
071 * @param listener
072 * The Fingerprint Certificate Mapper configuration change listener.
073 */
074 void removeFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener);
075
076
077
078 /**
079 * Gets the "fingerprint-algorithm" property.
080 * <p>
081 * Specifies the name of the digest algorithm to compute the
082 * fingerprint of client certificates.
083 *
084 * @return Returns the value of the "fingerprint-algorithm" property.
085 */
086 FingerprintAlgorithm getFingerprintAlgorithm();
087
088
089
090 /**
091 * Gets the "fingerprint-attribute" property.
092 * <p>
093 * Specifies the attribute in which to look for the fingerprint.
094 * <p>
095 * Values of the fingerprint attribute should exactly match the MD5
096 * or SHA1 representation of the certificate fingerprint.
097 *
098 * @return Returns the value of the "fingerprint-attribute" property.
099 */
100 AttributeType getFingerprintAttribute();
101
102
103
104 /**
105 * Gets the "java-class" property.
106 * <p>
107 * Specifies the fully-qualified name of the Java class that
108 * provides the Fingerprint Certificate Mapper implementation.
109 *
110 * @return Returns the value of the "java-class" property.
111 */
112 String getJavaClass();
113
114
115
116 /**
117 * Gets the "user-base-dn" property.
118 * <p>
119 * Specifies the set of base DNs below which to search for users.
120 * <p>
121 * The base DNs are used when performing searches to map the client
122 * certificates to a user entry.
123 *
124 * @return Returns an unmodifiable set containing the values of the "user-base-dn" property.
125 */
126 SortedSet<DN> getUserBaseDN();
127
128 }