001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2008 Sun Microsystems, Inc.
026     */
027    package org.opends.server.admin.std.server;
028    
029    
030    
031    import org.opends.server.admin.server.ConfigurationChangeListener;
032    import org.opends.server.types.DN;
033    
034    
035    
036    /**
037     * A server-side interface for querying GSSAPI SASL Mechanism Handler
038     * settings.
039     * <p>
040     * The GSSAPI SASL mechanism performs all processing related to SASL
041     * GSSAPI authentication using Kerberos V5.
042     */
043    public interface GSSAPISASLMechanismHandlerCfg extends SASLMechanismHandlerCfg {
044    
045      /**
046       * Gets the configuration class associated with this GSSAPI SASL Mechanism Handler.
047       *
048       * @return Returns the configuration class associated with this GSSAPI SASL Mechanism Handler.
049       */
050      Class<? extends GSSAPISASLMechanismHandlerCfg> configurationClass();
051    
052    
053    
054      /**
055       * Register to be notified when this GSSAPI SASL Mechanism Handler is changed.
056       *
057       * @param listener
058       *          The GSSAPI SASL Mechanism Handler configuration change listener.
059       */
060      void addGSSAPIChangeListener(ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener);
061    
062    
063    
064      /**
065       * Deregister an existing GSSAPI SASL Mechanism Handler configuration change listener.
066       *
067       * @param listener
068       *          The GSSAPI SASL Mechanism Handler configuration change listener.
069       */
070      void removeGSSAPIChangeListener(ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener);
071    
072    
073    
074      /**
075       * Gets the "identity-mapper" property.
076       * <p>
077       * Specifies the name of the identity mapper that is to be used with
078       * this SASL mechanism handler to match the Kerberos principal
079       * included in the SASL bind request to the corresponding user in the
080       * directory.
081       *
082       * @return Returns the value of the "identity-mapper" property.
083       */
084      String getIdentityMapper();
085    
086    
087    
088      /**
089       * Gets the "identity-mapper" property as a DN.
090       * <p>
091       * Specifies the name of the identity mapper that is to be used with
092       * this SASL mechanism handler to match the Kerberos principal
093       * included in the SASL bind request to the corresponding user in the
094       * directory.
095       *
096       * @return Returns the DN value of the "identity-mapper" property.
097       */
098      DN getIdentityMapperDN();
099    
100    
101    
102      /**
103       * Gets the "java-class" property.
104       * <p>
105       * Specifies the fully-qualified name of the Java class that
106       * provides the SASL mechanism handler implementation.
107       *
108       * @return Returns the value of the "java-class" property.
109       */
110      String getJavaClass();
111    
112    
113    
114      /**
115       * Gets the "kdc-address" property.
116       * <p>
117       * Specifies the address of the KDC that is to be used for Kerberos
118       * processing.
119       * <p>
120       * If provided, this property must be a fully-qualified
121       * DNS-resolvable name. If this property is not provided, then the
122       * server attempts to determine it from the system-wide Kerberos
123       * configuration.
124       *
125       * @return Returns the value of the "kdc-address" property.
126       */
127      String getKdcAddress();
128    
129    
130    
131      /**
132       * Gets the "keytab" property.
133       * <p>
134       * Specifies the path to the keytab file that should be used for
135       * Kerberos processing.
136       * <p>
137       * If provided, this is either an absolute path or one that is
138       * relative to the server instance root.
139       *
140       * @return Returns the value of the "keytab" property.
141       */
142      String getKeytab();
143    
144    
145    
146      /**
147       * Gets the "realm" property.
148       * <p>
149       * Specifies the realm to be used for GSSAPI authentication.
150       *
151       * @return Returns the value of the "realm" property.
152       */
153      String getRealm();
154    
155    
156    
157      /**
158       * Gets the "server-fqdn" property.
159       * <p>
160       * Specifies the DNS-resolvable fully-qualified domain name for the
161       * system.
162       *
163       * @return Returns the value of the "server-fqdn" property.
164       */
165      String getServerFqdn();
166    
167    }