001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.server; 027 028 029 030import java.util.SortedSet; 031import org.opends.server.admin.server.ConfigurationChangeListener; 032import org.opends.server.types.DN; 033 034 035 036/** 037 * A server-side interface for querying Subject Attribute To User 038 * Attribute Certificate Mapper settings. 039 * <p> 040 * The Subject Attribute To User Attribute Certificate Mapper maps 041 * client certificates to user entries by mapping the values of 042 * attributes contained in the certificate subject to attributes 043 * contained in user entries. 044 */ 045public interface SubjectAttributeToUserAttributeCertificateMapperCfg extends CertificateMapperCfg { 046 047 /** 048 * Gets the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper. 049 * 050 * @return Returns the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper. 051 */ 052 Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass(); 053 054 055 056 /** 057 * Register to be notified when this Subject Attribute To User Attribute Certificate Mapper is changed. 058 * 059 * @param listener 060 * The Subject Attribute To User Attribute Certificate Mapper configuration change listener. 061 */ 062 void addSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener); 063 064 065 066 /** 067 * Deregister an existing Subject Attribute To User Attribute Certificate Mapper configuration change listener. 068 * 069 * @param listener 070 * The Subject Attribute To User Attribute Certificate Mapper configuration change listener. 071 */ 072 void removeSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener); 073 074 075 076 /** 077 * Gets the "java-class" property. 078 * <p> 079 * Specifies the fully-qualified name of the Java class that 080 * provides the Subject Attribute To User Attribute Certificate 081 * Mapper implementation. 082 * 083 * @return Returns the value of the "java-class" property. 084 */ 085 String getJavaClass(); 086 087 088 089 /** 090 * Gets the "subject-attribute-mapping" property. 091 * <p> 092 * Specifies a mapping between certificate attributes and user 093 * attributes. 094 * <p> 095 * Each value should be in the form "certattr:userattr" where 096 * certattr is the name of the attribute in the certificate subject 097 * and userattr is the name of the corresponding attribute in user 098 * entries. There may be multiple mappings defined, and when 099 * performing the mapping values for all attributes present in the 100 * certificate subject that have mappings defined must be present in 101 * the corresponding user entries. 102 * 103 * @return Returns an unmodifiable set containing the values of the "subject-attribute-mapping" property. 104 */ 105 SortedSet<String> getSubjectAttributeMapping(); 106 107 108 109 /** 110 * Gets the "user-base-dn" property. 111 * <p> 112 * Specifies the base DNs that should be used when performing 113 * searches to map the client certificate to a user entry. 114 * 115 * @return Returns an unmodifiable set containing the values of the "user-base-dn" property. 116 */ 117 SortedSet<DN> getUserBaseDN(); 118 119}