001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.server;
027
028
029
030import java.util.SortedSet;
031import org.opends.server.admin.server.ConfigurationChangeListener;
032import org.opends.server.types.DN;
033
034
035
036/**
037 * A server-side interface for querying Subject Attribute To User
038 * Attribute Certificate Mapper settings.
039 * <p>
040 * The Subject Attribute To User Attribute Certificate Mapper maps
041 * client certificates to user entries by mapping the values of
042 * attributes contained in the certificate subject to attributes
043 * contained in user entries.
044 */
045public interface SubjectAttributeToUserAttributeCertificateMapperCfg extends CertificateMapperCfg {
046
047  /**
048   * Gets the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper.
049   *
050   * @return Returns the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper.
051   */
052  Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass();
053
054
055
056  /**
057   * Register to be notified when this Subject Attribute To User Attribute Certificate Mapper is changed.
058   *
059   * @param listener
060   *          The Subject Attribute To User Attribute Certificate Mapper configuration change listener.
061   */
062  void addSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener);
063
064
065
066  /**
067   * Deregister an existing Subject Attribute To User Attribute Certificate Mapper configuration change listener.
068   *
069   * @param listener
070   *          The Subject Attribute To User Attribute Certificate Mapper configuration change listener.
071   */
072  void removeSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener);
073
074
075
076  /**
077   * Gets the "java-class" property.
078   * <p>
079   * Specifies the fully-qualified name of the Java class that
080   * provides the Subject Attribute To User Attribute Certificate
081   * Mapper implementation.
082   *
083   * @return Returns the value of the "java-class" property.
084   */
085  String getJavaClass();
086
087
088
089  /**
090   * Gets the "subject-attribute-mapping" property.
091   * <p>
092   * Specifies a mapping between certificate attributes and user
093   * attributes.
094   * <p>
095   * Each value should be in the form "certattr:userattr" where
096   * certattr is the name of the attribute in the certificate subject
097   * and userattr is the name of the corresponding attribute in user
098   * entries. There may be multiple mappings defined, and when
099   * performing the mapping values for all attributes present in the
100   * certificate subject that have mappings defined must be present in
101   * the corresponding user entries.
102   *
103   * @return Returns an unmodifiable set containing the values of the "subject-attribute-mapping" property.
104   */
105  SortedSet<String> getSubjectAttributeMapping();
106
107
108
109  /**
110   * Gets the "user-base-dn" property.
111   * <p>
112   * Specifies the base DNs that should be used when performing
113   * searches to map the client certificate to a user entry.
114   *
115   * @return Returns an unmodifiable set containing the values of the "user-base-dn" property.
116   */
117  SortedSet<DN> getUserBaseDN();
118
119}