001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.server;
027
028
029
030import java.util.SortedSet;
031import org.opends.server.admin.server.ConfigurationChangeListener;
032import org.opends.server.admin.std.meta.FingerprintCertificateMapperCfgDefn.FingerprintAlgorithm;
033import org.opends.server.types.AttributeType;
034import org.opends.server.types.DN;
035
036
037
038/**
039 * A server-side interface for querying Fingerprint Certificate Mapper
040 * settings.
041 * <p>
042 * The Fingerprint Certificate Mapper maps client certificates to user
043 * entries by looking for the MD5 or SHA1 fingerprint in a specified
044 * attribute of user entries.
045 */
046public interface FingerprintCertificateMapperCfg extends CertificateMapperCfg {
047
048  /**
049   * Gets the configuration class associated with this Fingerprint Certificate Mapper.
050   *
051   * @return Returns the configuration class associated with this Fingerprint Certificate Mapper.
052   */
053  Class<? extends FingerprintCertificateMapperCfg> configurationClass();
054
055
056
057  /**
058   * Register to be notified when this Fingerprint Certificate Mapper is changed.
059   *
060   * @param listener
061   *          The Fingerprint Certificate Mapper configuration change listener.
062   */
063  void addFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener);
064
065
066
067  /**
068   * Deregister an existing Fingerprint Certificate Mapper configuration change listener.
069   *
070   * @param listener
071   *          The Fingerprint Certificate Mapper configuration change listener.
072   */
073  void removeFingerprintChangeListener(ConfigurationChangeListener<FingerprintCertificateMapperCfg> listener);
074
075
076
077  /**
078   * Gets the "fingerprint-algorithm" property.
079   * <p>
080   * Specifies the name of the digest algorithm to compute the
081   * fingerprint of client certificates.
082   *
083   * @return Returns the value of the "fingerprint-algorithm" property.
084   */
085  FingerprintAlgorithm getFingerprintAlgorithm();
086
087
088
089  /**
090   * Gets the "fingerprint-attribute" property.
091   * <p>
092   * Specifies the attribute in which to look for the fingerprint.
093   * <p>
094   * Values of the fingerprint attribute should exactly match the MD5
095   * or SHA1 representation of the certificate fingerprint.
096   *
097   * @return Returns the value of the "fingerprint-attribute" property.
098   */
099  AttributeType getFingerprintAttribute();
100
101
102
103  /**
104   * Gets the "java-class" property.
105   * <p>
106   * Specifies the fully-qualified name of the Java class that
107   * provides the Fingerprint Certificate Mapper implementation.
108   *
109   * @return Returns the value of the "java-class" property.
110   */
111  String getJavaClass();
112
113
114
115  /**
116   * Gets the "user-base-dn" property.
117   * <p>
118   * Specifies the set of base DNs below which to search for users.
119   * <p>
120   * The base DNs are used when performing searches to map the client
121   * certificates to a user entry.
122   *
123   * @return Returns an unmodifiable set containing the values of the "user-base-dn" property.
124   */
125  SortedSet<DN> getUserBaseDN();
126
127}