001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.server; 028 029 030 031 import java.util.SortedSet; 032 import org.opends.server.admin.server.ConfigurationChangeListener; 033 import org.opends.server.types.DN; 034 035 036 037 /** 038 * A server-side interface for querying Subject Attribute To User 039 * Attribute Certificate Mapper settings. 040 * <p> 041 * The Subject Attribute To User Attribute Certificate Mapper maps 042 * client certificates to user entries by mapping the values of 043 * attributes contained in the certificate subject to attributes 044 * contained in user entries. 045 */ 046 public interface SubjectAttributeToUserAttributeCertificateMapperCfg extends CertificateMapperCfg { 047 048 /** 049 * Gets the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper. 050 * 051 * @return Returns the configuration class associated with this Subject Attribute To User Attribute Certificate Mapper. 052 */ 053 Class<? extends SubjectAttributeToUserAttributeCertificateMapperCfg> configurationClass(); 054 055 056 057 /** 058 * Register to be notified when this Subject Attribute To User Attribute Certificate Mapper is changed. 059 * 060 * @param listener 061 * The Subject Attribute To User Attribute Certificate Mapper configuration change listener. 062 */ 063 void addSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener); 064 065 066 067 /** 068 * Deregister an existing Subject Attribute To User Attribute Certificate Mapper configuration change listener. 069 * 070 * @param listener 071 * The Subject Attribute To User Attribute Certificate Mapper configuration change listener. 072 */ 073 void removeSubjectAttributeToUserAttributeChangeListener(ConfigurationChangeListener<SubjectAttributeToUserAttributeCertificateMapperCfg> listener); 074 075 076 077 /** 078 * Gets the "java-class" property. 079 * <p> 080 * Specifies the fully-qualified name of the Java class that 081 * provides the Subject Attribute To User Attribute Certificate 082 * Mapper implementation. 083 * 084 * @return Returns the value of the "java-class" property. 085 */ 086 String getJavaClass(); 087 088 089 090 /** 091 * Gets the "subject-attribute-mapping" property. 092 * <p> 093 * Specifies a mapping between certificate attributes and user 094 * attributes. 095 * <p> 096 * Each value should be in the form "certattr:userattr" where 097 * certattr is the name of the attribute in the certificate subject 098 * and userattr is the name of the corresponding attribute in user 099 * entries. There may be multiple mappings defined, and when 100 * performing the mapping values for all attributes present in the 101 * certificate subject that have mappings defined must be present in 102 * the corresponding user entries. 103 * 104 * @return Returns an unmodifiable set containing the values of the "subject-attribute-mapping" property. 105 */ 106 SortedSet<String> getSubjectAttributeMapping(); 107 108 109 110 /** 111 * Gets the "user-base-dn" property. 112 * <p> 113 * Specifies the base DNs that should be used when performing 114 * searches to map the client certificate to a user entry. 115 * 116 * @return Returns an unmodifiable set containing the values of the "user-base-dn" property. 117 */ 118 SortedSet<DN> getUserBaseDN(); 119 120 }