001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.server; 028 029 030 031 import org.opends.server.admin.server.ConfigurationChangeListener; 032 import org.opends.server.types.DN; 033 034 035 036 /** 037 * A server-side interface for querying GSSAPI SASL Mechanism Handler 038 * settings. 039 * <p> 040 * The GSSAPI SASL mechanism performs all processing related to SASL 041 * GSSAPI authentication using Kerberos V5. 042 */ 043 public interface GSSAPISASLMechanismHandlerCfg extends SASLMechanismHandlerCfg { 044 045 /** 046 * Gets the configuration class associated with this GSSAPI SASL Mechanism Handler. 047 * 048 * @return Returns the configuration class associated with this GSSAPI SASL Mechanism Handler. 049 */ 050 Class<? extends GSSAPISASLMechanismHandlerCfg> configurationClass(); 051 052 053 054 /** 055 * Register to be notified when this GSSAPI SASL Mechanism Handler is changed. 056 * 057 * @param listener 058 * The GSSAPI SASL Mechanism Handler configuration change listener. 059 */ 060 void addGSSAPIChangeListener(ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener); 061 062 063 064 /** 065 * Deregister an existing GSSAPI SASL Mechanism Handler configuration change listener. 066 * 067 * @param listener 068 * The GSSAPI SASL Mechanism Handler configuration change listener. 069 */ 070 void removeGSSAPIChangeListener(ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener); 071 072 073 074 /** 075 * Gets the "identity-mapper" property. 076 * <p> 077 * Specifies the name of the identity mapper that is to be used with 078 * this SASL mechanism handler to match the Kerberos principal 079 * included in the SASL bind request to the corresponding user in the 080 * directory. 081 * 082 * @return Returns the value of the "identity-mapper" property. 083 */ 084 String getIdentityMapper(); 085 086 087 088 /** 089 * Gets the "identity-mapper" property as a DN. 090 * <p> 091 * Specifies the name of the identity mapper that is to be used with 092 * this SASL mechanism handler to match the Kerberos principal 093 * included in the SASL bind request to the corresponding user in the 094 * directory. 095 * 096 * @return Returns the DN value of the "identity-mapper" property. 097 */ 098 DN getIdentityMapperDN(); 099 100 101 102 /** 103 * Gets the "java-class" property. 104 * <p> 105 * Specifies the fully-qualified name of the Java class that 106 * provides the SASL mechanism handler implementation. 107 * 108 * @return Returns the value of the "java-class" property. 109 */ 110 String getJavaClass(); 111 112 113 114 /** 115 * Gets the "kdc-address" property. 116 * <p> 117 * Specifies the address of the KDC that is to be used for Kerberos 118 * processing. 119 * <p> 120 * If provided, this property must be a fully-qualified 121 * DNS-resolvable name. If this property is not provided, then the 122 * server attempts to determine it from the system-wide Kerberos 123 * configuration. 124 * 125 * @return Returns the value of the "kdc-address" property. 126 */ 127 String getKdcAddress(); 128 129 130 131 /** 132 * Gets the "keytab" property. 133 * <p> 134 * Specifies the path to the keytab file that should be used for 135 * Kerberos processing. 136 * <p> 137 * If provided, this is either an absolute path or one that is 138 * relative to the server instance root. 139 * 140 * @return Returns the value of the "keytab" property. 141 */ 142 String getKeytab(); 143 144 145 146 /** 147 * Gets the "realm" property. 148 * <p> 149 * Specifies the realm to be used for GSSAPI authentication. 150 * 151 * @return Returns the value of the "realm" property. 152 */ 153 String getRealm(); 154 155 156 157 /** 158 * Gets the "server-fqdn" property. 159 * <p> 160 * Specifies the DNS-resolvable fully-qualified domain name for the 161 * system. 162 * 163 * @return Returns the value of the "server-fqdn" property. 164 */ 165 String getServerFqdn(); 166 167 }