Package org.forgerock.opendj.server.config.client

Interface SubjectAttributeToUserAttributeCertificateMapperCfgClient

  • All Superinterfaces:
    CertificateMapperCfgClient, ConfigurationClient
    public interface SubjectAttributeToUserAttributeCertificateMapperCfgClient
extends CertificateMapperCfgClient
    A client-side interface for reading and modifying Subject Attribute To User Attribute Certificate Mapper settings.

    The Subject Attribute To User Attribute Certificate Mapper maps client certificates to user entries by mapping the values of attributes contained in the certificate subject to attributes contained in user entries.

    • Method Detail

      • getJavaClass

        @MandatoryProperty
ValueOrExpression<String> getJavaClass()
        Gets the "java-class" property.

        Specifies the fully-qualified name of the Java class that provides the Subject Attribute To User Attribute Certificate Mapper implementation.

        Default value: org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper

        Specified by:
        getJavaClass in interface CertificateMapperCfgClient
        Returns:
        Returns the value of the "java-class" property.

      • getSubjectAttributeMapping

        @MandatoryProperty
SortedSet<ValueOrExpression<String>> getSubjectAttributeMapping()
        Gets the "subject-attribute-mapping" property.

        Specifies a mapping between certificate attributes and user attributes.

        Each value should be in the form "certattr:userattr" where certattr is the name of the attribute in the certificate subject and userattr is the name of the corresponding attribute in user entries. There may be multiple mappings defined, and when performing the mapping values for all attributes present in the certificate subject that have mappings defined must be present in the corresponding user entries.

        Returns:
        Returns the values of the "subject-attribute-mapping" property.

      • setSubjectAttributeMapping

        @MandatoryProperty
void setSubjectAttributeMapping​(Collection<ValueOrExpression<String>> values)
                         throws PropertyException
        Sets the "subject-attribute-mapping" property.

        Specifies a mapping between certificate attributes and user attributes.

        Each value should be in the form "certattr:userattr" where certattr is the name of the attribute in the certificate subject and userattr is the name of the corresponding attribute in user entries. There may be multiple mappings defined, and when performing the mapping values for all attributes present in the certificate subject that have mappings defined must be present in the corresponding user entries.

        Parameters:
        values - The values of the "subject-attribute-mapping" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getUserBaseDn

        SortedSet<ValueOrExpression<Dn>> getUserBaseDn()
        Gets the "user-base-dn" property.

        Specifies the base DNs that should be used when performing searches to map the client certificate to a user entry.

        Returns:
        Returns the values of the "user-base-dn" property.

      • setUserBaseDn

        void setUserBaseDn​(Collection<ValueOrExpression<Dn>> values)
            throws PropertyException
        Sets the "user-base-dn" property.

        Specifies the base DNs that should be used when performing searches to map the client certificate to a user entry.

        Parameters:
        values - The values of the "user-base-dn" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.