Package org.forgerock.opendj.server.config.client

Interface CertificateMapperCfgClient

All Superinterfaces:
ConfigurationClient
All Known Subinterfaces:
FingerprintCertificateMapperCfgClient, SubjectAttributeToUserAttributeCertificateMapperCfgClient, SubjectDnToUserAttributeCertificateMapperCfgClient, SubjectEqualsDnCertificateMapperCfgClient
public interface CertificateMapperCfgClient extends ConfigurationClient
A client-side interface for reading and modifying Certificate Mapper settings.

Certificate Mappers are responsible for establishing a mapping between a client certificate and the entry for the user that corresponds to that certificate.

  • Method Details

    • definition

      ManagedObjectDefinition<? extends CertificateMapperCfgClient,? extends CertificateMapperCfg> definition()
      Get the configuration definition associated with this Certificate Mapper.
      Specified by:
      definition in interface ConfigurationClient
      Returns:
      Returns the configuration definition associated with this Certificate Mapper.

    • isEnabled

      @MandatoryProperty ValueOrExpression<Boolean> isEnabled()
      Gets the "enabled" property.

      Indicates whether the Certificate Mapper is enabled.

      Returns:
      Returns the value of the "enabled" property.

    • setEnabled

      @MandatoryProperty void setEnabled(ValueOrExpression<Boolean> value) throws PropertyException
      Sets the "enabled" property.

      Indicates whether the Certificate Mapper is enabled.

      Parameters:
      value - The value of the "enabled" property.
      Throws:
      PropertyException - If the new value is invalid.

    • getIssuerAttribute

      ValueOrExpression<AttributeType> getIssuerAttribute()
      Gets the "issuer-attribute" property.

      Specifies the name or OID of the attribute whose value should exactly match the certificate issuer DN.

      Certificate issuer verification should be enabled whenever multiple CAs are trusted in order to prevent impersonation. In particular, it is possible for different CAs to issue certificates having the same subject DN.

      Returns:
      Returns the value of the "issuer-attribute" property.

    • setIssuerAttribute

      void setIssuerAttribute(ValueOrExpression<AttributeType> value) throws PropertyException
      Sets the "issuer-attribute" property.

      Specifies the name or OID of the attribute whose value should exactly match the certificate issuer DN.

      Certificate issuer verification should be enabled whenever multiple CAs are trusted in order to prevent impersonation. In particular, it is possible for different CAs to issue certificates having the same subject DN.

      Parameters:
      value - The value of the "issuer-attribute" property.
      Throws:
      PropertyException - If the new value is invalid.

    • getJavaClass

      @MandatoryProperty ValueOrExpression<String> getJavaClass()
      Gets the "java-class" property.

      Specifies the fully-qualified name of the Java class that provides the Certificate Mapper implementation.

      Returns:
      Returns the value of the "java-class" property.

    • setJavaClass

      @MandatoryProperty void setJavaClass(ValueOrExpression<String> value) throws PropertyException
      Sets the "java-class" property.

      Specifies the fully-qualified name of the Java class that provides the Certificate Mapper implementation.

      Parameters:
      value - The value of the "java-class" property.
      Throws:
      PropertyException - If the new value is invalid.