Package org.forgerock.opendj.server.config.client

Interface SubjectAttributeToUserAttributeCertificateMapperCfgClient

All Superinterfaces:
CertificateMapperCfgClient, ConfigurationClient
public interface SubjectAttributeToUserAttributeCertificateMapperCfgClient extends CertificateMapperCfgClient
A client-side interface for reading and modifying Subject Attribute To User Attribute Certificate Mapper settings.

The Subject Attribute To User Attribute Certificate Mapper maps client certificates to user entries by mapping the values of attributes contained in the certificate subject to attributes contained in user entries.

  • Method Details

    • definition

      ManagedObjectDefinition<? extends SubjectAttributeToUserAttributeCertificateMapperCfgClient,? extends SubjectAttributeToUserAttributeCertificateMapperCfg> definition()
      Get the configuration definition associated with this Subject Attribute To User Attribute Certificate Mapper.
      Specified by:
      definition in interface CertificateMapperCfgClient
      Specified by:
      definition in interface ConfigurationClient
      Returns:
      Returns the configuration definition associated with this Subject Attribute To User Attribute Certificate Mapper.

    • getJavaClass

      @MandatoryProperty ValueOrExpression<String> getJavaClass()
      Gets the "java-class" property.

      Specifies the fully-qualified name of the Java class that provides the Subject Attribute To User Attribute Certificate Mapper implementation.

      Default value: org.opends.server.extensions.SubjectAttributeToUserAttributeCertificateMapper

      Specified by:
      getJavaClass in interface CertificateMapperCfgClient
      Returns:
      Returns the value of the "java-class" property.

    • setJavaClass

      @MandatoryProperty void setJavaClass(ValueOrExpression<String> value) throws PropertyException
      Sets the "java-class" property.

      Specifies the fully-qualified name of the Java class that provides the Subject Attribute To User Attribute Certificate Mapper implementation.

      Specified by:
      setJavaClass in interface CertificateMapperCfgClient
      Parameters:
      value - The value of the "java-class" property.
      Throws:
      PropertyException - If the new value is invalid.

    • getSubjectAttributeMapping

      @MandatoryProperty SortedSet<ValueOrExpression<String>> getSubjectAttributeMapping()
      Gets the "subject-attribute-mapping" property.

      Specifies a mapping between certificate attributes and user attributes.

      Each value should be in the form "certattr:userattr" where certattr is the name of the attribute in the certificate subject and userattr is the name of the corresponding attribute in user entries. There may be multiple mappings defined, and when performing the mapping values for all attributes present in the certificate subject that have mappings defined must be present in the corresponding user entries.

      Returns:
      Returns the values of the "subject-attribute-mapping" property.

    • setSubjectAttributeMapping

      @MandatoryProperty void setSubjectAttributeMapping(Collection<ValueOrExpression<String>> values) throws PropertyException
      Sets the "subject-attribute-mapping" property.

      Specifies a mapping between certificate attributes and user attributes.

      Each value should be in the form "certattr:userattr" where certattr is the name of the attribute in the certificate subject and userattr is the name of the corresponding attribute in user entries. There may be multiple mappings defined, and when performing the mapping values for all attributes present in the certificate subject that have mappings defined must be present in the corresponding user entries.

      Parameters:
      values - The values of the "subject-attribute-mapping" property.
      Throws:
      PropertyException - If one or more of the new values are invalid.

    • getUserBaseDn

      SortedSet<ValueOrExpression<Dn>> getUserBaseDn()
      Gets the "user-base-dn" property.

      Specifies the base DNs that should be used when performing searches to map the client certificate to a user entry.

      Returns:
      Returns the values of the "user-base-dn" property.

    • setUserBaseDn

      void setUserBaseDn(Collection<ValueOrExpression<Dn>> values) throws PropertyException
      Sets the "user-base-dn" property.

      Specifies the base DNs that should be used when performing searches to map the client certificate to a user entry.

      Parameters:
      values - The values of the "user-base-dn" property.
      Throws:
      PropertyException - If one or more of the new values are invalid.