Class GssapiSaslMechanismHandlerCfgDefn
The GSSAPI SASL mechanism performs all processing related to SASL GSSAPI authentication using Kerberos V5.
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic enum
Defines the set of permissible values for the "quality-of-protection" property. -
Method Summary
Modifier and TypeMethodDescriptioncreateClientConfiguration
(ManagedObject<? extends GssapiSaslMechanismHandlerCfgClient> impl) Creates a client configuration view of the provided managed object.createServerConfiguration
(ServerManagedObject<? extends GssapiSaslMechanismHandlerCfg> impl) Creates a server configuration view of the provided server managed object.Get the "bind-to-server-fqdn" property definition.Get the "enabled" property definition.Get the "identity-mapper" property definition.Get the GSSAPI SASL Mechanism Handler configuration definition singleton.Get the "java-class" property definition.Get the "kdc-address" property definition.Get the "keytab" property definition.Get the "principal-name" property definition.Get the "quality-of-protection" property definition.Get the "realm" property definition.Gets the server configuration class instance associated with this managed object definition.Get the "server-fqdn" property definition.Methods inherited from class org.forgerock.opendj.config.AbstractManagedObjectDefinition
getAggregationPropertyDefinitions, getAllAggregationPropertyDefinitions, getAllChildren, getAllConstraints, getAllPropertyDefinitions, getAllRelationDefinitions, getAllReverseRelationDefinitions, getAllTags, getChild, getChildren, getConstraints, getDeprecated, getDescription, getDescription, getName, getParent, getPropertyDefinition, getPropertyDefinitions, getRelationDefinition, getRelationDefinitions, getReverseAggregationPropertyDefinitions, getReverseRelationDefinitions, getSynopsis, getSynopsis, getUserFriendlyName, getUserFriendlyName, getUserFriendlyPluralName, getUserFriendlyPluralName, hasChildren, hasOption, hasTag, initialize, isChildOf, isParentOf, isTop, registerConstraint, registerDeprecated, registerOption, registerPropertyDefinition, registerRelationDefinition, registerTag, resolveManagedObjectDefinition, toString, toString
-
Method Details
-
getInstance
Get the GSSAPI SASL Mechanism Handler configuration definition singleton.- Returns:
- Returns the GSSAPI SASL Mechanism Handler configuration definition singleton.
-
createClientConfiguration
public GssapiSaslMechanismHandlerCfgClient createClientConfiguration(ManagedObject<? extends GssapiSaslMechanismHandlerCfgClient> impl) Description copied from class:ManagedObjectDefinition
Creates a client configuration view of the provided managed object. Modifications made to the underlying managed object will be reflected in the client configuration view and vice versa.- Specified by:
createClientConfiguration
in classManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,
GssapiSaslMechanismHandlerCfg> - Parameters:
impl
- The managed object.- Returns:
- Returns a client configuration view of the provided managed object.
-
createServerConfiguration
public GssapiSaslMechanismHandlerCfg createServerConfiguration(ServerManagedObject<? extends GssapiSaslMechanismHandlerCfg> impl) Description copied from class:ManagedObjectDefinition
Creates a server configuration view of the provided server managed object.- Specified by:
createServerConfiguration
in classManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,
GssapiSaslMechanismHandlerCfg> - Parameters:
impl
- The server managed object.- Returns:
- Returns a server configuration view of the provided server managed object.
-
getServerConfigurationClass
Description copied from class:ManagedObjectDefinition
Gets the server configuration class instance associated with this managed object definition.- Specified by:
getServerConfigurationClass
in classManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,
GssapiSaslMechanismHandlerCfg> - Returns:
- Returns the server configuration class instance associated with this managed object definition.
-
getBindToServerFqdnPropertyDefinition
Get the "bind-to-server-fqdn" property definition.Specifies if the server should bind to the server-fqdn or whether to try to run "unbound".
The SASL server usually binds to the server-fqdn. By setting GSSAPI SASL Mechanism Handler to false, the server will not bind to a server name. Some SASL implementations are likely to also require the principal name to be "*" and have no realm specified, or may not support running "unbound" altogether.
- Returns:
- Returns the "bind-to-server-fqdn" property definition.
-
getEnabledPropertyDefinition
Get the "enabled" property definition.Indicates whether the SASL mechanism handler is enabled for use.
- Returns:
- Returns the "enabled" property definition.
-
getIdentityMapperPropertyDefinition
public AggregationPropertyDefinition<IdentityMapperCfgClient,IdentityMapperCfg> getIdentityMapperPropertyDefinition()Get the "identity-mapper" property definition.Specifies the name(s) of the identity mapper(s) that are to be used with this SASL mechanism handler to match the Kerberos principal included in the SASL bind request to the corresponding user in the directory.
- Returns:
- Returns the "identity-mapper" property definition.
-
getJavaClassPropertyDefinition
Get the "java-class" property definition.Specifies the fully-qualified name of the Java class that provides the SASL mechanism handler implementation.
- Returns:
- Returns the "java-class" property definition.
-
getKdcAddressPropertyDefinition
Get the "kdc-address" property definition.Specifies the address of the KDC that is to be used for Kerberos processing.
If provided, this property must be a fully-qualified DNS-resolvable name. If this property is not provided, then the server attempts to determine it from the system-wide Kerberos configuration.
- Returns:
- Returns the "kdc-address" property definition.
-
getKeytabPropertyDefinition
Get the "keytab" property definition.Specifies the path to the keytab file that should be used for Kerberos processing.
If provided, this is either an absolute path or one that is relative to the server instance root.
- Returns:
- Returns the "keytab" property definition.
-
getPrincipalNamePropertyDefinition
Get the "principal-name" property definition.Specifies the principal name.
It can either be a simple user name or a service name such as host/example.com. If this property is not provided, then the server attempts to build the principal name by appending the fully qualified domain name to the string "ldap/".
- Returns:
- Returns the "principal-name" property definition.
-
getQualityOfProtectionPropertyDefinition
public EnumPropertyDefinition<GssapiSaslMechanismHandlerCfgDefn.QualityOfProtection> getQualityOfProtectionPropertyDefinition()Get the "quality-of-protection" property definition.The name of a property that specifies the quality of protection the server will support.
- Returns:
- Returns the "quality-of-protection" property definition.
-
getRealmPropertyDefinition
Get the "realm" property definition.Specifies the realm to be used for GSSAPI authentication.
- Returns:
- Returns the "realm" property definition.
-
getServerFqdnPropertyDefinition
Get the "server-fqdn" property definition.Specifies the DNS-resolvable fully-qualified domain name for the system.
- Returns:
- Returns the "server-fqdn" property definition.
-