Package org.forgerock.opendj.server.config.meta

Class GssapiSaslMechanismHandlerCfgDefn

java.lang.Object
org.forgerock.opendj.config.AbstractManagedObjectDefinition<C,S>
org.forgerock.opendj.config.ManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,GssapiSaslMechanismHandlerCfg>
org.forgerock.opendj.server.config.meta.GssapiSaslMechanismHandlerCfgDefn
public final class GssapiSaslMechanismHandlerCfgDefn extends ManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,GssapiSaslMechanismHandlerCfg>
An interface for querying the GSSAPI SASL Mechanism Handler managed object definition meta information.

The GSSAPI SASL mechanism performs all processing related to SASL GSSAPI authentication using Kerberos V5.

  • Method Details

    • getInstance

      public static GssapiSaslMechanismHandlerCfgDefn getInstance()
      Get the GSSAPI SASL Mechanism Handler configuration definition singleton.
      Returns:
      Returns the GSSAPI SASL Mechanism Handler configuration definition singleton.

    • createClientConfiguration

      public GssapiSaslMechanismHandlerCfgClient createClientConfiguration(ManagedObject<? extends GssapiSaslMechanismHandlerCfgClient> impl)
      Description copied from class: ManagedObjectDefinition
      Creates a client configuration view of the provided managed object. Modifications made to the underlying managed object will be reflected in the client configuration view and vice versa.
      Specified by:
      createClientConfiguration in class ManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,GssapiSaslMechanismHandlerCfg>
      Parameters:
      impl - The managed object.
      Returns:
      Returns a client configuration view of the provided managed object.

    • createServerConfiguration

      public GssapiSaslMechanismHandlerCfg createServerConfiguration(ServerManagedObject<? extends GssapiSaslMechanismHandlerCfg> impl)
      Description copied from class: ManagedObjectDefinition
      Creates a server configuration view of the provided server managed object.
      Specified by:
      createServerConfiguration in class ManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,GssapiSaslMechanismHandlerCfg>
      Parameters:
      impl - The server managed object.
      Returns:
      Returns a server configuration view of the provided server managed object.

    • getServerConfigurationClass

      public Class<GssapiSaslMechanismHandlerCfg> getServerConfigurationClass()
      Description copied from class: ManagedObjectDefinition
      Gets the server configuration class instance associated with this managed object definition.
      Specified by:
      getServerConfigurationClass in class ManagedObjectDefinition<GssapiSaslMechanismHandlerCfgClient,GssapiSaslMechanismHandlerCfg>
      Returns:
      Returns the server configuration class instance associated with this managed object definition.

    • getBindToServerFqdnPropertyDefinition

      public BooleanPropertyDefinition getBindToServerFqdnPropertyDefinition()
      Get the "bind-to-server-fqdn" property definition.

      Specifies if the server should bind to the server-fqdn or whether to try to run "unbound".

      The SASL server usually binds to the server-fqdn. By setting GSSAPI SASL Mechanism Handler to false, the server will not bind to a server name. Some SASL implementations are likely to also require the principal name to be "*" and have no realm specified, or may not support running "unbound" altogether.

      Returns:
      Returns the "bind-to-server-fqdn" property definition.

    • getEnabledPropertyDefinition

      public BooleanPropertyDefinition getEnabledPropertyDefinition()
      Get the "enabled" property definition.

      Indicates whether the SASL mechanism handler is enabled for use.

      Returns:
      Returns the "enabled" property definition.

    • getIdentityMapperPropertyDefinition

      public AggregationPropertyDefinition<IdentityMapperCfgClient,IdentityMapperCfg> getIdentityMapperPropertyDefinition()
      Get the "identity-mapper" property definition.

      Specifies the name(s) of the identity mapper(s) that are to be used with this SASL mechanism handler to match the Kerberos principal included in the SASL bind request to the corresponding user in the directory.

      Returns:
      Returns the "identity-mapper" property definition.

    • getJavaClassPropertyDefinition

      public ClassPropertyDefinition getJavaClassPropertyDefinition()
      Get the "java-class" property definition.

      Specifies the fully-qualified name of the Java class that provides the SASL mechanism handler implementation.

      Returns:
      Returns the "java-class" property definition.

    • getKdcAddressPropertyDefinition

      public StringPropertyDefinition getKdcAddressPropertyDefinition()
      Get the "kdc-address" property definition.

      Specifies the address of the KDC that is to be used for Kerberos processing.

      If provided, this property must be a fully-qualified DNS-resolvable name. If this property is not provided, then the server attempts to determine it from the system-wide Kerberos configuration.

      Returns:
      Returns the "kdc-address" property definition.

    • getKeytabPropertyDefinition

      public StringPropertyDefinition getKeytabPropertyDefinition()
      Get the "keytab" property definition.

      Specifies the path to the keytab file that should be used for Kerberos processing.

      If provided, this is either an absolute path or one that is relative to the server instance root.

      Returns:
      Returns the "keytab" property definition.

    • getPrincipalNamePropertyDefinition

      public StringPropertyDefinition getPrincipalNamePropertyDefinition()
      Get the "principal-name" property definition.

      Specifies the principal name.

      It can either be a simple user name or a service name such as host/example.com. If this property is not provided, then the server attempts to build the principal name by appending the fully qualified domain name to the string "ldap/".

      Returns:
      Returns the "principal-name" property definition.

    • getQualityOfProtectionPropertyDefinition

      public EnumPropertyDefinition<GssapiSaslMechanismHandlerCfgDefn.QualityOfProtection> getQualityOfProtectionPropertyDefinition()
      Get the "quality-of-protection" property definition.

      The name of a property that specifies the quality of protection the server will support.

      Returns:
      Returns the "quality-of-protection" property definition.

    • getRealmPropertyDefinition

      public StringPropertyDefinition getRealmPropertyDefinition()
      Get the "realm" property definition.

      Specifies the realm to be used for GSSAPI authentication.

      Returns:
      Returns the "realm" property definition.

    • getServerFqdnPropertyDefinition

      public StringPropertyDefinition getServerFqdnPropertyDefinition()
      Get the "server-fqdn" property definition.

      Specifies the DNS-resolvable fully-qualified domain name for the system.

      Returns:
      Returns the "server-fqdn" property definition.