Package org.forgerock.opendj.server.config.server

Interface GSSAPISASLMechanismHandlerCfg

  • All Superinterfaces:
    Configuration, SASLMechanismHandlerCfg
    public interface GSSAPISASLMechanismHandlerCfg
extends SASLMechanismHandlerCfg
    A server-side interface for querying GSSAPI SASL Mechanism Handler settings.

    The GSSAPI SASL mechanism performs all processing related to SASL GSSAPI authentication using Kerberos V5.

    • Method Detail

      • addGSSAPIChangeListener

        void addGSSAPIChangeListener​(ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener)
        Register to be notified when this GSSAPI SASL Mechanism Handler is changed.
        Parameters:
        listener - The GSSAPI SASL Mechanism Handler configuration change listener.

      • removeGSSAPIChangeListener

        void removeGSSAPIChangeListener​(ConfigurationChangeListener<GSSAPISASLMechanismHandlerCfg> listener)
        Deregister an existing GSSAPI SASL Mechanism Handler configuration change listener.
        Parameters:
        listener - The GSSAPI SASL Mechanism Handler configuration change listener.

      • getIdentityMapper

        String getIdentityMapper()
        Gets the "identity-mapper" property.

        Specifies the name of the identity mapper that is to be used with this SASL mechanism handler to match the Kerberos principal included in the SASL bind request to the corresponding user in the directory.

        Returns:
        Returns the value of the "identity-mapper" property.

      • getIdentityMapperDN

        org.forgerock.opendj.ldap.DN getIdentityMapperDN()
        Gets the "identity-mapper" property as a DN.

        Specifies the name of the identity mapper that is to be used with this SASL mechanism handler to match the Kerberos principal included in the SASL bind request to the corresponding user in the directory.

        Returns:
        Returns the DN value of the "identity-mapper" property.

      • getJavaClass

        String getJavaClass()
        Gets the "java-class" property.

        Specifies the fully-qualified name of the Java class that provides the SASL mechanism handler implementation.

        Specified by:
        getJavaClass in interface SASLMechanismHandlerCfg
        Returns:
        Returns the value of the "java-class" property.

      • getKdcAddress

        String getKdcAddress()
        Gets the "kdc-address" property.

        Specifies the address of the KDC that is to be used for Kerberos processing.

        If provided, this property must be a fully-qualified DNS-resolvable name. If this property is not provided, then the server attempts to determine it from the system-wide Kerberos configuration.

        Returns:
        Returns the value of the "kdc-address" property.

      • getKeytab

        String getKeytab()
        Gets the "keytab" property.

        Specifies the path to the keytab file that should be used for Kerberos processing.

        If provided, this is either an absolute path or one that is relative to the server instance root.

        Returns:
        Returns the value of the "keytab" property.

      • getPrincipalName

        String getPrincipalName()
        Gets the "principal-name" property.

        Specifies the principal name.

        It can either be a simple user name or a service name such as host/example.com. If this property is not provided, then the server attempts to build the principal name by appending the fully qualified domain name to the string "ldap/".

        Returns:
        Returns the value of the "principal-name" property.

      • getQualityOfProtection

        GSSAPISASLMechanismHandlerCfgDefn.QualityOfProtection getQualityOfProtection()
        Gets the "quality-of-protection" property.

        The name of a property that specifies the quality of protection the server will support.

        Returns:
        Returns the value of the "quality-of-protection" property.

      • getRealm

        String getRealm()
        Gets the "realm" property.

        Specifies the realm to be used for GSSAPI authentication.

        Returns:
        Returns the value of the "realm" property.

      • getServerFqdn

        String getServerFqdn()
        Gets the "server-fqdn" property.

        Specifies the DNS-resolvable fully-qualified domain name for the system.

        Returns:
        Returns the value of the "server-fqdn" property.