Package org.forgerock.opendj.server.config.client

Interface HttpOauth2OpenamAuthorizationMechanismCfgClient

    • Method Detail

      • getJavaClass

        @MandatoryProperty
ValueOrExpression<String> getJavaClass()
        Gets the "java-class" property.

        Specifies the fully-qualified name of the Java class that provides the HTTP OAuth2 OpenAM Authorization Mechanism implementation.

        Default value: org.opends.server.protocols.http.authz.HttpOAuth2OpenAmAuthorizationMechanism

        Specified by:
        getJavaClass in interface HttpAuthorizationMechanismCfgClient
        Returns:
        Returns the value of the "java-class" property.

      • getKeyManagerProvider

        ValueOrExpression<String> getKeyManagerProvider()
        Gets the "key-manager-provider" property.

        Specifies the name of the key manager that should be used with this HTTP OAuth2 OpenAM Authorization Mechanism .

        Returns:
        Returns the value of the "key-manager-provider" property.

      • setKeyManagerProvider

        void setKeyManagerProvider​(ValueOrExpression<String> value)
                    throws PropertyException
        Sets the "key-manager-provider" property.

        Specifies the name of the key manager that should be used with this HTTP OAuth2 OpenAM Authorization Mechanism .

        Parameters:
        value - The value of the "key-manager-provider" property.
        Throws:
        PropertyException - If the new value is invalid.

      • getSslCertNickname

        SortedSet<ValueOrExpression<String>> getSslCertNickname()
        Gets the "ssl-cert-nickname" property.

        Specifies the nicknames (also called the aliases) of the keys or key pairs that the HTTP OAuth2 OpenAM Authorization Mechanism should use when performing SSL communication.

        The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the HTTP OAuth2 OpenAM Authorization Mechanism is configured to use SSL.

        Returns:
        Returns the values of the "ssl-cert-nickname" property.

      • setSslCertNickname

        void setSslCertNickname​(Collection<ValueOrExpression<String>> values)
                 throws PropertyException
        Sets the "ssl-cert-nickname" property.

        Specifies the nicknames (also called the aliases) of the keys or key pairs that the HTTP OAuth2 OpenAM Authorization Mechanism should use when performing SSL communication.

        The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the HTTP OAuth2 OpenAM Authorization Mechanism is configured to use SSL.

        Parameters:
        values - The values of the "ssl-cert-nickname" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getSslCipherSuite

        SortedSet<ValueOrExpression<String>> getSslCipherSuite()
        Gets the "ssl-cipher-suite" property.

        Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication.

        Returns:
        Returns the values of the "ssl-cipher-suite" property.

      • setSslCipherSuite

        void setSslCipherSuite​(Collection<ValueOrExpression<String>> values)
                throws PropertyException
        Sets the "ssl-cipher-suite" property.

        Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication.

        Parameters:
        values - The values of the "ssl-cipher-suite" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getSslProtocol

        SortedSet<ValueOrExpression<String>> getSslProtocol()
        Gets the "ssl-protocol" property.

        Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication.

        Returns:
        Returns the values of the "ssl-protocol" property.

      • setSslProtocol

        void setSslProtocol​(Collection<ValueOrExpression<String>> values)
             throws PropertyException
        Sets the "ssl-protocol" property.

        Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication.

        Parameters:
        values - The values of the "ssl-protocol" property.
        Throws:
        PropertyException - If one or more of the new values are invalid.

      • getTokenInfoUrl

        @MandatoryProperty
ValueOrExpression<String> getTokenInfoUrl()
        Gets the "token-info-url" property.

        Defines the OpenAM endpoint URL where the access-token resolution request should be sent.

        Returns:
        Returns the value of the "token-info-url" property.

      • getTrustManagerProvider

        ValueOrExpression<String> getTrustManagerProvider()
        Gets the "trust-manager-provider" property.

        Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server.

        Returns:
        Returns the value of the "trust-manager-provider" property.

      • setTrustManagerProvider

        void setTrustManagerProvider​(ValueOrExpression<String> value)
                      throws PropertyException
        Sets the "trust-manager-provider" property.

        Specifies the name of the trust manager that should be used when negotiating SSL connections with the remote authorization server.

        Parameters:
        value - The value of the "trust-manager-provider" property.
        Throws:
        PropertyException - If the new value is invalid.