org.forgerock.openidm.accountchange.meta

Class OpenidmAccountStatusNotificationHandlerCfgDefn

java.lang.Object

org.forgerock.opendj.config.AbstractManagedObjectDefinition<C,S>

org.forgerock.opendj.config.ManagedObjectDefinition<OpenidmAccountStatusNotificationHandlerCfgClient,OpenidmAccountStatusNotificationHandlerCfg>

org.forgerock.openidm.accountchange.meta.OpenidmAccountStatusNotificationHandlerCfgDefn

public final class OpenidmAccountStatusNotificationHandlerCfgDefn
extends org.forgerock.opendj.config.ManagedObjectDefinition<OpenidmAccountStatusNotificationHandlerCfgClient,OpenidmAccountStatusNotificationHandlerCfg>

An interface for querying the Openidm Account Status Notification Handler managed object definition meta information.

The Openidm Account Status Notification Handler is an account status notification handler that listens to two kind of changes: password change and password reset. The changes are either immediately sent to OpenIDM or first stored locally and sent later to OpenIDM at the provided interval. The communication with OpenIDM is done through HTTP or HTTPS, with optional SSL client authentication.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	OpenidmAccountStatusNotificationHandlerCfgDefn.OpenidmCompatMode Defines the set of permissable values for the "openidm-compat-mode" property.

Method Summary

Modifier and Type	Method and Description
OpenidmAccountStatusNotificationHandlerCfgClient	createClientConfiguration(org.forgerock.opendj.config.client.ManagedObject<? extends OpenidmAccountStatusNotificationHandlerCfgClient> impl)
OpenidmAccountStatusNotificationHandlerCfg	createServerConfiguration(org.forgerock.opendj.config.server.ServerManagedObject<? extends OpenidmAccountStatusNotificationHandlerCfg> impl)
org.forgerock.opendj.config.AttributeTypePropertyDefinition	getAttributeTypePropertyDefinition() Get the "attribute-type" property definition.
org.forgerock.opendj.config.DNPropertyDefinition	getCertificateSubjectDNPropertyDefinition() Get the "certificate-subject-dn" property definition.
org.forgerock.opendj.config.BooleanPropertyDefinition	getEnabledPropertyDefinition() Get the "enabled" property definition.
static OpenidmAccountStatusNotificationHandlerCfgDefn	getInstance() Get the Openidm Account Status Notification Handler configuration definition singleton.
org.forgerock.opendj.config.ClassPropertyDefinition	getJavaClassPropertyDefinition() Get the "java-class" property definition.
org.forgerock.opendj.config.AggregationPropertyDefinition<org.forgerock.opendj.server.config.client.KeyManagerProviderCfgClient,org.forgerock.opendj.server.config.server.KeyManagerProviderCfg>	getKeyManagerProviderPropertyDefinition() Get the "key-manager-provider" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getLogFilePropertyDefinition() Get the "log-file" property definition.
org.forgerock.opendj.config.EnumPropertyDefinition<OpenidmAccountStatusNotificationHandlerCfgDefn.OpenidmCompatMode>	getOpenidmCompatModePropertyDefinition() Get the "openidm-compat-mode" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getOpenidmPasswordPropertyDefinition() Get the "openidm-password" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getOpenidmUrlPropertyDefinition() Get the "openidm-url" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getOpenidmUsernamePropertyDefinition() Get the "openidm-username" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getPasswordAttributePropertyDefinition() Get the "password-attribute" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getPrivateKeyAliasPropertyDefinition() Get the "private-key-alias" property definition.
org.forgerock.opendj.config.StringPropertyDefinition	getQueryIdPropertyDefinition() Get the "query-id" property definition.
Class<OpenidmAccountStatusNotificationHandlerCfg>	getServerConfigurationClass()
org.forgerock.opendj.config.StringPropertyDefinition	getSSLCertNicknamePropertyDefinition() Get the "ssl-cert-nickname" property definition.
org.forgerock.opendj.config.AggregationPropertyDefinition<org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient,org.forgerock.opendj.server.config.server.TrustManagerProviderCfg>	getTrustManagerProviderPropertyDefinition() Get the "trust-manager-provider" property definition.
org.forgerock.opendj.config.DurationPropertyDefinition	getUpdateIntervalPropertyDefinition() Get the "update-interval" property definition.

Methods inherited from class org.forgerock.opendj.config.AbstractManagedObjectDefinition

getAggregationPropertyDefinition, getAggregationPropertyDefinitions, getAllAggregationPropertyDefinitions, getAllChildren, getAllConstraints, getAllPropertyDefinitions, getAllRelationDefinitions, getAllReverseAggregationPropertyDefinitions, getAllReverseRelationDefinitions, getAllTags, getChild, getChildren, getConstraints, getDescription, getDescription, getName, getParent, getPropertyDefinition, getPropertyDefinitions, getRelationDefinition, getRelationDefinitions, getReverseAggregationPropertyDefinitions, getReverseRelationDefinitions, getSynopsis, getSynopsis, getUserFriendlyName, getUserFriendlyName, getUserFriendlyPluralName, getUserFriendlyPluralName, hasChildren, hasOption, hasTag, initialize, isChildOf, isParentOf, isTop, registerConstraint, registerOption, registerPropertyDefinition, registerRelationDefinition, registerTag, resolveManagedObjectDefinition, toString, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Detail

getInstance

public static OpenidmAccountStatusNotificationHandlerCfgDefn getInstance()

Get the Openidm Account Status Notification Handler configuration definition singleton.

Returns:

Returns the Openidm Account Status Notification Handler configuration definition singleton.

createClientConfiguration

public OpenidmAccountStatusNotificationHandlerCfgClient createClientConfiguration(org.forgerock.opendj.config.client.ManagedObject<? extends OpenidmAccountStatusNotificationHandlerCfgClient> impl)

Specified by:

createClientConfiguration in class org.forgerock.opendj.config.ManagedObjectDefinition<OpenidmAccountStatusNotificationHandlerCfgClient,OpenidmAccountStatusNotificationHandlerCfg>

createServerConfiguration

public OpenidmAccountStatusNotificationHandlerCfg createServerConfiguration(org.forgerock.opendj.config.server.ServerManagedObject<? extends OpenidmAccountStatusNotificationHandlerCfg> impl)

Specified by:

createServerConfiguration in class org.forgerock.opendj.config.ManagedObjectDefinition<OpenidmAccountStatusNotificationHandlerCfgClient,OpenidmAccountStatusNotificationHandlerCfg>

getServerConfigurationClass

public Class<OpenidmAccountStatusNotificationHandlerCfg> getServerConfigurationClass()

Specified by:

getServerConfigurationClass in class org.forgerock.opendj.config.ManagedObjectDefinition<OpenidmAccountStatusNotificationHandlerCfgClient,OpenidmAccountStatusNotificationHandlerCfg>

getAttributeTypePropertyDefinition

public org.forgerock.opendj.config.AttributeTypePropertyDefinition getAttributeTypePropertyDefinition()

Get the "attribute-type" property definition.

Specifies the attribute types that this plug-in will send along with the password change.

Zero or more attribute types can be specified.

Returns:

Returns the "attribute-type" property definition.

getCertificateSubjectDNPropertyDefinition

public org.forgerock.opendj.config.DNPropertyDefinition getCertificateSubjectDNPropertyDefinition()

Get the "certificate-subject-dn" property definition.

Specifies the subject DN of the certificate used by OpenIDM.

The subject DN is used to retrieve the OpenIDM certificate in the truststore. This certificate's public key is necessary to encrypt the JSON content sent to OpenIDM.

Returns:

Returns the "certificate-subject-dn" property definition.

getEnabledPropertyDefinition

public org.forgerock.opendj.config.BooleanPropertyDefinition getEnabledPropertyDefinition()

Get the "enabled" property definition.

Indicates whether the Openidm Account Status Notification Handler is enabled. Only enabled handlers are invoked whenever a related event occurs in the server.

Returns:

Returns the "enabled" property definition.

getJavaClassPropertyDefinition

public org.forgerock.opendj.config.ClassPropertyDefinition getJavaClassPropertyDefinition()

Get the "java-class" property definition.

Specifies the fully-qualified name of the Java class that provides the Openidm Account Status Notification Handler implementation.

Returns:

Returns the "java-class" property definition.

getKeyManagerProviderPropertyDefinition

public org.forgerock.opendj.config.AggregationPropertyDefinition<org.forgerock.opendj.server.config.client.KeyManagerProviderCfgClient,org.forgerock.opendj.server.config.server.KeyManagerProviderCfg> getKeyManagerProviderPropertyDefinition()

Get the "key-manager-provider" property definition.

Specifies the name of the key manager that should be used with this Openidm Account Status Notification Handler.

It must be provided when ssl-cert-nickname is provided, and must contain a certificate corresponding to the nickname.

Returns:

Returns the "key-manager-provider" property definition.

getLogFilePropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getLogFilePropertyDefinition()

Get the "log-file" property definition.

Specifies the log file location where the changed passwords are written when the plug-in cannot contact OpenIDM.

The default location is the logs directory of the server instance, using the file name "pwsync". Passwords in this file will be encrypted.

Returns:

Returns the "log-file" property definition.

getOpenidmCompatModePropertyDefinition

public org.forgerock.opendj.config.EnumPropertyDefinition<OpenidmAccountStatusNotificationHandlerCfgDefn.OpenidmCompatMode> getOpenidmCompatModePropertyDefinition()

Get the "openidm-compat-mode" property definition.

Specifies OpenIDM Compatibility Mode.

Returns:

Returns the "openidm-compat-mode" property definition.

getOpenidmPasswordPropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getOpenidmPasswordPropertyDefinition()

Get the "openidm-password" property definition.

Specifies the password to use for HTTP Basic Authentication.

The password must be provided when client certification is not activated, i.e. when no ssl-cert-nickname is provided.

Returns:

Returns the "openidm-password" property definition.

getOpenidmUrlPropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getOpenidmUrlPropertyDefinition()

Get the "openidm-url" property definition.

Specifies the URL to OpenIDM endpoint.

The URL can be either HTTP or HTTPS.

Returns:

Returns the "openidm-url" property definition.

getOpenidmUsernamePropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getOpenidmUsernamePropertyDefinition()

Get the "openidm-username" property definition.

Specifies the username to use for HTTP Basic Authentication.

The username must be provided when client certification is not activated, i.e. when no ssl-cert-nickname is provided.

Returns:

Returns the "openidm-username" property definition.

getPasswordAttributePropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getPasswordAttributePropertyDefinition()

Get the "password-attribute" property definition.

Specifies the attribute type used to hold user passwords in JSON returned to OpenIDM.

This attribute type must be defined in the managed object schema in OpenIDM, and it must have either the user password or auth password syntax.

Returns:

Returns the "password-attribute" property definition.

getPrivateKeyAliasPropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getPrivateKeyAliasPropertyDefinition()

Get the "private-key-alias" property definition.

Specifies the alias of the private key that should be used by OpenIDM to decrypt the encrypted JSON content of the requests.

The encryption of the JSON content sent to OpenIDM requires this alias.

Returns:

Returns the "private-key-alias" property definition.

getQueryIdPropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getQueryIdPropertyDefinition()

Get the "query-id" property definition.

Specifies the query-id for the patch-by-query request.

This must match the query ID defined in the managed object service in OpenIDM.

Returns:

Returns the "query-id" property definition.

getSSLCertNicknamePropertyDefinition

public org.forgerock.opendj.config.StringPropertyDefinition getSSLCertNicknamePropertyDefinition()

Get the "ssl-cert-nickname" property definition.

Specifies the SSL certificate nickname, which is the alias under which is stored the client certificate in the keystore. It must be provided to activate SSL client authentication when requesting OpenIDM.

The SSL certificate nickname is necessary to ensure that the appropriate client certificate is retrieved from the keystore when SSL client authentication is required and multiples certificates are present in the keystore.

Returns:

Returns the "ssl-cert-nickname" property definition.

getTrustManagerProviderPropertyDefinition

public org.forgerock.opendj.config.AggregationPropertyDefinition<org.forgerock.opendj.server.config.client.TrustManagerProviderCfgClient,org.forgerock.opendj.server.config.server.TrustManagerProviderCfg> getTrustManagerProviderPropertyDefinition()

Get the "trust-manager-provider" property definition.

Specifies the name of the trust manager that should be used with the Openidm Account Status Notification Handler.

It must contain the OpenIDM certificate with the subject DN equals to the certificate-subject-dn property.

Returns:

Returns the "trust-manager-provider" property definition.

getUpdateIntervalPropertyDefinition

public org.forgerock.opendj.config.DurationPropertyDefinition getUpdateIntervalPropertyDefinition()

Get the "update-interval" property definition.

Specifies the interval when passwords update notifications are sent.

If this value is 0, then updates are sent synchronously. If this value is strictly superior to zero, then updates are first stored locally, then sent asynchronously by a background thread.

Returns:

Returns the "update-interval" property definition.