Legrand / Raritan / Server Technology Xerus™ JSON-RPC API
Loading...
Searching...
No Matches
LdapManager.idl
1/* SPDX-License-Identifier: BSD-3-Clause */
2/*
3 * Copyright 2010 Raritan Inc. All rights reserved.
4 */
5
6/** Local and Remote Authentication Management */
7module auth {
8
9 /** LDAP server configuration interface */
10 interface LdapManager {
11
12 /** LDAP server type */
13 enumeration ServerType {
14 ACTIVE_DIRECTORY, ///< Active directory
15 OPEN_LDAP ///< OpenLDAP
16 };
17
18 /** LDAP server type */
19 enumeration SecurityProtocol {
20 SEC_PROTO_NONE, ///< no security protocol
21 SEC_PROTO_SSL, ///< use SSL
22 SEC_PROTO_STARTTLS ///< use STARTTLS
23 };
24
25 /** Server settings */
26 structure ServerSettings {
27 string id; ///< Entry ID
28 string server; ///< IP or name of ldap server
29 string adoptSettingsId; ///< Use settings from LDAP server with <ID>
30 ServerType type; ///< Type of LDAP server
31 SecurityProtocol secProto; ///< Security protocol
32 int port; ///< Server port (only for SEC_PROT_NONE and SEC_PROT_STARTTLS)
33 int sslPort; ///< SSL port (only for SEC_PROT_SSL)
34 boolean forceTrustedCert; ///< Enforce trusted certificates
35 boolean allowOffTimeRangeCerts; ///< allow expired and not yet valid certificates
36 string certificate; ///< Certificates
37 string adsDomain; ///< ADS domain
38 boolean useAnonymousBind; ///< use anonymous bind
39 string bindDN; ///< Bind DN
40 string bindPwd; ///< Bind password
41 string searchBaseDN; ///< Base DN for search
42 string loginNameAttr; ///< Login name attribute
43 string userEntryObjClass; ///< User entry object class
44 string userSearchFilter; ///< User search subfilter
45 boolean groupInfoInUserEntry; ///< Group membership info in user entry
46 boolean supportNestedGroups; ///< Support nested groups (only if groupInfoInUserEntry is \c true)
47 string groupMemberAttr; ///< Group member attribute
48 string groupEntryObjClass; ///< Group entry object class
49 string groupSearchFilter; ///< Group search subfilter
50 };
51
52 /**
53 * Get a list of LDAP server settings
54 *
55 * @return list of ServerSettings
56 */
57 vector<ServerSettings> getLdapServers();
58
59 constant int ERR_CYCLIC_DEP = 1; ///< Cyclic dependency in server list
60 constant int ERR_INVALID_CFG = 2; ///< The server configuration is invalid
61 /**
62 * Sets a list of LDAP servers.
63 * Any existing LDAP Server configuration will be cleared / overwritten.
64 *
65 * @return 0 on success
66 * @return \c ERR_CYCLIC_DEP in case of cyclic dependency
67 * @return \c ERR_INVALID_CFG in case of invalid configuration
68 */
69 int setLdapServers(in vector<ServerSettings> serverList);
70
71 constant int ERR_SERVER_UNSPECIFIED = 1; ///< Unspecified error
72 constant int ERR_SERVER_UNREACHABLE = 3; ///< LDAP server could not be contacted
73 constant int ERR_AUTHENTICATION_FAILED = 4; ///< User could not be authenticated
74 constant int ERR_NO_ROLES = 5; ///< No roles are defined for the user
75 constant int ERR_NO_KNOWN_ROLES = 6; ///< No known rules are defined for the user
76 /**
77 * Tests an LDAP server configuration.
78 *
79 * @return 0 on success
80 * @return \c ERR_SERVER_UNSPECIFIED an unspecified error occurred
81 * @return \c ERR_INVALID_CFG LDAP server configuration is invalid (reused from setLdapServers)
82 * @return \c ERR_SERVER_UNREACHABLE LDAP server could not be contacted
83 * @return \c ERR_AUTHENTICATION_FAILED user could not be authenticated
84 * @return \c ERR_NO_ROLES no roles are defined for the user
85 * @return \c ERR_NO_KNOWN_ROLES no known roles are defined for the user
86 */
87 int testLdapServer(in string username, in string password, in ServerSettings settings, out string diagMsg);
88
89 };
90
91}
auth::LdapManager
LDAP server configuration interface.
Definition: LdapManager.idl:10
auth::LdapManager::ServerType
ServerType
LDAP server type.
Definition: LdapManager.idl:13
auth::LdapManager::ACTIVE_DIRECTORY
@ ACTIVE_DIRECTORY
Active directory.
Definition: LdapManager.idl:14
auth::LdapManager::SecurityProtocol
SecurityProtocol
LDAP server type.
Definition: LdapManager.idl:19
auth::LdapManager::SEC_PROTO_NONE
@ SEC_PROTO_NONE
no security protocol
Definition: LdapManager.idl:20
auth::LdapManager::SEC_PROTO_SSL
@ SEC_PROTO_SSL
use SSL
Definition: LdapManager.idl:21
auth::LdapManager::setLdapServers
int setLdapServers(in vector< ServerSettings > serverList)
Sets a list of LDAP servers.
auth::LdapManager::testLdapServer
int testLdapServer(in string username, in string password, in ServerSettings settings, out string diagMsg)
Tests an LDAP server configuration.
auth::LdapManager::getLdapServers
vector< ServerSettings > getLdapServers()
Get a list of LDAP server settings.
auth
Local and Remote Authentication Management.
Definition: AuthManager.idl:7
auth::LdapManager::ServerSettings::type
ServerType type
Type of LDAP server.
Definition: LdapManager.idl:30
auth::LdapManager::ServerSettings::groupSearchFilter
string groupSearchFilter
Group search subfilter.
Definition: LdapManager.idl:49
auth::LdapManager::ServerSettings::groupMemberAttr
string groupMemberAttr
Group member attribute.
Definition: LdapManager.idl:47
auth::LdapManager::ServerSettings::supportNestedGroups
boolean supportNestedGroups
Support nested groups (only if groupInfoInUserEntry is true)
Definition: LdapManager.idl:46
auth::LdapManager::ServerSettings::forceTrustedCert
boolean forceTrustedCert
Enforce trusted certificates.
Definition: LdapManager.idl:34
auth::LdapManager::ServerSettings::userSearchFilter
string userSearchFilter
User search subfilter.
Definition: LdapManager.idl:44
auth::LdapManager::ServerSettings::adoptSettingsId
string adoptSettingsId
Use settings from LDAP server with <ID>
Definition: LdapManager.idl:29
auth::LdapManager::ServerSettings::server
string server
IP or name of ldap server.
Definition: LdapManager.idl:28
auth::LdapManager::ServerSettings::certificate
string certificate
Certificates.
Definition: LdapManager.idl:36
auth::LdapManager::ServerSettings::groupInfoInUserEntry
boolean groupInfoInUserEntry
Group membership info in user entry.
Definition: LdapManager.idl:45
auth::LdapManager::ServerSettings::groupEntryObjClass
string groupEntryObjClass
Group entry object class.
Definition: LdapManager.idl:48
auth::LdapManager::ServerSettings::port
int port
Server port (only for SEC_PROT_NONE and SEC_PROT_STARTTLS)
Definition: LdapManager.idl:32
auth::LdapManager::ServerSettings::allowOffTimeRangeCerts
boolean allowOffTimeRangeCerts
allow expired and not yet valid certificates
Definition: LdapManager.idl:35
auth::LdapManager::ServerSettings::sslPort
int sslPort
SSL port (only for SEC_PROT_SSL)
Definition: LdapManager.idl:33
auth::LdapManager::ServerSettings::loginNameAttr
string loginNameAttr
Login name attribute.
Definition: LdapManager.idl:42
auth::LdapManager::ServerSettings::bindPwd
string bindPwd
Bind password.
Definition: LdapManager.idl:40
auth::LdapManager::ServerSettings::userEntryObjClass
string userEntryObjClass
User entry object class.
Definition: LdapManager.idl:43
auth::LdapManager::ServerSettings::useAnonymousBind
boolean useAnonymousBind
use anonymous bind
Definition: LdapManager.idl:38
auth::LdapManager::ServerSettings::searchBaseDN
string searchBaseDN
Base DN for search.
Definition: LdapManager.idl:41
auth::LdapManager::ServerSettings::secProto
SecurityProtocol secProto
Security protocol.
Definition: LdapManager.idl:31
Generated on Fri Mar 1 2024 17:01:15 for Legrand / Raritan / Server Technology Xerus™ JSON-RPC API by doxygen 1.9.5