001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2014-2016 ForgeRock AS. 016 */ 017package org.opends.server.types.operation; 018import org.forgerock.i18n.LocalizableMessage; 019 020 021 022import org.opends.server.types.AuthenticationType; 023import org.forgerock.opendj.ldap.ByteString; 024import org.forgerock.opendj.ldap.DN; 025import org.opends.server.types.Entry; 026 027 028 029/** 030 * This class defines a set of methods that are available for use by 031 * post-response plugins for bind operations. Note that this 032 * interface is intended only to define an API for use by plugins and 033 * is not intended to be implemented by any custom classes. 034 */ 035@org.opends.server.types.PublicAPI( 036 stability=org.opends.server.types.StabilityLevel.UNCOMMITTED, 037 mayInstantiate=false, 038 mayExtend=false, 039 mayInvoke=true) 040public interface PostResponseBindOperation 041 extends PostOperationOperation 042{ 043 /** 044 * Retrieves the authentication type for this bind operation. 045 * 046 * @return The authentication type for this bind operation. 047 */ 048 AuthenticationType getAuthenticationType(); 049 050 051 052 /** 053 * Retrieves a string representation of the protocol version 054 * associated with this bind request. 055 * 056 * @return A string representation of the protocol version 057 * associated with this bind request. 058 */ 059 String getProtocolVersion(); 060 061 062 063 /** 064 * Retrieves the raw, unprocessed bind DN for this bind operation as 065 * contained in the client request. The value may not actually 066 * contain a valid DN, as no validation will have been performed. 067 * 068 * @return The raw, unprocessed bind DN for this bind operation as 069 * contained in the client request. 070 */ 071 ByteString getRawBindDN(); 072 073 074 075 /** 076 * Retrieves the bind DN for this bind operation. 077 * 078 * @return The bind DN for this bind operation. 079 */ 080 DN getBindDN(); 081 082 083 084 /** 085 * Retrieves the simple authentication password for this bind 086 * operation. 087 * 088 * @return The simple authentication password for this bind 089 * operation. 090 */ 091 ByteString getSimplePassword(); 092 093 094 095 /** 096 * Retrieves the SASL mechanism for this bind operation. 097 * 098 * @return The SASL mechanism for this bind operation, or 099 * <CODE>null</CODE> if the bind does not use SASL 100 * authentication. 101 */ 102 String getSASLMechanism(); 103 104 105 106 /** 107 * Retrieves the SASL credentials for this bind operation. 108 * 109 * @return The SASL credentials for this bind operation, or 110 * <CODE>null</CODE> if there are none or if the bind does 111 * not use SASL authentication. 112 */ 113 ByteString getSASLCredentials(); 114 115 116 117 /** 118 * Retrieves the set of server SASL credentials to include in the 119 * bind response. 120 * 121 * @return The set of server SASL credentials to include in the 122 * bind response, or <CODE>null</CODE> if there are none. 123 */ 124 ByteString getServerSASLCredentials(); 125 126 127 128 /** 129 * Retrieves the user entry associated with the SASL authentication 130 * attempt. This should be set by any SASL mechanism in which the 131 * processing was able to get far enough to make this determination, 132 * regardless of whether the authentication was ultimately 133 * successful. 134 * 135 * @return The user entry associated with the SASL authentication 136 * attempt, or <CODE>null</CODE> if it was not a SASL 137 * authentication or the SASL processing was not able to 138 * map the request to a user. 139 */ 140 Entry getSASLAuthUserEntry(); 141 142 143 144 /** 145 * Retrieves a human-readable message providing the reason that the 146 * authentication failed, if available. 147 * 148 * @return A human-readable message providing the reason that the 149 * authentication failed, or <CODE>null</CODE> if none is 150 * available. 151 */ 152 LocalizableMessage getAuthFailureReason(); 153 154 155 156 /** 157 * Retrieves the user entry DN for this bind operation. It will 158 * only be available if the bind processing has proceeded far enough 159 * to identify the user attempting to authenticate. 160 * 161 * @return The user entry DN for this bind operation, or 162 * <CODE>null</CODE> if the bind processing has not 163 * progressed far enough to identify the user or if the 164 * user DN could not be determined. 165 */ 166 DN getUserEntryDN(); 167} 168