001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2014-2016 ForgeRock AS. 016 */ 017package org.opends.server.protocols.ldap; 018 019import java.io.IOException; 020 021import org.forgerock.opendj.io.*; 022import org.opends.server.types.AuthenticationType; 023import org.forgerock.opendj.ldap.ByteString; 024 025import static org.opends.server.protocols.ldap.LDAPConstants.*; 026import static org.opends.server.util.ServerConstants.*; 027 028/** 029 * This class defines the structures and methods for an LDAP bind request 030 * protocol op, which is used to authenticate a user to the Directory Server. 031 */ 032public class BindRequestProtocolOp extends ProtocolOp 033{ 034 035 /** The bind DN for this request. */ 036 private ByteString dn; 037 038 /** The SASL credentials for this request. */ 039 private ByteString saslCredentials; 040 041 /** The simple authentication password for this request. */ 042 private ByteString simplePassword; 043 044 /** The authentication type for this request. */ 045 private AuthenticationType authenticationType; 046 047 /** The protocol version for this bind request. */ 048 private int protocolVersion; 049 050 /** The SASL mechanism for this request. */ 051 private String saslMechanism; 052 053 054 055 /** 056 * Creates a new bind request protocol op to perform simple authentication 057 * with the provided DN and password. 058 * 059 * @param dn The DN for this bind request. 060 * @param protocolVersion The LDAP protocol version for this bind request. 061 * @param simplePassword The password for this bind request. 062 */ 063 public BindRequestProtocolOp(ByteString dn, int protocolVersion, 064 ByteString simplePassword) 065 { 066 this.dn = dn; 067 this.protocolVersion = protocolVersion; 068 this.simplePassword = simplePassword; 069 070 authenticationType = AuthenticationType.SIMPLE; 071 saslMechanism = null; 072 saslCredentials = null; 073 } 074 075 076 077 /** 078 * Creates a new bind request protocol op to perform SASL authentication with 079 * the provided information. 080 * 081 * @param dn The DN for this bind request. 082 * @param saslMechanism The SASL mechanism for this bind request. 083 * @param saslCredentials The SASL credentials for this bind request. 084 */ 085 public BindRequestProtocolOp(ByteString dn, String saslMechanism, 086 ByteString saslCredentials) 087 { 088 this.dn = dn; 089 this.saslMechanism = saslMechanism; 090 this.saslCredentials = saslCredentials; 091 092 authenticationType = AuthenticationType.SASL; 093 protocolVersion = 3; 094 simplePassword = null; 095 } 096 097 098 099 /** 100 * Retrieves the DN for this bind request. 101 * 102 * @return The DN for this bind request. 103 */ 104 public ByteString getDN() 105 { 106 return dn; 107 } 108 109 110 111 /** 112 * Retrieves the protocol version for this bind request. 113 * 114 * @return The protocol version for this bind request. 115 */ 116 public int getProtocolVersion() 117 { 118 return protocolVersion; 119 } 120 121 122 123 /** 124 * Retrieves the authentication type for this bind request. 125 * 126 * @return The authentication type for this bind request. 127 */ 128 public AuthenticationType getAuthenticationType() 129 { 130 return authenticationType; 131 } 132 133 134 135 /** 136 * Retrieves the simple authentication password for this bind request. 137 * 138 * @return The simple authentication password for this bind request, or 139 * <CODE>null</CODE> if this is a SASL bind request. 140 */ 141 public ByteString getSimplePassword() 142 { 143 return simplePassword; 144 } 145 146 147 148 /** 149 * Retrieves the SASL mechanism for this bind request. 150 * 151 * @return The SASL mechanism for this bind request, or <CODE>null</CODE> if 152 * this is a simple bind request. 153 */ 154 public String getSASLMechanism() 155 { 156 return saslMechanism; 157 } 158 159 160 161 /** 162 * Retrieves the SASL credentials for this bind request. 163 * 164 * @return The SASL credentials for this bind request, or <CODE>null</CODE> 165 * if there are none or if this is a simple bind request. 166 */ 167 public ByteString getSASLCredentials() 168 { 169 return saslCredentials; 170 } 171 172 173 174 175 /** 176 * Retrieves the BER type for this protocol op. 177 * 178 * @return The BER type for this protocol op. 179 */ 180 @Override 181 public byte getType() 182 { 183 return OP_TYPE_BIND_REQUEST; 184 } 185 186 187 188 /** 189 * Retrieves the name for this protocol op type. 190 * 191 * @return The name for this protocol op type. 192 */ 193 @Override 194 public String getProtocolOpName() 195 { 196 return "Bind Request"; 197 } 198 199 /** 200 * Writes this protocol op to an ASN.1 output stream. 201 * 202 * @param stream The ASN.1 output stream to write to. 203 * @throws IOException If a problem occurs while writing to the stream. 204 */ 205 @Override 206 public void write(ASN1Writer stream) throws IOException 207 { 208 stream.writeStartSequence(OP_TYPE_BIND_REQUEST); 209 stream.writeInteger(protocolVersion); 210 stream.writeOctetString(dn); 211 212 if(authenticationType == AuthenticationType.SIMPLE) 213 { 214 stream.writeOctetString(TYPE_AUTHENTICATION_SIMPLE, simplePassword); 215 } 216 else 217 { 218 stream.writeStartSequence(TYPE_AUTHENTICATION_SASL); 219 stream.writeOctetString(saslMechanism); 220 if(saslCredentials != null) 221 { 222 stream.writeOctetString(saslCredentials); 223 } 224 stream.writeEndSequence(); 225 } 226 227 stream.writeEndSequence(); 228 } 229 230 231 /** 232 * Appends a string representation of this LDAP protocol op to the provided 233 * buffer. 234 * 235 * @param buffer The buffer to which the string should be appended. 236 */ 237 @Override 238 public void toString(StringBuilder buffer) 239 { 240 buffer.append("BindRequest(version=").append(protocolVersion); 241 buffer.append(", dn="); 242 if (dn != null) 243 { 244 buffer.append(dn); 245 } 246 247 if (authenticationType == AuthenticationType.SIMPLE) 248 { 249 buffer.append(", password=").append(simplePassword); 250 } 251 else 252 { 253 buffer.append(", saslMechanism=").append(saslMechanism); 254 255 if (saslCredentials != null) 256 { 257 buffer.append(", saslCredentials=").append(saslCredentials); 258 } 259 } 260 261 buffer.append(")"); 262 } 263 264 265 266 /** 267 * Appends a multi-line string representation of this LDAP protocol op to the 268 * provided buffer. 269 * 270 * @param buffer The buffer to which the information should be appended. 271 * @param indent The number of spaces from the margin that the lines should 272 * be indented. 273 */ 274 @Override 275 public void toString(StringBuilder buffer, int indent) 276 { 277 StringBuilder indentBuf = new StringBuilder(indent); 278 for (int i=0 ; i < indent; i++) 279 { 280 indentBuf.append(' '); 281 } 282 283 buffer.append(indentBuf).append("Bind Request").append(EOL); 284 buffer.append(indentBuf).append(" Protocol Version: ").append(protocolVersion).append(EOL); 285 286 buffer.append(indentBuf).append(" DN: "); 287 if (dn != null) 288 { 289 buffer.append(dn); 290 } 291 buffer.append(EOL); 292 293 if (authenticationType == AuthenticationType.SIMPLE) 294 { 295 buffer.append(indentBuf).append(" Simple Password: ").append(simplePassword).append(EOL); 296 } 297 else 298 { 299 buffer.append(indentBuf).append(" SASL Mechanism: ").append(saslMechanism).append(EOL); 300 301 if (saslCredentials != null) 302 { 303 buffer.append(indentBuf).append(" SASL Credentials:").append(EOL); 304 buffer.append(saslCredentials.toHexPlusAsciiString(indent+4)); 305 } 306 } 307 } 308} 309