001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2014-2016 ForgeRock AS. 016 */ 017package org.opends.server.types.operation; 018import org.forgerock.i18n.LocalizableMessage; 019 020 021 022import org.opends.server.types.AuthenticationType; 023import org.forgerock.opendj.ldap.ByteString; 024import org.forgerock.opendj.ldap.DN; 025import org.opends.server.types.Entry; 026 027 028 029/** 030 * This class defines a set of methods that are available for use by 031 * post-operation plugins for bind operations. Note that this 032 * interface is intended only to define an API for use by plugins and 033 * is not intended to be implemented by any custom classes. 034 */ 035@org.opends.server.types.PublicAPI( 036 stability=org.opends.server.types.StabilityLevel.UNCOMMITTED, 037 mayInstantiate=false, 038 mayExtend=false, 039 mayInvoke=true) 040public interface PostOperationBindOperation 041 extends PostOperationOperation 042{ 043 /** 044 * Retrieves the authentication type for this bind operation. 045 * 046 * @return The authentication type for this bind operation. 047 */ 048 AuthenticationType getAuthenticationType(); 049 050 051 052 /** 053 * Retrieves a string representation of the protocol version 054 * associated with this bind request. 055 * 056 * @return A string representation of the protocol version 057 * associated with this bind request. 058 */ 059 String getProtocolVersion(); 060 061 062 063 /** 064 * Retrieves the raw, unprocessed bind DN for this bind operation as 065 * contained in the client request. The value may not actually 066 * contain a valid DN, as no validation will have been performed. 067 * 068 * @return The raw, unprocessed bind DN for this bind operation as 069 * contained in the client request. 070 */ 071 ByteString getRawBindDN(); 072 073 074 075 /** 076 * Retrieves the bind DN for this bind operation. 077 * 078 * @return The bind DN for this bind operation. 079 */ 080 DN getBindDN(); 081 082 083 084 /** 085 * Retrieves the simple authentication password for this bind operation. 086 * 087 * @return The simple authentication password for this bind 088 * operation. 089 */ 090 ByteString getSimplePassword(); 091 092 093 094 /** 095 * Retrieves the SASL mechanism for this bind operation. 096 * 097 * @return The SASL mechanism for this bind operation, or 098 * <CODE>null</CODE> if the bind does not use SASL 099 * authentication. 100 */ 101 String getSASLMechanism(); 102 103 104 105 /** 106 * Retrieves the SASL credentials for this bind operation. 107 * 108 * @return The SASL credentials for this bind operation, or 109 * <CODE>null</CODE> if there are none or if the bind does 110 * not use SASL authentication. 111 */ 112 ByteString getSASLCredentials(); 113 114 115 116 /** 117 * Retrieves the set of server SASL credentials to include in the 118 * bind response. 119 * 120 * @return The set of server SASL credentials to include in the 121 * bind response, or <CODE>null</CODE> if there are none. 122 */ 123 ByteString getServerSASLCredentials(); 124 125 126 127 /** 128 * Specifies the set of server SASL credentials to include in the 129 * bind response. 130 * 131 * @param serverSASLCredentials The set of server SASL credentials 132 * to include in the bind response. 133 */ 134 void setServerSASLCredentials(ByteString serverSASLCredentials); 135 136 137 138 /** 139 * Retrieves the user entry associated with the SASL authentication 140 * attempt. This should be set by any SASL mechanism in which the 141 * processing was able to get far enough to make this determination, 142 * regardless of whether the authentication was ultimately 143 * successful. 144 * 145 * @return The user entry associated with the SASL authentication 146 * attempt, or <CODE>null</CODE> if it was not a SASL 147 * authentication or the SASL processing was not able to 148 * map the request to a user. 149 */ 150 Entry getSASLAuthUserEntry(); 151 152 153 154 /** 155 * Retrieves a human-readable message providing the reason that the 156 * authentication failed, if available. 157 * 158 * @return A human-readable message providing the reason that the 159 * authentication failed, or <CODE>null</CODE> if none is 160 * available. 161 */ 162 LocalizableMessage getAuthFailureReason(); 163 164 165 166 /** 167 * Specifies the reason that the authentication failed. 168 * 169 * @param reason A human-readable message providing the reason 170 * that the authentication failed. 171 */ 172 void setAuthFailureReason(LocalizableMessage reason); 173 174 175 176 /** 177 * Retrieves the user entry DN for this bind operation. It will 178 * only be available if the bind processing has proceeded far enough 179 * to identify the user attempting to authenticate. 180 * 181 * @return The user entry DN for this bind operation, or 182 * <CODE>null</CODE> if the bind processing has not 183 * progressed far enough to identify the user or if the 184 * user DN could not be determined. 185 */ 186 DN getUserEntryDN(); 187} 188