public interface ExternalSASLBindRequest extends SASLBindRequest
A client may either request that its authorization identity be automatically derived from its authentication credentials exchanged at a lower security layer, or it may explicitly provide a desired authorization identity.
The optional authorization identity is specified using an authorization ID,
or authzId
, as defined in RFC 4513 section 5.2.1.8.
Modifier and Type | Field and Description |
---|---|
static String |
SASL_MECHANISM_NAME
The name of the SASL mechanism based on external authentication.
|
AUTHENTICATION_TYPE_SASL, AUTHENTICATION_TYPE_SIMPLE, OBFUSCATED_PASSWORD
Modifier and Type | Method and Description |
---|---|
ExternalSASLBindRequest |
addControl(Control control)
Adds the provided control to this request.
|
BindClient |
createBindClient(String serverName)
Creates a new bind client which can be used to perform the authentication
process.
|
byte |
getAuthenticationType()
Returns the authentication mechanism identifier for this SASL bind
request as defined by the LDAP protocol, which is always
0xA3 . |
String |
getAuthorizationID()
Returns the optional desired authorization ID of the user, or
null if the authorization ID should derived from authentication
credentials exchanged at a lower security layer. |
<C extends Control> |
getControl(ControlDecoder<C> decoder,
DecodeOptions options)
Decodes and returns the first control in this request having an OID
corresponding to the provided control decoder.
|
List<Control> |
getControls()
Returns a
List containing the controls included with this
request. |
String |
getName()
Returns the name of the Directory object that the client wishes to bind
as, which is always the empty string for SASL authentication.
|
String |
getSASLMechanism()
Returns the SASL mechanism for this SASL bind request.
|
ExternalSASLBindRequest |
setAuthorizationID(String authorizationID)
Sets the optional desired authorization ID of the user, or
null
if the authorization ID should derived from authentication credentials
exchanged at a lower security layer. |
containsControl
static final String SASL_MECHANISM_NAME
ExternalSASLBindRequest addControl(Control control)
Request
addControl
in interface BindRequest
addControl
in interface Request
addControl
in interface SASLBindRequest
control
- The control to be added to this request.BindClient createBindClient(String serverName) throws LdapException
BindRequest
createBindClient
in interface BindRequest
createBindClient
in interface SASLBindRequest
serverName
- The non-null fully-qualified host name of the server to
authenticate to.LdapException
- If an error occurred while creating the bind client context.byte getAuthenticationType()
0xA3
.getAuthenticationType
in interface BindRequest
getAuthenticationType
in interface SASLBindRequest
String getAuthorizationID()
null
if the authorization ID should derived from authentication
credentials exchanged at a lower security layer. The authorization ID
usually has the form "dn:" immediately followed by the distinguished name
of the user, or "u:" followed by a user ID string, but other forms are
permitted.null
.<C extends Control> C getControl(ControlDecoder<C> decoder, DecodeOptions options) throws DecodeException
Request
getControl
in interface BindRequest
getControl
in interface Request
getControl
in interface SASLBindRequest
C
- The type of control to be decoded and returned.decoder
- The control decoder.options
- The set of decode options which should be used when decoding
the control.null
if the control is not
included with this request.DecodeException
- If the control could not be decoded because it was malformed
in some way (e.g. the control value was missing, or its
content could not be decoded).List<Control> getControls()
Request
List
containing the controls included with this
request. The returned List
may be modified if permitted by this
request.getControls
in interface BindRequest
getControls
in interface Request
getControls
in interface SASLBindRequest
List
containing the controls.String getName()
getName
in interface BindRequest
getName
in interface SASLBindRequest
String getSASLMechanism()
SASLBindRequest
getSASLMechanism
in interface SASLBindRequest
ExternalSASLBindRequest setAuthorizationID(String authorizationID)
null
if the authorization ID should derived from authentication credentials
exchanged at a lower security layer. The authorization ID usually has the
form "dn:" immediately followed by the distinguished name of the user, or
"u:" followed by a user ID string, but other forms are permitted.authorizationID
- The desired authorization ID of the user, which may be
null
.UnsupportedOperationException
- If this external SASL request does not permit the
authorization ID to be set.LocalizedIllegalArgumentException
- If authorizationID
was non-empty and did not contain
a valid authorization ID type.Copyright 2010-2017 ForgeRock AS.