001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2014-2016 ForgeRock AS. 016 */ 017package org.opends.server.types.operation; 018import org.forgerock.i18n.LocalizableMessage; 019 020 021 022import org.opends.server.types.AuthenticationType; 023import org.forgerock.opendj.ldap.ByteString; 024import org.forgerock.opendj.ldap.DN; 025 026 027 028/** 029 * This class defines a set of methods that are available for use by 030 * pre-operation plugins for bind operations. Note that this 031 * interface is intended only to define an API for use by plugins and 032 * is not intended to be implemented by any custom classes. 033 */ 034@org.opends.server.types.PublicAPI( 035 stability=org.opends.server.types.StabilityLevel.UNCOMMITTED, 036 mayInstantiate=false, 037 mayExtend=false, 038 mayInvoke=true) 039public interface PreOperationBindOperation 040 extends PreOperationOperation 041{ 042 /** 043 * Retrieves the authentication type for this bind operation. 044 * 045 * @return The authentication type for this bind operation. 046 */ 047 AuthenticationType getAuthenticationType(); 048 049 050 051 /** 052 * Retrieves a string representation of the protocol version 053 * associated with this bind request. 054 * 055 * @return A string representation of the protocol version 056 * associated with this bind request. 057 */ 058 String getProtocolVersion(); 059 060 061 062 /** 063 * Retrieves the raw, unprocessed bind DN for this bind operation as 064 * contained in the client request. The value may not actually 065 * contain a valid DN, as no validation will have been performed. 066 * 067 * @return The raw, unprocessed bind DN for this bind operation as 068 * contained in the client request. 069 */ 070 ByteString getRawBindDN(); 071 072 073 074 /** 075 * Retrieves the bind DN for this bind operation. 076 * 077 * @return The bind DN for this bind operation. 078 */ 079 DN getBindDN(); 080 081 082 083 /** 084 * Retrieves the simple authentication password for this bind 085 * operation. 086 * 087 * @return The simple authentication password for this bind 088 * operation. 089 */ 090 ByteString getSimplePassword(); 091 092 093 094 /** 095 * Retrieves the SASL mechanism for this bind operation. 096 * 097 * @return The SASL mechanism for this bind operation, or 098 * <CODE>null</CODE> if the bind does not use SASL 099 * authentication. 100 */ 101 String getSASLMechanism(); 102 103 104 105 /** 106 * Retrieves the SASL credentials for this bind operation. 107 * 108 * @return The SASL credentials for this bind operation, or 109 * <CODE>null</CODE> if there are none or if the bind does 110 * not use SASL authentication. 111 */ 112 ByteString getSASLCredentials(); 113 114 115 116 /** 117 * Specifies the set of server SASL credentials to include in the 118 * bind response. 119 * 120 * @param serverSASLCredentials The set of server SASL credentials 121 * to include in the bind response. 122 */ 123 void setServerSASLCredentials(ByteString serverSASLCredentials); 124 125 126 127 /** 128 * Specifies the reason that the authentication failed. 129 * 130 * @param reason A human-readable message providing the reason 131 * that the authentication failed. 132 */ 133 void setAuthFailureReason(LocalizableMessage reason); 134 135 136 137 /** 138 * Retrieves the user entry DN for this bind operation. It will 139 * only be available for simple bind operations (and may be 140 * different than the bind DN from the client request). 141 * 142 * @return The user entry DN for this bind operation, or 143 * <CODE>null</CODE> if the bind processing has not 144 * progressed far enough to identify the user or if the 145 * user DN could not be determined. 146 */ 147 DN getUserEntryDN(); 148} 149