Package org.forgerock.opendj.ldap.controls

Class AuthorizationIdentityResponseControl

java.lang.Object

org.forgerock.opendj.ldap.controls.AuthorizationIdentityResponseControl

All Implemented Interfaces:

Control

public final class AuthorizationIdentityResponseControl
extends Object
implements Control

The authorization response control as defined in RFC 3829. The authorization identity control extends the Lightweight Directory Access Protocol (LDAP) bind operation with a mechanism for requesting and returning the authorization identity it establishes.

The authorization identity is specified using an authorization ID, or authzId, as defined in RFC 4513 section 5.2.1.8.

The following excerpt shows how to get the authorization identity established when binding to the directory server.

 Connection connection = ...;
 String bindDN = ...;
 String bindPassword = ...;

 BindRequest request =
         Requests.newSimpleBindRequest(bindDN, bindPassword.toCharArray())
             .addControl(AuthorizationIdentityRequestControl
                     .newControl(true));

 BindResult result = connection.bind(request);
 AuthorizationIdentityResponseControl control =
         result.getControl(AuthorizationIdentityResponseControl.DECODER,
                 new DecodeOptions());
 // Authorization ID returned: control.getAuthorizationID()
 

See Also:

AuthorizationIdentityRequestControl, WhoAmIExtendedRequest, RFC 3829 - Lightweight Directory Access Protocol (LDAP) Authorization Identity Request and Response Controls , RFC 4532 - Lightweight Directory Access Protocol (LDAP) "Who am I?" Operation , RFC 4513 - SASL Authorization Identities (authzId)

Field Summary

Fields

Modifier and Type	Field	Description
static ControlDecoder<AuthorizationIdentityResponseControl>	DECODER	A decoder which can be used for decoding the authorization identity response control.
static String	OID	The OID for the authorization identity response control.

Method Summary

Modifier and Type	Method	Description
String	getAuthorizationId()	Returns the authorization ID of the user.
String	getOid()	Returns the numeric OID associated with this control.
ByteString	getValue()	Returns the value, if any, associated with this control.
boolean	hasValue()	Returns true if this control has a value.
boolean	isCritical()	Returns true if it is unacceptable to perform the operation without applying the semantics of this control.
static AuthorizationIdentityResponseControl	newControl(String authorizationID)	Creates a new authorization identity response control using the provided authorization ID.
static AuthorizationIdentityResponseControl	newControl(Dn authorizationDn)	Creates a new authorization identity response control using the provided authorization ID.
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

OID

public static final String OID

The OID for the authorization identity response control.

See Also:

Constant Field Values

DECODER

public static final ControlDecoder<AuthorizationIdentityResponseControl> DECODER

A decoder which can be used for decoding the authorization identity response control.

Method Detail

newControl

public static AuthorizationIdentityResponseControl newControl(String authorizationID)

Creates a new authorization identity response control using the provided authorization ID.

Parameters:

authorizationID - The authorization ID for this control.

Returns:

The new control.

Throws:

NullPointerException - If authorizationID was null.

newControl

public static AuthorizationIdentityResponseControl newControl(Dn authorizationDn)

Creates a new authorization identity response control using the provided authorization ID.

Parameters:

authorizationDn - The authorization DN for this control, may be null.

Returns:

The new control.

getAuthorizationId

public String getAuthorizationId()

Returns the authorization ID of the user. The authorization ID usually has the form "dn:" immediately followed by the distinguished name of the user, or "u:" followed by a user ID string, but other forms are permitted.

Returns:

The authorization ID of the user.

getOid

public String getOid()

Description copied from interface: Control

Returns the numeric OID associated with this control.

Specified by:

getOid in interface Control

Returns:

The numeric OID associated with this control.

getValue

public ByteString getValue()

Description copied from interface: Control

Returns the value, if any, associated with this control. Its format is defined by the specification of this control.

Specified by:

getValue in interface Control

Returns:

The value associated with this control, or null if there is no value.

hasValue

public boolean hasValue()

Description copied from interface: Control

Returns true if this control has a value. In some circumstances it may be useful to determine if a control has a value, without actually calculating the value and incurring any performance costs.

Specified by:

hasValue in interface Control

Returns:

true if this control has a value, or false if there is no value.

isCritical

public boolean isCritical()

Description copied from interface: Control

Returns true if it is unacceptable to perform the operation without applying the semantics of this control.

The criticality field only has meaning in controls attached to request messages (except UnbindRequest). For controls attached to response messages and the UnbindRequest, the criticality field SHOULD be false, and MUST be ignored by the receiving protocol peer. A value of true indicates that it is unacceptable to perform the operation without applying the semantics of the control.

Specified by:

isCritical in interface Control

Returns:

true if this control must be processed by the Directory Server, or false if it can be ignored.

toString

public String toString()

Overrides:

toString in class Object