001/* 002 * Copyright 2007-2017 UnboundID Corp. 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright (C) 2008-2017 UnboundID Corp. 007 * 008 * This program is free software; you can redistribute it and/or modify 009 * it under the terms of the GNU General Public License (GPLv2 only) 010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 011 * as published by the Free Software Foundation. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Public License for more details. 017 * 018 * You should have received a copy of the GNU General Public License 019 * along with this program; if not, see <http://www.gnu.org/licenses>. 020 */ 021package com.unboundid.ldap.sdk.controls; 022 023 024 025import com.unboundid.ldap.sdk.Control; 026import com.unboundid.ldap.sdk.LDAPException; 027import com.unboundid.ldap.sdk.ResultCode; 028import com.unboundid.util.NotMutable; 029import com.unboundid.util.ThreadSafety; 030import com.unboundid.util.ThreadSafetyLevel; 031 032import static com.unboundid.ldap.sdk.controls.ControlMessages.*; 033 034 035 036/** 037 * This class provides an implementation of the authorization identity bind 038 * request control as described in 039 * <A HREF="http://www.ietf.org/rfc/rfc3829.txt">RFC 3829</A>. It may be 040 * included in a bind request to request that the server include the 041 * authorization identity associated with the client connection in the bind 042 * response message, in the form of an 043 * {@link AuthorizationIdentityResponseControl}. 044 * <BR><BR> 045 * The authorization identity request control is similar to the "Who Am I?" 046 * extended request as implemented in the 047 * {@link com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest} class. The 048 * primary difference between them is that the "Who Am I?" extended request can 049 * be used at any time but requires a separate operation, while the 050 * authorization identity request control can be included only with a bind 051 * request but does not require a separate operation. 052 * <BR><BR> 053 * <H2>Example</H2> 054 * The following example demonstrates the use of the authorization identity 055 * request and response controls. It authenticates to the directory server and 056 * attempts to retrieve the authorization identity from the response: 057 * <PRE> 058 * String authzID = null; 059 * BindRequest bindRequest = 060 * new SimpleBindRequest("uid=test.user,ou=People,dc=example,dc=com", 061 * "password", new AuthorizationIdentityRequestControl()); 062 * 063 * BindResult bindResult = connection.bind(bindRequest); 064 * AuthorizationIdentityResponseControl authzIdentityResponse = 065 * AuthorizationIdentityResponseControl.get(bindResult); 066 * if (authzIdentityResponse != null) 067 * { 068 * authzID = authzIdentityResponse.getAuthorizationID(); 069 * } 070 * </PRE> 071 */ 072@NotMutable() 073@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 074public final class AuthorizationIdentityRequestControl 075 extends Control 076{ 077 /** 078 * The OID (2.16.840.1.113730.3.4.16) for the authorization identity request 079 * control. 080 */ 081 public static final String AUTHORIZATION_IDENTITY_REQUEST_OID = 082 "2.16.840.1.113730.3.4.16"; 083 084 085 086 /** 087 * The serial version UID for this serializable class. 088 */ 089 private static final long serialVersionUID = -4059607155175828138L; 090 091 092 093 /** 094 * Creates a new authorization identity request control. The control will not 095 * be marked critical. 096 */ 097 public AuthorizationIdentityRequestControl() 098 { 099 super(AUTHORIZATION_IDENTITY_REQUEST_OID, false, null); 100 } 101 102 103 104 /** 105 * Creates a new authorization identity request control. 106 * 107 * @param isCritical Indicates whether the control should be marked 108 * critical. 109 */ 110 public AuthorizationIdentityRequestControl(final boolean isCritical) 111 { 112 super(AUTHORIZATION_IDENTITY_REQUEST_OID, isCritical, null); 113 } 114 115 116 117 /** 118 * Creates a new authorization identity request control which is decoded from 119 * the provided generic control. 120 * 121 * @param control The generic control to be decoded as an authorization 122 * identity request control. 123 * 124 * @throws LDAPException If the provided control cannot be decoded as an 125 * authorization identity request control. 126 */ 127 public AuthorizationIdentityRequestControl(final Control control) 128 throws LDAPException 129 { 130 super(control); 131 132 if (control.hasValue()) 133 { 134 throw new LDAPException(ResultCode.DECODING_ERROR, 135 ERR_AUTHZID_REQUEST_HAS_VALUE.get()); 136 } 137 } 138 139 140 141 /** 142 * {@inheritDoc} 143 */ 144 @Override() 145 public String getControlName() 146 { 147 return INFO_CONTROL_NAME_AUTHZID_REQUEST.get(); 148 } 149 150 151 152 /** 153 * {@inheritDoc} 154 */ 155 @Override() 156 public void toString(final StringBuilder buffer) 157 { 158 buffer.append("AuthorizationIdentityRequestControl(isCritical="); 159 buffer.append(isCritical()); 160 buffer.append(')'); 161 } 162}