org.opends.server.core
Class BindOperationBasis

java.lang.Object
  extended by org.opends.server.types.AbstractOperation
      extended by org.opends.server.core.BindOperationBasis
All Implemented Interfaces:
java.lang.Runnable, BindOperation, Operation, PluginOperation, PostResponseOperation, PreParseBindOperation, PreParseOperation

public class BindOperationBasis
extends AbstractOperation
implements BindOperation, PreParseBindOperation

This class defines an operation that may be used to authenticate a user to the Directory Server. Note that for security restrictions, response messages that may be returned to the client must be carefully cleaned to ensure that they do not provide a malicious client with information that may be useful in an attack. This does impact the debugability of the server, but that can be addressed by calling the setAuthFailureReason method, which can provide a reason for a failure in a form that will not be returned to the client but may be written to a log file.


Field Summary
 
Fields inherited from class org.opends.server.types.AbstractOperation
cancelRequest, cancelResult, clientConnection, messageID, NO_RESPONSE_CONTROLS, operationID, useNanoTime
 
Fields inherited from interface org.opends.server.types.Operation
LOCALBACKENDOPERATIONS
 
Constructor Summary
BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, ByteString rawBindDN, ByteString simplePassword)
          Creates a new simple bind operation with the provided information.
BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, ByteString rawBindDN, java.lang.String saslMechanism, ASN1OctetString saslCredentials)
          Creates a new SASL bind operation with the provided information.
BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, DN bindDN, ByteString simplePassword)
          Creates a new simple bind operation with the provided information.
BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, DN bindDN, java.lang.String saslMechanism, ASN1OctetString saslCredentials)
          Creates a new SASL bind operation with the provided information.
 
Method Summary
 void addResponseControl(Control control)
          Adds the provided control to the set of controls to include in the response to the client.
 AuthenticationInfo getAuthenticationInfo()
          Retrieves the authentication info that resulted from processing this bind operation.
 AuthenticationType getAuthenticationType()
          Retrieves the authentication type for this bind operation.
 Message getAuthFailureReason()
          Retrieves a human-readable message providing the reason that the authentication failed, if available.
 DN getBindDN()
          Retrieves the bind DN for this bind operation.
 OperationType getOperationType()
          Retrieves the operation type for this operation.
 java.lang.String getProtocolVersion()
          Retrieves a string representation of the protocol version associated with this bind request.
 ByteString getRawBindDN()
          Retrieves the raw, unprocessed bind DN for this bind operation as contained in the client request.
 java.lang.String[][] getRequestLogElements()
          Retrieves a standard set of elements that should be logged in requests for this type of operation.
 java.util.List<Control> getResponseControls()
          Retrieves the set of controls to include in the response to the client.
 java.lang.String[][] getResponseLogElements()
          Retrieves a standard set of elements that should be logged in responses for this type of operation.
 Entry getSASLAuthUserEntry()
          Retrieves the user entry associated with the SASL authentication attempt.
 ASN1OctetString getSASLCredentials()
          Retrieves the SASL credentials for this bind operation.
 java.lang.String getSASLMechanism()
          Retrieves the SASL mechanism for this bind operation.
 ASN1OctetString getServerSASLCredentials()
          Retrieves the set of server SASL credentials to include in the bind response.
 ByteString getSimplePassword()
          Retrieves the simple authentication password for this bind operation.
 DN getUserEntryDN()
          Retrieves the user entry DN for this bind operation.
 void removeResponseControl(Control control)
          Removes the provided control from the set of controls to include in the response to the client.
 void run()
          Performs the work of actually processing this operation.
 void setAuthenticationInfo(AuthenticationInfo authInfo)
          Specifies the authentication info that resulted from processing this bind operation.
 void setAuthFailureReason(Message message)
          Specifies the reason that the authentication failed.
 void setProtocolVersion(java.lang.String protocolVersion)
          Specifies the string representation of the protocol version associated with this bind request.
 void setRawBindDN(ByteString rawBindDN)
          Specifies the raw, unprocessed bind DN for this bind operation.
 void setSASLAuthUserEntry(Entry saslAuthUserEntry)
          Specifies the user entry associated with the SASL authentication attempt.
 void setSASLCredentials(java.lang.String saslMechanism, ASN1OctetString saslCredentials)
          Specifies the SASL credentials for this bind operation.
 void setServerSASLCredentials(ASN1OctetString serverSASLCredentials)
          Specifies the set of server SASL credentials to include in the bind response.
 void setSimplePassword(ByteString simplePassword)
          Specifies the simple authentication password for this bind operation.
 void setUserEntryDN(DN userEntryDN)
          Set the user entry DN for this bind operation.
 void toString(java.lang.StringBuilder buffer)
          Appends a string representation of this operation to the provided buffer.
 
Methods inherited from class org.opends.server.types.AbstractOperation
abort, addRequestControl, appendAdditionalLogMessage, appendErrorMessage, cancel, checkIfCanceled, disconnectClient, dontSynchronize, getAdditionalLogMessage, getAttachment, getAttachments, getAuthorizationDN, getAuthorizationEntry, getCancelRequest, getCancelResult, getClientConnection, getCommonLogElements, getConnectionID, getErrorMessage, getMatchedDN, getMessageID, getOperationID, getProcessingNanoTime, getProcessingStartTime, getProcessingStopTime, getProcessingTime, getReferralURLs, getRequestControls, getResultCode, isInternalOperation, isSynchronizationOperation, operationCompleted, removeAttachment, removeRequestControl, setAdditionalLogMessage, setAttachment, setAttachments, setAuthorizationEntry, setDontSynchronize, setErrorMessage, setInternalOperation, setMatchedDN, setProcessingStartTime, setProcessingStopTime, setReferralURLs, setResponseData, setResultCode, setSynchronizationOperation, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.opends.server.types.Operation
abort, addRequestControl, appendAdditionalLogMessage, appendErrorMessage, cancel, checkIfCanceled, disconnectClient, dontSynchronize, getAdditionalLogMessage, getAttachment, getAttachments, getAuthorizationDN, getAuthorizationEntry, getCancelRequest, getCancelResult, getClientConnection, getCommonLogElements, getConnectionID, getErrorMessage, getMatchedDN, getMessageID, getOperationID, getProcessingNanoTime, getProcessingStartTime, getProcessingStopTime, getProcessingTime, getReferralURLs, getRequestControls, getResultCode, isInternalOperation, isSynchronizationOperation, operationCompleted, removeAttachment, removeRequestControl, setAdditionalLogMessage, setAttachment, setAttachments, setAuthorizationEntry, setDontSynchronize, setErrorMessage, setInternalOperation, setMatchedDN, setReferralURLs, setResponseData, setResultCode, setSynchronizationOperation, toString
 
Methods inherited from interface org.opends.server.types.operation.PreParseOperation
addRequestControl, appendAdditionalLogMessage, appendErrorMessage, getAdditionalLogMessage, getErrorMessage, removeRequestControl, setAdditionalLogMessage, setErrorMessage
 
Methods inherited from interface org.opends.server.types.operation.PluginOperation
checkIfCanceled, disconnectClient, getAttachment, getAttachments, getClientConnection, getConnectionID, getMessageID, getOperationID, getProcessingStartTime, getRequestControls, isInternalOperation, isSynchronizationOperation, removeAttachment, setAttachment, toString
 

Constructor Detail

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          ByteString rawBindDN,
                          ByteString simplePassword)
Creates a new simple bind operation with the provided information.

Parameters:
clientConnection - The client connection with which this operation is associated.
operationID - The operation ID for this operation.
messageID - The message ID of the request with which this operation is associated.
requestControls - The set of controls included in the request.
protocolVersion - The string representation of the protocol version associated with this bind request.
rawBindDN - The raw, unprocessed bind DN as provided in the request from the client.
simplePassword - The password to use for the simple authentication.

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          ByteString rawBindDN,
                          java.lang.String saslMechanism,
                          ASN1OctetString saslCredentials)
Creates a new SASL bind operation with the provided information.

Parameters:
clientConnection - The client connection with which this operation is associated.
operationID - The operation ID for this operation.
messageID - The message ID of the request with which this operation is associated.
requestControls - The set of controls included in the request.
protocolVersion - The string representation of the protocol version associated with this bind request.
rawBindDN - The raw, unprocessed bind DN as provided in the request from the client.
saslMechanism - The SASL mechanism included in the request.
saslCredentials - The optional SASL credentials included in the request.

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          DN bindDN,
                          ByteString simplePassword)
Creates a new simple bind operation with the provided information.

Parameters:
clientConnection - The client connection with which this operation is associated.
operationID - The operation ID for this operation.
messageID - The message ID of the request with which this operation is associated.
requestControls - The set of controls included in the request.
protocolVersion - The string representation of the protocol version associated with this bind request.
bindDN - The bind DN for this bind operation.
simplePassword - The password to use for the simple authentication.

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          DN bindDN,
                          java.lang.String saslMechanism,
                          ASN1OctetString saslCredentials)
Creates a new SASL bind operation with the provided information.

Parameters:
clientConnection - The client connection with which this operation is associated.
operationID - The operation ID for this operation.
messageID - The message ID of the request with which this operation is associated.
requestControls - The set of controls included in the request.
protocolVersion - The string representation of the protocol version associated with this bind request.
bindDN - The bind DN for this bind operation.
saslMechanism - The SASL mechanism included in the request.
saslCredentials - The optional SASL credentials included in the request.
Method Detail

getAuthenticationType

public final AuthenticationType getAuthenticationType()
Retrieves the authentication type for this bind operation.

Specified by:
getAuthenticationType in interface BindOperation
Specified by:
getAuthenticationType in interface PreParseBindOperation
Returns:
The authentication type for this bind operation.

getRawBindDN

public final ByteString getRawBindDN()
Retrieves the raw, unprocessed bind DN for this bind operation as contained in the client request. The value may not actually contain a valid DN, as no validation will have been performed.

Specified by:
getRawBindDN in interface BindOperation
Specified by:
getRawBindDN in interface PreParseBindOperation
Returns:
The raw, unprocessed bind DN for this bind operation as contained in the client request.

setRawBindDN

public final void setRawBindDN(ByteString rawBindDN)
Specifies the raw, unprocessed bind DN for this bind operation. This should only be called by pre-parse plugins.

Specified by:
setRawBindDN in interface BindOperation
Specified by:
setRawBindDN in interface PreParseBindOperation
Parameters:
rawBindDN - The raw, unprocessed bind DN for this bind operation.

getBindDN

public final DN getBindDN()
Retrieves the bind DN for this bind operation. This method should not be called by pre-parse plugins, as the raw value will not have been processed by that time. Instead, pre-parse plugins should call the getRawBindDN method.

Specified by:
getBindDN in interface BindOperation
Returns:
The bind DN for this bind operation, or null if the raw DN has not yet been processed.

getSimplePassword

public final ByteString getSimplePassword()
Retrieves the simple authentication password for this bind operation.

Specified by:
getSimplePassword in interface BindOperation
Specified by:
getSimplePassword in interface PreParseBindOperation
Returns:
The simple authentication password for this bind operation.

setSimplePassword

public final void setSimplePassword(ByteString simplePassword)
Specifies the simple authentication password for this bind operation.

Specified by:
setSimplePassword in interface BindOperation
Specified by:
setSimplePassword in interface PreParseBindOperation
Parameters:
simplePassword - The simple authentication password for this bind operation.

getSASLMechanism

public final java.lang.String getSASLMechanism()
Retrieves the SASL mechanism for this bind operation.

Specified by:
getSASLMechanism in interface BindOperation
Specified by:
getSASLMechanism in interface PreParseBindOperation
Returns:
The SASL mechanism for this bind operation, or null if the bind does not use SASL authentication.

getSASLCredentials

public final ASN1OctetString getSASLCredentials()
Retrieves the SASL credentials for this bind operation.

Specified by:
getSASLCredentials in interface BindOperation
Specified by:
getSASLCredentials in interface PreParseBindOperation
Returns:
The SASL credentials for this bind operation, or null if there are none or if the bind does not use SASL authentication.

setSASLCredentials

public final void setSASLCredentials(java.lang.String saslMechanism,
                                     ASN1OctetString saslCredentials)
Specifies the SASL credentials for this bind operation.

Specified by:
setSASLCredentials in interface BindOperation
Specified by:
setSASLCredentials in interface PreParseBindOperation
Parameters:
saslMechanism - The SASL mechanism for this bind operation.
saslCredentials - The SASL credentials for this bind operation, or null if there are none.

getServerSASLCredentials

public final ASN1OctetString getServerSASLCredentials()
Retrieves the set of server SASL credentials to include in the bind response.

Specified by:
getServerSASLCredentials in interface BindOperation
Returns:
The set of server SASL credentials to include in the bind response, or null if there are none.

setServerSASLCredentials

public final void setServerSASLCredentials(ASN1OctetString serverSASLCredentials)
Specifies the set of server SASL credentials to include in the bind response.

Specified by:
setServerSASLCredentials in interface BindOperation
Specified by:
setServerSASLCredentials in interface PreParseBindOperation
Parameters:
serverSASLCredentials - The set of server SASL credentials to include in the bind response.

getSASLAuthUserEntry

public final Entry getSASLAuthUserEntry()
Retrieves the user entry associated with the SASL authentication attempt. This should be set by any SASL mechanism in which the processing was able to get far enough to make this determination, regardless of whether the authentication was ultimately successful.

Specified by:
getSASLAuthUserEntry in interface BindOperation
Returns:
The user entry associated with the SASL authentication attempt, or null if it was not a SASL authentication or the SASL processing was not able to map the request to a user.

setSASLAuthUserEntry

public final void setSASLAuthUserEntry(Entry saslAuthUserEntry)
Specifies the user entry associated with the SASL authentication attempt. This should be set by any SASL mechanism in which the processing was able to get far enough to make this determination, regardless of whether the authentication was ultimately successful.

Specified by:
setSASLAuthUserEntry in interface BindOperation
Parameters:
saslAuthUserEntry - The user entry associated with the SASL authentication attempt.

getAuthFailureReason

public final Message getAuthFailureReason()
Retrieves a human-readable message providing the reason that the authentication failed, if available.

Specified by:
getAuthFailureReason in interface BindOperation
Returns:
A human-readable message providing the reason that the authentication failed, or null if none is available.

setAuthFailureReason

public final void setAuthFailureReason(Message message)
Specifies the reason that the authentication failed.

Specified by:
setAuthFailureReason in interface BindOperation
Specified by:
setAuthFailureReason in interface PreParseBindOperation
Parameters:
message - providing the reason that the authentication failed.

getUserEntryDN

public final DN getUserEntryDN()
Retrieves the user entry DN for this bind operation. It will only be available if the bind processing has proceeded far enough to identify the user attempting to authenticate.

Specified by:
getUserEntryDN in interface BindOperation
Returns:
The user entry DN for this bind operation, or null if the bind processing has not progressed far enough to identify the user or if the user DN could not be determined.

getAuthenticationInfo

public final AuthenticationInfo getAuthenticationInfo()
Retrieves the authentication info that resulted from processing this bind operation. It will only be valid if the bind processing was successful.

Specified by:
getAuthenticationInfo in interface BindOperation
Returns:
The authentication info that resulted from processing this bind operation.

setAuthenticationInfo

public final void setAuthenticationInfo(AuthenticationInfo authInfo)
Specifies the authentication info that resulted from processing this bind operation. This method must only be called by SASL mechanism handlers during the course of processing the processSASLBind method.

Specified by:
setAuthenticationInfo in interface BindOperation
Parameters:
authInfo - The authentication info that resulted from processing this bind operation.

getOperationType

public final OperationType getOperationType()
Retrieves the operation type for this operation.

Specified by:
getOperationType in interface Operation
Specified by:
getOperationType in interface PluginOperation
Specified by:
getOperationType in class AbstractOperation
Returns:
The operation type for this operation.

getRequestLogElements

public final java.lang.String[][] getRequestLogElements()
Retrieves a standard set of elements that should be logged in requests for this type of operation. Each element in the array will itself be a two-element array in which the first element is the name of the field and the second is a string representation of the value, or null if there is no value for that field.

Specified by:
getRequestLogElements in interface Operation
Specified by:
getRequestLogElements in class AbstractOperation
Returns:
A standard set of elements that should be logged in requests for this type of operation.

getResponseLogElements

public final java.lang.String[][] getResponseLogElements()
Retrieves a standard set of elements that should be logged in responses for this type of operation. Each element in the array will itself be a two-element array in which the first element is the name of the field and the second is a string representation of the value, or null if there is no value for that field.

Specified by:
getResponseLogElements in interface Operation
Specified by:
getResponseLogElements in class AbstractOperation
Returns:
A standard set of elements that should be logged in responses for this type of operation.

getResponseControls

public final java.util.List<Control> getResponseControls()
Retrieves the set of controls to include in the response to the client. The contents of this list must not be altered.

Specified by:
getResponseControls in interface Operation
Specified by:
getResponseControls in interface PluginOperation
Specified by:
getResponseControls in class AbstractOperation
Returns:
The set of controls to include in the response to the client.

addResponseControl

public final void addResponseControl(Control control)
Adds the provided control to the set of controls to include in the response to the client. This method may not be called by post-response plugins.

Specified by:
addResponseControl in interface Operation
Specified by:
addResponseControl in interface PreParseOperation
Specified by:
addResponseControl in class AbstractOperation
Parameters:
control - The control to add to the set of controls to include in the response to the client.

removeResponseControl

public final void removeResponseControl(Control control)
Removes the provided control from the set of controls to include in the response to the client. This method may not be called by post-response plugins.

Specified by:
removeResponseControl in interface Operation
Specified by:
removeResponseControl in interface PreParseOperation
Specified by:
removeResponseControl in class AbstractOperation
Parameters:
control - The control to remove from the set of controls to include in the response to the client.

toString

public final void toString(java.lang.StringBuilder buffer)
Appends a string representation of this operation to the provided buffer.

Specified by:
toString in interface Operation
Specified by:
toString in interface PluginOperation
Specified by:
toString in class AbstractOperation
Parameters:
buffer - The buffer into which a string representation of this operation should be appended.

setUserEntryDN

public void setUserEntryDN(DN userEntryDN)
Set the user entry DN for this bind operation.

Specified by:
setUserEntryDN in interface BindOperation
Parameters:
userEntryDN - The user entry DN for this bind operation, or null if the bind processing has not progressed far enough to identify the user or if the user DN could not be determined.

getProtocolVersion

public java.lang.String getProtocolVersion()
Retrieves a string representation of the protocol version associated with this bind request.

Specified by:
getProtocolVersion in interface BindOperation
Specified by:
getProtocolVersion in interface PreParseBindOperation
Returns:
A string representation of the protocol version associated with this bind request.

setProtocolVersion

public void setProtocolVersion(java.lang.String protocolVersion)
Specifies the string representation of the protocol version associated with this bind request.

Specified by:
setProtocolVersion in interface BindOperation
Specified by:
setProtocolVersion in interface PreParseBindOperation
Parameters:
protocolVersion - The string representation of the protocol version associated with this bind request.

run

public final void run()
Performs the work of actually processing this operation. This should include all processing for the operation, including invoking pre-parse and post-response plugins, logging messages and any other work that might need to be done in the course of processing.

Specified by:
run in interface java.lang.Runnable
Specified by:
run in class AbstractOperation