001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2006-2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.controls; 028 import org.opends.messages.Message; 029 030 031 032 import org.opends.server.protocols.asn1.ASN1OctetString; 033 import org.opends.server.protocols.ldap.LDAPResultCode; 034 import org.opends.server.types.Control; 035 import org.opends.server.types.DN; 036 import org.opends.server.types.LDAPException; 037 038 import static org.opends.messages.ProtocolMessages.*; 039 import static org.opends.server.util.ServerConstants.*; 040 041 042 043 /** 044 * This class implements the authorization identity response control as defined 045 * in RFC 3829. It may be included in a bind response message to provide the 046 * authorization ID resulting for a client after the bind operation as 047 * completed. 048 */ 049 public class AuthorizationIdentityResponseControl 050 extends Control 051 { 052 053 054 055 // The authorization ID for this control. 056 private String authorizationID; 057 058 059 060 /** 061 * Creates a new authorization identity response control using the default 062 * settings to indicate an anonymous authentication. 063 */ 064 public AuthorizationIdentityResponseControl() 065 { 066 super(OID_AUTHZID_RESPONSE, false, new ASN1OctetString()); 067 068 } 069 070 071 072 /** 073 * Creates a new authorization identity response control with the provided 074 * information. 075 * 076 * @param authorizationID The authorization ID for this control. 077 */ 078 public AuthorizationIdentityResponseControl(String authorizationID) 079 { 080 super(OID_AUTHZID_RESPONSE, false, encodeValue(authorizationID)); 081 082 083 this.authorizationID = authorizationID; 084 } 085 086 087 088 /** 089 * Creates a new authorization identity response control with the provided 090 * information. 091 * 092 * @param authorizationDN The authorization DN for this control. 093 */ 094 public AuthorizationIdentityResponseControl(DN authorizationDN) 095 { 096 super(OID_AUTHZID_RESPONSE, false, encodeValue(authorizationDN)); 097 098 099 if (authorizationDN == null) 100 { 101 this.authorizationID = "dn:"; 102 } 103 else 104 { 105 this.authorizationID = "dn:" + authorizationDN.toString(); 106 } 107 } 108 109 110 111 /** 112 * Creates a new authorization identity response control with the provided 113 * information. 114 * 115 * @param oid The OID to use for this control. 116 * @param isCritical Indicates whether this control should be 117 * considered a critical part of the response 118 * processing. 119 * @param authorizationID The authorization ID for this control. 120 */ 121 public AuthorizationIdentityResponseControl(String oid, boolean isCritical, 122 String authorizationID) 123 { 124 super(oid, isCritical, encodeValue(authorizationID)); 125 126 127 this.authorizationID = authorizationID; 128 } 129 130 131 132 /** 133 * Creates a new authorization identity response control with the provided 134 * information. 135 * 136 * @param oid The OID to use for this control. 137 * @param isCritical Indicates whether this control should be 138 * considered a critical part of the response 139 * processing. 140 * @param authorizationDN The authorization DN for this control. 141 */ 142 public AuthorizationIdentityResponseControl(String oid, boolean isCritical, 143 DN authorizationDN) 144 { 145 super(oid, isCritical, encodeValue(authorizationDN)); 146 147 148 if (authorizationDN == null) 149 { 150 this.authorizationID = "dn:"; 151 } 152 else 153 { 154 this.authorizationID = "dn:" + authorizationDN.toString(); 155 } 156 } 157 158 159 160 /** 161 * Creates a new authorization identity response control with the provided 162 * information. 163 * 164 * @param oid The OID to use for this control. 165 * @param isCritical Indicates whether this control should be 166 * considered a critical part of the response 167 * processing. 168 * @param authorizationID The authorization ID for this control. 169 * @param encodedValue The encoded value for the control. 170 */ 171 private AuthorizationIdentityResponseControl(String oid, boolean isCritical, 172 String authorizationID, 173 ASN1OctetString encodedValue) 174 { 175 super(oid, isCritical, encodedValue); 176 177 178 this.authorizationID = authorizationID; 179 } 180 181 182 183 /** 184 * Encodes the provided information into an ASN.1 octet string suitable for 185 * use as the control value. 186 * 187 * @param authorizationID The authorization ID for this authorization ID 188 * response control. 189 * 190 * @return An ASN.1 octet string containing the encoded information. 191 */ 192 private static ASN1OctetString encodeValue(String authorizationID) 193 { 194 return new ASN1OctetString(authorizationID); 195 } 196 197 198 199 /** 200 * Encodes the provided information into an ASN.1 octet string suitable for 201 * use as the control value. 202 * 203 * @param authorizationDN The authorization DN for this authorization ID 204 * response control. 205 * 206 * @return An ASN.1 octet string containing the encoded information. 207 */ 208 private static ASN1OctetString encodeValue(DN authorizationDN) 209 { 210 if (authorizationDN == null) 211 { 212 return new ASN1OctetString("dn:"); 213 } 214 else 215 { 216 return new ASN1OctetString("dn:" + authorizationDN.toString()); 217 } 218 } 219 220 221 222 /** 223 * Creates a new authorization identity response control from the contents of 224 * the provided control. 225 * 226 * @param control The generic control containing the information to use to 227 * create this authorization identity response control. 228 * 229 * @return The authorization identity response control decoded from the 230 * provided control. 231 * 232 * @throws LDAPException If this control cannot be decoded as a valid 233 * authorization identity response control. 234 */ 235 public static AuthorizationIdentityResponseControl decodeControl( 236 Control control) 237 throws LDAPException 238 { 239 if (! control.hasValue()) 240 { 241 Message message = ERR_AUTHZIDRESP_NO_CONTROL_VALUE.get(); 242 throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, message); 243 } 244 245 return new AuthorizationIdentityResponseControl(control.getOID(), 246 control.isCritical(), control.getValue().stringValue(), 247 control.getValue()); 248 } 249 250 251 252 /** 253 * Retrieves the authorization ID for this authorization identity response 254 * control. 255 * 256 * @return The authorization ID for this authorization identity response 257 * control. 258 */ 259 public String getAuthorizationID() 260 { 261 return authorizationID; 262 } 263 264 265 266 /** 267 * Specifies the authorization ID for this authorization identity response 268 * control. 269 * 270 * @param authorizationID The authorization ID for this authorization 271 * identity response control. 272 */ 273 public void setAuthorizationID(String authorizationID) 274 { 275 this.authorizationID = authorizationID; 276 setValue(encodeValue(authorizationID)); 277 } 278 279 280 281 /** 282 * Retrieves a string representation of this authorization identity response 283 * control. 284 * 285 * @return A string representation of this authorization identity response 286 * control. 287 */ 288 public String toString() 289 { 290 StringBuilder buffer = new StringBuilder(); 291 toString(buffer); 292 return buffer.toString(); 293 } 294 295 296 297 /** 298 * Appends a string representation of this authorization identity response 299 * control to the provided buffer. 300 * 301 * @param buffer The buffer to which the information should be appended. 302 */ 303 public void toString(StringBuilder buffer) 304 { 305 buffer.append("AuthorizationIdentityResponseControl(authzID=\""); 306 buffer.append(authorizationID); 307 buffer.append("\")"); 308 } 309 } 310