org.opends.server.core
Interface BindOperation

All Superinterfaces:
Operation
All Known Implementing Classes:
BindOperationBasis, BindOperationWrapper, LocalBackendBindOperation

public interface BindOperation
extends Operation

This interface defines an operation that may be used to authenticate a user to the Directory Server. Note that for security restrictions, response messages that may be returned to the client must be carefully cleaned to ensure that they do not provide a malicious client with information that may be useful in an attack. This does impact the debugability of the server, but that can be addressed by calling the setAuthFailureReason method, which can provide a reason for a failure in a form that will not be returned to the client but may be written to a log file.


Field Summary
 
Fields inherited from interface org.opends.server.types.Operation
LOCALBACKENDOPERATIONS
 
Method Summary
 AuthenticationInfo getAuthenticationInfo()
          Retrieves the authentication info that resulted from processing this bind operation.
 AuthenticationType getAuthenticationType()
          Retrieves the authentication type for this bind operation.
 Message getAuthFailureReason()
          Retrieves a human-readable message providing the reason that the authentication failed, if available.
 DN getBindDN()
          Retrieves the bind DN for this bind operation.
 java.lang.String getProtocolVersion()
          Retrieves a string representation of the protocol version associated with this bind request.
 ByteString getRawBindDN()
          Retrieves the raw, unprocessed bind DN for this bind operation as contained in the client request.
 Entry getSASLAuthUserEntry()
          Retrieves the user entry associated with the SASL authentication attempt.
 ASN1OctetString getSASLCredentials()
          Retrieves the SASL credentials for this bind operation.
 java.lang.String getSASLMechanism()
          Retrieves the SASL mechanism for this bind operation.
 ASN1OctetString getServerSASLCredentials()
          Retrieves the set of server SASL credentials to include in the bind response.
 ByteString getSimplePassword()
          Retrieves the simple authentication password for this bind operation.
 DN getUserEntryDN()
          Retrieves the user entry DN for this bind operation.
 void setAuthenticationInfo(AuthenticationInfo authInfo)
          Specifies the authentication info that resulted from processing this bind operation.
 void setAuthFailureReason(Message message)
          Specifies the reason that the authentication failed.
 void setProtocolVersion(java.lang.String protocolVersion)
          Specifies the string representation of the protocol version associated with this bind request.
 void setRawBindDN(ByteString rawBindDN)
          Specifies the raw, unprocessed bind DN for this bind operation.
 void setSASLAuthUserEntry(Entry saslAuthUserEntry)
          Specifies the user entry associated with the SASL authentication attempt.
 void setSASLCredentials(java.lang.String saslMechanism, ASN1OctetString saslCredentials)
          Specifies the SASL credentials for this bind operation.
 void setServerSASLCredentials(ASN1OctetString serverSASLCredentials)
          Specifies the set of server SASL credentials to include in the bind response.
 void setSimplePassword(ByteString simplePassword)
          Specifies the simple authentication password for this bind operation.
 void setUserEntryDN(DN userEntryDN)
          Set the user entry DN for this bind operation.
 
Methods inherited from interface org.opends.server.types.Operation
abort, addRequestControl, addResponseControl, appendAdditionalLogMessage, appendErrorMessage, cancel, checkIfCanceled, disconnectClient, dontSynchronize, getAdditionalLogMessage, getAttachment, getAttachments, getAuthorizationDN, getAuthorizationEntry, getCancelRequest, getCancelResult, getClientConnection, getCommonLogElements, getConnectionID, getErrorMessage, getMatchedDN, getMessageID, getOperationID, getOperationType, getProcessingNanoTime, getProcessingStartTime, getProcessingStopTime, getProcessingTime, getReferralURLs, getRequestControls, getRequestLogElements, getResponseControls, getResponseLogElements, getResultCode, isInternalOperation, isSynchronizationOperation, operationCompleted, removeAttachment, removeRequestControl, removeResponseControl, setAdditionalLogMessage, setAttachment, setAttachments, setAuthorizationEntry, setDontSynchronize, setErrorMessage, setInternalOperation, setMatchedDN, setReferralURLs, setResponseData, setResultCode, setSynchronizationOperation, toString, toString
 

Method Detail

getAuthenticationType

AuthenticationType getAuthenticationType()
Retrieves the authentication type for this bind operation.

Returns:
The authentication type for this bind operation.

getRawBindDN

ByteString getRawBindDN()
Retrieves the raw, unprocessed bind DN for this bind operation as contained in the client request. The value may not actually contain a valid DN, as no validation will have been performed.

Returns:
The raw, unprocessed bind DN for this bind operation as contained in the client request.

setRawBindDN

void setRawBindDN(ByteString rawBindDN)
Specifies the raw, unprocessed bind DN for this bind operation. This should only be called by pre-parse plugins.

Parameters:
rawBindDN - The raw, unprocessed bind DN for this bind operation.

getProtocolVersion

java.lang.String getProtocolVersion()
Retrieves a string representation of the protocol version associated with this bind request.

Returns:
A string representation of the protocol version associated with this bind request.

setProtocolVersion

void setProtocolVersion(java.lang.String protocolVersion)
Specifies the string representation of the protocol version associated with this bind request.

Parameters:
protocolVersion - The string representation of the protocol version associated with this bind request.

getBindDN

DN getBindDN()
Retrieves the bind DN for this bind operation. This method should not be called by pre-parse plugins, as the raw value will not have been processed by that time. Instead, pre-parse plugins should call the getRawBindDN method.

Returns:
The bind DN for this bind operation, or null if the raw DN has not yet been processed.

getSimplePassword

ByteString getSimplePassword()
Retrieves the simple authentication password for this bind operation.

Returns:
The simple authentication password for this bind operation.

setSimplePassword

void setSimplePassword(ByteString simplePassword)
Specifies the simple authentication password for this bind operation.

Parameters:
simplePassword - The simple authentication password for this bind operation.

getSASLMechanism

java.lang.String getSASLMechanism()
Retrieves the SASL mechanism for this bind operation.

Returns:
The SASL mechanism for this bind operation, or null if the bind does not use SASL authentication.

getSASLCredentials

ASN1OctetString getSASLCredentials()
Retrieves the SASL credentials for this bind operation.

Returns:
The SASL credentials for this bind operation, or null if there are none or if the bind does not use SASL authentication.

setSASLCredentials

void setSASLCredentials(java.lang.String saslMechanism,
                        ASN1OctetString saslCredentials)
Specifies the SASL credentials for this bind operation.

Parameters:
saslMechanism - The SASL mechanism for this bind operation.
saslCredentials - The SASL credentials for this bind operation, or null if there are none.

getServerSASLCredentials

ASN1OctetString getServerSASLCredentials()
Retrieves the set of server SASL credentials to include in the bind response.

Returns:
The set of server SASL credentials to include in the bind response, or null if there are none.

setServerSASLCredentials

void setServerSASLCredentials(ASN1OctetString serverSASLCredentials)
Specifies the set of server SASL credentials to include in the bind response.

Parameters:
serverSASLCredentials - The set of server SASL credentials to include in the bind response.

getSASLAuthUserEntry

Entry getSASLAuthUserEntry()
Retrieves the user entry associated with the SASL authentication attempt. This should be set by any SASL mechanism in which the processing was able to get far enough to make this determination, regardless of whether the authentication was ultimately successful.

Returns:
The user entry associated with the SASL authentication attempt, or null if it was not a SASL authentication or the SASL processing was not able to map the request to a user.

setSASLAuthUserEntry

void setSASLAuthUserEntry(Entry saslAuthUserEntry)
Specifies the user entry associated with the SASL authentication attempt. This should be set by any SASL mechanism in which the processing was able to get far enough to make this determination, regardless of whether the authentication was ultimately successful.

Parameters:
saslAuthUserEntry - The user entry associated with the SASL authentication attempt.

getAuthFailureReason

Message getAuthFailureReason()
Retrieves a human-readable message providing the reason that the authentication failed, if available.

Returns:
A human-readable message providing the reason that the authentication failed, or null if none is available.

setAuthFailureReason

void setAuthFailureReason(Message message)
Specifies the reason that the authentication failed.

Parameters:
message - providing the reason that the authentication failed.

getUserEntryDN

DN getUserEntryDN()
Retrieves the user entry DN for this bind operation. It will only be available if the bind processing has proceeded far enough to identify the user attempting to authenticate.

Returns:
The user entry DN for this bind operation, or null if the bind processing has not progressed far enough to identify the user or if the user DN could not be determined.

getAuthenticationInfo

AuthenticationInfo getAuthenticationInfo()
Retrieves the authentication info that resulted from processing this bind operation. It will only be valid if the bind processing was successful.

Returns:
The authentication info that resulted from processing this bind operation.

setAuthenticationInfo

void setAuthenticationInfo(AuthenticationInfo authInfo)
Specifies the authentication info that resulted from processing this bind operation. This method must only be called by SASL mechanism handlers during the course of processing the processSASLBind method.

Parameters:
authInfo - The authentication info that resulted from processing this bind operation.

setUserEntryDN

void setUserEntryDN(DN userEntryDN)
Set the user entry DN for this bind operation.

Parameters:
userEntryDN - The user entry DN for this bind operation, or null if the bind processing has not progressed far enough to identify the user or if the user DN could not be determined.