001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2010 Sun Microsystems, Inc. 025 */ 026 027package org.forgerock.opendj.ldap.requests; 028 029import java.util.List; 030 031import org.forgerock.opendj.ldap.ByteString; 032import org.forgerock.opendj.ldap.DecodeException; 033import org.forgerock.opendj.ldap.DecodeOptions; 034import org.forgerock.opendj.ldap.controls.Control; 035import org.forgerock.opendj.ldap.controls.ControlDecoder; 036import org.forgerock.opendj.ldap.responses.ExtendedResultDecoder; 037import org.forgerock.opendj.ldap.responses.WhoAmIExtendedResult; 038 039/** 040 * The who am I extended request as defined in RFC 4532. This operation allows 041 * clients to obtain the primary authorization identity, in its primary form, 042 * that the server has associated with the user or application entity. 043 * <p> 044 * The following example demonstrates use of the Who Am I? request and response. 045 * 046 * <pre> 047 * Connection connection = ...; 048 * String name = ...; 049 * char[] password = ...; 050 * 051 * Result result = connection.bind(name, password); 052 * if (result.isSuccess()) { 053 * WhoAmIExtendedRequest request = Requests.newWhoAmIExtendedRequest(); 054 * WhoAmIExtendedResult extResult = connection.extendedRequest(request); 055 * 056 * if (extResult.isSuccess()) { 057 * // Authz ID: " + extResult.getAuthorizationID()); 058 * } 059 * } 060 * </pre> 061 * 062 * This operation may preferable to the Authorization Identity Controls 063 * mechanism defined in RFC 3829, which uses Bind request and response controls 064 * to request and return the authorization identity. Bind controls are not 065 * protected by security layers established by the Bind operation that includes 066 * them. While it is possible to establish security layers using StartTLS prior 067 * to the Bind operation, it is often desirable to use security layers 068 * established by the Bind operation. An extended operation sent after a Bind 069 * operation is protected by the security layers established by the Bind 070 * operation. 071 * 072 * @see WhoAmIExtendedResult 073 * @see org.forgerock.opendj.ldap.controls.AuthorizationIdentityRequestControl 074 * @see <a href="http://tools.ietf.org/html/rfc4532">RFC 4532 - Lightweight 075 * Directory Access Protocol (LDAP) "Who am I?" Operation </a> 076 * @see <a href="http://tools.ietf.org/html/rfc3829">RFC 3829 - Lightweight 077 * Directory Access Protocol (LDAP) Authorization Identity Request and 078 * Response Controls </a> 079 */ 080public interface WhoAmIExtendedRequest extends ExtendedRequest<WhoAmIExtendedResult> { 081 082 /** 083 * A decoder which can be used to decode who am I extended operation 084 * requests. 085 */ 086 ExtendedRequestDecoder<WhoAmIExtendedRequest, WhoAmIExtendedResult> DECODER = 087 new WhoAmIExtendedRequestImpl.RequestDecoder(); 088 089 /** 090 * The OID for the who am I extended operation request. 091 */ 092 String OID = "1.3.6.1.4.1.4203.1.11.3"; 093 094 @Override 095 WhoAmIExtendedRequest addControl(Control control); 096 097 @Override 098 <C extends Control> C getControl(ControlDecoder<C> decoder, DecodeOptions options) 099 throws DecodeException; 100 101 @Override 102 List<Control> getControls(); 103 104 @Override 105 String getOID(); 106 107 @Override 108 ExtendedResultDecoder<WhoAmIExtendedResult> getResultDecoder(); 109 110 @Override 111 ByteString getValue(); 112 113 @Override 114 boolean hasValue(); 115}