001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2006-2008 Sun Microsystems, Inc.
025 *      Portions Copyright 2014-2015 ForgeRock AS
026 */
027package org.opends.server.types.operation;
028import org.forgerock.i18n.LocalizableMessage;
029
030
031
032import org.opends.server.types.AuthenticationType;
033import org.forgerock.opendj.ldap.ByteString;
034import org.opends.server.types.DN;
035import org.opends.server.types.Entry;
036
037
038
039/**
040 * This class defines a set of methods that are available for use by
041 * post-response plugins for bind operations.  Note that this
042 * interface is intended only to define an API for use by plugins and
043 * is not intended to be implemented by any custom classes.
044 */
045@org.opends.server.types.PublicAPI(
046     stability=org.opends.server.types.StabilityLevel.UNCOMMITTED,
047     mayInstantiate=false,
048     mayExtend=false,
049     mayInvoke=true)
050public interface PostResponseBindOperation
051       extends PostOperationOperation
052{
053  /**
054   * Retrieves the authentication type for this bind operation.
055   *
056   * @return  The authentication type for this bind operation.
057   */
058  AuthenticationType getAuthenticationType();
059
060
061
062  /**
063   * Retrieves a string representation of the protocol version
064   * associated with this bind request.
065   *
066   * @return  A string representation of the protocol version
067   *          associated with this bind request.
068   */
069  String getProtocolVersion();
070
071
072
073  /**
074   * Retrieves the raw, unprocessed bind DN for this bind operation as
075   * contained in the client request.  The value may not actually
076   * contain a valid DN, as no validation will have been performed.
077   *
078   * @return  The raw, unprocessed bind DN for this bind operation as
079   *          contained in the client request.
080   */
081  ByteString getRawBindDN();
082
083
084
085  /**
086   * Retrieves the bind DN for this bind operation.
087   *
088   * @return  The bind DN for this bind operation.
089   */
090  DN getBindDN();
091
092
093
094  /**
095   * Retrieves the simple authentication password for this bind
096   * operation.
097   *
098   * @return  The simple authentication password for this bind
099   *          operation.
100   */
101  ByteString getSimplePassword();
102
103
104
105  /**
106   * Retrieves the SASL mechanism for this bind operation.
107   *
108   * @return  The SASL mechanism for this bind operation, or
109   *          <CODE>null</CODE> if the bind does not use SASL
110   *          authentication.
111   */
112  String getSASLMechanism();
113
114
115
116  /**
117   * Retrieves the SASL credentials for this bind operation.
118   *
119   * @return  The SASL credentials for this bind operation, or
120   *          <CODE>null</CODE> if there are none or if the bind does
121   *          not use SASL authentication.
122   */
123  ByteString getSASLCredentials();
124
125
126
127  /**
128   * Retrieves the set of server SASL credentials to include in the
129   * bind response.
130   *
131   * @return  The set of server SASL credentials to include in the
132   *          bind response, or <CODE>null</CODE> if there are none.
133   */
134  ByteString getServerSASLCredentials();
135
136
137
138  /**
139   * Retrieves the user entry associated with the SASL authentication
140   * attempt.  This should be set by any SASL mechanism in which the
141   * processing was able to get far enough to make this determination,
142   * regardless of whether the authentication was ultimately
143   * successful.
144   *
145   * @return  The user entry associated with the SASL authentication
146   *          attempt, or <CODE>null</CODE> if it was not a SASL
147   *          authentication or the SASL processing was not able to
148   *          map the request to a user.
149   */
150  Entry getSASLAuthUserEntry();
151
152
153
154  /**
155   * Retrieves a human-readable message providing the reason that the
156   * authentication failed, if available.
157   *
158   * @return  A human-readable message providing the reason that the
159   *          authentication failed, or <CODE>null</CODE> if none is
160   *          available.
161   */
162  LocalizableMessage getAuthFailureReason();
163
164
165
166  /**
167   * Retrieves the user entry DN for this bind operation.  It will
168   * only be available if the bind processing has proceeded far enough
169   * to identify the user attempting to authenticate.
170   *
171   * @return  The user entry DN for this bind operation, or
172   *          <CODE>null</CODE> if the bind processing has not
173   *          progressed far enough to identify the user or if the
174   *          user DN could not be determined.
175   */
176  DN getUserEntryDN();
177}
178