001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2006-2008 Sun Microsystems, Inc. 025 * Portions Copyright 2014-2015 ForgeRock AS 026 */ 027package org.opends.server.types.operation; 028import org.forgerock.i18n.LocalizableMessage; 029 030 031 032import org.opends.server.types.AuthenticationType; 033import org.forgerock.opendj.ldap.ByteString; 034import org.opends.server.types.DN; 035import org.opends.server.types.Entry; 036 037 038 039/** 040 * This class defines a set of methods that are available for use by 041 * post-operation plugins for bind operations. Note that this 042 * interface is intended only to define an API for use by plugins and 043 * is not intended to be implemented by any custom classes. 044 */ 045@org.opends.server.types.PublicAPI( 046 stability=org.opends.server.types.StabilityLevel.UNCOMMITTED, 047 mayInstantiate=false, 048 mayExtend=false, 049 mayInvoke=true) 050public interface PostOperationBindOperation 051 extends PostOperationOperation 052{ 053 /** 054 * Retrieves the authentication type for this bind operation. 055 * 056 * @return The authentication type for this bind operation. 057 */ 058 AuthenticationType getAuthenticationType(); 059 060 061 062 /** 063 * Retrieves a string representation of the protocol version 064 * associated with this bind request. 065 * 066 * @return A string representation of the protocol version 067 * associated with this bind request. 068 */ 069 String getProtocolVersion(); 070 071 072 073 /** 074 * Retrieves the raw, unprocessed bind DN for this bind operation as 075 * contained in the client request. The value may not actually 076 * contain a valid DN, as no validation will have been performed. 077 * 078 * @return The raw, unprocessed bind DN for this bind operation as 079 * contained in the client request. 080 */ 081 ByteString getRawBindDN(); 082 083 084 085 /** 086 * Retrieves the bind DN for this bind operation. 087 * 088 * @return The bind DN for this bind operation. 089 */ 090 DN getBindDN(); 091 092 093 094 /** 095 * Retrieves the simple authentication password for this bind operation. 096 * 097 * @return The simple authentication password for this bind 098 * operation. 099 */ 100 ByteString getSimplePassword(); 101 102 103 104 /** 105 * Retrieves the SASL mechanism for this bind operation. 106 * 107 * @return The SASL mechanism for this bind operation, or 108 * <CODE>null</CODE> if the bind does not use SASL 109 * authentication. 110 */ 111 String getSASLMechanism(); 112 113 114 115 /** 116 * Retrieves the SASL credentials for this bind operation. 117 * 118 * @return The SASL credentials for this bind operation, or 119 * <CODE>null</CODE> if there are none or if the bind does 120 * not use SASL authentication. 121 */ 122 ByteString getSASLCredentials(); 123 124 125 126 /** 127 * Retrieves the set of server SASL credentials to include in the 128 * bind response. 129 * 130 * @return The set of server SASL credentials to include in the 131 * bind response, or <CODE>null</CODE> if there are none. 132 */ 133 ByteString getServerSASLCredentials(); 134 135 136 137 /** 138 * Specifies the set of server SASL credentials to include in the 139 * bind response. 140 * 141 * @param serverSASLCredentials The set of server SASL credentials 142 * to include in the bind response. 143 */ 144 void setServerSASLCredentials(ByteString serverSASLCredentials); 145 146 147 148 /** 149 * Retrieves the user entry associated with the SASL authentication 150 * attempt. This should be set by any SASL mechanism in which the 151 * processing was able to get far enough to make this determination, 152 * regardless of whether the authentication was ultimately 153 * successful. 154 * 155 * @return The user entry associated with the SASL authentication 156 * attempt, or <CODE>null</CODE> if it was not a SASL 157 * authentication or the SASL processing was not able to 158 * map the request to a user. 159 */ 160 Entry getSASLAuthUserEntry(); 161 162 163 164 /** 165 * Retrieves a human-readable message providing the reason that the 166 * authentication failed, if available. 167 * 168 * @return A human-readable message providing the reason that the 169 * authentication failed, or <CODE>null</CODE> if none is 170 * available. 171 */ 172 LocalizableMessage getAuthFailureReason(); 173 174 175 176 /** 177 * Specifies the reason that the authentication failed. 178 * 179 * @param reason A human-readable message providing the reason 180 * that the authentication failed. 181 */ 182 void setAuthFailureReason(LocalizableMessage reason); 183 184 185 186 /** 187 * Retrieves the user entry DN for this bind operation. It will 188 * only be available if the bind processing has proceeded far enough 189 * to identify the user attempting to authenticate. 190 * 191 * @return The user entry DN for this bind operation, or 192 * <CODE>null</CODE> if the bind processing has not 193 * progressed far enough to identify the user or if the 194 * user DN could not be determined. 195 */ 196 DN getUserEntryDN(); 197} 198