001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2006-2008 Sun Microsystems, Inc. 025 * Portions Copyright 2014-2015 ForgeRock AS 026 */ 027package org.opends.server.types.operation; 028import org.forgerock.i18n.LocalizableMessage; 029 030 031 032import org.opends.server.types.AuthenticationType; 033import org.forgerock.opendj.ldap.ByteString; 034import org.opends.server.types.DN; 035import org.opends.server.types.Entry; 036 037 038 039/** 040 * This class defines a set of methods that are available for use by 041 * post-response plugins for bind operations. Note that this 042 * interface is intended only to define an API for use by plugins and 043 * is not intended to be implemented by any custom classes. 044 */ 045@org.opends.server.types.PublicAPI( 046 stability=org.opends.server.types.StabilityLevel.UNCOMMITTED, 047 mayInstantiate=false, 048 mayExtend=false, 049 mayInvoke=true) 050public interface PostResponseBindOperation 051 extends PostOperationOperation 052{ 053 /** 054 * Retrieves the authentication type for this bind operation. 055 * 056 * @return The authentication type for this bind operation. 057 */ 058 AuthenticationType getAuthenticationType(); 059 060 061 062 /** 063 * Retrieves a string representation of the protocol version 064 * associated with this bind request. 065 * 066 * @return A string representation of the protocol version 067 * associated with this bind request. 068 */ 069 String getProtocolVersion(); 070 071 072 073 /** 074 * Retrieves the raw, unprocessed bind DN for this bind operation as 075 * contained in the client request. The value may not actually 076 * contain a valid DN, as no validation will have been performed. 077 * 078 * @return The raw, unprocessed bind DN for this bind operation as 079 * contained in the client request. 080 */ 081 ByteString getRawBindDN(); 082 083 084 085 /** 086 * Retrieves the bind DN for this bind operation. 087 * 088 * @return The bind DN for this bind operation. 089 */ 090 DN getBindDN(); 091 092 093 094 /** 095 * Retrieves the simple authentication password for this bind 096 * operation. 097 * 098 * @return The simple authentication password for this bind 099 * operation. 100 */ 101 ByteString getSimplePassword(); 102 103 104 105 /** 106 * Retrieves the SASL mechanism for this bind operation. 107 * 108 * @return The SASL mechanism for this bind operation, or 109 * <CODE>null</CODE> if the bind does not use SASL 110 * authentication. 111 */ 112 String getSASLMechanism(); 113 114 115 116 /** 117 * Retrieves the SASL credentials for this bind operation. 118 * 119 * @return The SASL credentials for this bind operation, or 120 * <CODE>null</CODE> if there are none or if the bind does 121 * not use SASL authentication. 122 */ 123 ByteString getSASLCredentials(); 124 125 126 127 /** 128 * Retrieves the set of server SASL credentials to include in the 129 * bind response. 130 * 131 * @return The set of server SASL credentials to include in the 132 * bind response, or <CODE>null</CODE> if there are none. 133 */ 134 ByteString getServerSASLCredentials(); 135 136 137 138 /** 139 * Retrieves the user entry associated with the SASL authentication 140 * attempt. This should be set by any SASL mechanism in which the 141 * processing was able to get far enough to make this determination, 142 * regardless of whether the authentication was ultimately 143 * successful. 144 * 145 * @return The user entry associated with the SASL authentication 146 * attempt, or <CODE>null</CODE> if it was not a SASL 147 * authentication or the SASL processing was not able to 148 * map the request to a user. 149 */ 150 Entry getSASLAuthUserEntry(); 151 152 153 154 /** 155 * Retrieves a human-readable message providing the reason that the 156 * authentication failed, if available. 157 * 158 * @return A human-readable message providing the reason that the 159 * authentication failed, or <CODE>null</CODE> if none is 160 * available. 161 */ 162 LocalizableMessage getAuthFailureReason(); 163 164 165 166 /** 167 * Retrieves the user entry DN for this bind operation. It will 168 * only be available if the bind processing has proceeded far enough 169 * to identify the user attempting to authenticate. 170 * 171 * @return The user entry DN for this bind operation, or 172 * <CODE>null</CODE> if the bind processing has not 173 * progressed far enough to identify the user or if the 174 * user DN could not be determined. 175 */ 176 DN getUserEntryDN(); 177} 178