com.sun.jndi.ldap.ctl
Class AuthorizationIDResponseControl

java.lang.Object
  extended by com.sun.jndi.ldap.BasicControl
      extended by com.sun.jndi.ldap.ctl.AuthorizationIDResponseControl
All Implemented Interfaces:
java.io.Serializable, javax.naming.ldap.Control

public class AuthorizationIDResponseControl
extends com.sun.jndi.ldap.BasicControl

This class implements the LDAP response control for Authorization Identity Response control. This control retrieves the current authorization identity resulting from an LDAP bind operation.. When AuthorizationIDControl is included in the LDAP bind request, the server bind response includes the Authorization Identity Response Control.

The Authorization Identity Response Control is defined in draft-weltman-ldapv3-auth-response-08.

The object identifier used by Authorization identity response control is 2.16.840.1.113730.3.4.15 and the control value returned is the authorization identity. The control's value has the following ASN.1 definition:


     AuthzId ::= LDAPString ; containing an authzId as defined in RFC 2829
                            ; or an empty value

     authzId    = dnAuthzId / uAuthzId

     ; distinguished-name-based authz id.
     dnAuthzId  = "dn:" dn
     dn         = utf8string    ; with syntax defined in RFC 2253

     ; unspecified userid, UTF-8 encoded.
     uAuthzId   = "u:" userid
     userid     = utf8string    ; syntax unspecified

 

The following code sample shows how the control may be used:


     // create an authorization identity response control
     Control[] reqControls = new Control[]{
         new AuthorizationIDControl()
     };

     // create an initial context using the supplied environment properties
     // and the supplied control
     LdapContext ctx = new InitialLdapContext(env, reqControls);
     Control[] respControls;

     // retrieve response controls
     if ((respControls = ctx.getResponseControls()) != null) {
         for (int i = 0; i < respControls.length; i++) {

             // locate the authorization identity response control
             if (respControls[i] instanceof AuthorizationIDResponseControl) {
                 System.out.println("My identity is " +
                     ((AuthorizationIDResponseControl) respControls[i])
                         .getAuthorizationID());
             }
         }
     }

 

Author:
Vincent Ryan
See Also:
AuthorizationIDControl, WhoAmIRequest, Serialized Form

Field Summary
private  java.lang.String authzId
          Authorization Identity of the bound user
static java.lang.String OID
          The authorization identity response control's assigned object identifier is 2.16.840.1.113730.3.4.15.
private static long serialVersionUID
           
 
Fields inherited from class com.sun.jndi.ldap.BasicControl
criticality, id, value
 
Fields inherited from interface javax.naming.ldap.Control
CRITICAL, NONCRITICAL
 
Constructor Summary
AuthorizationIDResponseControl(java.lang.String id, boolean criticality, byte[] value)
          Constructs a control to indicate the authorization identity.
 
Method Summary
 java.lang.String getAuthorizationID()
          Retrieves the authorization identity.
 byte[] getEncodedValue()
          Retrieves the authorization identity control response's ASN.1 BER encoded value.
 
Methods inherited from class com.sun.jndi.ldap.BasicControl
getID, isCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

OID

public static final java.lang.String OID
The authorization identity response control's assigned object identifier is 2.16.840.1.113730.3.4.15.

See Also:
Constant Field Values

authzId

private java.lang.String authzId
Authorization Identity of the bound user


serialVersionUID

private static final long serialVersionUID
See Also:
Constant Field Values
Constructor Detail

AuthorizationIDResponseControl

AuthorizationIDResponseControl(java.lang.String id,
                               boolean criticality,
                               byte[] value)
                         throws java.io.IOException
Constructs a control to indicate the authorization identity.

Parameters:
id - The control's object identifier string.
criticality - The control's criticality.
value - The control's ASN.1 BER encoded value. May be null.
Throws:
java.io.IOException - if an error is encountered while decoding the control's value.
Method Detail

getAuthorizationID

public java.lang.String getAuthorizationID()
Retrieves the authorization identity. An empty string is returned when anonymous authentication is used.

Returns:
The authorization identity.

getEncodedValue

public byte[] getEncodedValue()
Retrieves the authorization identity control response's ASN.1 BER encoded value.

Specified by:
getEncodedValue in interface javax.naming.ldap.Control
Overrides:
getEncodedValue in class com.sun.jndi.ldap.BasicControl
Returns:
A possibly null byte array representing the ASN.1 BER encoded value of the LDAP response control.