com.sun.jndi.ldap.ext
Class WhoAmIResponse

java.lang.Object
  extended by com.sun.jndi.ldap.ext.WhoAmIResponse
All Implemented Interfaces:
java.io.Serializable, javax.naming.ldap.ExtendedResponse

public class WhoAmIResponse
extends java.lang.Object
implements javax.naming.ldap.ExtendedResponse

This class implements the LDAPv3 Extended Response for WhoAmI. The WhoAmIRequest and WhoAmIResponse are used to obtain the current authorization identity of the user. WhoAmI extended operation allows users to get authorization identity seperately from LDAP bind operation, unlike AuthorizationIDControl which has to be used with LDAP bind operation.

The WhoAmI LDAP extended operation is defined in draft-zeilenga-ldap-authzid-08.

The object identifier used by WhoAmI extended operation is 2.16.840.1.113730.3.4.15 and the extended response value is the user authorization identity.

The extended response's value has the following ASN.1 definition:

 
     AuthzId ::= LDAPString ; containing an authzId as defined in RFC 2829
                            ; or an empty value

     authzId    = dnAuthzId / uAuthzId
  
     ; distinguished-name-based authz id.
     dnAuthzId  = "dn:" dn
     dn         = utf8string    ; with syntax defined in RFC 2253
  
     ; unspecified userid, UTF-8 encoded.
     uAuthzId   = "u:" userid
     userid     = utf8string    ; syntax unspecified
   
 

The following code sample shows how the extended operation may be used:


     // create an initial context using the supplied environment properties
     LdapContext ctx = new InitialLdapContext(env, null);

     // perform the extended operation
     WhoAmIResponse whoAmI =
         (WhoAmIResponse) ctx.extendedOperation(new WhoAmIRequest());

     System.out.println("I am <" + whoAmI.getAuthorizationID() + ">");

 

Author:
Vincent Ryan
See Also:
WhoAmIRequest, AuthorizationIDControl, Serialized Form

Field Summary
private  java.lang.String authzId
          Authorization identity of the bound user
static java.lang.String OID
          The WhoAmI extended response's assigned object identifier is 1.3.6.1.4.1.4203.1.11.3.
private static long serialVersionUID
           
private  byte[] value
          The ASN1 encoded value of the extended response
 
Constructor Summary
WhoAmIResponse(java.lang.String id, byte[] value, int offset, int length)
          Constructs a WhoAmI extended response.
 
Method Summary
 java.lang.String getAuthorizationID()
          Retrieves the authorization identity.
 byte[] getEncodedValue()
          Retrieves the WhoAmI response's ASN.1 BER encoded value.
 java.lang.String getID()
          Retrieves the WhoAmI response's object identifier string.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

OID

public static final java.lang.String OID
The WhoAmI extended response's assigned object identifier is 1.3.6.1.4.1.4203.1.11.3.

See Also:
Constant Field Values

authzId

private java.lang.String authzId
Authorization identity of the bound user


value

private byte[] value
The ASN1 encoded value of the extended response


serialVersionUID

private static final long serialVersionUID
See Also:
Constant Field Values
Constructor Detail

WhoAmIResponse

WhoAmIResponse(java.lang.String id,
               byte[] value,
               int offset,
               int length)
         throws java.io.IOException
Constructs a WhoAmI extended response.

Throws:
java.io.IOException
Method Detail

getID

public java.lang.String getID()
Retrieves the WhoAmI response's object identifier string.

Specified by:
getID in interface javax.naming.ldap.ExtendedResponse
Returns:
The non-null object identifier string.

getEncodedValue

public byte[] getEncodedValue()
Retrieves the WhoAmI response's ASN.1 BER encoded value.

Specified by:
getEncodedValue in interface javax.naming.ldap.ExtendedResponse
Returns:
A possibly null byte array representing the ASN.1 BER encoded value of the LDAP extended response.

getAuthorizationID

public java.lang.String getAuthorizationID()
Retrieves the authorization identity.

Returns:
The authorization identity. An empty string is returned when anonymous authentication is used.