001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2006-2008 Sun Microsystems, Inc. 025 * Portions Copyright 2014-2015 ForgeRock AS 026 */ 027package org.opends.server.controls; 028import org.forgerock.i18n.LocalizableMessage; 029 030 031 032import org.forgerock.opendj.io.ASN1Writer; 033import org.opends.server.types.*; 034import org.forgerock.opendj.ldap.ResultCode; 035import org.forgerock.opendj.ldap.ByteString; 036import static org.opends.messages.ProtocolMessages.*; 037import static org.opends.server.util.ServerConstants.*; 038 039import java.io.IOException; 040 041 042/** 043 * This class implements the authorization identity response control as defined 044 * in RFC 3829. It may be included in a bind response message to provide the 045 * authorization ID resulting for a client after the bind operation as 046 * completed. 047 */ 048public class AuthorizationIdentityResponseControl 049 extends Control 050{ 051 /** 052 * ControlDecoder implementation to decode this control from a ByteString. 053 */ 054 private static final class Decoder 055 implements ControlDecoder<AuthorizationIdentityResponseControl> 056 { 057 /** {@inheritDoc} */ 058 public AuthorizationIdentityResponseControl decode(boolean isCritical, 059 ByteString value) 060 throws DirectoryException 061 { 062 if (value == null) 063 { 064 LocalizableMessage message = ERR_AUTHZIDRESP_NO_CONTROL_VALUE.get(); 065 throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message); 066 } 067 068 try 069 { 070 String authID = value.toString(); 071 return new AuthorizationIdentityResponseControl(isCritical, 072 authID); 073 } 074 catch(Exception e) 075 { 076 // TODO: message. 077 throw new DirectoryException(ResultCode.PROTOCOL_ERROR, LocalizableMessage.EMPTY); 078 } 079 } 080 081 public String getOID() 082 { 083 return OID_AUTHZID_RESPONSE; 084 } 085 086 } 087 088 /** 089 * The Control Decoder that can be used to decode this control. 090 */ 091 public static final ControlDecoder<AuthorizationIdentityResponseControl> 092 DECODER = new Decoder(); 093 094 095 /** The authorization ID for this control. */ 096 private String authorizationID; 097 098 099 100 /** 101 * Creates a new authorization identity response control using the default 102 * settings to indicate an anonymous authentication. 103 */ 104 public AuthorizationIdentityResponseControl() 105 { 106 this(false); 107 } 108 109 /** 110 * Creates a new authorization identity response control using the default 111 * settings to indicate an anonymous authentication. 112 * 113 * @param isCritical Indicates whether this control should be 114 * considered critical in processing the 115 * request. 116 */ 117 public AuthorizationIdentityResponseControl(boolean isCritical) 118 { 119 super(OID_AUTHZID_RESPONSE, isCritical); 120 } 121 122 123 124 /** 125 * Creates a new authorization identity response control with the provided 126 * information. 127 * 128 * @param authorizationID The authorization ID for this control. 129 */ 130 public AuthorizationIdentityResponseControl(String authorizationID) 131 { 132 this(false, authorizationID); 133 } 134 135 136 /** 137 * Creates a new authorization identity response control with the provided 138 * information. 139 * 140 * @param isCritical Indicates whether this control should be 141 * considered critical in processing the 142 * request. 143 * @param authorizationID The authorization ID for this control. 144 */ 145 public AuthorizationIdentityResponseControl(boolean isCritical, 146 String authorizationID) 147 { 148 super(OID_AUTHZID_RESPONSE, isCritical); 149 150 151 this.authorizationID = authorizationID; 152 } 153 154 155 156 157 /** 158 * Creates a new authorization identity response control with the provided 159 * information. 160 * 161 * @param authorizationDN The authorization DN for this control. 162 */ 163 public AuthorizationIdentityResponseControl(DN authorizationDN) 164 { 165 super(OID_AUTHZID_RESPONSE, false); 166 167 168 if (authorizationDN == null) 169 { 170 this.authorizationID = "dn:"; 171 } 172 else 173 { 174 this.authorizationID = "dn:" + authorizationDN; 175 } 176 } 177 178 179 180 /** 181 * Writes this control's value to an ASN.1 writer. The value (if any) must be 182 * written as an ASN1OctetString. 183 * 184 * @param writer The ASN.1 output stream to write to. 185 * @throws IOException If a problem occurs while writing to the stream. 186 */ 187 public void writeValue(ASN1Writer writer) throws IOException { 188 writer.writeOctetString(authorizationID); 189 } 190 191 192 193 /** 194 * Retrieves the authorization ID for this authorization identity response 195 * control. 196 * 197 * @return The authorization ID for this authorization identity response 198 * control. 199 */ 200 public String getAuthorizationID() 201 { 202 return authorizationID; 203 } 204 205 206 207 /** 208 * Appends a string representation of this authorization identity response 209 * control to the provided buffer. 210 * 211 * @param buffer The buffer to which the information should be appended. 212 */ 213 public void toString(StringBuilder buffer) 214 { 215 buffer.append("AuthorizationIdentityResponseControl(authzID=\""); 216 buffer.append(authorizationID); 217 buffer.append("\")"); 218 } 219} 220