@NotExtensible @ThreadSafety(level=INTERFACE_NOT_THREADSAFE) public interface ClientContext
Modifier and Type | Method and Description |
---|---|
void |
disconnect(DisconnectReason reason,
boolean notifyClient,
java.lang.String message)
Terminates the connection to the client and interrupts any operations that
may be in progress on that connection.
|
java.lang.Object |
getAttachment(java.lang.String name)
Retrieves a named object that has been associated with this client
connection.
|
AuthInfo |
getAuthInfo()
Retrieves information about the authentication state of the client
connection.
|
java.lang.String |
getClientConnectionPolicyDN()
Retrieves the DN of the entry that defines the client connection policy to
which the associated client connection is assigned.
|
java.lang.String |
getClientConnectionPolicyName()
Retrieves the name of the client connection policy to which the associated
client connection is assigned.
|
java.net.InetAddress |
getClientInetAddress()
Retrieves an
InetAddress representing the address of the client
system, if available. |
long |
getConnectionID()
Retrieves the identifier that has been assigned to the associated client
connection.
|
long |
getConnectTime()
Retrieves the time that the connection was established.
|
java.util.Map<DN,Group> |
getGroups(OperationContext operation,
boolean directMembershipOnly)
Retrieves the groups in which the currently-authenticated user is a member,
indexed by group DN.
|
InternalConnection |
getInternalConnection(java.lang.String dn,
boolean usePolicyFromConnection)
Retrieves an internal connection that is authenticated as the specified
user.
|
InternalConnection |
getInternalRootConnection(boolean usePolicyFromConnection)
Retrieves an internal connection that is authenticated as a root user
that is not subject to access control.
|
InternalConnection |
getInternalUserConnection(boolean usePolicyFromConnection)
Retrieves an internal connection that is authenticated as the same user
as the associated client connection.
|
java.util.List<java.lang.String> |
getMatchedConnectionCriteria()
Returns a
List containing the names of all the Connection
Criteria that match this connection. |
java.util.Set<java.lang.String> |
getPrivilegeNames()
Retrieves the names of the privileges held by the currently-authenticated
user.
|
java.lang.String |
getProtocol()
Retrieves the name of the protocol that the client is using to communicate
with the server.
|
java.lang.Object |
getSASLAuthStateInfo()
Retrieves an opaque object with information about the state of an active
multi-stage SASL bind.
|
ServerContext |
getServerContext()
Retrieves information about the server with which the client connection is
associated.
|
java.net.InetAddress |
getServerInetAddress()
Retrieves an
InetAddress representing the address on the server to
which the client established the connection, if available. |
boolean |
hasPrivilege(java.lang.String privilegeName,
OperationContext operation)
Indicates whether the currently-authenticated user has the specified
privilege.
|
boolean |
isAuthenticated()
Indicates whether the client has authenticated to the server.
|
boolean |
isInternal()
Indicates whether this represents an internal client connection.
|
boolean |
isMemberOf(java.lang.String groupDN,
OperationContext operation)
Indicates whether the currently-authenticated user is a member of the
specified group.
|
boolean |
isSecure()
Indicates whether the client is communicating with the server in a secure
manner.
|
boolean |
matchesConnectionCriteria(java.lang.String criteriaName)
Determines whether this
ClientContext matches the given Connection
Criteria. |
void |
sendUnsolicitedNotification(java.lang.String oid,
ResultCode resultCode,
java.lang.String message)
Attempts to send an unsolicited notification to the client with the
provided information.
|
java.lang.Object |
setAttachment(java.lang.String name,
java.lang.Object value)
Attaches an object to this client connection.
|
void |
setSASLAuthStateInfo(java.lang.Object saslAuthStateInfo)
Sets state information for an active multi-stage SASL bind.
|
java.lang.String |
toString()
Retrieves a string representation of the client connection.
|
long getConnectionID()
java.lang.String getClientConnectionPolicyName()
java.lang.String getClientConnectionPolicyDN()
java.util.List<java.lang.String> getMatchedConnectionCriteria()
List
containing the names of all the Connection
Criteria that match this connection. These are the configuration names
(e.g. the RDNs, not the full DNs) of the Connection Criteria.boolean matchesConnectionCriteria(java.lang.String criteriaName)
ClientContext
matches the given Connection
Criteria.criteriaName
- the name (not the DN) of the Connection Criteria to
check against.ClientContext
matches the specified
Connection Criteria, false otherwise.boolean isInternal()
true
if this represents an internal client connection, or
false
if it is from an external client.InternalConnection getInternalRootConnection(boolean usePolicyFromConnection)
usePolicyFromConnection
- If true
, the internal connection
will use the same client connection policy
as the associated client connection. If
false
, the internal connection
will use the server's default client
connection policy for internal
connections.InternalConnection getInternalUserConnection(boolean usePolicyFromConnection) throws LDAPException
usePolicyFromConnection
- If true
, the internal connection
will use the same client connection policy
as the associated client connection. If
false
, the internal connection
will use the server's default client
connection policy for internal
connections.LDAPException
- If a problem occurs while attempting to obtain or
authenticate the connection.InternalConnection getInternalConnection(java.lang.String dn, boolean usePolicyFromConnection) throws LDAPException
dn
- The DN of the user as whom the connection
should be authenticated. It may be
null
or empty if the connection
should be unauthenticated.usePolicyFromConnection
- If true
, the internal connection
will use the same client connection policy
as the associated client connection. If
false
, the internal connection
will use the server's default client
connection policy for internal
connections.LDAPException
- If a problem occurs while attempting to
authenticate as the specified user.boolean isSecure()
true
if the client is communicating with the server in a
secure manner, or false
if not.java.lang.String getProtocol()
long getConnectTime()
java.net.InetAddress getClientInetAddress()
InetAddress
representing the address of the client
system, if available.InetAddress
representing the address of the client
system, or null
if that is not available or applicable for
the associated client connection.java.net.InetAddress getServerInetAddress()
InetAddress
representing the address on the server to
which the client established the connection, if available.null
if that is not available or
applicable.boolean isAuthenticated()
true
if the client has authenticated to the server, or
false
if not.AuthInfo getAuthInfo()
boolean isMemberOf(java.lang.String groupDN, OperationContext operation) throws LDAPException
groupDN
- The DN of the group for which to make the determination.
It must not be null
.operation
- The operation currently being processed. It may be
null
if no operation is available.true
if the authenticated user is a member of the
specified group, or false
if not.LDAPException
- If a problem is encountered while attempting to
make the determination.java.util.Map<DN,Group> getGroups(OperationContext operation, boolean directMembershipOnly) throws LDAPException
operation
- The operation currently being processed. It
may be null
if no operation is
available.directMembershipOnly
- Indicates whether to only consider groups in
which the user is directly named as a member.
If this parameter is true
, then only
static groups that directly contain the
authenticated user will be included. If this
parameter is false
, then the set of
groups returned will also include dynamic
groups in which the user's entry matches the
membership criteria, as well as static groups
in which the user is a nested member.LDAPException
- If a problem is encountered while attempting to
determine the set of groups in which the
authenticated user is a member.boolean hasPrivilege(java.lang.String privilegeName, OperationContext operation) throws LDAPException
privilegeName
- The name of the privilege for which to make the
determination.operation
- The operation currently being processed. It may be
null
if no operation is available.true
if the currently-authenticated user has the specified
privilege, or false
if not (or if the client is not
authenticated).LDAPException
- If the specified privilege is not defined in the
server, or if a problem is encountered while trying
to make the determination.java.util.Set<java.lang.String> getPrivilegeNames()
void sendUnsolicitedNotification(java.lang.String oid, ResultCode resultCode, java.lang.String message)
oid
- The OID for the unsolicited notification. It must not
be null
.resultCode
- The result code to use for the unsolicited
notification. It must not be null
.message
- A message to include in the unsolicited notification.
It may be null
if no message is needed.void disconnect(DisconnectReason reason, boolean notifyClient, java.lang.String message)
reason
- A general reason that the connection was closed.notifyClient
- Indicates whether to attempt to send a notice of
disconnection to the client.message
- A message with information about the reason for the
disconnect. It may be null
if none is
available. It is generally recommended that a
message be provided even if the client should not be
notified, since the message may be used in other
ways (e.g., in log messages).ServerContext getServerContext()
java.lang.Object getSASLAuthStateInfo()
null
if no state information is
available (e.g., because no multi-stage SASL bind is in progress,
or because no state information is needed for the active bind
operation).void setSASLAuthStateInfo(java.lang.Object saslAuthStateInfo)
saslAuthStateInfo
- An opaque object that may hold information about
the state of an active multi-stage SASL bind.
It may be null
to clear any existing
SASL authentication state. The core sever will
not make any attempt to interpret this object,
but it is expected that any SASL mechanism
handler which makes use of SASL state
information will know how to interact with this
object.java.lang.Object getAttachment(java.lang.String name)
name
- The name of the attachment to retrieve. It will be treated
in a case-sensitive manner. Note that attachment names must
be carefully crafted to avoid inadvertent conflicts between
extensions or the core server itself. It is strongly
recommended that attachment names be made unique (e.g.,
by prefixing them with the fully-qualified class name of the
extension with which they are associated) so that attachments
used by one extension do not inadvertently interfere with
those which may be used in another extension or elsewhere in
the server.null
if there is no such
attachment.java.lang.Object setAttachment(java.lang.String name, java.lang.Object value)
name
- The name of the attachment to retrieve. It will be treated
in a case-sensitive manner. Note that attachment names must
be carefully crafted to avoid inadvertent conflicts between
extensions or the core server itself. It is strongly
recommended that attachment names be made unique (e.g.,
by prefixing them with the fully-qualified class name of the
extension with which they are associated) so that
attachments used by one extension do not inadvertently
interfere with those which may be used in another extension
or elsewhere in the server.value
- The attachment to set. It may be null
if an
existing attachment with the given name should be removed.null
if the attachment did not previously have a value.java.lang.String toString()
toString
in class java.lang.Object