001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * docs/licenses/cddl.txt 011 * or http://www.opensource.org/licenses/cddl1.php. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * docs/licenses/cddl.txt. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2010-2021 Ping Identity Corporation 026 */ 027package com.unboundid.directory.sdk.common.types; 028 029 030 031import com.unboundid.util.NotExtensible; 032import com.unboundid.util.ThreadSafety; 033import com.unboundid.util.ThreadSafetyLevel; 034 035 036 037/** 038 * This interface defines a set of methods that may be used to obtain 039 * information about the authentication and/or authorization identity of a 040 * client connection. 041 */ 042@NotExtensible() 043@ThreadSafety(level=ThreadSafetyLevel.INTERFACE_NOT_THREADSAFE) 044public interface AuthInfo 045{ 046 /** 047 * Indicates whether the associated client has authenticated to the server. 048 * 049 * @return {@code true} if the associated client has authenticated to the 050 * server, or {@code false} if not. 051 */ 052 boolean isAuthenticated(); 053 054 055 056 /** 057 * Retrieves the type of authentication performed by the client. 058 * 059 * @return The type of authentication performed by the client. 060 */ 061 AuthType getAuthType(); 062 063 064 065 /** 066 * Retrieves the DN of the user that has authenticated, if applicable. 067 * 068 * @return The DN of the user that has authenticated, or {@code null} if the 069 * client has not authenticated. 070 */ 071 String getAuthenticationDN(); 072 073 074 075 /** 076 * Retrieves the entry for the user that has authenticated, if applicable. 077 * 078 * @return The entry for the user that has authenticated, or {@code null} if 079 * the client has not yet authenticated. 080 */ 081 Entry getAuthenticationEntry(); 082 083 084 085 /** 086 * Retrieves the DN of the authorization identity for the client connection, 087 * if applicable. The authorization identity is usually the same as the 088 * authentication identity, but an alternate authorization identity may be 089 * specified when authenticating with some SASL mechanisms. 090 * 091 * @return The DN of the authorization identity for the connection, or 092 * {@code null} if the client has not yet authenticated or if the 093 * authorization identity is the anonymous user. 094 */ 095 String getAuthorizationDN(); 096 097 098 099 /** 100 * Retrieves the entry for the authorization identity, if applicable. The 101 * authorization identity is usually the same as the authentication identity, 102 * but an alternate authorization identity may be specified when 103 * authenticating with some SASL mechanisms. 104 * 105 * @return The entry for the authorization identity, or {@code null} if the 106 * client has not yet authenticated or if the authorization identity 107 * is the anonymous user. 108 */ 109 Entry getAuthorizationEntry(); 110 111 112 113 /** 114 * Retrieves the name of the SASL mechanism used to authenticate, if 115 * applicable. 116 * 117 * @return The name of the SASL mechanism used to authenticate, or 118 * {@code null} if the client has not used SASL authentication. 119 */ 120 String getSASLMechanismName(); 121}