Package com.unboundid.directory.sdk.ds.types

Interface SASLBindResultFactory

    • Method Detail

      • createSuccessResult

        SuccessSASLBindResult createSuccessResult​(java.lang.String authenticatedUserDN)
        Creates a success SASL bind result in which the authentication and authorization user identities are the same, and no diagnostic message, controls, or server SASL credentials need to be returned.
        Parameters:
        authenticatedUserDN - The DN of the user that has been authenticated. It may be null if the resulting authentication was anonymous.
        Returns:
        The created success SASL bind result.

      • createSuccessResult

        SuccessSASLBindResult createSuccessResult​(java.lang.String authenticatedUserDN,
                                          java.lang.String authorizedUserDN,
                                          java.lang.String diagnosticMessage,
                                          java.util.List<Control> controls,
                                          ASN1OctetString serverSASLCredentials)
        Creates a success SASL bind result with the provided information.
        Parameters:
        authenticatedUserDN - The DN of the user that has been authenticated. It may be empty or null if the resulting authentication was anonymous.
        authorizedUserDN - The DN of the user that should be used as the authorization identity for subsequent operations requested on the connection. In most cases, it should be the same as the authenticated user DN, but it may be different if an alternate authorization identity was specified. It may be empty or null if the authorization identity should be that of the anonymous user.
        diagnosticMessage - The diagnostic message that should be included in the response to the client. It may be null if no diagnostic message is needed.
        controls - The set of controls that should be included in the response to the client. It may be null or empty if no response controls are needed.
        serverSASLCredentials - The server SASL credentials that should be included in the response to the client. It may be null if no server SASL credentials are needed.
        Returns:
        The created success SASL bind result.

      • createSuccessResult

        SuccessSASLBindResult createSuccessResult​(java.lang.String authenticatedUserDN,
                                          java.lang.String authorizedUserDN,
                                          java.lang.String diagnosticMessage,
                                          java.util.List<Control> controls,
                                          ASN1OctetString serverSASLCredentials,
                                          ASN1OctetString passwordUsed)
        Creates a success SASL bind result with the provided information.
        Parameters:
        authenticatedUserDN - The DN of the user that has been authenticated. It may be empty or null if the resulting authentication was anonymous.
        authorizedUserDN - The DN of the user that should be used as the authorization identity for subsequent operations requested on the connection. In most cases, it should be the same as the authenticated user DN, but it may be different if an alternate authorization identity was specified. It may be empty or null if the authorization identity should be that of the anonymous user.
        diagnosticMessage - The diagnostic message that should be included in the response to the client. It may be null if no diagnostic message is needed.
        controls - The set of controls that should be included in the response to the client. It may be null or empty if no response controls are needed.
        serverSASLCredentials - The server SASL credentials that should be included in the response to the client. It may be null if no server SASL credentials are needed.
        passwordUsed - The plaintext password that was used to authenticate. This may be null if the associated SASL mechanism is not password-based or if the plaintext password is not available.
        Returns:
        The created success SASL bind result.

      • createContinuationResult

        ContinuationSASLBindResult createContinuationResult​(java.lang.String diagnosticMessage,
                                                    java.util.List<Control> controls,
                                                    ASN1OctetString serverSASLCredentials)
        Creates a continuation SASL bind result (indicating that more processing is required to complete the authentication) with the provided information.
        Parameters:
        diagnosticMessage - The diagnostic message that should be included in the response to the client. It may be null if no diagnostic message is needed.
        controls - The set of controls that should be included in the response to the client. It may be null or empty if no response controls are needed.
        serverSASLCredentials - The server SASL credentials that should be included in the response to the client. It may be null if no server SASL credentials are needed.
        Returns:
        The created continuation SASL bind result.

      • createFailureResult

        FailureSASLBindResult createFailureResult​(java.lang.String authenticationFailureReason,
                                          java.lang.String diagnosticMessage,
                                          java.lang.String matchedDN,
                                          java.util.List<Control> controls,
                                          ASN1OctetString serverSASLCredentials)
        Creates a failure SASL bind result with the provided information.
        Parameters:
        authenticationFailureReason - A message that explains the reason for the authentication failure. This will be recorded in the server access log but not included in the response to return to the client.
        diagnosticMessage - The diagnostic message that should be included in the response to the client. It may be null if no diagnostic message is needed.
        matchedDN - The matched DN that should be included in the response to the client. It may be null if no matched DN is needed.
        controls - The set of controls that should be included in the response to the client. It may be null or empty if no response controls are needed.
        serverSASLCredentials - The server SASL credentials that should be included in the response to the client. It may be null if no server SASL credentials are needed.
        Returns:
        The created failure SASL bind result.

      • createFailureResult

        FailureSASLBindResult createFailureResult​(java.lang.String authenticationFailureReason,
                                          java.lang.String diagnosticMessage,
                                          java.lang.String matchedDN,
                                          java.util.List<Control> controls,
                                          ASN1OctetString serverSASLCredentials,
                                          java.lang.String unsuccessfullyAuthenticatedUserDN)
        Creates a failure SASL bind result with the provided information.
        Parameters:
        authenticationFailureReason - A message that explains the reason for the authentication failure. This will be recorded in the server access log but not included in the response to return to the client.
        diagnosticMessage - The diagnostic message that should be included in the response to the client. It may be null if no diagnostic message is needed.
        matchedDN - The matched DN that should be included in the response to the client. It may be null if no matched DN is needed.
        controls - The set of controls that should be included in the response to the client. It may be null or empty if no response controls are needed.
        serverSASLCredentials - The server SASL credentials that should be included in the response to the client. It may be null if no server SASL credentials are needed.
        unsuccessfullyAuthenticatedUserDN - The DN of the user that tried to authenticate but was unable to do so successfully, if applicable.
        Returns:
        The created failure SASL bind result.

      • isUserPasswordValid

        boolean isUserPasswordValid​(java.lang.String userDN,
                            ASN1OctetString password)
                     throws LDAPException
        Indicates whether the provided password is valid for the specified user. Note that absolutely no password policy processing will be performed. This method merely determines whether the provided password is contained in the specified user entry.
        Parameters:
        userDN - The DN of the user entry for which to make the determination. It must not be null or empty.
        password - The bytes comprising the non-encoded clear-text password for which the determination is to be made. It must not be null or empty.
        Returns:
        true if the given password is contained in the specified user entry, or false if not.
        Throws:
        LDAPException - If a problem is encountered while attempting to make the determination.

      • mapUsernameToEntry

        Entry mapUsernameToEntry​(java.lang.String username)
                  throws LDAPException
        Maps the provided username to a user entry using the identity mapper associated with the SASL mechanism handler.
        Parameters:
        username - The username to be mapped to a user entry.
        Returns:
        The entry for the user identified by the associated identity mapper.
        Throws:
        LDAPException - If no identity mapper is associated with the SASL mechanism handler, or if the identity mapper cannot be used to map the username to exactly one entry.