org.opends.server.core
Class BindOperationBasis

java.lang.Object
  org.opends.server.types.AbstractOperation
      org.opends.server.core.BindOperationBasis

All Implemented Interfaces:

java.lang.Runnable, BindOperation, Operation, PluginOperation, PostResponseOperation, PreParseBindOperation, PreParseOperation

public class BindOperationBasis
extends AbstractOperation
implements BindOperation, PreParseBindOperation

This class defines an operation that may be used to authenticate a user to the Directory Server. Note that for security restrictions, response messages that may be returned to the client must be carefully cleaned to ensure that they do not provide a malicious client with information that may be useful in an attack. This does impact the debugability of the server, but that can be addressed by calling the setAuthFailureReason method, which can provide a reason for a failure in a form that will not be returned to the client but may be written to a log file.

Field Summary

Fields inherited from class org.opends.server.types.AbstractOperation

cancelRequest, cancelResult, clientConnection, messageID, NO_RESPONSE_CONTROLS, operationID, useNanoTime

Fields inherited from interface org.opends.server.types.Operation

LOCALBACKENDOPERATIONS

Constructor Summary

BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, ByteString rawBindDN, ByteString simplePassword)
Creates a new simple bind operation with the provided information.

BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, ByteString rawBindDN, java.lang.String saslMechanism, ASN1OctetString saslCredentials)
Creates a new SASL bind operation with the provided information.

BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, DN bindDN, ByteString simplePassword)
Creates a new simple bind operation with the provided information.

BindOperationBasis(ClientConnection clientConnection, long operationID, int messageID, java.util.List<Control> requestControls, java.lang.String protocolVersion, DN bindDN, java.lang.String saslMechanism, ASN1OctetString saslCredentials)
Creates a new SASL bind operation with the provided information.

Method Summary

void	addResponseControl(Control control) Adds the provided control to the set of controls to include in the response to the client.
AuthenticationInfo	getAuthenticationInfo() Retrieves the authentication info that resulted from processing this bind operation.
AuthenticationType	getAuthenticationType() Retrieves the authentication type for this bind operation.
Message	getAuthFailureReason() Retrieves a human-readable message providing the reason that the authentication failed, if available.
DN	getBindDN() Retrieves the bind DN for this bind operation.
OperationType	getOperationType() Retrieves the operation type for this operation.
java.lang.String	getProtocolVersion() Retrieves a string representation of the protocol version associated with this bind request.
ByteString	getRawBindDN() Retrieves the raw, unprocessed bind DN for this bind operation as contained in the client request.
java.lang.String[][]	getRequestLogElements() Retrieves a standard set of elements that should be logged in requests for this type of operation.
java.util.List<Control>	getResponseControls() Retrieves the set of controls to include in the response to the client.
java.lang.String[][]	getResponseLogElements() Retrieves a standard set of elements that should be logged in responses for this type of operation.
Entry	getSASLAuthUserEntry() Retrieves the user entry associated with the SASL authentication attempt.
ASN1OctetString	getSASLCredentials() Retrieves the SASL credentials for this bind operation.
java.lang.String	getSASLMechanism() Retrieves the SASL mechanism for this bind operation.
ASN1OctetString	getServerSASLCredentials() Retrieves the set of server SASL credentials to include in the bind response.
ByteString	getSimplePassword() Retrieves the simple authentication password for this bind operation.
DN	getUserEntryDN() Retrieves the user entry DN for this bind operation.
void	removeResponseControl(Control control) Removes the provided control from the set of controls to include in the response to the client.
void	run() Performs the work of actually processing this operation.
void	setAuthenticationInfo(AuthenticationInfo authInfo) Specifies the authentication info that resulted from processing this bind operation.
void	setAuthFailureReason(Message message) Specifies the reason that the authentication failed.
void	setProtocolVersion(java.lang.String protocolVersion) Specifies the string representation of the protocol version associated with this bind request.
void	setRawBindDN(ByteString rawBindDN) Specifies the raw, unprocessed bind DN for this bind operation.
void	setSASLAuthUserEntry(Entry saslAuthUserEntry) Specifies the user entry associated with the SASL authentication attempt.
void	setSASLCredentials(java.lang.String saslMechanism, ASN1OctetString saslCredentials) Specifies the SASL credentials for this bind operation.
void	setServerSASLCredentials(ASN1OctetString serverSASLCredentials) Specifies the set of server SASL credentials to include in the bind response.
void	setSimplePassword(ByteString simplePassword) Specifies the simple authentication password for this bind operation.
void	setUserEntryDN(DN userEntryDN) Set the user entry DN for this bind operation.
void	toString(java.lang.StringBuilder buffer) Appends a string representation of this operation to the provided buffer.

Methods inherited from class org.opends.server.types.AbstractOperation

abort, addRequestControl, appendAdditionalLogMessage, appendErrorMessage, cancel, checkIfCanceled, disconnectClient, dontSynchronize, getAdditionalLogMessage, getAttachment, getAttachments, getAuthorizationDN, getAuthorizationEntry, getCancelRequest, getCancelResult, getClientConnection, getCommonLogElements, getConnectionID, getErrorMessage, getMatchedDN, getMessageID, getOperationID, getProcessingNanoTime, getProcessingStartTime, getProcessingStopTime, getProcessingTime, getReferralURLs, getRequestControls, getResultCode, isInternalOperation, isSynchronizationOperation, operationCompleted, removeAttachment, removeRequestControl, setAdditionalLogMessage, setAttachment, setAttachments, setAuthorizationEntry, setDontSynchronize, setErrorMessage, setInternalOperation, setMatchedDN, setProcessingStartTime, setProcessingStopTime, setReferralURLs, setResponseData, setResultCode, setSynchronizationOperation, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.opends.server.types.Operation

abort, addRequestControl, appendAdditionalLogMessage, appendErrorMessage, cancel, checkIfCanceled, disconnectClient, dontSynchronize, getAdditionalLogMessage, getAttachment, getAttachments, getAuthorizationDN, getAuthorizationEntry, getCancelRequest, getCancelResult, getClientConnection, getCommonLogElements, getConnectionID, getErrorMessage, getMatchedDN, getMessageID, getOperationID, getProcessingNanoTime, getProcessingStartTime, getProcessingStopTime, getProcessingTime, getReferralURLs, getRequestControls, getResultCode, isInternalOperation, isSynchronizationOperation, operationCompleted, removeAttachment, removeRequestControl, setAdditionalLogMessage, setAttachment, setAttachments, setAuthorizationEntry, setDontSynchronize, setErrorMessage, setInternalOperation, setMatchedDN, setReferralURLs, setResponseData, setResultCode, setSynchronizationOperation, toString

Methods inherited from interface org.opends.server.types.operation.PreParseOperation

addRequestControl, appendAdditionalLogMessage, appendErrorMessage, getAdditionalLogMessage, getErrorMessage, removeRequestControl, setAdditionalLogMessage, setErrorMessage

Methods inherited from interface org.opends.server.types.operation.PluginOperation

checkIfCanceled, disconnectClient, getAttachment, getAttachments, getClientConnection, getConnectionID, getMessageID, getOperationID, getProcessingStartTime, getRequestControls, isInternalOperation, isSynchronizationOperation, removeAttachment, setAttachment, toString

Constructor Detail

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          ByteString rawBindDN,
                          ByteString simplePassword)

Creates a new simple bind operation with the provided information.

Parameters:

clientConnection - The client connection with which this operation is associated.

operationID - The operation ID for this operation.

messageID - The message ID of the request with which this operation is associated.

requestControls - The set of controls included in the request.

protocolVersion - The string representation of the protocol version associated with this bind request.

rawBindDN - The raw, unprocessed bind DN as provided in the request from the client.

simplePassword - The password to use for the simple authentication.

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          ByteString rawBindDN,
                          java.lang.String saslMechanism,
                          ASN1OctetString saslCredentials)

Creates a new SASL bind operation with the provided information.

Parameters:

clientConnection - The client connection with which this operation is associated.

operationID - The operation ID for this operation.

messageID - The message ID of the request with which this operation is associated.

requestControls - The set of controls included in the request.

protocolVersion - The string representation of the protocol version associated with this bind request.

rawBindDN - The raw, unprocessed bind DN as provided in the request from the client.

saslMechanism - The SASL mechanism included in the request.

saslCredentials - The optional SASL credentials included in the request.

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          DN bindDN,
                          ByteString simplePassword)

Creates a new simple bind operation with the provided information.

Parameters:

clientConnection - The client connection with which this operation is associated.

operationID - The operation ID for this operation.

messageID - The message ID of the request with which this operation is associated.

requestControls - The set of controls included in the request.

protocolVersion - The string representation of the protocol version associated with this bind request.

bindDN - The bind DN for this bind operation.

simplePassword - The password to use for the simple authentication.

BindOperationBasis

public BindOperationBasis(ClientConnection clientConnection,
                          long operationID,
                          int messageID,
                          java.util.List<Control> requestControls,
                          java.lang.String protocolVersion,
                          DN bindDN,
                          java.lang.String saslMechanism,
                          ASN1OctetString saslCredentials)

Creates a new SASL bind operation with the provided information.

Parameters:

clientConnection - The client connection with which this operation is associated.

operationID - The operation ID for this operation.

messageID - The message ID of the request with which this operation is associated.

requestControls - The set of controls included in the request.

protocolVersion - The string representation of the protocol version associated with this bind request.

bindDN - The bind DN for this bind operation.

saslMechanism - The SASL mechanism included in the request.

saslCredentials - The optional SASL credentials included in the request.

Method Detail

getAuthenticationType

public final AuthenticationType getAuthenticationType()

Retrieves the authentication type for this bind operation.

Specified by:

getAuthenticationType in interface BindOperation

Specified by:

getAuthenticationType in interface PreParseBindOperation

Returns:

The authentication type for this bind operation.

getRawBindDN

public final ByteString getRawBindDN()

Retrieves the raw, unprocessed bind DN for this bind operation as contained in the client request. The value may not actually contain a valid DN, as no validation will have been performed.

Specified by:

getRawBindDN in interface BindOperation

Specified by:

getRawBindDN in interface PreParseBindOperation

Returns:

The raw, unprocessed bind DN for this bind operation as contained in the client request.

setRawBindDN

public final void setRawBindDN(ByteString rawBindDN)

Specifies the raw, unprocessed bind DN for this bind operation. This should only be called by pre-parse plugins.

Specified by:

setRawBindDN in interface BindOperation

Specified by:

setRawBindDN in interface PreParseBindOperation

Parameters:

rawBindDN - The raw, unprocessed bind DN for this bind operation.

getBindDN

public final DN getBindDN()

Retrieves the bind DN for this bind operation. This method should not be called by pre-parse plugins, as the raw value will not have been processed by that time. Instead, pre-parse plugins should call the getRawBindDN method.

Specified by:

getBindDN in interface BindOperation

Returns:

The bind DN for this bind operation, or null if the raw DN has not yet been processed.

getSimplePassword

public final ByteString getSimplePassword()

Retrieves the simple authentication password for this bind operation.

Specified by:

getSimplePassword in interface BindOperation

Specified by:

getSimplePassword in interface PreParseBindOperation

Returns:

The simple authentication password for this bind operation.

setSimplePassword

public final void setSimplePassword(ByteString simplePassword)

Specifies the simple authentication password for this bind operation.

Specified by:

setSimplePassword in interface BindOperation

Specified by:

setSimplePassword in interface PreParseBindOperation

Parameters:

simplePassword - The simple authentication password for this bind operation.

getSASLMechanism

public final java.lang.String getSASLMechanism()

Retrieves the SASL mechanism for this bind operation.

Specified by:

getSASLMechanism in interface BindOperation

Specified by:

getSASLMechanism in interface PreParseBindOperation

Returns:

The SASL mechanism for this bind operation, or null if the bind does not use SASL authentication.

getSASLCredentials

public final ASN1OctetString getSASLCredentials()

Retrieves the SASL credentials for this bind operation.

Specified by:

getSASLCredentials in interface BindOperation

Specified by:

getSASLCredentials in interface PreParseBindOperation

Returns:

The SASL credentials for this bind operation, or null if there are none or if the bind does not use SASL authentication.

setSASLCredentials

public final void setSASLCredentials(java.lang.String saslMechanism,
                                     ASN1OctetString saslCredentials)

Specifies the SASL credentials for this bind operation.

Specified by:

setSASLCredentials in interface BindOperation

Specified by:

setSASLCredentials in interface PreParseBindOperation

Parameters:

saslMechanism - The SASL mechanism for this bind operation.

saslCredentials - The SASL credentials for this bind operation, or null if there are none.

getServerSASLCredentials

public final ASN1OctetString getServerSASLCredentials()

Retrieves the set of server SASL credentials to include in the bind response.

Specified by:

getServerSASLCredentials in interface BindOperation

Returns:

The set of server SASL credentials to include in the bind response, or null if there are none.

setServerSASLCredentials

public final void setServerSASLCredentials(ASN1OctetString serverSASLCredentials)

Specifies the set of server SASL credentials to include in the bind response.

Specified by:

setServerSASLCredentials in interface BindOperation

Specified by:

setServerSASLCredentials in interface PreParseBindOperation

Parameters:

serverSASLCredentials - The set of server SASL credentials to include in the bind response.

getSASLAuthUserEntry

public final Entry getSASLAuthUserEntry()

Retrieves the user entry associated with the SASL authentication attempt. This should be set by any SASL mechanism in which the processing was able to get far enough to make this determination, regardless of whether the authentication was ultimately successful.

Specified by:

getSASLAuthUserEntry in interface BindOperation

Returns:

The user entry associated with the SASL authentication attempt, or null if it was not a SASL authentication or the SASL processing was not able to map the request to a user.

setSASLAuthUserEntry

public final void setSASLAuthUserEntry(Entry saslAuthUserEntry)

Specifies the user entry associated with the SASL authentication attempt. This should be set by any SASL mechanism in which the processing was able to get far enough to make this determination, regardless of whether the authentication was ultimately successful.

Specified by:

setSASLAuthUserEntry in interface BindOperation

Parameters:

saslAuthUserEntry - The user entry associated with the SASL authentication attempt.

getAuthFailureReason

public final Message getAuthFailureReason()

Retrieves a human-readable message providing the reason that the authentication failed, if available.

Specified by:

getAuthFailureReason in interface BindOperation

Returns:

A human-readable message providing the reason that the authentication failed, or null if none is available.

setAuthFailureReason

public final void setAuthFailureReason(Message message)

Specifies the reason that the authentication failed.

Specified by:

setAuthFailureReason in interface BindOperation

Specified by:

setAuthFailureReason in interface PreParseBindOperation

Parameters:

message - providing the reason that the authentication failed.

getUserEntryDN

public final DN getUserEntryDN()

Retrieves the user entry DN for this bind operation. It will only be available if the bind processing has proceeded far enough to identify the user attempting to authenticate.

Specified by:

getUserEntryDN in interface BindOperation

Returns:

The user entry DN for this bind operation, or null if the bind processing has not progressed far enough to identify the user or if the user DN could not be determined.

getAuthenticationInfo

public final AuthenticationInfo getAuthenticationInfo()

Retrieves the authentication info that resulted from processing this bind operation. It will only be valid if the bind processing was successful.

Specified by:

getAuthenticationInfo in interface BindOperation

Returns:

The authentication info that resulted from processing this bind operation.

setAuthenticationInfo

public final void setAuthenticationInfo(AuthenticationInfo authInfo)

Specifies the authentication info that resulted from processing this bind operation. This method must only be called by SASL mechanism handlers during the course of processing the processSASLBind method.

Specified by:

setAuthenticationInfo in interface BindOperation

Parameters:

authInfo - The authentication info that resulted from processing this bind operation.

getOperationType

public final OperationType getOperationType()

Retrieves the operation type for this operation.

Specified by:

getOperationType in interface Operation

Specified by:

getOperationType in interface PluginOperation

Specified by:

getOperationType in class AbstractOperation

Returns:

The operation type for this operation.

getRequestLogElements

public final java.lang.String[][] getRequestLogElements()

Retrieves a standard set of elements that should be logged in requests for this type of operation. Each element in the array will itself be a two-element array in which the first element is the name of the field and the second is a string representation of the value, or null if there is no value for that field.

Specified by:

getRequestLogElements in interface Operation

Specified by:

getRequestLogElements in class AbstractOperation

Returns:

A standard set of elements that should be logged in requests for this type of operation.

getResponseLogElements

public final java.lang.String[][] getResponseLogElements()

Retrieves a standard set of elements that should be logged in responses for this type of operation. Each element in the array will itself be a two-element array in which the first element is the name of the field and the second is a string representation of the value, or null if there is no value for that field.

Specified by:

getResponseLogElements in interface Operation

Specified by:

getResponseLogElements in class AbstractOperation

Returns:

A standard set of elements that should be logged in responses for this type of operation.

getResponseControls

public final java.util.List<Control> getResponseControls()

Retrieves the set of controls to include in the response to the client. The contents of this list must not be altered.

Specified by:

getResponseControls in interface Operation

Specified by:

getResponseControls in interface PluginOperation

Specified by:

getResponseControls in class AbstractOperation

Returns:

The set of controls to include in the response to the client.

addResponseControl

public final void addResponseControl(Control control)

Adds the provided control to the set of controls to include in the response to the client. This method may not be called by post-response plugins.

Specified by:

addResponseControl in interface Operation

Specified by:

addResponseControl in interface PreParseOperation

Specified by:

addResponseControl in class AbstractOperation

Parameters:

control - The control to add to the set of controls to include in the response to the client.

removeResponseControl

public final void removeResponseControl(Control control)

Removes the provided control from the set of controls to include in the response to the client. This method may not be called by post-response plugins.

Specified by:

removeResponseControl in interface Operation

Specified by:

removeResponseControl in interface PreParseOperation

Specified by:

removeResponseControl in class AbstractOperation

Parameters:

control - The control to remove from the set of controls to include in the response to the client.

toString

public final void toString(java.lang.StringBuilder buffer)

Appends a string representation of this operation to the provided buffer.

Specified by:

toString in interface Operation

Specified by:

toString in interface PluginOperation

Specified by:

toString in class AbstractOperation

Parameters:

buffer - The buffer into which a string representation of this operation should be appended.

setUserEntryDN

public void setUserEntryDN(DN userEntryDN)

Set the user entry DN for this bind operation.

Specified by:

setUserEntryDN in interface BindOperation

Parameters:

userEntryDN - The user entry DN for this bind operation, or null if the bind processing has not progressed far enough to identify the user or if the user DN could not be determined.

getProtocolVersion

public java.lang.String getProtocolVersion()

Retrieves a string representation of the protocol version associated with this bind request.

Specified by:

getProtocolVersion in interface BindOperation

Specified by:

getProtocolVersion in interface PreParseBindOperation

Returns:

A string representation of the protocol version associated with this bind request.

setProtocolVersion

public void setProtocolVersion(java.lang.String protocolVersion)

Specifies the string representation of the protocol version associated with this bind request.

Specified by:

setProtocolVersion in interface BindOperation

Specified by:

setProtocolVersion in interface PreParseBindOperation

Parameters:

protocolVersion - The string representation of the protocol version associated with this bind request.

run

public final void run()

Performs the work of actually processing this operation. This should include all processing for the operation, including invoking pre-parse and post-response plugins, logging messages and any other work that might need to be done in the course of processing.

Specified by:

run in interface java.lang.Runnable

Specified by:

run in class AbstractOperation