001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2006-2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.controls;
028 import org.opends.messages.Message;
029
030
031
032 import org.opends.server.protocols.asn1.ASN1OctetString;
033 import org.opends.server.protocols.ldap.LDAPResultCode;
034 import org.opends.server.types.Control;
035 import org.opends.server.types.DN;
036 import org.opends.server.types.LDAPException;
037
038 import static org.opends.messages.ProtocolMessages.*;
039 import static org.opends.server.util.ServerConstants.*;
040
041
042
043 /**
044 * This class implements the authorization identity response control as defined
045 * in RFC 3829. It may be included in a bind response message to provide the
046 * authorization ID resulting for a client after the bind operation as
047 * completed.
048 */
049 public class AuthorizationIdentityResponseControl
050 extends Control
051 {
052
053
054
055 // The authorization ID for this control.
056 private String authorizationID;
057
058
059
060 /**
061 * Creates a new authorization identity response control using the default
062 * settings to indicate an anonymous authentication.
063 */
064 public AuthorizationIdentityResponseControl()
065 {
066 super(OID_AUTHZID_RESPONSE, false, new ASN1OctetString());
067
068 }
069
070
071
072 /**
073 * Creates a new authorization identity response control with the provided
074 * information.
075 *
076 * @param authorizationID The authorization ID for this control.
077 */
078 public AuthorizationIdentityResponseControl(String authorizationID)
079 {
080 super(OID_AUTHZID_RESPONSE, false, encodeValue(authorizationID));
081
082
083 this.authorizationID = authorizationID;
084 }
085
086
087
088 /**
089 * Creates a new authorization identity response control with the provided
090 * information.
091 *
092 * @param authorizationDN The authorization DN for this control.
093 */
094 public AuthorizationIdentityResponseControl(DN authorizationDN)
095 {
096 super(OID_AUTHZID_RESPONSE, false, encodeValue(authorizationDN));
097
098
099 if (authorizationDN == null)
100 {
101 this.authorizationID = "dn:";
102 }
103 else
104 {
105 this.authorizationID = "dn:" + authorizationDN.toString();
106 }
107 }
108
109
110
111 /**
112 * Creates a new authorization identity response control with the provided
113 * information.
114 *
115 * @param oid The OID to use for this control.
116 * @param isCritical Indicates whether this control should be
117 * considered a critical part of the response
118 * processing.
119 * @param authorizationID The authorization ID for this control.
120 */
121 public AuthorizationIdentityResponseControl(String oid, boolean isCritical,
122 String authorizationID)
123 {
124 super(oid, isCritical, encodeValue(authorizationID));
125
126
127 this.authorizationID = authorizationID;
128 }
129
130
131
132 /**
133 * Creates a new authorization identity response control with the provided
134 * information.
135 *
136 * @param oid The OID to use for this control.
137 * @param isCritical Indicates whether this control should be
138 * considered a critical part of the response
139 * processing.
140 * @param authorizationDN The authorization DN for this control.
141 */
142 public AuthorizationIdentityResponseControl(String oid, boolean isCritical,
143 DN authorizationDN)
144 {
145 super(oid, isCritical, encodeValue(authorizationDN));
146
147
148 if (authorizationDN == null)
149 {
150 this.authorizationID = "dn:";
151 }
152 else
153 {
154 this.authorizationID = "dn:" + authorizationDN.toString();
155 }
156 }
157
158
159
160 /**
161 * Creates a new authorization identity response control with the provided
162 * information.
163 *
164 * @param oid The OID to use for this control.
165 * @param isCritical Indicates whether this control should be
166 * considered a critical part of the response
167 * processing.
168 * @param authorizationID The authorization ID for this control.
169 * @param encodedValue The encoded value for the control.
170 */
171 private AuthorizationIdentityResponseControl(String oid, boolean isCritical,
172 String authorizationID,
173 ASN1OctetString encodedValue)
174 {
175 super(oid, isCritical, encodedValue);
176
177
178 this.authorizationID = authorizationID;
179 }
180
181
182
183 /**
184 * Encodes the provided information into an ASN.1 octet string suitable for
185 * use as the control value.
186 *
187 * @param authorizationID The authorization ID for this authorization ID
188 * response control.
189 *
190 * @return An ASN.1 octet string containing the encoded information.
191 */
192 private static ASN1OctetString encodeValue(String authorizationID)
193 {
194 return new ASN1OctetString(authorizationID);
195 }
196
197
198
199 /**
200 * Encodes the provided information into an ASN.1 octet string suitable for
201 * use as the control value.
202 *
203 * @param authorizationDN The authorization DN for this authorization ID
204 * response control.
205 *
206 * @return An ASN.1 octet string containing the encoded information.
207 */
208 private static ASN1OctetString encodeValue(DN authorizationDN)
209 {
210 if (authorizationDN == null)
211 {
212 return new ASN1OctetString("dn:");
213 }
214 else
215 {
216 return new ASN1OctetString("dn:" + authorizationDN.toString());
217 }
218 }
219
220
221
222 /**
223 * Creates a new authorization identity response control from the contents of
224 * the provided control.
225 *
226 * @param control The generic control containing the information to use to
227 * create this authorization identity response control.
228 *
229 * @return The authorization identity response control decoded from the
230 * provided control.
231 *
232 * @throws LDAPException If this control cannot be decoded as a valid
233 * authorization identity response control.
234 */
235 public static AuthorizationIdentityResponseControl decodeControl(
236 Control control)
237 throws LDAPException
238 {
239 if (! control.hasValue())
240 {
241 Message message = ERR_AUTHZIDRESP_NO_CONTROL_VALUE.get();
242 throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, message);
243 }
244
245 return new AuthorizationIdentityResponseControl(control.getOID(),
246 control.isCritical(), control.getValue().stringValue(),
247 control.getValue());
248 }
249
250
251
252 /**
253 * Retrieves the authorization ID for this authorization identity response
254 * control.
255 *
256 * @return The authorization ID for this authorization identity response
257 * control.
258 */
259 public String getAuthorizationID()
260 {
261 return authorizationID;
262 }
263
264
265
266 /**
267 * Specifies the authorization ID for this authorization identity response
268 * control.
269 *
270 * @param authorizationID The authorization ID for this authorization
271 * identity response control.
272 */
273 public void setAuthorizationID(String authorizationID)
274 {
275 this.authorizationID = authorizationID;
276 setValue(encodeValue(authorizationID));
277 }
278
279
280
281 /**
282 * Retrieves a string representation of this authorization identity response
283 * control.
284 *
285 * @return A string representation of this authorization identity response
286 * control.
287 */
288 public String toString()
289 {
290 StringBuilder buffer = new StringBuilder();
291 toString(buffer);
292 return buffer.toString();
293 }
294
295
296
297 /**
298 * Appends a string representation of this authorization identity response
299 * control to the provided buffer.
300 *
301 * @param buffer The buffer to which the information should be appended.
302 */
303 public void toString(StringBuilder buffer)
304 {
305 buffer.append("AuthorizationIdentityResponseControl(authzID=\"");
306 buffer.append(authorizationID);
307 buffer.append("\")");
308 }
309 }
310