com.unboundid.ldap.sdk.controls

Class AuthorizationIdentityRequestControl

java.lang.Object

com.unboundid.ldap.sdk.Control

com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl

All Implemented Interfaces:

java.io.Serializable

@NotMutable
 @ThreadSafety(level=COMPLETELY_THREADSAFE)
public final class AuthorizationIdentityRequestControl
extends Control

This class provides an implementation of the authorization identity bind request control as described in RFC 3829. It may be included in a bind request to request that the server include the authorization identity associated with the client connection in the bind response message, in the form of an AuthorizationIdentityResponseControl.

The authorization identity request control is similar to the "Who Am I?" extended request as implemented in the WhoAmIExtendedRequest class. The primary difference between them is that the "Who Am I?" extended request can be used at any time but requires a separate operation, while the authorization identity request control can be included only with a bind request but does not require a separate operation.

Example

The following example demonstrates the use of the authorization identity request and response controls. It authenticates to the directory server and attempts to retrieve the authorization identity from the response:

 String authzID = null;
 BindRequest bindRequest =
      new SimpleBindRequest("uid=test.user,ou=People,dc=example,dc=com",
           "password", new AuthorizationIdentityRequestControl());

 BindResult bindResult = connection.bind(bindRequest);
 AuthorizationIdentityResponseControl authzIdentityResponse =
      AuthorizationIdentityResponseControl.get(bindResult);
 if (authzIdentityResponse != null)
 {
   authzID = authzIdentityResponse.getAuthorizationID();
 }
 

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	AUTHORIZATION_IDENTITY_REQUEST_OID The OID (2.16.840.1.113730.3.4.16) for the authorization identity request control.

Constructor Summary

Constructors

Constructor and Description
AuthorizationIdentityRequestControl() Creates a new authorization identity request control.
AuthorizationIdentityRequestControl(boolean isCritical) Creates a new authorization identity request control.
AuthorizationIdentityRequestControl(Control control) Creates a new authorization identity request control which is decoded from the provided generic control.

Method Summary

Modifier and Type	Method and Description
static AuthorizationIdentityRequestControl	decodeJSONControl(JSONObject controlObject, boolean strict) Attempts to decode the provided object as a JSON representation of an authorization identity request control.
java.lang.String	getControlName() Retrieves the user-friendly name for this control, if available.
JSONObject	toJSONControl() Retrieves a representation of this authorization identity request control as a JSON object.
void	toString(java.lang.StringBuilder buffer) Appends a string representation of this LDAP control to the provided buffer.

Methods inherited from class com.unboundid.ldap.sdk.Control

decode, decode, decodeControls, decodeJSONControl, deregisterDecodeableControl, encode, encodeControls, equals, getOID, getValue, hashCode, hasValue, isCritical, readFrom, registerDecodeableControl, registerDecodeableControl, toString, writeTo

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

AUTHORIZATION_IDENTITY_REQUEST_OID

@NotNull
public static final java.lang.String AUTHORIZATION_IDENTITY_REQUEST_OID

The OID (2.16.840.1.113730.3.4.16) for the authorization identity request control.

See Also:

Constant Field Values

Constructor Detail

AuthorizationIdentityRequestControl

public AuthorizationIdentityRequestControl()

Creates a new authorization identity request control. The control will not be marked critical.

AuthorizationIdentityRequestControl

public AuthorizationIdentityRequestControl(boolean isCritical)

Creates a new authorization identity request control.

Parameters:

isCritical - Indicates whether the control should be marked critical.

AuthorizationIdentityRequestControl

public AuthorizationIdentityRequestControl(@NotNull
                                           Control control)
                                    throws LDAPException

Creates a new authorization identity request control which is decoded from the provided generic control.

Parameters:

control - The generic control to be decoded as an authorization identity request control.

Throws:

LDAPException - If the provided control cannot be decoded as an authorization identity request control.

Method Detail

getControlName

@NotNull
public java.lang.String getControlName()

Retrieves the user-friendly name for this control, if available. If no user-friendly name has been defined, then the OID will be returned.

Overrides:

getControlName in class Control

Returns:

The user-friendly name for this control, or the OID if no user-friendly name is available.

toJSONControl

@NotNull
public JSONObject toJSONControl()

Retrieves a representation of this authorization identity request control as a JSON object. The JSON object uses the following fields (note that since this control does not have a value, neither the value-base64 nor value-json fields may be present):

• oid -- A mandatory string field whose value is the object identifier for this control. For the authorization identity request control, the OID is "2.16.840.1.113730.3.4.16".
• control-name -- An optional string field whose value is a human-readable name for this control. This field is only intended for descriptive purposes, and when decoding a control, the oid field should be used to identify the type of control.
• criticality -- A mandatory Boolean field used to indicate whether this control is considered critical.

Overrides:

toJSONControl in class Control

Returns:

A JSON object that contains a representation of this control.

decodeJSONControl

@NotNull
public static AuthorizationIdentityRequestControl decodeJSONControl(@NotNull
                                                                             JSONObject controlObject,
                                                                             boolean strict)
                                                                      throws LDAPException

Attempts to decode the provided object as a JSON representation of an authorization identity request control.

Parameters:

controlObject - The JSON object to be decoded. It must not be null.

strict - Indicates whether to use strict mode when decoding the provided JSON object. If this is true, then this method will throw an exception if the provided JSON object contains any unrecognized fields. If this is false, then unrecognized fields will be ignored.

Returns:

The authorization identity request control that was decoded from the provided JSON object.

Throws:

LDAPException - If the provided JSON object cannot be parsed as a valid authorization identity request control.

toString

public void toString(@NotNull
                     java.lang.StringBuilder buffer)

Appends a string representation of this LDAP control to the provided buffer.

Overrides:

toString in class Control

Parameters:

buffer - The buffer to which to append the string representation of this buffer.