001 /* 002 * Copyright 2008-2015 UnboundID Corp. 003 * All Rights Reserved. 004 */ 005 /* 006 * Copyright (C) 2015 UnboundID Corp. 007 * 008 * This program is free software; you can redistribute it and/or modify 009 * it under the terms of the GNU General Public License (GPLv2 only) 010 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 011 * as published by the Free Software Foundation. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Public License for more details. 017 * 018 * You should have received a copy of the GNU General Public License 019 * along with this program; if not, see <http://www.gnu.org/licenses>. 020 */ 021 package com.unboundid.ldap.sdk.unboundidds.controls; 022 023 024 025 import com.unboundid.ldap.sdk.Control; 026 import com.unboundid.ldap.sdk.LDAPException; 027 import com.unboundid.ldap.sdk.ResultCode; 028 import com.unboundid.util.NotMutable; 029 import com.unboundid.util.ThreadSafety; 030 import com.unboundid.util.ThreadSafetyLevel; 031 032 import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 033 034 035 036 /** 037 * <BLOCKQUOTE> 038 * <B>NOTE:</B> This class is part of the Commercial Edition of the UnboundID 039 * LDAP SDK for Java. It is not available for use in applications that 040 * include only the Standard Edition of the LDAP SDK, and is not supported for 041 * use in conjunction with non-UnboundID products. 042 * </BLOCKQUOTE> 043 * This class defines a request control that may be used to indicate that the 044 * server should process all aspects of the associated bind request (including 045 * password policy processing) but should not actually change the identity for 046 * the client connection, regardless of whether the authentication is 047 * successful. 048 * <BR><BR> 049 * This control can be very useful for applications that perform binds to 050 * authenticate users but also use connection pooling to re-use connections 051 * for multiple operations. Bind operations are normally not well-suited for 052 * use on pooled connections because they change the identity of that 053 * connection, but the retain identity request control solves that problem by 054 * performing all bind processing but does not change the identity associated 055 * with the client connection. 056 * <BR><BR> 057 * There is no corresponding response control. If the bind is successful, then 058 * the server should return a bind response with the {@code ResultCode#SUCCESS} 059 * result code just as if the bind request had not included the retain identity 060 * request control. 061 * <BR><BR> 062 * This control is not based on any public standard. It was originally 063 * developed for use with the UnboundID Directory Server. It does not have a 064 * value. 065 * <BR><BR> 066 * <H2>Example</H2> 067 * The following example demonstrates the use of the retain identity request 068 * control: 069 * <PRE> 070 * SimpleBindRequest bindRequest = new SimpleBindRequest( 071 * "uid=john.doe,ou=People,dc=example,dc=com", "password", 072 * new RetainIdentityRequestControl()); 073 * 074 * BindResult bindResult; 075 * try 076 * { 077 * bindResult = connection.bind(bindRequest); 078 * // The bind was successful and the account is usable, but the identity 079 * // associated with the client connection hasn't changed. 080 * } 081 * catch (LDAPException le) 082 * { 083 * bindResult = new BindResult(le.toLDAPResult()); 084 * // The bind was unsuccessful, potentially because the credentials were 085 * // invalid or the account is unusable for some reason (e.g., disabled, 086 * // locked, expired password, etc.). The identity associated with the 087 * // client connection hasn't changed. 088 * } 089 * </PRE> 090 */ 091 @NotMutable() 092 @ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 093 public final class RetainIdentityRequestControl 094 extends Control 095 { 096 /** 097 * The OID (1.3.6.1.4.1.30221.2.5.3) for the retain identity request control. 098 */ 099 public static final String RETAIN_IDENTITY_REQUEST_OID = 100 "1.3.6.1.4.1.30221.2.5.3"; 101 102 103 104 /** 105 * The serial version UID for this serializable class. 106 */ 107 private static final long serialVersionUID = 9066549673766581236L; 108 109 110 111 /** 112 * Creates a new retain identity request control. It will be marked critical. 113 */ 114 public RetainIdentityRequestControl() 115 { 116 super(RETAIN_IDENTITY_REQUEST_OID, true, null); 117 } 118 119 120 121 /** 122 * Creates a new retain identity request control which is decoded from 123 * the provided generic control. 124 * 125 * @param control The generic control to be decoded as a retain identity 126 * request control. 127 * 128 * @throws LDAPException If the provided control cannot be decoded as a 129 * retain identity request control. 130 */ 131 public RetainIdentityRequestControl(final Control control) 132 throws LDAPException 133 { 134 super(control); 135 136 if (control.hasValue()) 137 { 138 throw new LDAPException(ResultCode.DECODING_ERROR, 139 ERR_RETAIN_IDENTITY_REQUEST_HAS_VALUE.get()); 140 } 141 } 142 143 144 145 /** 146 * {@inheritDoc} 147 */ 148 @Override() 149 public String getControlName() 150 { 151 return INFO_CONTROL_NAME_RETAIN_IDENTITY_REQUEST.get(); 152 } 153 154 155 156 /** 157 * {@inheritDoc} 158 */ 159 @Override() 160 public void toString(final StringBuilder buffer) 161 { 162 buffer.append("RetainIdentityRequestControl(isCritical="); 163 buffer.append(isCritical()); 164 buffer.append(')'); 165 } 166 }