001/* 002 * Copyright 2008-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2008-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2015-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.ThreadSafety; 045import com.unboundid.util.ThreadSafetyLevel; 046 047import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 048 049 050 051/** 052 * This class defines a request control that may be used to indicate that the 053 * server should process all aspects of the associated bind request (including 054 * password policy processing) but should not actually change the identity for 055 * the client connection, regardless of whether the authentication is 056 * successful. 057 * <BR> 058 * <BLOCKQUOTE> 059 * <B>NOTE:</B> This class, and other classes within the 060 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 061 * supported for use against Ping Identity, UnboundID, and 062 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 063 * for proprietary functionality or for external specifications that are not 064 * considered stable or mature enough to be guaranteed to work in an 065 * interoperable way with other types of LDAP servers. 066 * </BLOCKQUOTE> 067 * <BR> 068 * This control can be very useful for applications that perform binds to 069 * authenticate users but also use connection pooling to re-use connections 070 * for multiple operations. Bind operations are normally not well-suited for 071 * use on pooled connections because they change the identity of that 072 * connection, but the retain identity request control solves that problem by 073 * performing all bind processing but does not change the identity associated 074 * with the client connection. 075 * <BR><BR> 076 * There is no corresponding response control. If the bind is successful, then 077 * the server should return a bind response with the {@code ResultCode#SUCCESS} 078 * result code just as if the bind request had not included the retain identity 079 * request control. 080 * <BR><BR> 081 * This control is not based on any public standard. It was originally 082 * developed for use with the Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 083 * 8661 Directory Server. It does not have a value. 084 * <BR><BR> 085 * <H2>Example</H2> 086 * The following example demonstrates the use of the retain identity request 087 * control: 088 * <PRE> 089 * SimpleBindRequest bindRequest = new SimpleBindRequest( 090 * "uid=john.doe,ou=People,dc=example,dc=com", "password", 091 * new RetainIdentityRequestControl()); 092 * 093 * BindResult bindResult; 094 * try 095 * { 096 * bindResult = connection.bind(bindRequest); 097 * // The bind was successful and the account is usable, but the identity 098 * // associated with the client connection hasn't changed. 099 * } 100 * catch (LDAPException le) 101 * { 102 * bindResult = new BindResult(le.toLDAPResult()); 103 * // The bind was unsuccessful, potentially because the credentials were 104 * // invalid or the account is unusable for some reason (e.g., disabled, 105 * // locked, expired password, etc.). The identity associated with the 106 * // client connection hasn't changed. 107 * } 108 * </PRE> 109 */ 110@NotMutable() 111@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 112public final class RetainIdentityRequestControl 113 extends Control 114{ 115 /** 116 * The OID (1.3.6.1.4.1.30221.2.5.3) for the retain identity request control. 117 */ 118 public static final String RETAIN_IDENTITY_REQUEST_OID = 119 "1.3.6.1.4.1.30221.2.5.3"; 120 121 122 123 /** 124 * The serial version UID for this serializable class. 125 */ 126 private static final long serialVersionUID = 9066549673766581236L; 127 128 129 130 /** 131 * Creates a new retain identity request control. It will be marked critical. 132 */ 133 public RetainIdentityRequestControl() 134 { 135 super(RETAIN_IDENTITY_REQUEST_OID, true, null); 136 } 137 138 139 140 /** 141 * Creates a new retain identity request control which is decoded from 142 * the provided generic control. 143 * 144 * @param control The generic control to be decoded as a retain identity 145 * request control. 146 * 147 * @throws LDAPException If the provided control cannot be decoded as a 148 * retain identity request control. 149 */ 150 public RetainIdentityRequestControl(final Control control) 151 throws LDAPException 152 { 153 super(control); 154 155 if (control.hasValue()) 156 { 157 throw new LDAPException(ResultCode.DECODING_ERROR, 158 ERR_RETAIN_IDENTITY_REQUEST_HAS_VALUE.get()); 159 } 160 } 161 162 163 164 /** 165 * {@inheritDoc} 166 */ 167 @Override() 168 public String getControlName() 169 { 170 return INFO_CONTROL_NAME_RETAIN_IDENTITY_REQUEST.get(); 171 } 172 173 174 175 /** 176 * {@inheritDoc} 177 */ 178 @Override() 179 public void toString(final StringBuilder buffer) 180 { 181 buffer.append("RetainIdentityRequestControl(isCritical="); 182 buffer.append(isCritical()); 183 buffer.append(')'); 184 } 185}