Package com.unboundid.ldap.sdk.controls

Class AuthorizationIdentityRequestControl

java.lang.Object
com.unboundid.ldap.sdk.Control
com.unboundid.ldap.sdk.controls.AuthorizationIdentityRequestControl
All Implemented Interfaces:
Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class AuthorizationIdentityRequestControl extends Control
This class provides an implementation of the authorization identity bind request control as described in RFC 3829. It may be included in a bind request to request that the server include the authorization identity associated with the client connection in the bind response message, in the form of an AuthorizationIdentityResponseControl.

The authorization identity request control is similar to the "Who Am I?" extended request as implemented in the WhoAmIExtendedRequest class. The primary difference between them is that the "Who Am I?" extended request can be used at any time but requires a separate operation, while the authorization identity request control can be included only with a bind request but does not require a separate operation.

Example

The following example demonstrates the use of the authorization identity request and response controls. It authenticates to the directory server and attempts to retrieve the authorization identity from the response: 
 String authzID = null;
 BindRequest bindRequest =
      new SimpleBindRequest("uid=test.user,ou=People,dc=example,dc=com",
           "password", new AuthorizationIdentityRequestControl());

 BindResult bindResult = connection.bind(bindRequest);
 AuthorizationIdentityResponseControl authzIdentityResponse =
      AuthorizationIdentityResponseControl.get(bindResult);
 if (authzIdentityResponse != null)
 {
   authzID = authzIdentityResponse.getAuthorizationID();
 }
See Also:

  • Field Details

  • Constructor Details

    • AuthorizationIdentityRequestControl

      public AuthorizationIdentityRequestControl()
      Creates a new authorization identity request control. The control will not be marked critical.

    • AuthorizationIdentityRequestControl

      public AuthorizationIdentityRequestControl(boolean isCritical)
      Creates a new authorization identity request control.
      Parameters:
      isCritical - Indicates whether the control should be marked critical.

    • AuthorizationIdentityRequestControl

      public AuthorizationIdentityRequestControl(@NotNull Control control) throws LDAPException
      Creates a new authorization identity request control which is decoded from the provided generic control.
      Parameters:
      control - The generic control to be decoded as an authorization identity request control.
      Throws:
      LDAPException - If the provided control cannot be decoded as an authorization identity request control.

  • Method Details

    • getControlName

      @NotNull public String getControlName()
      Retrieves the user-friendly name for this control, if available. If no user-friendly name has been defined, then the OID will be returned.
      Overrides:
      getControlName in class Control
      Returns:
      The user-friendly name for this control, or the OID if no user-friendly name is available.

    • toJSONControl

      @NotNull public JSONObject toJSONControl()
      Retrieves a representation of this authorization identity request control as a JSON object. The JSON object uses the following fields (note that since this control does not have a value, neither the value-base64 nor value-json fields may be present):
      • oid -- A mandatory string field whose value is the object identifier for this control. For the authorization identity request control, the OID is "2.16.840.1.113730.3.4.16".
      • control-name -- An optional string field whose value is a human-readable name for this control. This field is only intended for descriptive purposes, and when decoding a control, the oid field should be used to identify the type of control.
      • criticality -- A mandatory Boolean field used to indicate whether this control is considered critical.
      Overrides:
      toJSONControl in class Control
      Returns:
      A JSON object that contains a representation of this control.

    • decodeJSONControl

      @NotNull public static AuthorizationIdentityRequestControl decodeJSONControl(@NotNull JSONObject controlObject, boolean strict) throws LDAPException
      Attempts to decode the provided object as a JSON representation of an authorization identity request control.
      Parameters:
      controlObject - The JSON object to be decoded. It must not be null.
      strict - Indicates whether to use strict mode when decoding the provided JSON object. If this is true, then this method will throw an exception if the provided JSON object contains any unrecognized fields. If this is false, then unrecognized fields will be ignored.
      Returns:
      The authorization identity request control that was decoded from the provided JSON object.
      Throws:
      LDAPException - If the provided JSON object cannot be parsed as a valid authorization identity request control.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of this LDAP control to the provided buffer.
      Overrides:
      toString in class Control
      Parameters:
      buffer - The buffer to which to append the string representation of this buffer.