Package com.unboundid.ldap.sdk.unboundidds.controls

Class IntermediateClientRequestControl

java.lang.Object
com.unboundid.ldap.sdk.Control
com.unboundid.ldap.sdk.unboundidds.controls.IntermediateClientRequestControl
All Implemented Interfaces:
Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class IntermediateClientRequestControl extends Control
This class defines an intermediate client request control, which can be used to provide a server with information about the client and any downstream clients that it may have. It can be used to help trace operations from the client to the directory server, potentially through any intermediate hops (like proxy servers) that may also support the intermediate client controls.
NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

This control is not based on any public standard. It was originally developed for use with the Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 Directory Server. The value of this control uses the following encoding: 

 IntermediateClientRequest ::= SEQUENCE {
      downstreamRequest        [0] IntermediateClientRequest OPTIONAL,
      downstreamClientAddress  [1] OCTET STRING OPTIONAL,
      downstreamClientSecure   [2] BOOLEAN DEFAULT FALSE,
      clientIdentity           [3] authzId OPTIONAL,
      clientName               [4] OCTET STRING OPTIONAL,
      clientSessionID          [5] OCTET STRING OPTIONAL,
      clientRequestID          [6] OCTET STRING OPTIONAL,
      ... }

Example

The following example demonstrates the use of the intermediate client controls to perform a search operation in the directory server. The request will be from an application named "my client" with a session ID of "session123" and a request ID of "request456": 
 SearchRequest searchRequest = new SearchRequest("dc=example,dc=com",
      SearchScope.SUB, Filter.createEqualityFilter("uid", "john.doe"));
 searchRequest.addControl(new IntermediateClientRequestControl(null, null,
      null, null, "my client", "session123", "request456"));
 SearchResult searchResult = connection.search(searchRequest);

 IntermediateClientResponseControl c =
      IntermediateClientResponseControl.get(searchResult);
 if (c != null)
 {
   // There was an intermediate client response control.
   IntermediateClientResponseValue responseValue = c.getResponseValue();
 }
See Also:

  • Field Details

  • Constructor Details

    • IntermediateClientRequestControl

      public IntermediateClientRequestControl(@Nullable IntermediateClientRequestValue downstreamRequest, @Nullable String downstreamClientAddress, @Nullable Boolean downstreamClientSecure, @Nullable String clientIdentity, @Nullable String clientName, @Nullable String clientSessionID, @Nullable String clientRequestID)
      Creates a new intermediate client request control with the provided information. It will be marked critical.
      Parameters:
      downstreamRequest - A wrapped intermediate client request from a downstream client. It may be null if there is no downstream request.
      downstreamClientAddress - The IP address or resolvable name of the downstream client system. It may be null if there is no downstream client or its address is not available.
      downstreamClientSecure - Indicates whether communication with the downstream client is secure. It may be null if there is no downstream client or it is not known whether the communication is secure.
      clientIdentity - The requested client authorization identity. It may be null if there is no requested authorization identity.
      clientName - An identifier string that summarizes the client application that created this intermediate client request. It may be null if that information is not available.
      clientSessionID - A string that may be used to identify the session in the client application. It may be null if there is no available session identifier.
      clientRequestID - A string that may be used to identify the request in the client application. It may be null if there is no available request identifier.

    • IntermediateClientRequestControl

      public IntermediateClientRequestControl(@NotNull IntermediateClientRequestValue value)
      Creates a new intermediate client request control with the provided value. It will be marked critical.
      Parameters:
      value - The value to use for this intermediate client request control. It must not be null.

    • IntermediateClientRequestControl

      public IntermediateClientRequestControl(boolean isCritical, @NotNull IntermediateClientRequestValue value)
      Creates a new intermediate client request control with the provided value.
      Parameters:
      isCritical - Indicates whether the control should be marked critical.
      value - The value to use for this intermediate client request control. It must not be null.

    • IntermediateClientRequestControl

      public IntermediateClientRequestControl(@NotNull Control control) throws LDAPException
      Creates a new intermediate client request control which is decoded from the provided generic control.
      Parameters:
      control - The generic control to be decoded as an intermediate client request control.
      Throws:
      LDAPException - If the provided control cannot be decoded as an intermediate client request control.

  • Method Details

    • getRequestValue

      @NotNull public IntermediateClientRequestValue getRequestValue()
      Retrieves the value for this intermediate client request.
      Returns:
      The value for this intermediate client request.

    • getDownstreamRequest

      @Nullable public IntermediateClientRequestValue getDownstreamRequest()
      Retrieves the wrapped request from a downstream client, if available.
      Returns:
      The wrapped request from a downstream client, or null if there is none.

    • getClientIdentity

      @Nullable public String getClientIdentity()
      Retrieves the requested client authorization identity, if available.
      Returns:
      The requested client authorization identity, or null if there is none.

    • getDownstreamClientAddress

      @Nullable public String getDownstreamClientAddress()
      Retrieves the IP address or resolvable name of the downstream client system, if available.
      Returns:
      The IP address or resolvable name of the downstream client system, or null if there is no downstream client or its address is not available.

    • downstreamClientSecure

      @Nullable public Boolean downstreamClientSecure()
      Indicates whether the communication with the communication with the downstream client is secure (i.e., whether communication between the client application and the downstream client is safe from interpretation or undetectable alteration by a third party observer or interceptor).
      Returns:
      Boolean.TRUE if communication with the downstream client is secure, Boolean.FALSE if it is not secure, or null if there is no downstream client or it is not known whether the communication is secure.

    • getClientName

      @Nullable public String getClientName()
      Retrieves a string that identifies the client application that created this intermediate client request value.
      Returns:
      A string that may be used to identify the client application that created this intermediate client request value.

    • getClientSessionID

      @Nullable public String getClientSessionID()
      Retrieves a string that may be used to identify the session in the client application.
      Returns:
      A string that may be used to identify the session in the client application, or null if there is none.

    • getClientRequestID

      @Nullable public String getClientRequestID()
      Retrieves a string that may be used to identify the request in the client application.
      Returns:
      A string that may be used to identify the request in the client application, or null if there is none.

    • getControlName

      @NotNull public String getControlName()
      Retrieves the user-friendly name for this control, if available. If no user-friendly name has been defined, then the OID will be returned.
      Overrides:
      getControlName in class Control
      Returns:
      The user-friendly name for this control, or the OID if no user-friendly name is available.

    • toJSONControl

      @NotNull public JSONObject toJSONControl()
      Retrieves a representation of this intermediate client request control as a JSON object. The JSON object uses the following fields:
      • oid -- A mandatory string field whose value is the object identifier for this control. For the intermediate client request control, the OID is "1.3.6.1.4.1.30221.2.5.2".
      • control-name -- An optional string field whose value is a human-readable name for this control. This field is only intended for descriptive purposes, and when decoding a control, the oid field should be used to identify the type of control.
      • criticality -- A mandatory Boolean field used to indicate whether this control is considered critical.
      • value-base64 -- An optional string field whose value is a base64-encoded representation of the raw value for this intermediate client request control. Exactly one of the value-base64 and value-json fields must be present.
      • value-json -- An optional JSON object field whose value is a user-friendly representation of the value for this intermediate client request control. Exactly one of the value-base64 and value-json fields must be present, and if the value-json field is used, then it will use the following fields:
        • downstream-request -- An optional JSON object field whose content represents a downstream request value. If present, the fields of this object are the same as the fields that may be included in the top-level value-json object (optionally including a nested downstream-request field, if appropriate).
        • downstream-client-address -- An optional string field whose value is the address of the immediate client from which the request was received.
        • downstream-client-secure -- An optional Boolean field that indicates whether communication with the immediate client is using a secure channel.
        • client-identity -- An optional string field whose value is the authorization identity of a user as whom the operation should be authorized.
        • client-name -- An optional string field whose value is the name of the client application that generated this control.
        • client-session-id -- An optional string field whose value is an identifier that the client is using to reference the current communication session with a downstream client.
        • client-request-id -- An optional string field whose value is an identifier that the client is using to reference this request from a downstream client.
      Overrides:
      toJSONControl in class Control
      Returns:
      A JSON object that contains a representation of this control.

    • decodeJSONControl

      @NotNull public static IntermediateClientRequestControl decodeJSONControl(@NotNull JSONObject controlObject, boolean strict) throws LDAPException
      Attempts to decode the provided object as a JSON representation of an intermediate client request control.
      Parameters:
      controlObject - The JSON object to be decoded. It must not be null.
      strict - Indicates whether to use strict mode when decoding the provided JSON object. If this is true, then this method will throw an exception if the provided JSON object contains any unrecognized fields. If this is false, then unrecognized fields will be ignored.
      Returns:
      The intermediate client request control that was decoded from the provided JSON object.
      Throws:
      LDAPException - If the provided JSON object cannot be parsed as a valid intermediate client request control.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of this LDAP control to the provided buffer.
      Overrides:
      toString in class Control
      Parameters:
      buffer - The buffer to which to append the string representation of this buffer.