001/* 002 * Copyright 2008-2022 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2008-2022 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2008-2022 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import com.unboundid.ldap.sdk.Control; 041import com.unboundid.ldap.sdk.LDAPException; 042import com.unboundid.ldap.sdk.ResultCode; 043import com.unboundid.util.NotMutable; 044import com.unboundid.util.NotNull; 045import com.unboundid.util.ThreadSafety; 046import com.unboundid.util.ThreadSafetyLevel; 047 048import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 049 050 051 052/** 053 * This class defines a request control that may be used to indicate that the 054 * server should process all aspects of the associated bind request (including 055 * password policy processing) but should not actually change the identity for 056 * the client connection, regardless of whether the authentication is 057 * successful. 058 * <BR> 059 * <BLOCKQUOTE> 060 * <B>NOTE:</B> This class, and other classes within the 061 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 062 * supported for use against Ping Identity, UnboundID, and 063 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 064 * for proprietary functionality or for external specifications that are not 065 * considered stable or mature enough to be guaranteed to work in an 066 * interoperable way with other types of LDAP servers. 067 * </BLOCKQUOTE> 068 * <BR> 069 * This control can be very useful for applications that perform binds to 070 * authenticate users but also use connection pooling to re-use connections 071 * for multiple operations. Bind operations are normally not well-suited for 072 * use on pooled connections because they change the identity of that 073 * connection, but the retain identity request control solves that problem by 074 * performing all bind processing but does not change the identity associated 075 * with the client connection. 076 * <BR><BR> 077 * There is no corresponding response control. If the bind is successful, then 078 * the server should return a bind response with the {@code ResultCode#SUCCESS} 079 * result code just as if the bind request had not included the retain identity 080 * request control. 081 * <BR><BR> 082 * This control is not based on any public standard. It was originally 083 * developed for use with the Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 084 * 8661 Directory Server. It does not have a value. 085 * <BR><BR> 086 * <H2>Example</H2> 087 * The following example demonstrates the use of the retain identity request 088 * control: 089 * <PRE> 090 * SimpleBindRequest bindRequest = new SimpleBindRequest( 091 * "uid=john.doe,ou=People,dc=example,dc=com", "password", 092 * new RetainIdentityRequestControl()); 093 * 094 * BindResult bindResult; 095 * try 096 * { 097 * bindResult = connection.bind(bindRequest); 098 * // The bind was successful and the account is usable, but the identity 099 * // associated with the client connection hasn't changed. 100 * } 101 * catch (LDAPException le) 102 * { 103 * bindResult = new BindResult(le.toLDAPResult()); 104 * // The bind was unsuccessful, potentially because the credentials were 105 * // invalid or the account is unusable for some reason (e.g., disabled, 106 * // locked, expired password, etc.). The identity associated with the 107 * // client connection hasn't changed. 108 * } 109 * </PRE> 110 */ 111@NotMutable() 112@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 113public final class RetainIdentityRequestControl 114 extends Control 115{ 116 /** 117 * The OID (1.3.6.1.4.1.30221.2.5.3) for the retain identity request control. 118 */ 119 @NotNull public static final String RETAIN_IDENTITY_REQUEST_OID = 120 "1.3.6.1.4.1.30221.2.5.3"; 121 122 123 124 /** 125 * The serial version UID for this serializable class. 126 */ 127 private static final long serialVersionUID = 9066549673766581236L; 128 129 130 131 /** 132 * Creates a new retain identity request control. It will be marked critical. 133 */ 134 public RetainIdentityRequestControl() 135 { 136 super(RETAIN_IDENTITY_REQUEST_OID, true, null); 137 } 138 139 140 141 /** 142 * Creates a new retain identity request control which is decoded from 143 * the provided generic control. 144 * 145 * @param control The generic control to be decoded as a retain identity 146 * request control. 147 * 148 * @throws LDAPException If the provided control cannot be decoded as a 149 * retain identity request control. 150 */ 151 public RetainIdentityRequestControl(@NotNull final Control control) 152 throws LDAPException 153 { 154 super(control); 155 156 if (control.hasValue()) 157 { 158 throw new LDAPException(ResultCode.DECODING_ERROR, 159 ERR_RETAIN_IDENTITY_REQUEST_HAS_VALUE.get()); 160 } 161 } 162 163 164 165 /** 166 * {@inheritDoc} 167 */ 168 @Override() 169 @NotNull() 170 public String getControlName() 171 { 172 return INFO_CONTROL_NAME_RETAIN_IDENTITY_REQUEST.get(); 173 } 174 175 176 177 /** 178 * {@inheritDoc} 179 */ 180 @Override() 181 public void toString(@NotNull final StringBuilder buffer) 182 { 183 buffer.append("RetainIdentityRequestControl(isCritical="); 184 buffer.append(isCritical()); 185 buffer.append(')'); 186 } 187}