001    /*
002     * Copyright 2007-2013 UnboundID Corp.
003     * All Rights Reserved.
004     */
005    /*
006     * Copyright (C) 2008-2013 UnboundID Corp.
007     *
008     * This program is free software; you can redistribute it and/or modify
009     * it under the terms of the GNU General Public License (GPLv2 only)
010     * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
011     * as published by the Free Software Foundation.
012     *
013     * This program is distributed in the hope that it will be useful,
014     * but WITHOUT ANY WARRANTY; without even the implied warranty of
015     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
016     * GNU General Public License for more details.
017     *
018     * You should have received a copy of the GNU General Public License
019     * along with this program; if not, see <http://www.gnu.org/licenses>.
020     */
021    package com.unboundid.ldap.sdk.controls;
022    
023    
024    
025    import com.unboundid.ldap.sdk.Control;
026    import com.unboundid.ldap.sdk.LDAPException;
027    import com.unboundid.ldap.sdk.ResultCode;
028    import com.unboundid.util.NotMutable;
029    import com.unboundid.util.ThreadSafety;
030    import com.unboundid.util.ThreadSafetyLevel;
031    
032    import static com.unboundid.ldap.sdk.controls.ControlMessages.*;
033    
034    
035    
036    /**
037     * This class provides an implementation of the authorization identity bind
038     * request control as described in
039     * <A HREF="http://www.ietf.org/rfc/rfc3829.txt">RFC 3829</A>.  It may be
040     * included in a bind request to request that the server include the
041     * authorization identity associated with the client connection in the bind
042     * response message, in the form of an
043     * {@link AuthorizationIdentityResponseControl}.
044     * <BR><BR>
045     * The authorization identity request control is similar to the "Who Am I?"
046     * extended request as implemented in the
047     * {@link com.unboundid.ldap.sdk.extensions.WhoAmIExtendedRequest} class.  The
048     * primary difference between them is that the "Who Am I?" extended request can
049     * be used at any time but requires a separate operation, while the
050     * authorization identity request control can be included only with a bind
051     * request but does not require a separate operation.
052     * <BR><BR>
053     * <H2>Example</H2>
054     * The following example demonstrates the use of the authorization identity
055     * request and response controls.  It authenticates to the directory server and
056     * attempts to retrieve the authorization identity from the response:
057     * <PRE>
058     *   String authzID = null;
059     *   BindRequest bindRequest =
060     *        new SimpleBindRequest("uid=john.doe,ou=People,dc=example,dc=com",
061     *                              "password",
062     *                              new AuthorizationIdentityRequestControl());
063     *
064     *   BindResult bindResult = connection.bind(bindRequest);
065     *   AuthorizationIdentityResponseControl c =
066     *        AuthorizationIdentityResponseControl.get(bindResult);
067     *   if (c != null)
068     *   {
069     *     authzID = c.getAuthorizationID();
070     *   }
071     * </PRE>
072     */
073    @NotMutable()
074    @ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
075    public final class AuthorizationIdentityRequestControl
076           extends Control
077    {
078      /**
079       * The OID (2.16.840.1.113730.3.4.16) for the authorization identity request
080       * control.
081       */
082      public static final String AUTHORIZATION_IDENTITY_REQUEST_OID =
083           "2.16.840.1.113730.3.4.16";
084    
085    
086    
087      /**
088       * The serial version UID for this serializable class.
089       */
090      private static final long serialVersionUID = -4059607155175828138L;
091    
092    
093    
094      /**
095       * Creates a new authorization identity request control.  The control will not
096       * be marked critical.
097       */
098      public AuthorizationIdentityRequestControl()
099      {
100        super(AUTHORIZATION_IDENTITY_REQUEST_OID, false, null);
101      }
102    
103    
104    
105      /**
106       * Creates a new authorization identity request control.
107       *
108       * @param  isCritical  Indicates whether the control should be marked
109       *                     critical.
110       */
111      public AuthorizationIdentityRequestControl(final boolean isCritical)
112      {
113        super(AUTHORIZATION_IDENTITY_REQUEST_OID, isCritical, null);
114      }
115    
116    
117    
118      /**
119       * Creates a new authorization identity request control which is decoded from
120       * the provided generic control.
121       *
122       * @param  control  The generic control to be decoded as an authorization
123       *                  identity request control.
124       *
125       * @throws  LDAPException  If the provided control cannot be decoded as an
126       *                         authorization identity request control.
127       */
128      public AuthorizationIdentityRequestControl(final Control control)
129             throws LDAPException
130      {
131        super(control);
132    
133        if (control.hasValue())
134        {
135          throw new LDAPException(ResultCode.DECODING_ERROR,
136                                  ERR_AUTHZID_REQUEST_HAS_VALUE.get());
137        }
138      }
139    
140    
141    
142      /**
143       * {@inheritDoc}
144       */
145      @Override()
146      public String getControlName()
147      {
148        return INFO_CONTROL_NAME_AUTHZID_REQUEST.get();
149      }
150    
151    
152    
153      /**
154       * {@inheritDoc}
155       */
156      @Override()
157      public void toString(final StringBuilder buffer)
158      {
159        buffer.append("AuthorizationIdentityRequestControl(isCritical=");
160        buffer.append(isCritical());
161        buffer.append(')');
162      }
163    }