org.opends.server.types
Class AuthenticationInfo

java.lang.Object
  extended by org.opends.server.types.AuthenticationInfo

@PublicAPI(stability=UNCOMMITTED,
           mayInstantiate=true,
           mayExtend=false,
           mayInvoke=true)
public final class AuthenticationInfo
extends java.lang.Object

This class defines a data structure that may be used to store information about an authenticated user. Note that structures in this class allow for multiple authentication types for the same user, which is not currently supported by LDAP but may be offered through some type of extension.


Constructor Summary
AuthenticationInfo()
          Creates a new set of authentication information to be used for unauthenticated clients.
AuthenticationInfo(Entry authenticationEntry, boolean isRoot)
          Creates a new set of authentication information to be used for clients that are authenticated internally.
AuthenticationInfo(Entry authenticationEntry, ByteString simplePassword, boolean isRoot)
          Creates a new set of authentication information to be used for clients that have successfully performed simple authentication.
AuthenticationInfo(Entry authenticationEntry, Entry authorizationEntry, java.lang.String saslMechanism, boolean isRoot)
          Creates a new set of authentication information to be used for clients that have authenticated using a SASL mechanism.
AuthenticationInfo(Entry authenticationEntry, java.lang.String saslMechanism, boolean isRoot)
          Creates a new set of authentication information to be used for clients that have authenticated using a SASL mechanism.
 
Method Summary
 void addAuthenticationType(AuthenticationType authenticationType)
          Adds the provided authentication type to the set of authentication types completed by the client.
 void addSASLMechanism(java.lang.String saslMechanism)
          Adds the provided mechanism to the set of SASL mechanisms used by the client.
 AuthenticationInfo duplicate(Entry newAuthenticationEntry, Entry newAuthorizationEntry)
          Creates a duplicate of this AuthenticationInfo object with the new authentication and authorization entries.
 DN getAuthenticationDN()
          Retrieves the DN of the user as whom the client is authenticated.
 Entry getAuthenticationEntry()
          Retrieves the entry for the user as whom the client is authenticated.
 java.util.Set<AuthenticationType> getAuthenticationTypes()
          Retrieves the set of authentication types performed by the client.
 DN getAuthorizationDN()
          Retrieves the DN for the user that should be used as the default authorization identity.
 Entry getAuthorizationEntry()
          Retrieves the entry for the user that should be used as the default authorization identity.
 java.util.Set<java.lang.String> getSASLMechanisms()
          Retrieves the set of mechanisms that the client used for SASL authentication.
 ByteString getSimplePassword()
          Retrieves the password that the client used for simple authentication.
 boolean hasAnyAuthenticationType(java.util.Collection<AuthenticationType> types)
          Indicates whether this client has authenticated using any of the authentication types in the given collection.
 boolean hasAnySASLMechanism(java.util.Collection<java.lang.String> mechanisms)
          Indicates whether this client has authenticated using any of the SASL mechanisms in the given collection.
 boolean hasAuthenticationType(AuthenticationType authenticationType)
          Indicates whether this client has authenticated using the specified authentication type.
 boolean hasSASLMechanism(java.lang.String saslMechanism)
          Indicates whether the client is currently authenticated using the specified SASL mechanism.
 boolean isAuthenticated()
          Indicates whether this client has successfully authenticated to the server.
 boolean isRoot()
          Indicates whether this client should be considered a root user.
 boolean mustChangePassword()
          Indicates whether the authenticated user must change his/her password before any other operation will be allowed.
 void setMustChangePassword(boolean mustChangePassword)
          Specifies whether the authenticated user must change his/her password before any other operation will be allowed.
 void setUnauthenticated()
          Sets this authentication info structure to reflect that the client is not authenticated.
 java.lang.String toString()
          Retrieves a string representation of this authentication info structure.
 void toString(java.lang.StringBuilder buffer)
          Appends a string representation of this authentication info structure to the provided buffer.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AuthenticationInfo

public AuthenticationInfo()
Creates a new set of authentication information to be used for unauthenticated clients.


AuthenticationInfo

public AuthenticationInfo(Entry authenticationEntry,
                          boolean isRoot)
Creates a new set of authentication information to be used for clients that are authenticated internally.

Parameters:
authenticationEntry - The entry of the user that has authenticated, or null to indicate an unauthenticated user.
isRoot - Indicates whether the authenticated user is a root user.

AuthenticationInfo

public AuthenticationInfo(Entry authenticationEntry,
                          ByteString simplePassword,
                          boolean isRoot)
Creates a new set of authentication information to be used for clients that have successfully performed simple authentication.

Parameters:
authenticationEntry - The entry of the user that has authenticated. It must not be null.
simplePassword - The password that was used to perform the simple authentication. It must not be null.
isRoot - Indicates whether the authenticated user is a root user.

AuthenticationInfo

public AuthenticationInfo(Entry authenticationEntry,
                          java.lang.String saslMechanism,
                          boolean isRoot)
Creates a new set of authentication information to be used for clients that have authenticated using a SASL mechanism.

Parameters:
authenticationEntry - The entry of the user that has authenticated. It must not be null.
saslMechanism - The SASL mechanism used to authenticate. This must be provided in all-uppercase characters and must not be null.
isRoot - Indicates whether the authenticated user is a root user.

AuthenticationInfo

public AuthenticationInfo(Entry authenticationEntry,
                          Entry authorizationEntry,
                          java.lang.String saslMechanism,
                          boolean isRoot)
Creates a new set of authentication information to be used for clients that have authenticated using a SASL mechanism.

Parameters:
authenticationEntry - The entry of the user that has authenticated. It must not be null.
authorizationEntry - The entry of the user that will be used as the default authorization identity, or null to indicate that the authorization identity should be the unauthenticated user.
saslMechanism - The SASL mechanism used to authenticate. This must be provided in all-uppercase characters and must not be null.
isRoot - Indicates whether the authenticated user is a root user.
Method Detail

isAuthenticated

public boolean isAuthenticated()
Indicates whether this client has successfully authenticated to the server.

Returns:
true if this client has successfully authenticated to the server, or false if not.

setUnauthenticated

public void setUnauthenticated()
Sets this authentication info structure to reflect that the client is not authenticated.


isRoot

public boolean isRoot()
Indicates whether this client should be considered a root user.

Returns:
true if this client should be considered a root user, or false if not.

mustChangePassword

public boolean mustChangePassword()
Indicates whether the authenticated user must change his/her password before any other operation will be allowed.

Returns:
true if the user must change his/her password before any other operation will be allowed, or false if not.

setMustChangePassword

public void setMustChangePassword(boolean mustChangePassword)
Specifies whether the authenticated user must change his/her password before any other operation will be allowed.

Parameters:
mustChangePassword - Specifies whether the authenticated user must change his/her password before any other operation will be allowed.

hasAuthenticationType

public boolean hasAuthenticationType(AuthenticationType authenticationType)
Indicates whether this client has authenticated using the specified authentication type.

Parameters:
authenticationType - The authentication type for which to make the determination.
Returns:
true if the client has authenticated using the specified authentication type, or false if not.

hasAnyAuthenticationType

public boolean hasAnyAuthenticationType(java.util.Collection<AuthenticationType> types)
Indicates whether this client has authenticated using any of the authentication types in the given collection.

Parameters:
types - The collection of authentication types for which to make the determination.
Returns:
true if the client has authenticated using any of the specified authentication types, or false if not.

getAuthenticationTypes

public java.util.Set<AuthenticationType> getAuthenticationTypes()
Retrieves the set of authentication types performed by the client.

Returns:
The set of authentication types performed by the client.

addAuthenticationType

public void addAuthenticationType(AuthenticationType authenticationType)
Adds the provided authentication type to the set of authentication types completed by the client. This should only be used in conjunction with multi-factor or step-up authentication mechanisms.

Parameters:
authenticationType - The authentication type to add for this client.

getAuthenticationEntry

public Entry getAuthenticationEntry()
Retrieves the entry for the user as whom the client is authenticated.

Returns:
The entry for the user as whom the client is authenticated, or null if the client is unauthenticated.

getAuthenticationDN

public DN getAuthenticationDN()
Retrieves the DN of the user as whom the client is authenticated.

Returns:
The DN of the user as whom the client is authenticated, or null if the client is unauthenticated.

getAuthorizationEntry

public Entry getAuthorizationEntry()
Retrieves the entry for the user that should be used as the default authorization identity.

Returns:
The entry for the user that should be used as the default authorization identity, or null if the authorization identity should be the unauthenticated user.

getAuthorizationDN

public DN getAuthorizationDN()
Retrieves the DN for the user that should be used as the default authorization identity.

Returns:
The DN for the user that should be used as the default authorization identity, or null if the authorization identity should be the unauthenticated user.

getSimplePassword

public ByteString getSimplePassword()
Retrieves the password that the client used for simple authentication.

Returns:
The password that the client used for simple authentication, or null if the client is not authenticated using simple authentication.

hasSASLMechanism

public boolean hasSASLMechanism(java.lang.String saslMechanism)
Indicates whether the client is currently authenticated using the specified SASL mechanism.

Parameters:
saslMechanism - The SASL mechanism for which to make the determination. Note that this must be provided in all uppercase characters.
Returns:
true if the client is authenticated using the specified SASL mechanism, or false if not.

hasAnySASLMechanism

public boolean hasAnySASLMechanism(java.util.Collection<java.lang.String> mechanisms)
Indicates whether this client has authenticated using any of the SASL mechanisms in the given collection.

Parameters:
mechanisms - The collection of SASL mechanisms for which to make the determination.
Returns:
true if the client has authenticated using any of the provided SASL mechanisms, or false if not.

getSASLMechanisms

public java.util.Set<java.lang.String> getSASLMechanisms()
Retrieves the set of mechanisms that the client used for SASL authentication.

Returns:
The set of mechanisms that the client used for SASL authentication, or an empty set if SASL mechanism has not been used.

addSASLMechanism

public void addSASLMechanism(java.lang.String saslMechanism)
Adds the provided mechanism to the set of SASL mechanisms used by the client. This should only be used in conjunction with multi-factor or step-up authentication mechanisms.

Parameters:
saslMechanism - The SASL mechanism to add to set of mechanisms for this client. Note that this must be provided in all uppercase characters.

toString

public java.lang.String toString()
Retrieves a string representation of this authentication info structure.

Overrides:
toString in class java.lang.Object
Returns:
A string representation of this authentication info structure.

toString

public void toString(java.lang.StringBuilder buffer)
Appends a string representation of this authentication info structure to the provided buffer.

Parameters:
buffer - The buffer to which the information is to be appended.

duplicate

public AuthenticationInfo duplicate(Entry newAuthenticationEntry,
                                    Entry newAuthorizationEntry)
Creates a duplicate of this AuthenticationInfo object with the new authentication and authorization entries.

Parameters:
newAuthenticationEntry - The updated entry for the user as whom the associated client connection is authenticated.
newAuthorizationEntry - The updated entry for the default authorization identity for the associated client connection.
Returns:
The duplicate of this AuthenticationInfo object with the specified authentication and authorization entries.