org.opends.server.authorization.dseecompat
Class UserDN

java.lang.Object
  extended by org.opends.server.authorization.dseecompat.UserDN
All Implemented Interfaces:
KeywordBindRule

public class UserDN
extends java.lang.Object
implements KeywordBindRule

This class represents the userdn keyword in a bind rule.


Method Summary
static KeywordBindRule decode(java.lang.String expression, EnumBindRuleType type)
          Decodes an expression string representing a userdn bind rule.
 EnumEvalResult evaluate(AciEvalContext evalCtx)
          Performs the evaluation of a userdn bind rule based on the evaluation context passed to it.
static EnumEvalResult evaluate(Entry e, DN clientDN, AttributeType attrType)
          This method searches an entry for an attribute value that is treated as a DN.
static EnumEvalResult evalURL(AciEvalContext evalCtx, LDAPURL url)
          This method evaluates an URL userdn expression.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

decode

public static KeywordBindRule decode(java.lang.String expression,
                                     EnumBindRuleType type)
                              throws AciException
Decodes an expression string representing a userdn bind rule.

Parameters:
expression - The string representation of the userdn bind rule expression.
type - An enumeration of the type of the bind rule.
Returns:
A KeywordBindRule class that represents the bind rule.
Throws:
AciException - If the expression failed to LDAP URL decode.

evaluate

public EnumEvalResult evaluate(AciEvalContext evalCtx)
Performs the evaluation of a userdn bind rule based on the evaluation context passed to it. The evaluation stops when there are no more UserDNTypeURLs to evaluate or if an UserDNTypeURL evaluates to true.

Specified by:
evaluate in interface KeywordBindRule
Parameters:
evalCtx - The evaluation context to evaluate with.
Returns:
An evaluation result enumeration containing the result of the evaluation.

evalURL

public static EnumEvalResult evalURL(AciEvalContext evalCtx,
                                     LDAPURL url)
This method evaluates an URL userdn expression. Something like: ldap:///suffix??sub?(filter). It also searches for the client DN entry and saves it in the evaluation context for repeat evaluations that might come later in processing.

Parameters:
evalCtx - The evaluation context to use.
url - URL containing the URL to use in the evaluation.
Returns:
An enumeration of the evaluation result.

evaluate

public static EnumEvalResult evaluate(Entry e,
                                      DN clientDN,
                                      AttributeType attrType)
This method searches an entry for an attribute value that is treated as a DN. That DN is then compared against the client DN.

Parameters:
e - The entry to get the attribute type from.
clientDN - The client authorization DN to check for.
attrType - The attribute type from the bind rule.
Returns:
An enumeration with the result.