Package org.forgerock.opendj.ldap.requests

Interface BindClient

public interface BindClient
An authentication client which can be used to bind to a server. Specifically, a bind client manages the state associated with multi-stage authentication attempts and responds to any challenges returned by the server.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    dispose()
    Disposes of any system resources or security-sensitive information that this bind client might be using.
    boolean
    evaluateResult(BindResult result)
    Evaluates the provided bind result and returns true if authentication has completed successfully, or false if additional authentication steps are required (for example during a multi-stage SASL authentication attempt).
    ConnectionSecurityLayer
    getConnectionSecurityLayer()
    Returns a connection security layer, but only if this bind client has negotiated integrity and/or privacy protection for the underlying connection.
    GenericBindRequest
    nextBindRequest()
    Returns the next bind request which should be used for the next stage of authentication.

  • Method Details

    • dispose

      void dispose()
      Disposes of any system resources or security-sensitive information that this bind client might be using. Invoking this method invalidates this instance.

    • evaluateResult

      boolean evaluateResult(BindResult result) throws LdapException
      Evaluates the provided bind result and returns true if authentication has completed successfully, or false if additional authentication steps are required (for example during a multi-stage SASL authentication attempt).

      If additional steps are required then implementations must update their internal state based on information contained in the bind result (for example, using the server provided SASL credentials).

      Parameters:
      result - The bind result to be evaluated.
      Returns:
      true if authentication has completed successfully, of false if additional steps are required.
      Throws:
      LdapException - If the evaluation failed for some reason and authentication cannot continue.

    • getConnectionSecurityLayer

      ConnectionSecurityLayer getConnectionSecurityLayer()
      Returns a connection security layer, but only if this bind client has negotiated integrity and/or privacy protection for the underlying connection. This method should only be called once authentication has completed.
      Returns:
      A connection security layer, or null if none was negotiated.

    • nextBindRequest

      GenericBindRequest nextBindRequest()
      Returns the next bind request which should be used for the next stage of authentication. Initially, this will be a copy of the original bind request used to create this bind client.
      Returns:
      The next bind request which should be used for the next stage of authentication.