Class LDAPControl
- All Implemented Interfaces:
Serializable
,Cloneable
- Direct Known Subclasses:
LDAPEntryChangeControl
,LDAPPasswordExpiredControl
,LDAPPasswordExpiringControl
,LDAPPersistSearchControl
,LDAPProxiedAuthControl
,LDAPSortControl
,LDAPVirtualListControl
,LDAPVirtualListResponse
LDAP controls allow you to extend the functionality of an LDAP operation. For example, you can use an LDAP control for the search operation to sort search results on an LDAP server.
An LDAP control can be either a server control or a client control:
- Server controls can be sent to the LDAP server or returned by the server on any operation.
- Client controls are intended to affect only the client side of the operation.
An LDAP control consists of the following information:
- A unique object ID (OID) that identifies the control.
- A "criticality" field, which indicates whether or
not the control is critical to the operation. (If the control is
critical to the operation and the server does not support the control,
the server should not execute the operation.)
- Data pertaining to the control.
To determine which server controls are supported by a particular server,
you need to search for the root DSE (DSA-specific entry, where DSA is
another term for "LDAP server") and find the values of the
supportedControl
attribute. This attribute contains the
object IDs (OIDs) of the controls supported by this server.
The following section of code demonstrates how to get the list of the server controls supported by an LDAP server.
public static void main( String[] args ) { LDAPConnection ld = new LDAPConnection(); try { String MY_HOST = "localhost"; int MY_PORT = 389; ld.connect( MY_HOST, MY_PORT ); try { ld.authenticate( 3, "cn=Directory Manager", "23skidoo" ); } catch( LDAPException e ) { System.out.println( "LDAP server does not support v3." ); ld.disconnect(); System.exit(1); } String MY_FILT = "(objectclass=*)"; String MY_BASE = ""; String getAttrs[] = { "supportedControl" }; LDAPSearchResults res = ld.search( MY_BASE, LDAPConnection.SCOPE_BASE, MY_FILT, getAttrs, false ); while ( res.hasMoreElements() ) { LDAPEntry findEntry = (LDAPEntry)res.nextElement(); LDAPAttributeSet findAttrs = findEntry.getAttributeSet(); Enumeration enumAttrs = findAttrs.getAttributes(); while ( enumAttrs.hasMoreElements() ) { LDAPAttribute anAttr = (LDAPAttribute)enumAttrs.nextElement(); String attrName = anAttr.getName(); System.out.println( attrName ); Enumeration enumVals = anAttr.getStringValues(); while ( enumVals.hasMoreElements() ) { String aVal = ( String )enumVals.nextElement(); System.out.println( "\t" + aVal ); } } } } catch( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } try { ld.disconnect(); } catch( LDAPException e ) { System.exit(1); } System.exit(0); }
If you compile and run this example against an LDAP server that supports v3 of the protocol, you might receive the following results:
supportedcontrol 2.16.840.1.113730.3.4.2 2.16.840.1.113730.3.4.3 2.16.840.1.113730.3.4.4 2.16.840.1.113730.3.4.5 1.2.840.113556.1.4.473
For more information on LDAP controls, see the Internet-Draft on the LDAP v3 protocol. (Note that this internet draft is still a work in progress. You can find the latest draft at the ASID home page.
- Version:
- 1.0
- See Also:
-
LDAPv3.CLIENTCONTROLS
LDAPv3.SERVERCONTROLS
LDAPConnection.search(java.lang.String, int, java.lang.String, java.lang.String[], boolean)
LDAPConnection.getOption(int)
LDAPConnection.setOption(int, java.lang.Object)
LDAPConnection.getResponseControls()
LDAPConstraints.getClientControls()
LDAPConstraints.getServerControls()
LDAPConstraints.setClientControls(netscape.ldap.LDAPControl)
LDAPConstraints.setServerControls(netscape.ldap.LDAPControl)
- Serialized Form
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor for theLDAPControl
class.LDAPControl
(String id, boolean critical, byte[] vals) Constructs a newLDAPControl
object using the specified object ID (OID), "criticality" field, and data to be used by the control. -
Method Summary
Modifier and TypeMethodDescriptionclone()
Creates a copy of the control.protected static LDAPControl
createControl
(String oid, boolean critical, byte[] value) Returns aLDAPControl
object instantiated by the Class associated byLDAPControl.register
to the oid.protected byte[]
flattenBER
(BERSequence ber) Create a "flattened" BER encoding from a BER, and return it as a byte array.getID()
Gets the object ID (OID) of the control.byte[]
getValue()
Gets the data in the control.boolean
Specifies whether or not the control is critical to the LDAP operation.protected static Class<?>
lookupControlClass
(String oid) Returns theClass
that has been registered to oid.static LDAPControl[]
newInstance
(byte[] data) Instantiates all of the controls contained within the LDAP message fragment specified by data and returns them in anLDAPControl
array.static void
Associates a class with an oid.toString()
Return a string representation of the control for debugging
-
Field Details
-
MANAGEDSAIT
- See Also:
-
PWEXPIRED
- See Also:
-
PWEXPIRING
- See Also:
-
m_critical
protected boolean m_critical -
m_value
protected byte[] m_value
-
-
Constructor Details
-
LDAPControl
public LDAPControl()Default constructor for theLDAPControl
class. -
LDAPControl
Constructs a newLDAPControl
object using the specified object ID (OID), "criticality" field, and data to be used by the control.- Parameters:
id
- the object ID (OID) identifying the controlcritical
-true
if the LDAP operation should be cancelled when the server does not support this control (in other words, this control is critical to the LDAP operation)vals
- control-specific data- See Also:
-
-
Method Details
-
getID
Gets the object ID (OID) of the control.- Returns:
- object ID (OID) of the control.
-
isCritical
public boolean isCritical()Specifies whether or not the control is critical to the LDAP operation.- Returns:
true
if the LDAP operation should be cancelled when the server does not support this control.
-
getValue
public byte[] getValue()Gets the data in the control.- Returns:
- the data in the control as a byte array.
-
register
Associates a class with an oid. This class must be an extension ofLDAPControl
, and should implement theLDAPControl( String oid, boolean critical, byte[] value)
constructor to instantiate the control.- Parameters:
oid
- the string representation of the oidcontrolClass
- the class that instantatiates the control associated with oid- Throws:
LDAPException
- If the class parameter is not a subclass ofLDAPControl
or the class parameter does not implement theLDAPControl(String oid, boolean critical, byte[] value)
constructor.
-
lookupControlClass
Returns theClass
that has been registered to oid.- Parameters:
oid
- a String that associates the control class to a control- Returns:
- a
Class
that can instantiate a control of the type specified by oid. - See Also:
-
createControl
Returns aLDAPControl
object instantiated by the Class associated byLDAPControl.register
to the oid. If no Class is found for the given control, or an exception occurs when attempting to instantiate the control, a basicLDAPControl
is instantiated using the parameters.- Parameters:
oid
- the oid of the control to instantiatecritical
-true
if this is a critical controlvalue
- the byte value for the control- Returns:
- a newly instantiated
LDAPControl
. - See Also:
-
newInstance
Instantiates all of the controls contained within the LDAP message fragment specified by data and returns them in anLDAPControl
array. This fragment can be either the entire LDAP message or just the control section of the message.If an exception occurs when instantiating a control, that control is returned as a basic
LDAPControl
.- Parameters:
data
- the LDAP message fragment in raw BER format- Returns:
- an
LDAPControl
array containing all of the controls from the message fragment. - Throws:
java.lang.IOException
- If the data passed to this method is not a valid LDAP message fragment.IOException
- See Also:
-
clone
Creates a copy of the control. -
flattenBER
Create a "flattened" BER encoding from a BER, and return it as a byte array.- Parameters:
ber
- a BER encoded sequence- Returns:
- the byte array of encoded data.
-
toString
Return a string representation of the control for debugging
-