Examples of org.apache.directory.api.ldap.model.message.BindResponse

• org.apache.directory.api.ldap.model.message.BindResponse
  Bind protocol response message used to confirm the results of a bind request message. BindResponse consists simply of an indication from the server of the status of the client's request for authentication. @author Apache Directory Project

        LdapConnection userCon = new LdapNetworkConnection( "localhost", ldapServer.getPort() );
        userCon.setTimeOut( 0 );

        Thread.sleep( 1000 ); // sleep for one second so that the password expire warning will be sent

        BindResponse bindResp = userCon.bind( bindReq );
        assertEquals( ResultCodeEnum.SUCCESS, bindResp.getLdapResult().getResultCode() );

        PasswordPolicy respCtrl = getPwdRespCtrl( bindResp );
        assertNotNull( respCtrl );
        assertTrue( respCtrl.getResponse().getTimeBeforeExpiration() > 0 );

        Thread.sleep( 4000 ); // sleep for four seconds so that the password expires

        // bind for two more times, should succeed
        bindResp = userCon.bind( bindReq );
        assertEquals( ResultCodeEnum.SUCCESS, bindResp.getLdapResult().getResultCode() );
        respCtrl = getPwdRespCtrl( bindResp );
        assertNotNull( respCtrl );
        assertEquals( 1, respCtrl.getResponse().getGraceAuthNRemaining() );

        // this extra second sleep is necessary to modify pwdGraceUseTime attribute with a different timestamp
        Thread.sleep( 1000 );
        bindResp = userCon.bind( bindReq );
        assertEquals( ResultCodeEnum.SUCCESS, bindResp.getLdapResult().getResultCode() );
        respCtrl = getPwdRespCtrl( bindResp );
        assertEquals( 0, respCtrl.getResponse().getGraceAuthNRemaining() );

        // this time it should fail
        bindResp = userCon.bind( bindReq );
        assertEquals( ResultCodeEnum.INVALID_CREDENTIALS, bindResp.getLdapResult().getResultCode() );

        respCtrl = getPwdRespCtrl( bindResp );
        assertEquals( PASSWORD_EXPIRED, respCtrl.getResponse().getPasswordPolicyError() );
        adminConnection.close();
    }

        bindReq.addControl( PP_REQ_CTRL );

        LdapConnection userConnection = new LdapNetworkConnection( "localhost", ldapServer.getPort() );

        Thread.sleep( 2000 ); // let the password expire
        BindResponse bindResp = userConnection.bind( bindReq );
        assertTrue( userConnection.isAuthenticated() );
        PasswordPolicy ppolicy = getPwdRespCtrl( bindResp );
        assertEquals( 1, ppolicy.getResponse().getGraceAuthNRemaining() );

        Entry userEntry = adminConnection.lookup( userDn, "+" );

        bindReq.setCredentials( "12345" );
        bindReq.addControl( PP_REQ_CTRL );

        for ( int i = 0; i < 5; i++ )
        {
            BindResponse bindResponse = userConnection.bind( bindReq );
            assertEquals( ResultCodeEnum.SUCCESS, bindResponse.getLdapResult().getResultCode() );

            PasswordPolicy respCtrl = getPwdRespCtrl( bindResponse );
            assertNotNull( respCtrl );

            if ( i < 2 )

                // The SASL bind must continue, we are sending the computed challenge
                LOG.info( "Continuation token had length " + tokenBytes.length );

                // Build the response
                result.setResultCode( ResultCodeEnum.SASL_BIND_IN_PROGRESS );
                BindResponse resp = bindRequest.getResultResponse();

                // Store the challenge
                resp.setServerSaslCreds( tokenBytes );

                // Switch to SASLAuthPending
                ldapSession.setSaslAuthPending();

                // And write back the response

     * Send a SUCCESS message back to the client.
     */
    private void sendBindSuccess( LdapSession ldapSession, BindRequest bindRequest, byte[] tokenBytes )
    {
        // Return the successful response
        BindResponse response = bindRequest.getResultResponse();
        response.getLdapResult().setResultCode( ResultCodeEnum.SUCCESS );
        response.setServerSaslCreds( tokenBytes );

        if ( !ldapSession.getCoreSession().isAnonymous() )
        {
            // If we have not been asked to authenticate as Anonymous, authenticate the user
            ldapSession.setAuthenticated();

    public void testSaslBindPLAIN() throws Exception
    {
        LdapNetworkConnection connection = new LdapNetworkConnection( "localhost", getLdapServer().getPort() );
        connection.setTimeOut( 0L );

        BindResponse resp = connection.bindSaslPlain( "hnelson", "secret" );
        assertEquals( ResultCodeEnum.SUCCESS, resp.getLdapResult().getResultCode() );

        Dn userDn = new Dn( "uid=hnelson,ou=users,dc=example,dc=com" );
        Entry entry = connection.lookup( userDn );
        assertEquals( "hnelson", entry.get( "uid" ).getString() );

        connection.close();

        // Try to bind with a wrong user
        resp = connection.bindSaslPlain( "hnelsom", "secret" );
        assertEquals( ResultCodeEnum.INVALID_CREDENTIALS, resp.getLdapResult().getResultCode() );

        // Try to bind with a wrong password
        resp = connection.bindSaslPlain( "hnelson", "secres" );
        assertEquals( ResultCodeEnum.INVALID_CREDENTIALS, resp.getLdapResult().getResultCode() );
    }

        SaslCramMd5Request request = new SaslCramMd5Request();
        request.setUsername( userDn.getRdn().getValue().getString() );
        request.setCredentials( "secret" );

        BindResponse resp = connection.bind( request );
        assertEquals( ResultCodeEnum.SUCCESS, resp.getLdapResult().getResultCode() );

        Entry entry = connection.lookup( userDn );
        assertEquals( "hnelson", entry.get( "uid" ).getString() );

        connection.close();

        SaslCramMd5Request request = new SaslCramMd5Request();
        request.setUsername( userDn.getRdn().getValue().getString() );
        request.setCredentials( "badsecret" );

        BindResponse resp = connection.bind( request );
        assertEquals( ResultCodeEnum.INVALID_CREDENTIALS, resp.getLdapResult().getResultCode() );
        connection.close();
    }

        SaslDigestMd5Request request = new SaslDigestMd5Request();
        request.setUsername( userDn.getRdn().getValue().getString() );
        request.setCredentials( "secret" );
        request.setRealmName( ldapServer.getSaslRealms().get( 0 ) );
        BindResponse resp = connection.bind( request );
        assertEquals( ResultCodeEnum.SUCCESS, resp.getLdapResult().getResultCode() );

        Entry entry = connection.lookup( userDn );
        assertEquals( "hnelson", entry.get( "uid" ).getString() );

        connection.close();

        SaslDigestMd5Request request = new SaslDigestMd5Request();
        request.setUsername( userDn.getRdn().getValue().getString() );
        request.setCredentials( "secret" );
        request.setRealmName( ldapServer.getSaslRealms().get( 0 ) );
        request.setQualityOfProtection( SaslQoP.AUTH );
        BindResponse resp = connection.bind( request );
        assertEquals( ResultCodeEnum.SUCCESS, resp.getLdapResult().getResultCode() );

        Entry entry = connection.lookup( userDn );
        assertEquals( "hnelson", entry.get( "uid" ).getString() );

        connection.close();