byte[] response = (saslClnt.hasInitialResponse() ? saslClnt
.evaluateChallenge(new byte[0]) : null);
// do bind operation, including the initial
// response (if any)
BindOp bind = new BindOp("", "", saslMech, response);
client.doOperation(bind, controls);
LdapResult res = bind.getResult();
// If DefaultCallbackHandler is used, DIGEST-MD5 needs realm in
// callbacke handler
if (DIGEST_MD5.equals(saslMech)
&& cbh instanceof DefaultCallbackHandler) {
((DefaultCallbackHandler) cbh).setRealm(getRealm(new String(bind
.getServerSaslCreds())));
}
// Authentication done?
while (!saslClnt.isComplete()
&& (res.getResultCode() == LdapResult.SASL_BIND_IN_PROGRESS || res
.getResultCode() == LdapResult.SUCCESS)) {
// No, process challenge to get an appropriate next
// response
byte[] challenge = bind.getServerSaslCreds();
response = saslClnt.evaluateChallenge(challenge);
// May be a success message with no further response
if (res.getResultCode() == LdapResult.SUCCESS) {
if (response != null) {
// Protocol error; supposed to be done already
throw new SaslException("Protocol error in "
+ "SASL session");
}
System.out.println("success");
break; // done
}
// Wrap the response in another bind request and send
// it off
bind.setSaslCredentials(response);
client.doOperation(bind, controls);
res = bind.getResult();
}
return bind.getResult();
}