SASLAuth.java revision 16bdb19cdda5201d272cd6ca5bf876c88493327c
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2011-2015 ForgeRock AS.
*/
/**
* An example client application which performs SASL authentication to a
* directory server, displays a result, and closes the connection.
*
* Set up StartTLS before using this example.
*/
/**
* An example client application which performs SASL PLAIN authentication to a
* directory server over LDAP with StartTLS. This example takes the following
* command line parameters:
* <ul>
* <li>host - host name of the directory server</li>
* <li>port - port number of the directory server for StartTLS</li>
* <li>authzid - (Optional) Authorization identity</li>
* <li>authcid - Authentication identity</li>
* <li>passwd - Password of the user to authenticate</li>
* </ul>
* The host, port, authcid, and passwd are required. SASL PLAIN is described in
* <a href="http://www.ietf.org/rfc/rfc4616.txt">RFC 4616</a>.
* <p>
* The authzid and authcid are prefixed as described in <a
* href="http://tools.ietf.org/html/rfc4513#section-5.2.1.8">RFC 4513, section
* 5.2.1.8</a>, with "dn:" if you pass in a distinguished name, or with "u:" if
* you pass in a user ID.
* <p>
* By default, OpenDJ is set up for SASL PLAIN to use the Exact Match Identity
* Mapper to find entries by searching uid values for the user ID. In other
* words, the following examples are equivalent.
*
* <pre>
* dn:uid=bjensen,ou=people,dc=example,dc=com
* u:bjensen
* </pre>
*/
public final class SASLAuth {
/**
* Authenticate to the directory using SASL PLAIN.
*
* @param args
* The command line arguments
*/
// --- JCite ---
try {
final LDAPConnectionFactory factory =
} catch (final LdapException e) {
return;
} catch (final GeneralSecurityException e) {
} finally {
if (connection != null) {
connection.close();
}
}
// --- JCite ---
}
/**
* For StartTLS the connection factory needs SSL context options. In the
* general case, a trust manager in the SSL context serves to check server
* certificates, and a key manager handles client keys when the server
* checks certificates from our client.
*
* OpenDJ directory server lets you install by default with a self-signed
* certificate that is not in the system trust store. To simplify this
* implementation trusts all server certificates.
*/
return options;
}
private static int port;
/**
* Parse command line arguments.
*
* @param args
* host port [authzid] authcid passwd
*/
giveUp();
}
} else {
}
}
private static void giveUp() {
printUsage();
}
private static void printUsage() {
}
private SASLAuth() {
// Not used.
}
}