1N/A * Copyright 2002-2003 Sun Microsystems, Inc. All rights reserved. 1N/A * Use is subject to license terms. 1N/A#
pragma ident "%Z%%M% %I% %E% SMI" 1N/A/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- 1N/A * The contents of this file are subject to the Netscape Public License 1N/A * Version 1.0 (the "NPL"); you may not use this file except in 1N/A * compliance with the NPL. You may obtain a copy of the NPL at 1N/A * Software distributed under the NPL is distributed on an "AS IS" basis, 1N/A * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL 1N/A * for the specific language governing rights and limitations under the 1N/A * The Initial Developer of the Original Code is Netscape 1N/A * Communications Corporation. Portions created by Netscape are 1N/A * Copyright (C) 1998-1999 Netscape Communications Corporation. All 1N/A * ldap_sasl_bind - authenticate to the ldap server. The dn, mechanism, 1N/A * and credentials of the entry to which to bind are supplied. An LDAP 1N/A * error code is returned and if LDAP_SUCCESS is returned *msgidp is set 1N/A * to the id of the request initiated. 1N/A * struct berval creds; 1N/A * LDAPControl **ctrls; 1N/A * ... fill in creds with credentials ... 1N/A * ... fill in ctrls with server controls ... 1N/A * err = ldap_sasl_bind( ld, "cn=manager, o=university of michigan, c=us", 1N/A * "mechanismname", &creds, ctrls, NULL, &msgid ); 1N/A * The ldapv3 bind request looks like this: 1N/A * BindRequest ::= SEQUENCE { 1N/A * name DistinguishedName, -- who 1N/A * authentication CHOICE { 1N/A * simple [0] OCTET STRING, -- passwd 1N/A * sasl [3] SaslCredentials -- v3 only 1N/A * SaslCredentials ::= SEQUENCE { 1N/A * mechanism LDAPString, 1N/A * credentials OCTET STRING 1N/A * all wrapped up in an LDAPMessage sequence. 1N/A /* only ldapv3 or higher can do sasl binds */ 1N/A /* create a message to send */ 1N/A if (
simple ) {
/* simple bind; works in LDAPv2 or v3 */ 1N/A }
else {
/* SASL bind; requires LDAPv3 or better */ 1N/A /* send the message */ 1N/A * ldap_sasl_bind_s - bind to the ldap server using sasl authentication 1N/A * The dn, mechanism, and credentials of the entry to which to bind are 1N/A * supplied. LDAP_SUCCESS is returned upon success, the ldap error code 1N/A * struct berval creds; 1N/A * ... fill in creds with credentials ... 1N/A * ldap_sasl_bind_s( ld, "cn=manager, o=university of michigan, c=us", 1N/A * "mechanismname", &creds ) 1N/A/* returns an LDAP error code that indicates if parse succeeded or not */ 1N/A * the ldapv3 SASL bind response looks like this: 1N/A * BindResponse ::= [APPLICATION 1] SEQUENCE { 1N/A * COMPONENTS OF LDAPResult, 1N/A * serverSaslCreds [7] OCTET STRING OPTIONAL 1N/A * all wrapped up in an LDAPMessage sequence. 1N/A /* only ldapv3 or higher can do sasl binds */ 1N/A /* skip past message id, matched dn, error message ... */ 1N/A /* the docs state that the return is either LDAP_DECODING_ERROR */ 1N/A /* or LDAP_SUCCESS. Here we match the docs... it's cleaner in 3.1 */