You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by Apache Wiki <wi...@apache.org> on 2005/09/04 16:02:25 UTC

[Directory Wiki] Update of "BindRequest" by EmmanuelLecharny

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Directory Wiki" for change notification.

The following page has been changed by EmmanuelLecharny:
http://wiki.apache.org/directory/BindRequest

New page:
= BindRequest Message =

This is the very first message sent by a client to a Ldap Server. It contains the identification of the user and itss credentials, which may be either '''simple''' or '''sasl'''.

== Message structure ==

Here is the ASN.1 grammar for a BindRequest (you can find it in [http://www.faqs.org/rfcs/rfc2251.html RFC 2251])
{{{
LDAPMessage ::= SEQUENCE {
    messageID  MessageID,
    protocolOp CHOICE {
        bindRequest  BindRequest,
        ... },
    controls   [0] Controls OPTIONAL }

MessageID ::= INTEGER (0 .. maxInt)

maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) --

BindRequest ::= [APPLICATION 0] SEQUENCE {
    version         INTEGER (1 .. 127),
    name            LDAPDN,
    authentication  AuthenticationChoice }

AuthenticationChoice ::= CHOICE {
    simple  [0] OCTET STRING,
            -- 1 and 2 reserved
    sasl    [3] SaslCredentials }

SaslCredentials ::= SEQUENCE {
    mechanism    LDAPString,
    credentials  OCTET STRING OPTIONAL }

LDAPDN ::= LDAPString

LDAPString ::= OCTET STRING
}}}

We have a Java Bean which contains all the necessary informations. Here is the Class diagram for this message :

attachment:BindRequestDC.png

 * a MessageId : an integer between 0 and 2,147,483,647
 * a protocolOp : it's another 
 * a version : here it will always be the value '''3'''
 * a name : it can be null, if the user performs its authentication with '''SASL'''
- version: A version number indicating the version of the protocol to
     be used in this protocol session.  This document describes version
     3 of the LDAP protocol.  Note that there is no version negotiation,
     and the client just sets this parameter to the version it desires.
     If the client requests protocol version 2, a server that supports
     the version 2 protocol as described in [2] will not return any v3-

     specific protocol fields.  (Note that not all LDAP servers will
     support protocol version 2, since they may be unable to generate
     the attribute syntaxes associated with version 2.)

   - name: The name of the directory object that the client wishes to
     bind as.  This field may take on a null value (a zero length
     string) for the purposes of anonymous binds, when authentication
     has been performed at a lower layer, or when using SASL credentials
     with a mechanism that includes the LDAPDN in the credentials.

   - authentication: information used to authenticate the name, if any,
     provided in the Bind Request.