You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by Apache Wiki <wi...@apache.org> on 2005/09/04 16:02:25 UTC
[Directory Wiki] Update of "BindRequest" by EmmanuelLecharny
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Directory Wiki" for change notification.
The following page has been changed by EmmanuelLecharny:
http://wiki.apache.org/directory/BindRequest
New page:
= BindRequest Message =
This is the very first message sent by a client to a Ldap Server. It contains the identification of the user and itss credentials, which may be either '''simple''' or '''sasl'''.
== Message structure ==
Here is the ASN.1 grammar for a BindRequest (you can find it in [http://www.faqs.org/rfcs/rfc2251.html RFC 2251])
{{{
LDAPMessage ::= SEQUENCE {
messageID MessageID,
protocolOp CHOICE {
bindRequest BindRequest,
... },
controls [0] Controls OPTIONAL }
MessageID ::= INTEGER (0 .. maxInt)
maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) --
BindRequest ::= [APPLICATION 0] SEQUENCE {
version INTEGER (1 .. 127),
name LDAPDN,
authentication AuthenticationChoice }
AuthenticationChoice ::= CHOICE {
simple [0] OCTET STRING,
-- 1 and 2 reserved
sasl [3] SaslCredentials }
SaslCredentials ::= SEQUENCE {
mechanism LDAPString,
credentials OCTET STRING OPTIONAL }
LDAPDN ::= LDAPString
LDAPString ::= OCTET STRING
}}}
We have a Java Bean which contains all the necessary informations. Here is the Class diagram for this message :
attachment:BindRequestDC.png
* a MessageId : an integer between 0 and 2,147,483,647
* a protocolOp : it's another
* a version : here it will always be the value '''3'''
* a name : it can be null, if the user performs its authentication with '''SASL'''
- version: A version number indicating the version of the protocol to
be used in this protocol session. This document describes version
3 of the LDAP protocol. Note that there is no version negotiation,
and the client just sets this parameter to the version it desires.
If the client requests protocol version 2, a server that supports
the version 2 protocol as described in [2] will not return any v3-
specific protocol fields. (Note that not all LDAP servers will
support protocol version 2, since they may be unable to generate
the attribute syntaxes associated with version 2.)
- name: The name of the directory object that the client wishes to
bind as. This field may take on a null value (a zero length
string) for the purposes of anonymous binds, when authentication
has been performed at a lower layer, or when using SASL credentials
with a mechanism that includes the LDAPDN in the credentials.
- authentication: information used to authenticate the name, if any,
provided in the Bind Request.