예제 #1
0
  /**
   * Performs the checks and processing necessary for the current bind operation (simple or SASL).
   */
  private void processBind() {
    // Check to see if the client has permission to perform the
    // bind.

    // FIXME: for now assume that this will check all permission
    // pertinent to the operation. This includes any controls
    // specified.
    try {
      if (!AccessControlConfigManager.getInstance().getAccessControlHandler().isAllowed(this)) {
        setResultCode(ResultCode.INVALID_CREDENTIALS);
        setAuthFailureReason(ERR_BIND_AUTHZ_INSUFFICIENT_ACCESS_RIGHTS.get());
        return;
      }
    } catch (DirectoryException e) {
      setResultCode(e.getResultCode());
      setAuthFailureReason(e.getMessageObject());
      return;
    }

    // Check to see if there are any controls in the request. If so, then see
    // if there is any special processing required.
    try {
      handleRequestControls();
    } catch (DirectoryException de) {
      logger.traceException(de);

      setResponseData(de);
      return;
    }

    // Check to see if this is a simple bind or a SASL bind and process
    // accordingly.
    try {
      switch (getAuthenticationType()) {
        case SIMPLE:
          processSimpleBind();
          break;

        case SASL:
          processSASLBind();
          break;

        default:
          // Send a protocol error response to the client and disconnect.
          // We should never come here.
          setResultCode(ResultCode.PROTOCOL_ERROR);
      }
    } catch (DirectoryException de) {
      logger.traceException(de);

      if (de.getResultCode() == ResultCode.INVALID_CREDENTIALS) {
        setResultCode(ResultCode.INVALID_CREDENTIALS);
        setAuthFailureReason(de.getMessageObject());
      } else {
        setResponseData(de);
      }
    }
  }