Module io.inverno.mod.ldap
Package io.inverno.mod.ldap

Interface LDAPClient

All Superinterfaces:
LDAPOperations
public interface LDAPClient extends LDAPOperations

An LDAP Client exposes reactive methods to query an LDAP server.

Since:
1.5
Author:
Jeremy Kuhn

  • Nested Class Summary

    Nested classes/interfaces inherited from interface io.inverno.mod.ldap.LDAPOperations

    LDAPOperations.SearchBuilder, LDAPOperations.SearchScope

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    CODE_ADMIN_LIMIT_EXCEEDED
    Indicates that an administrative limit has been exceeded.
    static final int
    CODE_AFFECTS_MULTIPLE_DSAS
    Indicates that the operation cannot be performed as it would affect multiple servers (DSAs).
    static final int
    CODE_ALIAS_DEREFERENCING_PROBLEM
    Indicates that a problem occurred while dereferencing an alias.
    static final int
    CODE_ALIAS_PROBLEM
    Indicates that an alias problem has occurred.
    static final int
    CODE_ATTRIBUTE_OR_VALUE_EXISTS
    Indicates that the client supplied an attribute or value to be added to an entry, but the attribute or value already exists.
    static final int
    CODE_AUTH_METHOD_NOT_SUPPORTED
    Indicates that the authentication method or mechanism is not supported.
    static final int
    CODE_BUSY
    Indicates that the server is too busy to service the operation.
    static final int
    CODE_COMPARE_FALSE
    Indicates that the Compare operation has successfully completed and the assertion has evaluated to FALSE or Undefined.
    static final int
    CODE_COMPARE_TRUE
    Indicates that the Compare operation has successfully completed and the assertion has evaluated to TRUE.
    static final int
    CODE_CONFIDENTIALITY_REQUIRED
    Indicates that data confidentiality protections are required.
    static final int
    CODE_CONSTRAINT_VIOLATION
    Indicates that the client supplied an attribute value that does not conform to the constraints placed upon it by the data model.
    static final int
    CODE_ENTRY_ALREADY_EXISTS
    Indicates that the request cannot be fulfilled (added, moved, or renamed) as the target entry already exists.
    static final int
    CODE_INAPPROPRIATE_AUTHENTICATION
    Indicates the server requires the client that had attempted to bind anonymously or without supplying credentials to provide some form of credentials.
    static final int
    CODE_INAPPROPRIATE_MATCHING
    Indicates that an attempt was made (e.g., in an assertion) to use a matching rule not defined for the attribute type concerned.
    static final int
    CODE_INSUFFICIENT_ACCESS_RIGHTS
    Indicates that the client does not have sufficient access rights to perform the operation.
    static final int
    CODE_INVALID_ATTRIBUTE_SYNTAX
    Indicates that a purported attribute value does not conform to the syntax of the attribute.
    static final int
    CODE_INVALID_CREDENTIALS
    Indicates that the provided credentials (e.g., the user's name and password) are invalid.
    static final int
    CODE_INVALID_DN_SYNTAX
    Indicates that an LDAPDN or RelativeLDAPDN field (e.g., search base, target entry, ModifyDN newrdn, etc.) of a request does not conform to the required syntax or contains attribute values that do not conform to the syntax of the attribute's type.
    static final int
    CODE_IS_LEAF
    Indicates that the specified operation cannot be performed on a leaf entry.
    static final int
    CODE_LOOP_DETECT
    Indicates that the server has detected an internal loop (e.g., while dereferencing aliases or chaining an operation).
    static final int
    CODE_NAMING_VIOLATION
    Indicates that the entry's name violates naming restrictions.
    static final int
    CODE_NO_SUCH_ATTRIBUTE
    Indicates that the named entry does not contain the specified attribute or attribute value.
    static final int
    CODE_NO_SUCH_OBJECT
    Indicates that the object does not exist in the DIT.
    static final int
    CODE_NOT_ALLOWED_ON_NON_LEAF
    Indicates that the operation is inappropriately acting upon a non-leaf entry.
    static final int
    CODE_NOT_ALLOWED_ON_RDN
    Indicates that the operation is inappropriately attempting to remove a value that forms the entry's relative distinguished name.
    static final int
    CODE_OBJECT_CLASS_MODS_PROHIBITED
    Indicates that an attempt to modify the object class(es) of an entry's 'objectClass' attribute is prohibited.
    static final int
    CODE_OBJECT_CLASS_VIOLATION
    Indicates that the entry violates object class restrictions.
    static final int
    CODE_OPERATIONS_ERROR
    Indicates that the operation is not properly sequenced with relation to other operations (of same or different type).
    static final int
    CODE_OTHER
    Indicates the server has encountered an internal error.
    static final int
    CODE_PROTOCOL_ERROR
    Indicates the server received data that is not well-formed.
    static final int
    CODE_REFERRAL
    Indicates that a referral needs to be chased to complete the operation
    static final int
    CODE_SASL_BIND_IN_PROGRESS
    Indicates the server requires the client to send a new bind request, with the same SASL mechanism, to continue the authentication process.
    static final int
    CODE_SIZE_LIMIT_EXCEEDED
    Indicates that the size limit specified by the client was exceeded before the operation could be completed.
    static final int
    CODE_STRONG_AUTH_REQUIRED
    Indicates the server requires strong(er) authentication in order to complete the operation.
    static final int
    CODE_SUCCESS
    Indicates the successful completion of an operation.
    static final int
    CODE_TIME_LIMIT_EXCEEDED
    Indicates that the time limit specified by the client was exceeded before the operation could be completed.
    static final int
    CODE_UNAVAILABLE
    Indicates that the server is shutting down or a subsystem necessary to complete the operation is offline.
    static final int
    CODE_UNAVAILABLE_CRITICAL_EXTENSION
    Indicates a critical control is unrecognized.
    static final int
    CODE_UNDEFINED_ATTRIBUTE_TYPE
    Indicates that a request field contains an unrecognized attribute description.
    static final int
    CODE_UNWILLING_TO_PERFORM
    Indicates that the server is unwilling to perform the operation.

  • Method Summary

    Modifier and Type
    Method
    Description
    <T> Publisher<T>
    bind(String dn, Object[] dnArgs, String credentials, Function<LDAPOperations,Publisher<T>> function)
    Authenticates to the server and executes a set of operations.
    <T> Publisher<T>
    bind(String dn, String credentials, Function<LDAPOperations,Publisher<T>> function)
    Authenticates to the server and executes a set of operations.
    Mono<Void>
    close()
    Closes the LDAP client and free resources.

    Methods inherited from interface io.inverno.mod.ldap.LDAPOperations

    get, get, get, get, getBoundDN, search, search, search, search, search

  • Field Details

    • CODE_SUCCESS

      static final int CODE_SUCCESS

      Indicates the successful completion of an operation.

      RFC4511 Appendix A.2
      See Also:

    • CODE_OPERATIONS_ERROR

      static final int CODE_OPERATIONS_ERROR

      Indicates that the operation is not properly sequenced with relation to other operations (of same or different type).

      RFC4511 Appendix A.2
      See Also:

    • CODE_PROTOCOL_ERROR

      static final int CODE_PROTOCOL_ERROR

      Indicates the server received data that is not well-formed.

      RFC4511 Appendix A.2
      See Also:

    • CODE_TIME_LIMIT_EXCEEDED

      static final int CODE_TIME_LIMIT_EXCEEDED

      Indicates that the time limit specified by the client was exceeded before the operation could be completed.

      RFC4511 Appendix A.2
      See Also:

    • CODE_SIZE_LIMIT_EXCEEDED

      static final int CODE_SIZE_LIMIT_EXCEEDED

      Indicates that the size limit specified by the client was exceeded before the operation could be completed.

      RFC4511 Appendix A.2
      See Also:

    • CODE_COMPARE_FALSE

      static final int CODE_COMPARE_FALSE

      Indicates that the Compare operation has successfully completed and the assertion has evaluated to FALSE or Undefined.

      RFC4511 Appendix A.2
      See Also:

    • CODE_COMPARE_TRUE

      static final int CODE_COMPARE_TRUE

      Indicates that the Compare operation has successfully completed and the assertion has evaluated to TRUE.

      RFC4511 Appendix A.2
      See Also:

    • CODE_AUTH_METHOD_NOT_SUPPORTED

      static final int CODE_AUTH_METHOD_NOT_SUPPORTED

      Indicates that the authentication method or mechanism is not supported.

      RFC4511 Appendix A.2
      See Also:

    • CODE_STRONG_AUTH_REQUIRED

      static final int CODE_STRONG_AUTH_REQUIRED

      Indicates the server requires strong(er) authentication in order to complete the operation.

      RFC4511 Appendix A.2
      See Also:

    • CODE_REFERRAL

      static final int CODE_REFERRAL

      Indicates that a referral needs to be chased to complete the operation

      RFC4511 Appendix A.2
      See Also:

    • CODE_ADMIN_LIMIT_EXCEEDED

      static final int CODE_ADMIN_LIMIT_EXCEEDED

      Indicates that an administrative limit has been exceeded.

      RFC4511 Appendix A.2
      See Also:

    • CODE_UNAVAILABLE_CRITICAL_EXTENSION

      static final int CODE_UNAVAILABLE_CRITICAL_EXTENSION

      Indicates a critical control is unrecognized.

      RFC4511 Appendix A.2
      See Also:

    • CODE_CONFIDENTIALITY_REQUIRED

      static final int CODE_CONFIDENTIALITY_REQUIRED

      Indicates that data confidentiality protections are required.

      RFC4511 Appendix A.2
      See Also:

    • CODE_SASL_BIND_IN_PROGRESS

      static final int CODE_SASL_BIND_IN_PROGRESS

      Indicates the server requires the client to send a new bind request, with the same SASL mechanism, to continue the authentication process.

      RFC4511 Appendix A.2
      See Also:

    • CODE_NO_SUCH_ATTRIBUTE

      static final int CODE_NO_SUCH_ATTRIBUTE

      Indicates that the named entry does not contain the specified attribute or attribute value.

      RFC4511 Appendix A.2
      See Also:

    • CODE_UNDEFINED_ATTRIBUTE_TYPE

      static final int CODE_UNDEFINED_ATTRIBUTE_TYPE

      Indicates that a request field contains an unrecognized attribute description.

      RFC4511 Appendix A.2
      See Also:

    • CODE_INAPPROPRIATE_MATCHING

      static final int CODE_INAPPROPRIATE_MATCHING

      Indicates that an attempt was made (e.g., in an assertion) to use a matching rule not defined for the attribute type concerned.

      RFC4511 Appendix A.2
      See Also:

    • CODE_CONSTRAINT_VIOLATION

      static final int CODE_CONSTRAINT_VIOLATION

      Indicates that the client supplied an attribute value that does not conform to the constraints placed upon it by the data model.

      RFC4511 Appendix A.2
      See Also:

    • CODE_ATTRIBUTE_OR_VALUE_EXISTS

      static final int CODE_ATTRIBUTE_OR_VALUE_EXISTS

      Indicates that the client supplied an attribute or value to be added to an entry, but the attribute or value already exists.

      RFC4511 Appendix A.2
      See Also:

    • CODE_INVALID_ATTRIBUTE_SYNTAX

      static final int CODE_INVALID_ATTRIBUTE_SYNTAX

      Indicates that a purported attribute value does not conform to the syntax of the attribute.

      RFC4511 Appendix A.2
      See Also:

    • CODE_NO_SUCH_OBJECT

      static final int CODE_NO_SUCH_OBJECT

      Indicates that the object does not exist in the DIT.

      RFC4511 Appendix A.2
      See Also:

    • CODE_ALIAS_PROBLEM

      static final int CODE_ALIAS_PROBLEM

      Indicates that an alias problem has occurred. For example, the code may used to indicate an alias has been dereferenced that names no object.

      RFC4511 Appendix A.2
      See Also:

    • CODE_INVALID_DN_SYNTAX

      static final int CODE_INVALID_DN_SYNTAX

      Indicates that an LDAPDN or RelativeLDAPDN field (e.g., search base, target entry, ModifyDN newrdn, etc.) of a request does not conform to the required syntax or contains attribute values that do not conform to the syntax of the attribute's type.

      RFC4511 Appendix A.2
      See Also:

    • CODE_IS_LEAF

      static final int CODE_IS_LEAF

      Indicates that the specified operation cannot be performed on a leaf entry.

      RFC4511 Appendix A.2
      See Also:

    • CODE_ALIAS_DEREFERENCING_PROBLEM

      static final int CODE_ALIAS_DEREFERENCING_PROBLEM

      Indicates that a problem occurred while dereferencing an alias. Typically, an alias was encountered in a situation where it was not allowed or where access was denied.

      RFC4511 Appendix A.2
      See Also:

    • CODE_INAPPROPRIATE_AUTHENTICATION

      static final int CODE_INAPPROPRIATE_AUTHENTICATION

      Indicates the server requires the client that had attempted to bind anonymously or without supplying credentials to provide some form of credentials.

      RFC4511 Appendix A.2
      See Also:

    • CODE_INVALID_CREDENTIALS

      static final int CODE_INVALID_CREDENTIALS

      Indicates that the provided credentials (e.g., the user's name and password) are invalid.

      RFC4511 Appendix A.2
      See Also:

    • CODE_INSUFFICIENT_ACCESS_RIGHTS

      static final int CODE_INSUFFICIENT_ACCESS_RIGHTS

      Indicates that the client does not have sufficient access rights to perform the operation.

      RFC4511 Appendix A.2
      See Also:

    • CODE_BUSY

      static final int CODE_BUSY

      Indicates that the server is too busy to service the operation.

      RFC4511 Appendix A.2
      See Also:

    • CODE_UNAVAILABLE

      static final int CODE_UNAVAILABLE

      Indicates that the server is shutting down or a subsystem necessary to complete the operation is offline.

      RFC4511 Appendix A.2
      See Also:

    • CODE_UNWILLING_TO_PERFORM

      static final int CODE_UNWILLING_TO_PERFORM

      Indicates that the server is unwilling to perform the operation.

      RFC4511 Appendix A.2
      See Also:

    • CODE_LOOP_DETECT

      static final int CODE_LOOP_DETECT

      Indicates that the server has detected an internal loop (e.g., while dereferencing aliases or chaining an operation).

      RFC4511 Appendix A.2
      See Also:

    • CODE_NAMING_VIOLATION

      static final int CODE_NAMING_VIOLATION

      Indicates that the entry's name violates naming restrictions.

      RFC4511 Appendix A.2
      See Also:

    • CODE_OBJECT_CLASS_VIOLATION

      static final int CODE_OBJECT_CLASS_VIOLATION

      Indicates that the entry violates object class restrictions.

      RFC4511 Appendix A.2
      See Also:

    • CODE_NOT_ALLOWED_ON_NON_LEAF

      static final int CODE_NOT_ALLOWED_ON_NON_LEAF

      Indicates that the operation is inappropriately acting upon a non-leaf entry.

      RFC4511 Appendix A.2
      See Also:

    • CODE_NOT_ALLOWED_ON_RDN

      static final int CODE_NOT_ALLOWED_ON_RDN

      Indicates that the operation is inappropriately attempting to remove a value that forms the entry's relative distinguished name.

      RFC4511 Appendix A.2
      See Also:

    • CODE_ENTRY_ALREADY_EXISTS

      static final int CODE_ENTRY_ALREADY_EXISTS

      Indicates that the request cannot be fulfilled (added, moved, or renamed) as the target entry already exists.

      RFC4511 Appendix A.2
      See Also:

    • CODE_OBJECT_CLASS_MODS_PROHIBITED

      static final int CODE_OBJECT_CLASS_MODS_PROHIBITED

      Indicates that an attempt to modify the object class(es) of an entry's 'objectClass' attribute is prohibited.

      RFC4511 Appendix A.2
      See Also:

    • CODE_AFFECTS_MULTIPLE_DSAS

      static final int CODE_AFFECTS_MULTIPLE_DSAS

      Indicates that the operation cannot be performed as it would affect multiple servers (DSAs).

      RFC4511 Appendix A.2
      See Also:

    • CODE_OTHER

      static final int CODE_OTHER

      Indicates the server has encountered an internal error.

      RFC4511 Appendix A.2
      See Also:

  • Method Details

    • bind

      <T> Publisher<T> bind(String dn, String credentials, Function<LDAPOperations,Publisher<T>> function) throws LDAPException

      Authenticates to the server and executes a set of operations.

      This method shall obtain a single authenticated connection used to execute the operations invoked in the specified function. That connection is closed once the returned publisher terminates.

      Type Parameters:
      T - The type of results
      Parameters:
      dn - the DN of the user to authenticate
      credentials - the user credentials
      function - the function to be run using the authenticated connection
      Returns:
      a publisher of results
      Throws:
      LDAPException - if there was an error during binding operation or subsequent operations

    • bind

      <T> Publisher<T> bind(String dn, Object[] dnArgs, String credentials, Function<LDAPOperations,Publisher<T>> function) throws LDAPException

      Authenticates to the server and executes a set of operations.

      This method shall obtain a single authenticated connection used to execute the operations invoked in the specified function. That connection is closed once the returned publisher terminates.

      The specified user DN is an expression formatted with the specified DN arguments.

      Type Parameters:
      T - The type of results
      Parameters:
      dn - an expression to use to get the DN of the suer to authenticate
      dnArgs - the arguments to use the format the DN expression
      credentials - the user credentials
      function - the function to be run using the authenticated connection
      Returns:
      a publisher of results
      Throws:
      LDAPException - if there was an error during binding operation or subsequent operations

    • close

      Mono<Void> close() throws LDAPException

      Closes the LDAP client and free resources.

      Returns:
      a Mono that completes when the client is closed
      Throws:
      LDAPException - if there was an error closing the client