The LDAP Authorization Identity Controls let you get the authorization identity established when you bind to the directory server. The following excerpt shows simple use of the controls.
if (isSupported(AuthorizationIdentityRequestControl.OID)) {
final String dn = "uid=bjensen,ou=People,dc=example,dc=com";
final char[] pwd = "hifalutin".toCharArray();
System.out.println("Binding as " + dn);
final BindRequest request =
Requests.newSimpleBindRequest(dn, pwd)
.addControl(AuthorizationIdentityRequestControl.newControl(true));
final BindResult result = connection.bind(request);
try {
final AuthorizationIdentityResponseControl control =
result.getControl(AuthorizationIdentityResponseControl.DECODER,
new DecodeOptions());
System.out.println("Authorization ID returned: "
+ control.getAuthorizationID());
} catch (final DecodeException e) {
// Failed to decode the response control.
}
}
OpenDJ directory server supports the LDAP Authorization Identity Controls:
Binding as uid=bjensen,ou=People,dc=example,dc=com Authorization ID returned: dn:uid=bjensen,ou=People,dc=example,dc=com
