java api bind() methods

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

A few questions regarding the LDAPConnectionbind methods...

How does bind() interact with outstanding operations which
are implicitly abandoned by the bind request?  In particular,
with listeners for outstanding operations?

How does bind() behave when a referral is returned?  In
particular, if the referral is successfully chased, what
is the authentication state of the connection?

How does an application cancel an in-progress SASL multiple-step
bind operation?  Maybe an empty (not null) mechanism could be
used for this.

During an in-progress SASL multiple-step bind operation, what
happens with one attempt to issue other operations upon the
same session (via a clone of the connection)?

The SASL bind() methods appears to negotiate mechanisms between
those requested by the application and those advertised by the
server.  If so, is there a way to disable this negotiation and
explicitly mandate the use of a particular mechanism?

I am also concerned by this statement:
   If mechanisms is null, or if the first version of the method
   is called, the LDAP server will be interrogated for its
   supportedSaslMechanisms attribute of its root DSE. 

This implies supportedSaslMechanisms is not checked after:
	1) reconnection
	2) StartTLS()
	3) establishment of SASL provided security services

Also,
>   Parameters are: 
>    
>      dn              If non-null and non-empty, specifies that the 
>                      connection and all operations through it should 
>                      be authenticated with dn as the distinguished 
>                      name. 

This implies the provided DN is the authentication identity to
be associated with the connection.  Generally, the authentication
identity to be associated with the connection is that provided in
the credentials associated with the SASL mechanism.