Re: java api bind() methods

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 04:11 PM 4/4/01 -0700, Rob Weltman wrote:
>"Kurt D. Zeilenga" wrote:
>> 
>> At 03:15 PM 4/4/01 -0700, Rob Weltman wrote:
>> >"Kurt D. Zeilenga" wrote:
>> >> If the application wants to do a DIGEST-MD5 authentication with
>> >> an bind name of "cn=john" and a SASL authentication identity of
>> >> "mary", the LDAP API should provide facilities to accomplish.
>> >> If this is not possible with the current LDAP API then the API
>> >> is flawed.
>> >
>> >  That is supported.
>> 
>> It's not obvious to me how to do it.  An example would
>> do wonders.
>> 
>>         Kurt
>
>  class MarysCallbackHandler implements CallbackHandler {
>      public void handle(Callback[] callbacks)
>          throws IOException, UnsupportedCallbackException {
>          for (int i = 0; i < callbacks.length; i++) {
>             if (callbacks[i] instanceof NameCallback) {
>                 NameCallback nc = (NameCallback)callbacks[i];
>                 nc.setName( "mary" );
>             } else if (callbacks[i] instanceof PasswordCallback) {
>                 ...
>             }
>          }
>      }
>  }
>...
>...
>   
>  ldc.bind( "cn=john",
>            new String[] {"DIGEST-MD5"},
>            null,
>            new MarysCallbackHandler() );


Okay... so the confusion I had must have been this language:

      dn              If non-null and non-empty, specifies that the 
                      connection and all operations through it should 
                      be authenticated with dn as the distinguished 
                      name. 

Shouldn't this just be:

        dn              The distinguished name to use as the bind name.


as clearly in your example it's the callback which is providing
the authentication identity.