Class AssertionRequestControl

  • All Implemented Interfaces:
    java.io.Serializable

    @NotMutable
    @ThreadSafety(level=COMPLETELY_THREADSAFE)
    public final class AssertionRequestControl
    extends Control
    This class provides an implementation of the LDAP assertion request control as defined in RFC 4528. It may be used in conjunction with an add, compare, delete, modify, modify DN, or search operation. The assertion control includes a search filter, and the associated operation should only be allowed to continue if the target entry matches the provided filter. If the filter does not match the target entry, then the operation should fail with an ResultCode.ASSERTION_FAILED result.

    The behavior of the assertion request control makes it ideal for atomic "check and set" types of operations, particularly when modifying an entry. For example, it can be used to ensure that when changing the value of an attribute, the current value has not been modified since it was last retrieved.

    Example

    The following example demonstrates the use of the assertion request control. It shows an attempt to modify an entry's "accountBalance" attribute to set the value to "543.21" only if the current value is "1234.56":
     Modification mod = new Modification(ModificationType.REPLACE,
          "accountBalance", "543.21");
     ModifyRequest modifyRequest =
          new ModifyRequest("uid=john.doe,ou=People,dc=example,dc=com", mod);
     modifyRequest.addControl(
          new AssertionRequestControl("(accountBalance=1234.56)"));
    
     LDAPResult modifyResult;
     try
     {
       modifyResult = connection.modify(modifyRequest);
       // If we've gotten here, then the modification was successful.
     }
     catch (LDAPException le)
     {
       modifyResult = le.toLDAPResult();
       ResultCode resultCode = le.getResultCode();
       String errorMessageFromServer = le.getDiagnosticMessage();
       if (resultCode == ResultCode.ASSERTION_FAILED)
       {
         // The modification failed because the account balance value wasn't
         // what we thought it was.
       }
       else
       {
         // The modification failed for some other reason.
       }
     }
     
    See Also:
    Serialized Form
    • Constructor Detail

      • AssertionRequestControl

        public AssertionRequestControl​(@NotNull
                                       java.lang.String filter)
                                throws LDAPException
        Creates a new assertion request control with the provided filter. It will be marked as critical.
        Parameters:
        filter - The string representation of the filter for this assertion control. It must not be null.
        Throws:
        LDAPException - If the provided filter string cannot be decoded as a search filter.
      • AssertionRequestControl

        public AssertionRequestControl​(@NotNull
                                       Filter filter)
        Creates a new assertion request control with the provided filter. It will be marked as critical.
        Parameters:
        filter - The filter for this assertion control. It must not be null.
      • AssertionRequestControl

        public AssertionRequestControl​(@NotNull
                                       java.lang.String filter,
                                       boolean isCritical)
                                throws LDAPException
        Creates a new assertion request control with the provided filter. It will be marked as critical.
        Parameters:
        filter - The string representation of the filter for this assertion control. It must not be null.
        isCritical - Indicates whether this control should be marked critical.
        Throws:
        LDAPException - If the provided filter string cannot be decoded as a search filter.
      • AssertionRequestControl

        public AssertionRequestControl​(@NotNull
                                       Filter filter,
                                       boolean isCritical)
        Creates a new assertion request control with the provided filter. It will be marked as critical.
        Parameters:
        filter - The filter for this assertion control. It must not be null.
        isCritical - Indicates whether this control should be marked critical.
      • AssertionRequestControl

        public AssertionRequestControl​(@NotNull
                                       Control control)
                                throws LDAPException
        Creates a new assertion request control which is decoded from the provided generic control.
        Parameters:
        control - The generic control to be decoded as an assertion request control.
        Throws:
        LDAPException - If the provided control cannot be decoded as an assertion request control.
    • Method Detail

      • generate

        @NotNull
        public static AssertionRequestControl generate​(@NotNull
                                                       Entry sourceEntry,
                                                       @Nullable
                                                       java.lang.String... attributes)
        Generates an assertion request control that may be used to help ensure that some or all of the attributes in the specified entry have not changed since it was read from the server.
        Parameters:
        sourceEntry - The entry from which to take the attributes to include in the assertion request control. It must not be null and should have at least one attribute to be included in the generated filter.
        attributes - The names of the attributes to include in the assertion request control. If this is empty or null, then all attributes in the provided entry will be used.
        Returns:
        The generated assertion request control.
      • getFilter

        @NotNull
        public Filter getFilter()
        Retrieves the filter for this assertion control.
        Returns:
        The filter for this assertion control.
      • getControlName

        @NotNull
        public java.lang.String getControlName()
        Retrieves the user-friendly name for this control, if available. If no user-friendly name has been defined, then the OID will be returned.
        Overrides:
        getControlName in class Control
        Returns:
        The user-friendly name for this control, or the OID if no user-friendly name is available.
      • toJSONControl

        @NotNull
        public JSONObject toJSONControl()
        Retrieves a representation of this assertion request control as a JSON object. The JSON object uses the following fields:
        • oid -- A mandatory string field whose value is the object identifier for this control. For the assertion request control, the OID is "1.3.6.1.1.12".
        • control-name -- An optional string field whose value is a human-readable name for this control. This field is only intended for descriptive purposes, and when decoding a control, the oid field should be used to identify the type of control.
        • criticality -- A mandatory Boolean field used to indicate whether this control is considered critical.
        • value-base64 -- An optional string field whose value is a base64-encoded representation of the raw value for this assertion request control. Exactly one of the value-base64 and value-json fields must be present.
        • value-json -- An optional JSON object field whose value is a user-friendly representation of the value for this assertion request control. Exactly one of the value-base64 and value-json fields must be present, and if the value-json field is used, then it will use the following fields:
          • filter -- A mandatory string field whose value is a string representation of the assertion filter.
        Overrides:
        toJSONControl in class Control
        Returns:
        A JSON object that contains a representation of this control.
      • decodeJSONControl

        @NotNull
        public static AssertionRequestControl decodeJSONControl​(@NotNull
                                                                JSONObject controlObject,
                                                                boolean strict)
                                                         throws LDAPException
        Attempts to decode the provided object as a JSON representation of an assertion request control.
        Parameters:
        controlObject - The JSON object to be decoded. It must not be null.
        strict - Indicates whether to use strict mode when decoding the provided JSON object. If this is true, then this method will throw an exception if the provided JSON object contains any unrecognized fields. If this is false, then unrecognized fields will be ignored.
        Returns:
        The assertion request control that was decoded from the provided JSON object.
        Throws:
        LDAPException - If the provided JSON object cannot be parsed as a valid assertion request control.
      • toString

        public void toString​(@NotNull
                             java.lang.StringBuilder buffer)
        Appends a string representation of this LDAP control to the provided buffer.
        Overrides:
        toString in class Control
        Parameters:
        buffer - The buffer to which to append the string representation of this buffer.