Table of Contents | Previous | Next | Index

Netscape Directory SDK 3.0 for C Programmer’s Guide
Chapter 18 Functions

ldap_parse_sasl_bind_result()

Parses the results of an LDAP SASL bind operation and retrieves data (such as a challenge) returned by the server. This function also gets the LDAP result code for the SASL bind operation and sets it in the ld structure. (You can retrieve it by calling the ldap_get_lderrno() function.)

SASL authentication is part of the LDAP v3 protocol. When calling this function, make sure that you are working with a server that supports the LDAP v3 protocol.

Syntax

#include <ldap.h>
int ldap_parse_sasl_bind_result( LDAP *ld, LDAPMessage *res, 
   struct berval **servercredp, int freeit );

Parameters

This function has the following parameters:

ld
Connection handle, which is a pointer to an LDAP structure containing information about the connection to the LDAP server.

res
Pointer to the LDAPMessage structure containing the results of an LDAP operation.

servercredp
Pointer to a pointer to an berval structure containing any challenge or credentials returned by the server.
When done, you can free this by calling the ber_bvfree() function.

freeit
Specifies whether or not to free the results of the operation (the LDAPMessage structure specified by the res argument). The parameter can have the following possible values:
0 specifies that the result should not be freed.
A non-zero value specifies that the result should be freed.

Returns

One of the following values, which indicates the result of parsing the server's response (this value does not apply to the SASL bind operation itself):

LDAP_SUCCESS if the results were parsed successfully.

LDAP_PARAM_ERROR if an invalid parameter was passed to the function.

LDAP_NOT_SUPPORTED if your LDAP client does not specify that it is using the LDAP v3 protocol. Make sure that you set the version of your LDAP client to version 3 before calling this function. (For details, see "Specifying the LDAP Version of Your Client" on page 54.)

LDAP_DECODING_ERROR if an error occurred when decoding the BER-encoded message.

Description

After you call the ldap_sasl_bind() function and the ldap_result() function, you can pass the results to the ldap_parse_sasl_bind_result() function parse the results from the server.

This function gets the following data from the server's response:

The challenge or credentials sent back from the server are passed back in the berval structure as the servercredp argument.

The LDAP result code for the SASL bind operation is placed in the ld structure. You can get the result code by calling the ldap_get_lderrno() function.

For a list of possible result codes for an LDAP SASL bind operation, see the result code documentation for the

ldap_sasl_bind_s()

If the reuslt code is LDAP_SASL_BIND_IN_PROGRESS, you can call ldap_sasl_bind() again to send a response to the server's challenge and call ldap_result() and ldap_parse_sasl_bind_result() again to get the next challenge from the server.

The LDAP server must support authentication through SASL mechanisms. The Netscape Directory Server 3.0 supports a server plug-in interface that you can use to add SASL support to the server. For details, see the Netscape Directory Server 3.0 Programmer's Guide.

See Also

ldap_sasl_bind(), ldap_get_lderrno().

Table of Contents | Previous | Next | Index

Last Updated: 10/01/98 17:06:23