Table of Contents | Previous | Next | Index

Netscape Directory SDK 3.0 for C Programmer’s Guide
Chapter 18 Functions

ldap_sasl_bind()

Authenticates your client to an LDAP server using an SASL (Simple Authentication and Security Layer) mechanism. The LDAP server must support that SASL mechanism for authentication.

Syntax

#include <ldap.h>
int ldap_sasl_bind( LDAP *ld, const char *dn, 
   const char *mechanism, struct berval *cred, 
   LDAPControl **serverctrls, LDAPControl **clientctrls, 
      int *msgidp );

Parameters

This function has the following parameters:

ld
Connection handle, which is a pointer to an LDAP structure containing information about the connection to the LDAP server.

dn
Distinguished name (DN) of the user who wants to authenticate. For anonymous authentication, set this to NULL.

mechanism
Name of the SASL mechanism that you want to use for authentication.

cred
Pointer to the berval structure containing the credentials that you want to use for authentication.

serverctrls
Pointer to an array of LDAPControl structures representing LDAP server controls that apply to this LDAP operation. If you do not want to pass any server controls, specify NULL for this argument.

clientctrls
Pointer to an array of LDAPControl structures representing LDAP client controls that apply to this LDAP operation. If you do not want to pass any client controls, specify NULL for this argument.

msgidp
Pointer to an integer that will be set to the message ID of the LDAP operation. To check the result of this operation, call ldap_result() and ldap_parse_sasl_bind_result() functions.

Returns

One of the following values:

LDAP_SUCCESS if the SASL bind request was sent successfully.

LDAP_PARAM_ERROR if an invalid parameter was passed to the function.

LDAP_NOT_SUPPORTED if your LDAP client does not specify that it is using the LDAP v3 protocol. Make sure that you set the version of your LDAP client to version 3 before calling this function. (For details, see "Specifying the LDAP Version of Your Client" on page 54.)

LDAP_ENCODING_ERROR if an error occurred when BER-encoding the request to send to the server.

LDAP_NO_MEMORY if memory cannot be allocated.

LDAP_SERVER_DOWN if the LDAP server did not receive the request or if the connection to the server was lost.

Description

The ldap_sasl_bind() function authenticates your client to an LDAP server by using a specified SASL mechanism. The LDAP server must support authentication through that SASL mechanism. (The Netscape Directory Server 3.0 supports a server plug-in interface that you can use to add SASL support to the server. For details, see the Netscape Directory Server 3.0 Programmer's Guide.)

ldap_sasl_bind() is an asynchronous function; it does not directly return results. If you want the results to be returned directly by the function, call the synchronous function ldap_sasl_bind_s() instead. (For more information on asynchronous and synchronous functions, see "Calling Synchronous and Asynchronous Functions" on page 80.)

In order to get the results of the LDAP SASL bind operation, you need to call the ldap_result() function, the ldap_parse_sasl_bind_result() function, and the ldap_get_lderrno() function. (See "Performing an Asynchronous SASL Bind Operation" on page 279 for details.) For a list of possible result codes for an LDAP SASL bind operation, see the result code documentation for the ldap_sasl_bind_s() function.

For additional information on authenticating through SASL mechanisms, see Chapter 13, "Using SASL Authentication".

See Also

ldap_result(), ldap_parse_sasl_bind_result(), ldap_get_lderrno(), ldap_sasl_bind_s().

Table of Contents | Previous | Next | Index

Last Updated: 10/01/98 17:06:23