Proxy Authorization

Request that an operation be processed by a different authorization identity than the one that is currently associated with the connection. See RFC 4370.

Using the Proxy Authorization Control

Connection conn = DefaultConnectionFactory.getConnection("ldap://directory.ldaptive.org");
try {
conn.open();
SearchOperation search = new SearchOperation(conn);
SearchRequest request = new SearchRequest("dc=ldaptive,dc=org", new SearchFilter("(givenName=daniel)"));
request.setControls(new ProxyAuthorizationControl("dn:uid=dfisher,ou=people,dc=ldaptive,dc=org"));
SearchResult result = search.execute(request).getResult();
for (LdapEntry entry : result.getEntries()) {
// do something useful with the entries
}
} finally {
conn.close();
}

Provider Support

JNDI JLDAP Apache LDAP UnboundID OpenDJ
Functionality exists in the provider API and has been confirmed
Functionality does not exist in the provider API
Functionality exists in the provider API, but did not work in our test environment
? Functionality exists in the provider API, but has not been integrated into the ldaptive provider