Example 1 with LDAPJSSESecureSocketFactory
use of com.novell.ldap.LDAPJSSESecureSocketFactory in project ldapchai by ldapchai.
the class JLDAPProviderImpl method init.
public void init(final ChaiConfiguration chaiConfig, final ChaiProviderFactory providerFactory) throws ChaiUnavailableException, IllegalStateException {
super.init(chaiConfig, providerFactory);
try {
// grab the first URL from the list.
final URI ldapURL = URI.create(chaiConfig.bindURLsAsList().get(0));
if (ldapURL.getScheme().equalsIgnoreCase("ldaps")) {
final boolean usePromiscuousSSL = Boolean.parseBoolean(chaiConfig.getSetting(ChaiSetting.PROMISCUOUS_SSL));
if (usePromiscuousSSL) {
try {
final SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new X509TrustManager[] { new PromiscuousTrustManager() }, new java.security.SecureRandom());
ldapConnection = new LDAPConnection(new LDAPJSSESecureSocketFactory(sc.getSocketFactory()));
} catch (Exception e) {
LOGGER.error("error creating promiscuous ssl ldap socket factory: " + e.getMessage());
}
} else if (chaiConfig.getTrustManager() != null) {
try {
final SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, chaiConfig.getTrustManager(), new java.security.SecureRandom());
ldapConnection = new LDAPConnection(new LDAPJSSESecureSocketFactory(sc.getSocketFactory()));
} catch (Exception e) {
LOGGER.error("error creating configured ssl ldap socket factory: " + e.getMessage());
}
} else {
ldapConnection = new LDAPConnection(new LDAPJSSESecureSocketFactory());
}
} else {
ldapConnection = new LDAPConnection();
}
ldapConnection.connect(ldapURL.getHost(), ldapURL.getPort());
if (chaiConfig.getBooleanSetting(ChaiSetting.LDAP_FOLLOW_REFERRALS)) {
final LDAPConstraints ldapConstraints = new LDAPConstraints();
ldapConstraints.setReferralFollowing(true);
ldapConnection.setConstraints(ldapConstraints);
}
final String characterEncoding = chaiConfig.getSetting(ChaiSetting.LDAP_CHARACTER_ENCODING);
final byte[] bindPassword = chaiConfig.getSetting(ChaiSetting.BIND_PASSWORD).getBytes(Charset.forName(characterEncoding));
final String bindDN = chaiConfig.getSetting(ChaiSetting.BIND_DN);
ldapConnection.bind(LDAPConnection.LDAP_V3, bindDN, bindPassword);
} catch (LDAPException e) {
final String message = e.getMessage();
if (message.contains("Connect Error")) {
throw new ChaiUnavailableException(message, ChaiError.COMMUNICATION, false, false);
}
throw ChaiUnavailableException.forErrorMessage(message);
}
}
Also used :
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
SSLContext(javax.net.ssl.SSLContext)
LDAPConnection(com.novell.ldap.LDAPConnection)
URI(java.net.URI)
LDAPException(com.novell.ldap.LDAPException)
NamingException(javax.naming.NamingException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
LDAPException(com.novell.ldap.LDAPException)
LDAPConstraints(com.novell.ldap.LDAPConstraints)
LDAPJSSESecureSocketFactory(com.novell.ldap.LDAPJSSESecureSocketFactory)
Aggregations
LDAPConnection (com.novell.ldap.LDAPConnection)1
LDAPConstraints (com.novell.ldap.LDAPConstraints)1
LDAPException (com.novell.ldap.LDAPException)1
LDAPJSSESecureSocketFactory (com.novell.ldap.LDAPJSSESecureSocketFactory)1
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)1
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)1
URI (java.net.URI)1
NamingException (javax.naming.NamingException)1
SSLContext (javax.net.ssl.SSLContext)1
