Example 1 with KeyStoreKeyManager
use of com.unboundid.util.ssl.KeyStoreKeyManager in project cdap by caskdata.
the class ExternalLDAPAuthenticationServerSSLTest method beforeClass.
@BeforeClass
public static void beforeClass() throws Exception {
URL certUrl = ExternalLDAPAuthenticationServerSSLTest.class.getClassLoader().getResource("cert.jks");
Assert.assertNotNull(certUrl);
String authHandlerConfigBase = Constants.Security.AUTH_HANDLER_CONFIG_BASE;
CConfiguration cConf = CConfiguration.create();
SConfiguration sConf = SConfiguration.create();
cConf.set(Constants.Security.AUTH_SERVER_BIND_ADDRESS, "127.0.0.1");
cConf.set(Constants.Security.SSL.EXTERNAL_ENABLED, "true");
cConf.set(Constants.Security.AuthenticationServer.SSL_PORT, "0");
cConf.set(authHandlerConfigBase.concat("useLdaps"), "true");
cConf.set(authHandlerConfigBase.concat("ldapsVerifyCertificate"), "false");
sConf.set(Constants.Security.AuthenticationServer.SSL_KEYSTORE_PATH, certUrl.getPath());
configuration = cConf;
sConfiguration = sConf;
String keystorePassword = sConf.get(Constants.Security.AuthenticationServer.SSL_KEYSTORE_PASSWORD);
KeyStoreKeyManager keyManager = new KeyStoreKeyManager(certUrl.getFile(), keystorePassword.toCharArray());
SSLUtil sslUtil = new SSLUtil(keyManager, new TrustAllTrustManager());
ldapListenerConfig = InMemoryListenerConfig.createLDAPSConfig("LDAP", InetAddress.getByName("127.0.0.1"), ldapPort, sslUtil.createSSLServerSocketFactory(), sslUtil.createSSLSocketFactory());
testServer = new ExternalLDAPAuthenticationServerSSLTest();
testServer.setup();
}
Also used :
KeyStoreKeyManager(com.unboundid.util.ssl.KeyStoreKeyManager)
SSLUtil(com.unboundid.util.ssl.SSLUtil)
SConfiguration(co.cask.cdap.common.conf.SConfiguration)
TrustAllTrustManager(com.unboundid.util.ssl.TrustAllTrustManager)
CConfiguration(co.cask.cdap.common.conf.CConfiguration)
URL(java.net.URL)
BeforeClass(org.junit.BeforeClass)
Example 2 with KeyStoreKeyManager
use of com.unboundid.util.ssl.KeyStoreKeyManager in project coprhd-controller by CoprHD.
the class LDAPServer method getInMemoryListenerConfigs.
private List<InMemoryListenerConfig> getInMemoryListenerConfigs() throws LDAPException, IOException, GeneralSecurityException, FileOperationFailedException {
// Creates the ldap configuration of the in memory ldap server.
int ldapPort = this._ldapListenPort != 0 ? this._ldapListenPort : DEFAULT_LDAP_LISTEN_PORT;
InMemoryListenerConfig ldapListenerConfig = InMemoryListenerConfig.createLDAPConfig(_listenerName, ldapPort);
// Creates the ldaps configuration of the in memory ldap server.
int ldapsPort = this._ldapsListenPort != 0 ? this._ldapsListenPort : DEFAULT_LDAPS_LISTEN_PORT;
_log.debug("Ldap port {} and Ldaps port {}", ldapPort, ldapsPort);
InputStream propFile = LDAPServer.class.getResourceAsStream(DEFAULT_LDAP_SERVER_PROPERTIES);
Properties prop = new Properties();
prop.load(propFile);
String keyStorePassword = prop.getProperty("keyStorePassword");
String keyStoreAlias = prop.getProperty("keyStoreAlias");
String keyStoreType = prop.getProperty("keyStoreType");
final SSLUtil serverSSLUtil = new SSLUtil(new KeyStoreKeyManager(createKeystoreFile(), keyStorePassword.toCharArray(), keyStoreType, keyStoreAlias), null);
final SSLUtil clientSSLUtil = new SSLUtil(new TrustAllTrustManager());
String secureListenerName = "Secure_" + _listenerName;
InMemoryListenerConfig ldapsListenerConfig = InMemoryListenerConfig.createLDAPSConfig(secureListenerName, null, ldapsPort, serverSSLUtil.createSSLServerSocketFactory(), clientSSLUtil.createSSLSocketFactory());
_log.info("Listener config {} and secure listener config {}", ldapListenerConfig.getListenerName(), ldapsListenerConfig.getListenerName());
// Adds both ldap and ldaps configuration to the list of listener configs of the
// in memory ldap server.
List<InMemoryListenerConfig> listenerConfigs = new ArrayList<InMemoryListenerConfig>();
listenerConfigs.add(ldapListenerConfig);
listenerConfigs.add(ldapsListenerConfig);
return listenerConfigs;
}
Also used :
SSLUtil(com.unboundid.util.ssl.SSLUtil)
KeyStoreKeyManager(com.unboundid.util.ssl.KeyStoreKeyManager)
InMemoryListenerConfig(com.unboundid.ldap.listener.InMemoryListenerConfig)
TrustAllTrustManager(com.unboundid.util.ssl.TrustAllTrustManager)
Example 3 with KeyStoreKeyManager
use of com.unboundid.util.ssl.KeyStoreKeyManager in project admin-console-beta by connexta.
the class TestLdapServer method getServerSSLContext.
SSLContext getServerSSLContext() {
try {
char[] keyStorePassword = "changeit".toCharArray();
String keystore = getClass().getResource("/serverKeystore.jks").getFile();
KeyStoreKeyManager keyManager = new KeyStoreKeyManager(keystore, keyStorePassword, "JKS", getHostname());
String truststore = getClass().getResource("/serverTruststore.jks").getFile();
TrustStoreTrustManager trustManager = new TrustStoreTrustManager(truststore, keyStorePassword, null, false);
return new SSLUtil(keyManager, trustManager).createSSLContext();
} catch (GeneralSecurityException e) {
fail(e.getMessage());
}
return null;
}
Also used :
KeyStoreKeyManager(com.unboundid.util.ssl.KeyStoreKeyManager)
SSLUtil(com.unboundid.util.ssl.SSLUtil)
TrustStoreTrustManager(com.unboundid.util.ssl.TrustStoreTrustManager)
GeneralSecurityException(java.security.GeneralSecurityException)
ASN1OctetString(com.unboundid.asn1.ASN1OctetString)
Aggregations
KeyStoreKeyManager (com.unboundid.util.ssl.KeyStoreKeyManager)3
SSLUtil (com.unboundid.util.ssl.SSLUtil)3
TrustAllTrustManager (com.unboundid.util.ssl.TrustAllTrustManager)2
CConfiguration (co.cask.cdap.common.conf.CConfiguration)1
SConfiguration (co.cask.cdap.common.conf.SConfiguration)1
ASN1OctetString (com.unboundid.asn1.ASN1OctetString)1
InMemoryListenerConfig (com.unboundid.ldap.listener.InMemoryListenerConfig)1
TrustStoreTrustManager (com.unboundid.util.ssl.TrustStoreTrustManager)1
URL (java.net.URL)1
GeneralSecurityException (java.security.GeneralSecurityException)1
BeforeClass (org.junit.BeforeClass)1
