Search in sources :

Example 6 with SSLUtil

use of com.unboundid.util.ssl.SSLUtil in project cas by apereo.

the class ActiveDirectoryWebAuthnCredentialRepositoryTests method getUsername.

@Override
@SneakyThrows
protected String getUsername() {
    val uid = super.getUsername();
    val bindInit = new BindConnectionInitializer("CN=admin,CN=Users,DC=cas,DC=example,DC=org", new Credential("P@ssw0rd"));
    val sslUtil = new SSLUtil(null, new TrustAllTrustManager());
    val socketFactory = sslUtil.createSSLSocketFactory();
    @Cleanup val c = new LDAPConnection(socketFactory, "localhost", 10636, bindInit.getBindDn(), bindInit.getBindCredential().getString());
    c.add(getLdif(uid));
    val mod = new Modification(ModificationType.REPLACE, "streetAddress", " ");
    c.modify(String.format("CN=%s,CN=Users,DC=cas,DC=example,DC=org", uid), mod);
    return uid;
}
Also used : lombok.val(lombok.val) SSLUtil(com.unboundid.util.ssl.SSLUtil) Modification(com.unboundid.ldap.sdk.Modification) Credential(org.ldaptive.Credential) TrustAllTrustManager(com.unboundid.util.ssl.TrustAllTrustManager) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) BindConnectionInitializer(org.ldaptive.BindConnectionInitializer) Cleanup(lombok.Cleanup) SneakyThrows(lombok.SneakyThrows)

Example 7 with SSLUtil

use of com.unboundid.util.ssl.SSLUtil in project cas by apereo.

the class ActiveDirectoryGoogleAuthenticatorTokenCredentialRepositoryTests method getUsernameUnderTest.

@Override
@SneakyThrows
protected String getUsernameUnderTest() {
    val uid = "aham";
    val bindInit = new BindConnectionInitializer("CN=admin,CN=Users,DC=cas,DC=example,DC=org", new Credential("P@ssw0rd"));
    val sslUtil = new SSLUtil(null, new TrustAllTrustManager());
    val socketFactory = sslUtil.createSSLSocketFactory();
    @Cleanup val c = new LDAPConnection(socketFactory, "localhost", 10636, bindInit.getBindDn(), bindInit.getBindCredential().getString());
    val mod = new Modification(ModificationType.REPLACE, "streetAddress", " ");
    c.modify(String.format("CN=%s,CN=Users,DC=cas,DC=example,DC=org", uid), mod);
    return uid;
}
Also used : lombok.val(lombok.val) SSLUtil(com.unboundid.util.ssl.SSLUtil) Modification(com.unboundid.ldap.sdk.Modification) Credential(org.ldaptive.Credential) TrustAllTrustManager(com.unboundid.util.ssl.TrustAllTrustManager) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) BindConnectionInitializer(org.ldaptive.BindConnectionInitializer) Cleanup(lombok.Cleanup) SneakyThrows(lombok.SneakyThrows)

Example 8 with SSLUtil

use of com.unboundid.util.ssl.SSLUtil in project zm-mailbox by Zimbra.

the class LdapSSLUtil method createSSLContext.

static SSLContext createSSLContext(boolean allowUntrustedCerts) throws LdapException {
    TrustManager tm = getTrustManager(allowUntrustedCerts);
    SSLUtil sslUtil = new SSLUtil(tm);
    try {
        return sslUtil.createSSLContext();
    } catch (GeneralSecurityException e) {
        throw UBIDLdapException.mapToLdapException(e);
    }
}
Also used : SSLUtil(com.unboundid.util.ssl.SSLUtil) GeneralSecurityException(java.security.GeneralSecurityException) TrustManager(javax.net.ssl.TrustManager)

Example 9 with SSLUtil

use of com.unboundid.util.ssl.SSLUtil in project admin-console-beta by connexta.

the class TestLdapServer method getServerSSLContext.

SSLContext getServerSSLContext() {
    try {
        char[] keyStorePassword = "changeit".toCharArray();
        String keystore = getClass().getResource("/serverKeystore.jks").getFile();
        KeyStoreKeyManager keyManager = new KeyStoreKeyManager(keystore, keyStorePassword, "JKS", getHostname());
        String truststore = getClass().getResource("/serverTruststore.jks").getFile();
        TrustStoreTrustManager trustManager = new TrustStoreTrustManager(truststore, keyStorePassword, null, false);
        return new SSLUtil(keyManager, trustManager).createSSLContext();
    } catch (GeneralSecurityException e) {
        fail(e.getMessage());
    }
    return null;
}
Also used : KeyStoreKeyManager(com.unboundid.util.ssl.KeyStoreKeyManager) SSLUtil(com.unboundid.util.ssl.SSLUtil) TrustStoreTrustManager(com.unboundid.util.ssl.TrustStoreTrustManager) GeneralSecurityException(java.security.GeneralSecurityException) ASN1OctetString(com.unboundid.asn1.ASN1OctetString)

Example 10 with SSLUtil

use of com.unboundid.util.ssl.SSLUtil in project gitblit by gitblit.

the class LdapConnection method connect.

public boolean connect() {
    try {
        URI ldapUrl = new URI(settings.getRequiredString(Keys.realm.ldap.server));
        String ldapHost = ldapUrl.getHost();
        int ldapPort = ldapUrl.getPort();
        if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) {
            // SSL
            SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
            conn = new LDAPConnection(sslUtil.createSSLSocketFactory());
            if (ldapPort == -1) {
                ldapPort = 636;
            }
        } else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") || ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
            // no encryption or StartTLS
            conn = new LDAPConnection();
            if (ldapPort == -1) {
                ldapPort = 389;
            }
        } else {
            logger.error("Unsupported LDAP URL scheme: " + ldapUrl.getScheme());
            return false;
        }
        conn.connect(ldapHost, ldapPort);
        if (ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
            SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
            ExtendedResult extendedResult = conn.processExtendedOperation(new StartTLSExtendedRequest(sslUtil.createSSLContext()));
            if (extendedResult.getResultCode() != ResultCode.SUCCESS) {
                throw new LDAPException(extendedResult.getResultCode());
            }
        }
        return true;
    } catch (URISyntaxException e) {
        logger.error("Bad LDAP URL, should be in the form: ldap(s|+tls)://<server>:<port>", e);
    } catch (GeneralSecurityException e) {
        logger.error("Unable to create SSL Connection", e);
    } catch (LDAPException e) {
        logger.error("Error Connecting to LDAP", e);
    }
    return false;
}
Also used : SSLUtil(com.unboundid.util.ssl.SSLUtil) LDAPException(com.unboundid.ldap.sdk.LDAPException) GeneralSecurityException(java.security.GeneralSecurityException) ExtendedResult(com.unboundid.ldap.sdk.ExtendedResult) TrustAllTrustManager(com.unboundid.util.ssl.TrustAllTrustManager) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) URISyntaxException(java.net.URISyntaxException) URI(java.net.URI) StartTLSExtendedRequest(com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest)

Aggregations

SSLUtil (com.unboundid.util.ssl.SSLUtil)11 TrustAllTrustManager (com.unboundid.util.ssl.TrustAllTrustManager)7 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)5 LDAPConnectionOptions (com.unboundid.ldap.sdk.LDAPConnectionOptions)4 BindRequest (com.unboundid.ldap.sdk.BindRequest)3 FailoverServerSet (com.unboundid.ldap.sdk.FailoverServerSet)3 SimpleBindRequest (com.unboundid.ldap.sdk.SimpleBindRequest)3 KeyStoreKeyManager (com.unboundid.util.ssl.KeyStoreKeyManager)3 TrustStoreTrustManager (com.unboundid.util.ssl.TrustStoreTrustManager)3 GeneralSecurityException (java.security.GeneralSecurityException)3 ExtendedResult (com.unboundid.ldap.sdk.ExtendedResult)2 Modification (com.unboundid.ldap.sdk.Modification)2 StartTLSExtendedRequest (com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest)2 SocketFactory (javax.net.SocketFactory)2 Cleanup (lombok.Cleanup)2 SneakyThrows (lombok.SneakyThrows)2 lombok.val (lombok.val)2 BindConnectionInitializer (org.ldaptive.BindConnectionInitializer)2 Credential (org.ldaptive.Credential)2 CConfiguration (co.cask.cdap.common.conf.CConfiguration)1