use of org.apache.qpid.server.security.auth.manager.ldap.AbstractLDAPSSLSocketFactory in project qpid-broker-j by apache.
the class SimpleLDAPAuthenticationManagerImpl method createSslSocketFactoryOverrideClass.
private Class<? extends SocketFactory> createSslSocketFactoryOverrideClass(final TrustStore trustStore) {
String managerName = String.format("%s_%s_%s", getName(), getId(), trustStore == null ? "none" : trustStore.getName());
String clazzName = new StringUtil().createUniqueJavaName(managerName);
SSLContext sslContext = null;
try {
sslContext = SSLUtil.tryGetSSLContext();
sslContext.init(null, trustStore == null ? null : trustStore.getTrustManagers(), null);
} catch (GeneralSecurityException e) {
LOGGER.error("Exception creating SSLContext", e);
if (trustStore != null) {
throw new IllegalConfigurationException("Error creating SSLContext with trust store : " + trustStore.getName(), e);
} else {
throw new IllegalConfigurationException("Error creating SSLContext (no trust store)", e);
}
}
SSLSocketFactory sslSocketFactory = new CipherSuiteAndProtocolRestrictingSSLSocketFactory(sslContext.getSocketFactory(), _tlsCipherSuiteWhiteList, _tlsCipherSuiteBlackList, _tlsProtocolWhiteList, _tlsProtocolBlackList);
Class<? extends AbstractLDAPSSLSocketFactory> clazz = LDAPSSLSocketFactoryGenerator.createSubClass(clazzName, sslSocketFactory);
LOGGER.debug("Connection to Directory will use custom SSL socket factory : {}", clazz);
return clazz;
}
Aggregations