Search in sources :

Example 1 with CipherSuiteAndProtocolRestrictingSSLSocketFactory

use of org.apache.qpid.server.util.CipherSuiteAndProtocolRestrictingSSLSocketFactory in project qpid-broker-j by apache.

the class SimpleLDAPAuthenticationManagerImpl method createSslSocketFactoryOverrideClass.

private Class<? extends SocketFactory> createSslSocketFactoryOverrideClass(final TrustStore trustStore) {
    String managerName = String.format("%s_%s_%s", getName(), getId(), trustStore == null ? "none" : trustStore.getName());
    String clazzName = new StringUtil().createUniqueJavaName(managerName);
    SSLContext sslContext = null;
    try {
        sslContext = SSLUtil.tryGetSSLContext();
        sslContext.init(null, trustStore == null ? null : trustStore.getTrustManagers(), null);
    } catch (GeneralSecurityException e) {
        LOGGER.error("Exception creating SSLContext", e);
        if (trustStore != null) {
            throw new IllegalConfigurationException("Error creating SSLContext with trust store : " + trustStore.getName(), e);
        } else {
            throw new IllegalConfigurationException("Error creating SSLContext (no trust store)", e);
        }
    }
    SSLSocketFactory sslSocketFactory = new CipherSuiteAndProtocolRestrictingSSLSocketFactory(sslContext.getSocketFactory(), _tlsCipherSuiteWhiteList, _tlsCipherSuiteBlackList, _tlsProtocolWhiteList, _tlsProtocolBlackList);
    Class<? extends AbstractLDAPSSLSocketFactory> clazz = LDAPSSLSocketFactoryGenerator.createSubClass(clazzName, sslSocketFactory);
    LOGGER.debug("Connection to Directory will use custom SSL socket factory : {}", clazz);
    return clazz;
}
Also used : GeneralSecurityException(java.security.GeneralSecurityException) IllegalConfigurationException(org.apache.qpid.server.configuration.IllegalConfigurationException) CipherSuiteAndProtocolRestrictingSSLSocketFactory(org.apache.qpid.server.util.CipherSuiteAndProtocolRestrictingSSLSocketFactory) SSLContext(javax.net.ssl.SSLContext) StringUtil(org.apache.qpid.server.util.StringUtil) CipherSuiteAndProtocolRestrictingSSLSocketFactory(org.apache.qpid.server.util.CipherSuiteAndProtocolRestrictingSSLSocketFactory) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) AbstractLDAPSSLSocketFactory(org.apache.qpid.server.security.auth.manager.ldap.AbstractLDAPSSLSocketFactory)

Aggregations

GeneralSecurityException (java.security.GeneralSecurityException)1 SSLContext (javax.net.ssl.SSLContext)1 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)1 IllegalConfigurationException (org.apache.qpid.server.configuration.IllegalConfigurationException)1 AbstractLDAPSSLSocketFactory (org.apache.qpid.server.security.auth.manager.ldap.AbstractLDAPSSLSocketFactory)1 CipherSuiteAndProtocolRestrictingSSLSocketFactory (org.apache.qpid.server.util.CipherSuiteAndProtocolRestrictingSSLSocketFactory)1 StringUtil (org.apache.qpid.server.util.StringUtil)1