Example 1 with LDAPURL
use of org.forgerock.openam.ldap.LDAPURL in project OpenAM by OpenRock.
the class DJLDAPv3Repo method getPSearchId.
/**
* This method constructs a persistent search "key", which will be used to
* figure out whether there is an existing persistent search for the same
* ldap server, base DN, filter, scope combination. By doing this we can
* "reuse" the results of other datastore implementations without the need
* of two or more persistent search connections with the same parameters.
*
* @return a unique ID based on the LDAP URLs, psearch base DN, filter and
* scope settings.
*/
private String getPSearchId() {
String psearchBase = CollectionHelper.getMapAttr(configMap, LDAP_PERSISTENT_SEARCH_BASE_DN);
String pfilter = CollectionHelper.getMapAttr(configMap, LDAP_PERSISTENT_SEARCH_FILTER);
String scope = CollectionHelper.getMapAttr(configMap, LDAP_PERSISTENT_SEARCH_SCOPE);
//creating a natural order of the ldap servers, so the "key" should be always the same regardless of the server
//order in the configuration.
LDAPURL[] servers = ldapServers.toArray(new LDAPURL[ldapServers.size()]);
Arrays.sort(servers);
String psIdKey = Arrays.toString(servers) + psearchBase + pfilter + scope + userSearchAttr;
return psIdKey;
}
Also used :
LDAPURL(org.forgerock.openam.ldap.LDAPURL)
ByteString(org.forgerock.opendj.ldap.ByteString)
Example 2 with LDAPURL
use of org.forgerock.openam.ldap.LDAPURL in project OpenAM by OpenRock.
the class IdRepoUtils method getLDAPConnection.
private static ConnectionFactory getLDAPConnection(Map attrValues) throws Exception {
Options options = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) 300, TimeUnit.MILLISECONDS));
if (CollectionHelper.getBooleanMapAttr(attrValues, "sun-idrepo-ldapv3-config-ssl-enabled", false)) {
options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
}
Set<LDAPURL> ldapUrls = getLDAPUrls(attrValues);
if (CollectionUtils.isEmpty(ldapUrls)) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdRepoUtils.getLDAPConnection: No LDAPURLs found");
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
LDAPURL ldapUrl = ldapUrls.iterator().next();
if (org.forgerock.openam.utils.StringUtils.isEmpty(ldapUrl.getHost())) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdRepoUtils.getLDAPConnection: No LDAP host found");
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
// All connections will use authentication
String bindDn = CollectionHelper.getMapAttr(attrValues, "sun-idrepo-ldapv3-config-authid");
if (org.forgerock.openam.utils.StringUtils.isBlank(bindDn)) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdRepoUtils.getLDAPConnection: No LDAP bindDN found");
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
String bindPwd = CollectionHelper.getMapAttr(attrValues, "sun-idrepo-ldapv3-config-authpw");
if (org.forgerock.openam.utils.StringUtils.isBlank(bindPwd)) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("IdRepoUtils.getLDAPConnection: No LDAP bindPW found");
}
throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.UNABLE_AUTHENTICATE_LDAP_SERVER, null);
}
options = options.set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(bindDn, bindPwd.toCharArray()));
return new LDAPConnectionFactory(ldapUrl.getHost(), ldapUrl.getPort(), options);
}
Also used :
Options(org.forgerock.util.Options)
LDAPURL(org.forgerock.openam.ldap.LDAPURL)
IdRepoException(com.sun.identity.idm.IdRepoException)
Duration(org.forgerock.util.time.Duration)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)
Example 3 with LDAPURL
use of org.forgerock.openam.ldap.LDAPURL in project OpenAM by OpenRock.
the class ExternalLdapConfig method getLDAPURLs.
/**
* The hosts to connect to.
* @return A set of connection details with serverId/siteId preferences.
*/
public Set<LDAPURL> getLDAPURLs() {
String serverId = null;
String siteId = "";
try {
serverId = WebtopNaming.getAMServerID();
siteId = WebtopNaming.getSiteID(serverId);
} catch (ServerEntryNotFoundException senfe) {
if (debug.warningEnabled()) {
debug.warning("ServerEntryNotFoundException, serverId=" + serverId + ", siteId=" + siteId);
}
}
String hosts = this.hosts.get();
Set<String> urls = new LinkedHashSet<String>();
urls.addAll(Arrays.asList(hosts.split(",")));
boolean isSSL = isSSLMode();
Set<LDAPURL> ldapurls = new LinkedHashSet<LDAPURL>();
for (LDAPURL url : LDAPUtils.prioritizeServers(urls, serverId, siteId)) {
ldapurls.add(LDAPURL.valueOf(url.getHost(), url.getPort(), isSSL));
}
if (debug.messageEnabled()) {
debug.message("Priotized server list [" + hosts + "] using server ID [" + serverId + "] and site ID [" + siteId + "]");
}
return ldapurls;
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
ServerEntryNotFoundException(com.iplanet.services.naming.ServerEntryNotFoundException)
LDAPURL(org.forgerock.openam.ldap.LDAPURL)
Example 4 with LDAPURL
use of org.forgerock.openam.ldap.LDAPURL in project OpenAM by OpenRock.
the class ServerGroupConfiguration method getLDAPURLs.
/**
* Creates a list of {@link LDAPURL} instances based on the server instances available in the servergroup.
*
* @return A non null, but possibly empty list of {@link LDAPURL} instances based on the configured server
* instances in the corresponding server group.
*/
public Set<LDAPURL> getLDAPURLs() {
Collection<Server> servers = group.getServersList();
Set<LDAPURL> ret = new LinkedHashSet<LDAPURL>(servers.size());
for (Server server : servers) {
ret.add(LDAPURL.valueOf(server.getServerName(), server.getPort(), Server.Type.CONN_SSL.equals(server.getConnectionType())));
}
return ret;
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
Server(com.iplanet.services.ldap.Server)
LDAPURL(org.forgerock.openam.ldap.LDAPURL)
Example 5 with LDAPURL
use of org.forgerock.openam.ldap.LDAPURL in project OpenAM by OpenRock.
the class ServerGroupConfigurationTest method shouldReturnCorrectLDAPURLforSSLConnections.
@Test
public void shouldReturnCorrectLDAPURLforSSLConnections() {
// Given
String hostName = "localhost";
int port = 389;
Server one = mock(Server.class);
given(one.getServerName()).willReturn(hostName);
given(one.getPort()).willReturn(port);
given(one.getConnectionType()).willReturn(Server.Type.CONN_SSL);
ServerInstance mockInstance = mock(ServerInstance.class);
ServerGroup mockGroup = mock(ServerGroup.class);
given(mockGroup.getServersList()).willReturn(Arrays.asList(one));
ServerGroupConfiguration config = new ServerGroupConfiguration(mockGroup, mockInstance);
// When
Set<LDAPURL> result = config.getLDAPURLs();
// Then
assertThat(result).hasSize(1);
LDAPURL url = result.iterator().next();
assertThat(url.getHost()).isEqualTo(hostName);
assertThat(url.getPort()).isEqualTo(port);
assertThat(url.isSSL()).isTrue();
}
Also used :
ServerGroup(com.iplanet.services.ldap.ServerGroup)
Server(com.iplanet.services.ldap.Server)
LDAPURL(org.forgerock.openam.ldap.LDAPURL)
ServerInstance(com.iplanet.services.ldap.ServerInstance)
Test(org.testng.annotations.Test)
Aggregations
LDAPURL (org.forgerock.openam.ldap.LDAPURL)6
Server (com.iplanet.services.ldap.Server)3
ServerGroup (com.iplanet.services.ldap.ServerGroup)2
ServerInstance (com.iplanet.services.ldap.ServerInstance)2
LinkedHashSet (java.util.LinkedHashSet)2
Test (org.testng.annotations.Test)2
ServerEntryNotFoundException (com.iplanet.services.naming.ServerEntryNotFoundException)1
IdRepoException (com.sun.identity.idm.IdRepoException)1
ByteString (org.forgerock.opendj.ldap.ByteString)1
LDAPConnectionFactory (org.forgerock.opendj.ldap.LDAPConnectionFactory)1
SSLContextBuilder (org.forgerock.opendj.ldap.SSLContextBuilder)1
Options (org.forgerock.util.Options)1
Duration (org.forgerock.util.time.Duration)1
