Example 11 with LDAPConnectionFactory
use of org.forgerock.opendj.ldap.LDAPConnectionFactory in project OpenAM by OpenRock.
the class ServiceBase method getLDAPConnection.
/**
* Returns a LDAP connection to the directory host.
*
* @param dsHostName name of the sever where DS is installed
* @param dsPort port at which the directory server is listening
* @param dsProtocol protocol used by directory server
* @param dsManager admin user name for directory server
* @param dsAdminPwd admin password used by admin user name
* @return LDAP connection
*/
protected static Connection getLDAPConnection(String dsHostName, int dsPort, String dsProtocol, String dsManager, String dsAdminPwd) {
try {
// All connections will use authentication
Options options = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) 3, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(dsManager, dsAdminPwd.toCharArray()));
if (dsProtocol.equalsIgnoreCase("ldaps")) {
options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
}
ConnectionFactory factory = new LDAPConnectionFactory(dsHostName, dsPort, options);
return factory.getConnection();
} catch (Exception ignored) {
return null;
}
}
Also used :
Options(org.forgerock.util.Options)
ConnectionFactory(org.forgerock.opendj.ldap.ConnectionFactory)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
Duration(org.forgerock.util.time.Duration)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)
LdapException(org.forgerock.opendj.ldap.LdapException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Example 12 with LDAPConnectionFactory
use of org.forgerock.opendj.ldap.LDAPConnectionFactory in project OpenAM by OpenRock.
the class UpgradeUtils method getLDAPConnectionFactory.
private static ConnectionFactory getLDAPConnectionFactory(String hostname, int port, Options options) {
if (factory == null) {
factory = new LDAPConnectionFactory(hostname, port, options);
ShutdownManager.getInstance().addShutdownListener(new ShutdownListener() {
@Override
public void shutdown() {
if (factory != null) {
factory.close();
}
}
});
}
return factory;
}
Also used :
ShutdownListener(org.forgerock.util.thread.listener.ShutdownListener)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
Example 13 with LDAPConnectionFactory
use of org.forgerock.opendj.ldap.LDAPConnectionFactory in project OpenAM by OpenRock.
the class AjaxPage method getConnection.
protected Connection getConnection(String host, int port, String bindDN, char[] bindPwd, int timeout, boolean isSSl) throws GeneralSecurityException, LdapException {
Options ldapOptions = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) timeout, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(bindDN, bindPwd));
if (isSSl) {
ldapOptions = ldapOptions.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
}
ConnectionFactory factory = new LDAPConnectionFactory(host, port, ldapOptions);
return factory.getConnection();
}
Also used :
Options(org.forgerock.util.Options)
ConnectionFactory(org.forgerock.opendj.ldap.ConnectionFactory)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
Duration(org.forgerock.util.time.Duration)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)
Example 14 with LDAPConnectionFactory
use of org.forgerock.opendj.ldap.LDAPConnectionFactory in project OpenAM by OpenRock.
the class AMCertStore method getConnection.
/**
* Return ldap connection for ldap certificate store, or null if an error occured when connecting.
*/
synchronized Connection getConnection() {
if (ldapconn == null) {
/*
* Setup the LDAP certificate directory service context for
* use in verification of the users certificates.
*/
String serverName = storeParam.getServerName();
int port = storeParam.getPort();
LDAPConnectionFactory factory;
// Regardless of SSL on connection, we will use authentication
SimpleBindRequest authenticatedRequest = LDAPRequests.newSimpleBindRequest(storeParam.getUser(), storeParam.getPassword().toCharArray());
Options options = Options.defaultOptions().set(AUTHN_BIND_REQUEST, authenticatedRequest);
if (storeParam.isSecure()) {
debug.message("AMCertStore.getConnection: initial connection factory using ssl.");
try {
options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
ldapconn = new LDAPConnectionFactory(serverName, port, options);
debug.message("AMCertStore.getConnection: SSLSocketFactory called");
} catch (GeneralSecurityException e) {
debug.error("AMCertStore.getConnection: Error getting SSL Context", e);
return null;
}
} else {
// non-ssl
ldapconn = new LDAPConnectionFactory(serverName, port, options);
}
}
try {
return ldapconn.getConnection();
} catch (LdapException e) {
debug.error("AMCertStore.getConnection: Exception in connection to LDAP server", e);
return null;
}
}
Also used :
Options(org.forgerock.util.Options)
SimpleBindRequest(org.forgerock.opendj.ldap.requests.SimpleBindRequest)
GeneralSecurityException(java.security.GeneralSecurityException)
ByteString(org.forgerock.opendj.ldap.ByteString)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)
LdapException(org.forgerock.opendj.ldap.LdapException)
Example 15 with LDAPConnectionFactory
use of org.forgerock.opendj.ldap.LDAPConnectionFactory in project OpenAM by OpenRock.
the class AMCRLStore method getCRLByLdapURI.
/**
* It gets the new CRL from ldap server.
* If it is ldap URI, the URI has to be a dn that can be accessed
* with ldap anonymous bind.
* (example : ldap://server:port/uid=ca,o=company.com)
* This dn entry has to have CRL in attribute certificaterevocationlist
* or certificaterevocationlist;binary.
*
* @param uri
*/
private byte[] getCRLByLdapURI(String uri) {
if (debug.messageEnabled()) {
debug.message("AMCRLStore.getCRLByLdapURI: uri = " + uri);
}
LDAPUrl url;
LDAPConnectionFactory factory;
byte[] crl = null;
try {
url = LDAPUrl.valueOf(uri);
} catch (LocalizedIllegalArgumentException e) {
debug.error("AMCRLStore.getCRLByLdapURI(): Could not parse uri: {}", uri, e);
return null;
}
debug.message("AMCRLStore.getCRLByLdapURI: url.dn = {}", url.getName());
// Check ldap over SSL
if (url.isSecure()) {
try {
factory = new LDAPConnectionFactory(url.getHost(), url.getPort(), Options.defaultOptions().set(LDAPConnectionFactory.SSL_CONTEXT, new SSLContextBuilder().getSSLContext()));
} catch (GeneralSecurityException e) {
debug.error("AMCRLStore.getCRLByLdapURI: Error getting SSL Context", e);
return null;
}
} else {
// non-ssl
factory = new LDAPConnectionFactory(url.getHost(), url.getPort());
}
try (Connection ldc = factory.getConnection()) {
ConnectionEntryReader results = ldc.search(url.asSearchRequest().addControl(TransactionIdControl.newControl(AuditRequestContext.createSubTransactionIdValue())));
if (!results.hasNext()) {
debug.error("verifyCertificate - No CRL distribution Point configured");
return null;
}
if (results.isReference()) {
debug.warning("Getting CRL but got LDAP reference: {}", results.readReference());
return null;
}
SearchResultEntry entry = results.readEntry();
/*
* Retrieve the certificate revocation list if available.
*/
Attribute crlAttribute = entry.getAttribute(CERTIFICATE_REVOCATION_LIST);
if (crlAttribute == null) {
crlAttribute = entry.getAttribute(CERTIFICATE_REVOCATION_LIST_BINARY);
if (crlAttribute == null) {
debug.error("verifyCertificate - No CRL distribution Point configured");
return null;
}
}
crl = crlAttribute.firstValue().toByteArray();
} catch (Exception e) {
debug.error("getCRLByLdapURI : Error in getting CRL", e);
}
return crl;
}
Also used :
ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader)
LDAPUrl(org.forgerock.opendj.ldap.LDAPUrl)
Attribute(org.forgerock.opendj.ldap.Attribute)
GeneralSecurityException(java.security.GeneralSecurityException)
HttpURLConnection(java.net.HttpURLConnection)
Connection(org.forgerock.opendj.ldap.Connection)
LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)
LocalizedIllegalArgumentException(org.forgerock.i18n.LocalizedIllegalArgumentException)
SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)
LdapException(org.forgerock.opendj.ldap.LdapException)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
LocalizedIllegalArgumentException(org.forgerock.i18n.LocalizedIllegalArgumentException)
SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)
Aggregations
LDAPConnectionFactory (org.forgerock.opendj.ldap.LDAPConnectionFactory)18
Options (org.forgerock.util.Options)10
SSLContextBuilder (org.forgerock.opendj.ldap.SSLContextBuilder)8
LdapException (org.forgerock.opendj.ldap.LdapException)7
Duration (org.forgerock.util.time.Duration)7
GeneralSecurityException (java.security.GeneralSecurityException)6
IOException (java.io.IOException)5
Connection (org.forgerock.opendj.ldap.Connection)5
ShutdownListener (org.forgerock.util.thread.listener.ShutdownListener)4
ByteString (org.forgerock.opendj.ldap.ByteString)3
ConnectionFactory (org.forgerock.opendj.ldap.ConnectionFactory)3
SimpleBindRequest (org.forgerock.opendj.ldap.requests.SimpleBindRequest)3
BindResult (org.forgerock.opendj.ldap.responses.BindResult)2
SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)2
ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)2
Test (org.junit.Test)2
Matchers.anyString (org.mockito.Matchers.anyString)2
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2
DSConfigMgr (com.iplanet.services.ldap.DSConfigMgr)1
LDAPServiceException (com.iplanet.services.ldap.LDAPServiceException)1
