Search in sources :

Example 6 with Options

use of org.forgerock.util.Options in project OpenAM by OpenRock.

the class AMSetupDSConfig method getLDAPConnection.

/**
     * Helper method to return Ldap connection 
     *
     * @param ssl <code>true</code> if directory server is running SSL.
     * @return Ldap connection 
     */
private synchronized Connection getLDAPConnection(boolean ssl) {
    try {
        if (ld == null) {
            ShutdownManager shutdownMan = com.sun.identity.common.ShutdownManager.getInstance();
            // All connections will use authentication
            SimpleBindRequest request = LDAPRequests.newSimpleBindRequest(dsManager, dsAdminPwd.toCharArray());
            Options options = Options.defaultOptions().set(REQUEST_TIMEOUT, new Duration((long) 3, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, request);
            if (ssl) {
                options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
            }
            ld = new LDAPConnectionFactory(dsHostName, getPort(), options);
            shutdownMan.addShutdownListener(new ShutdownListener() {

                public void shutdown() {
                    disconnectDServer();
                }
            });
        }
        return ld.getConnection();
    } catch (LdapException e) {
        disconnectDServer();
        dsConfigInstance = null;
        ld = null;
    } catch (Exception e) {
        dsConfigInstance = null;
        ld = null;
    }
    return null;
}
Also used : ShutdownListener(org.forgerock.util.thread.listener.ShutdownListener) Options(org.forgerock.util.Options) SimpleBindRequest(org.forgerock.opendj.ldap.requests.SimpleBindRequest) ShutdownManager(org.forgerock.util.thread.listener.ShutdownManager) Duration(org.forgerock.util.time.Duration) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder) LdapException(org.forgerock.opendj.ldap.LdapException) LdapException(org.forgerock.opendj.ldap.LdapException) IOException(java.io.IOException)

Example 7 with Options

use of org.forgerock.util.Options in project ddf by codice.

the class ClaimsHandlerManager method createLdapConnectionFactory.

protected LDAPConnectionFactory createLdapConnectionFactory(String url, Boolean startTls) throws LdapException {
    boolean useSsl = url.startsWith("ldaps");
    boolean useTls = !url.startsWith("ldaps") && startTls;
    Options lo = Options.defaultOptions();
    try {
        if (useSsl || useTls) {
            lo.set(LDAPConnectionFactory.SSL_CONTEXT, SSLContext.getDefault());
        }
    } catch (GeneralSecurityException e) {
        LOGGER.info("Error encountered while configuring SSL. Secure connection will fail.", e);
    }
    lo.set(LDAPConnectionFactory.SSL_USE_STARTTLS, useTls);
    lo.set(LDAPConnectionFactory.SSL_ENABLED_CIPHER_SUITES, Arrays.asList(System.getProperty("https.cipherSuites").split(",")));
    lo.set(LDAPConnectionFactory.SSL_ENABLED_PROTOCOLS, Arrays.asList(System.getProperty("https.protocols").split(",")));
    lo.set(LDAPConnectionFactory.TRANSPORT_PROVIDER_CLASS_LOADER, ClaimsHandlerManager.class.getClassLoader());
    String host = url.substring(url.indexOf("://") + 3, url.lastIndexOf(":"));
    Integer port = useSsl ? 636 : 389;
    try {
        port = Integer.valueOf(url.substring(url.lastIndexOf(":") + 1));
    } catch (NumberFormatException ignore) {
    }
    auditRemoteConnection(host);
    return new LDAPConnectionFactory(host, port, lo);
}
Also used : Options(org.forgerock.util.Options) GeneralSecurityException(java.security.GeneralSecurityException) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory)

Example 8 with Options

use of org.forgerock.util.Options in project OpenAM by OpenRock.

the class AMCertStore method getConnection.

/**
     * Return ldap connection for ldap certificate store, or null if an error occured when connecting.
     */
synchronized Connection getConnection() {
    if (ldapconn == null) {
        /*
             * Setup the LDAP certificate directory service context for
             * use in verification of the users certificates.
             */
        String serverName = storeParam.getServerName();
        int port = storeParam.getPort();
        LDAPConnectionFactory factory;
        // Regardless of SSL on connection, we will use authentication
        SimpleBindRequest authenticatedRequest = LDAPRequests.newSimpleBindRequest(storeParam.getUser(), storeParam.getPassword().toCharArray());
        Options options = Options.defaultOptions().set(AUTHN_BIND_REQUEST, authenticatedRequest);
        if (storeParam.isSecure()) {
            debug.message("AMCertStore.getConnection: initial connection factory using ssl.");
            try {
                options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
                ldapconn = new LDAPConnectionFactory(serverName, port, options);
                debug.message("AMCertStore.getConnection: SSLSocketFactory called");
            } catch (GeneralSecurityException e) {
                debug.error("AMCertStore.getConnection: Error getting SSL Context", e);
                return null;
            }
        } else {
            // non-ssl
            ldapconn = new LDAPConnectionFactory(serverName, port, options);
        }
    }
    try {
        return ldapconn.getConnection();
    } catch (LdapException e) {
        debug.error("AMCertStore.getConnection: Exception in connection to LDAP server", e);
        return null;
    }
}
Also used : Options(org.forgerock.util.Options) SimpleBindRequest(org.forgerock.opendj.ldap.requests.SimpleBindRequest) GeneralSecurityException(java.security.GeneralSecurityException) ByteString(org.forgerock.opendj.ldap.ByteString) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder) LdapException(org.forgerock.opendj.ldap.LdapException)

Example 9 with Options

use of org.forgerock.util.Options in project OpenAM by OpenRock.

the class AddAMSDKIdRepoPlugin method getLDAPConnection.

private ConnectionFactory getLDAPConnection(DSEntry ds) throws Exception {
    BindRequest bindRequest = LDAPRequests.newSimpleBindRequest(bindDN, bindPwd.toCharArray());
    Options options = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) 300, TimeUnit.MILLISECONDS)).set(AUTHN_BIND_REQUEST, bindRequest);
    if (ds.ssl) {
        options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
    }
    return new LDAPConnectionFactory(ds.host, ds.port, options);
}
Also used : Options(org.forgerock.util.Options) BindRequest(org.forgerock.opendj.ldap.requests.BindRequest) Duration(org.forgerock.util.time.Duration) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)

Example 10 with Options

use of org.forgerock.util.Options in project OpenAM by OpenRock.

the class AjaxPage method getConnection.

protected Connection getConnection(String host, int port, String bindDN, char[] bindPwd, int timeout, boolean isSSl) throws GeneralSecurityException, LdapException {
    Options ldapOptions = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) timeout, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(bindDN, bindPwd));
    if (isSSl) {
        ldapOptions = ldapOptions.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
    }
    ConnectionFactory factory = new LDAPConnectionFactory(host, port, ldapOptions);
    return factory.getConnection();
}
Also used : Options(org.forgerock.util.Options) ConnectionFactory(org.forgerock.opendj.ldap.ConnectionFactory) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) Duration(org.forgerock.util.time.Duration) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder)

Aggregations

Options (org.forgerock.util.Options)18 Duration (org.forgerock.util.time.Duration)13 LDAPConnectionFactory (org.forgerock.opendj.ldap.LDAPConnectionFactory)12 SSLContextBuilder (org.forgerock.opendj.ldap.SSLContextBuilder)8 ByteString (org.forgerock.opendj.ldap.ByteString)7 LdapException (org.forgerock.opendj.ldap.LdapException)6 GeneralSecurityException (java.security.GeneralSecurityException)5 ConnectionFactory (org.forgerock.opendj.ldap.ConnectionFactory)5 SimpleBindRequest (org.forgerock.opendj.ldap.requests.SimpleBindRequest)4 ShutdownListener (org.forgerock.util.thread.listener.ShutdownListener)4 PolicyException (com.sun.identity.policy.PolicyException)3 IOException (java.io.IOException)3 DSConfigMgr (com.iplanet.services.ldap.DSConfigMgr)2 LDAPServiceException (com.iplanet.services.ldap.LDAPServiceException)2 ShutdownManager (com.sun.identity.common.ShutdownManager)2 HashSet (java.util.HashSet)2 Iterator (java.util.Iterator)2 Set (java.util.Set)2 Connection (org.forgerock.opendj.ldap.Connection)2 ServerInstance (com.iplanet.services.ldap.ServerInstance)1