use of org.forgerock.util.Options in project OpenAM by OpenRock.
the class AMSetupDSConfig method getLDAPConnection.
/**
* Helper method to return Ldap connection
*
* @param ssl <code>true</code> if directory server is running SSL.
* @return Ldap connection
*/
private synchronized Connection getLDAPConnection(boolean ssl) {
try {
if (ld == null) {
ShutdownManager shutdownMan = com.sun.identity.common.ShutdownManager.getInstance();
// All connections will use authentication
SimpleBindRequest request = LDAPRequests.newSimpleBindRequest(dsManager, dsAdminPwd.toCharArray());
Options options = Options.defaultOptions().set(REQUEST_TIMEOUT, new Duration((long) 3, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, request);
if (ssl) {
options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
}
ld = new LDAPConnectionFactory(dsHostName, getPort(), options);
shutdownMan.addShutdownListener(new ShutdownListener() {
public void shutdown() {
disconnectDServer();
}
});
}
return ld.getConnection();
} catch (LdapException e) {
disconnectDServer();
dsConfigInstance = null;
ld = null;
} catch (Exception e) {
dsConfigInstance = null;
ld = null;
}
return null;
}
use of org.forgerock.util.Options in project ddf by codice.
the class ClaimsHandlerManager method createLdapConnectionFactory.
protected LDAPConnectionFactory createLdapConnectionFactory(String url, Boolean startTls) throws LdapException {
boolean useSsl = url.startsWith("ldaps");
boolean useTls = !url.startsWith("ldaps") && startTls;
Options lo = Options.defaultOptions();
try {
if (useSsl || useTls) {
lo.set(LDAPConnectionFactory.SSL_CONTEXT, SSLContext.getDefault());
}
} catch (GeneralSecurityException e) {
LOGGER.info("Error encountered while configuring SSL. Secure connection will fail.", e);
}
lo.set(LDAPConnectionFactory.SSL_USE_STARTTLS, useTls);
lo.set(LDAPConnectionFactory.SSL_ENABLED_CIPHER_SUITES, Arrays.asList(System.getProperty("https.cipherSuites").split(",")));
lo.set(LDAPConnectionFactory.SSL_ENABLED_PROTOCOLS, Arrays.asList(System.getProperty("https.protocols").split(",")));
lo.set(LDAPConnectionFactory.TRANSPORT_PROVIDER_CLASS_LOADER, ClaimsHandlerManager.class.getClassLoader());
String host = url.substring(url.indexOf("://") + 3, url.lastIndexOf(":"));
Integer port = useSsl ? 636 : 389;
try {
port = Integer.valueOf(url.substring(url.lastIndexOf(":") + 1));
} catch (NumberFormatException ignore) {
}
auditRemoteConnection(host);
return new LDAPConnectionFactory(host, port, lo);
}
use of org.forgerock.util.Options in project OpenAM by OpenRock.
the class AMCertStore method getConnection.
/**
* Return ldap connection for ldap certificate store, or null if an error occured when connecting.
*/
synchronized Connection getConnection() {
if (ldapconn == null) {
/*
* Setup the LDAP certificate directory service context for
* use in verification of the users certificates.
*/
String serverName = storeParam.getServerName();
int port = storeParam.getPort();
LDAPConnectionFactory factory;
// Regardless of SSL on connection, we will use authentication
SimpleBindRequest authenticatedRequest = LDAPRequests.newSimpleBindRequest(storeParam.getUser(), storeParam.getPassword().toCharArray());
Options options = Options.defaultOptions().set(AUTHN_BIND_REQUEST, authenticatedRequest);
if (storeParam.isSecure()) {
debug.message("AMCertStore.getConnection: initial connection factory using ssl.");
try {
options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
ldapconn = new LDAPConnectionFactory(serverName, port, options);
debug.message("AMCertStore.getConnection: SSLSocketFactory called");
} catch (GeneralSecurityException e) {
debug.error("AMCertStore.getConnection: Error getting SSL Context", e);
return null;
}
} else {
// non-ssl
ldapconn = new LDAPConnectionFactory(serverName, port, options);
}
}
try {
return ldapconn.getConnection();
} catch (LdapException e) {
debug.error("AMCertStore.getConnection: Exception in connection to LDAP server", e);
return null;
}
}
use of org.forgerock.util.Options in project OpenAM by OpenRock.
the class AddAMSDKIdRepoPlugin method getLDAPConnection.
private ConnectionFactory getLDAPConnection(DSEntry ds) throws Exception {
BindRequest bindRequest = LDAPRequests.newSimpleBindRequest(bindDN, bindPwd.toCharArray());
Options options = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) 300, TimeUnit.MILLISECONDS)).set(AUTHN_BIND_REQUEST, bindRequest);
if (ds.ssl) {
options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
}
return new LDAPConnectionFactory(ds.host, ds.port, options);
}
use of org.forgerock.util.Options in project OpenAM by OpenRock.
the class AjaxPage method getConnection.
protected Connection getConnection(String host, int port, String bindDN, char[] bindPwd, int timeout, boolean isSSl) throws GeneralSecurityException, LdapException {
Options ldapOptions = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) timeout, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(bindDN, bindPwd));
if (isSSl) {
ldapOptions = ldapOptions.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
}
ConnectionFactory factory = new LDAPConnectionFactory(host, port, ldapOptions);
return factory.getConnection();
}
Aggregations