Examples with Options org.forgerock.util.Options used on opensource projects

Example 16 with Options

use of org.forgerock.util.Options in project OpenAM by OpenRock.

the class LDAPAuthUtils method createConnectionPool.

private ConnectionFactory createConnectionPool(Map<String, ConnectionFactory> connectionPools, String bindingUser, char[] bindingPwd) throws LdapException, LDAPUtilException {
    ConnectionFactory connPool;
    try {
        String configName = servers.toString() + ":" + bindingUser;
        connPool = connectionPools.get(configName);
        if (connPool == null) {
            synchronized (connectionPools) {
                connPool = connectionPools.get(configName);
                Options options = Options.defaultOptions().set(REQUEST_TIMEOUT, new Duration((long) operationsTimeout, TimeUnit.MILLISECONDS));
                if (connPool == null) {
                    if (debug.messageEnabled()) {
                        debug.message("Create ConnectionPool for servers:\n" + servers);
                    }
                    // Since connection pool for search and authentication
                    // are different, each gets half the configured size
                    int min = minDefaultPoolSize / 2 + 1;
                    int max = maxDefaultPoolSize / 2;
                    if (min >= max) {
                        min = max - 1;
                    }
                    Set<LDAPURL> primaryUrls = convertToLDAPURLs(primaryServers);
                    Set<LDAPURL> secondaryUrls = convertToLDAPURLs(secondaryServers);
                    if (poolSize != null && !poolSize.isEmpty()) {
                        String tmpmin = null;
                        String tmpmax = null;
                        for (String val : poolSize) {
                            // host:port:min:max
                            StringTokenizer stz = new StringTokenizer(val, ":");
                            if (stz.countTokens() == 4) {
                                LDAPURL url = LDAPURL.valueOf(stz.nextToken() + ":" + stz.nextToken());
                                if (primaryUrls.contains(url) || secondaryUrls.contains(url)) {
                                    tmpmin = stz.nextToken();
                                    tmpmax = stz.nextToken();
                                    break;
                                }
                            }
                        }
                        if (tmpmin != null) {
                            try {
                                min = Integer.parseInt(tmpmin);
                                max = Integer.parseInt(tmpmax);
                                if (max < min) {
                                    debug.error("ldap connection pool max size is less than min size");
                                    min = minDefaultPoolSize;
                                    max = maxDefaultPoolSize;
                                }
                            } catch (NumberFormatException ex) {
                                debug.error("Invalid ldap connection pool size", ex);
                                min = minDefaultPoolSize;
                                max = maxDefaultPoolSize;
                            }
                        }
                    }
                    if (debug.messageEnabled()) {
                        debug.message("LDAPAuthUtils.LDAPAuthUtils: min=" + min + ", max=" + max);
                    }
                    if (isSecure) {
                        SSLContextBuilder builder = new SSLContextBuilder();
                        if (trustAll) {
                            builder.setTrustManager(TrustManagers.trustAll());
                        }
                        SSLContext sslContext = builder.getSSLContext();
                        options.set(SSL_CONTEXT, sslContext);
                        if (useStartTLS) {
                            options.set(SSL_USE_STARTTLS, true);
                        }
                    }
                    final ConnectionFactory connFactory;
                    ConnectionFactory primaryCf = newFailoverConnectionPool(primaryUrls, bindingUser, bindingPwd, max, heartBeatInterval, heartBeatTimeUnit, options);
                    if (secondaryServers.isEmpty()) {
                        connFactory = primaryCf;
                    } else {
                        ConnectionFactory secondaryCf = newFailoverConnectionPool(secondaryUrls, bindingUser, bindingPwd, max, heartBeatInterval, heartBeatTimeUnit, options);
                        connFactory = Connections.newFailoverLoadBalancer(asList(primaryCf, secondaryCf), options);
                    }
                    ShutdownManager shutdownMan = com.sun.identity.common.ShutdownManager.getInstance();
                    shutdownMan.addShutdownListener(new ShutdownListener() {

                        public void shutdown() {
                            connFactory.close();
                        }
                    });
                    connPool = connFactory;
                    connectionPools.put(configName, connPool);
                }
            }
        }
    } catch (GeneralSecurityException gse) {
        debug.error("Unable to create connection pool", gse);
        throw new LDAPUtilException(gse);
    }
    return connPool;
}

Example 17 with Options

use of org.forgerock.util.Options in project OpenAM by OpenRock.

the class ServiceBase method getLDAPConnection.

/**
     * Returns a LDAP connection to the directory host.
     *
     * @param dsHostName name of the sever where DS is installed
     * @param dsPort port at which the directory server is listening
     * @param dsProtocol protocol used by directory server
     * @param dsManager admin user name for directory server
     * @param dsAdminPwd  admin password used by admin user name
     * @return LDAP connection
     */
protected static Connection getLDAPConnection(String dsHostName, int dsPort, String dsProtocol, String dsManager, String dsAdminPwd) {
    try {
        // All connections will use authentication
        Options options = Options.defaultOptions().set(CONNECT_TIMEOUT, new Duration((long) 3, TimeUnit.SECONDS)).set(AUTHN_BIND_REQUEST, LDAPRequests.newSimpleBindRequest(dsManager, dsAdminPwd.toCharArray()));
        if (dsProtocol.equalsIgnoreCase("ldaps")) {
            options = options.set(SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
        }
        ConnectionFactory factory = new LDAPConnectionFactory(dsHostName, dsPort, options);
        return factory.getConnection();
    } catch (Exception ignored) {
        return null;
    }
}

Example 18 with Options

use of org.forgerock.util.Options in project ddf by codice.

the class SslLdapLoginModule method createLdapConnectionFactory.

protected LDAPConnectionFactory createLdapConnectionFactory(String url, Boolean startTls) throws LdapException {
    boolean useSsl = url.startsWith("ldaps");
    boolean useTls = !url.startsWith("ldaps") && startTls;
    Options lo = Options.defaultOptions();
    try {
        if (useSsl || useTls) {
            initializeSslContext();
            lo.set(LDAPConnectionFactory.SSL_CONTEXT, getSslContext());
        }
    } catch (GeneralSecurityException e) {
        LOGGER.info("Error encountered while configuring SSL. Secure connection will fail.", e);
    }
    lo.set(LDAPConnectionFactory.SSL_USE_STARTTLS, useTls);
    lo.set(LDAPConnectionFactory.SSL_ENABLED_CIPHER_SUITES, Arrays.asList(System.getProperty("https.cipherSuites").split(",")));
    lo.set(LDAPConnectionFactory.SSL_ENABLED_PROTOCOLS, Arrays.asList(System.getProperty("https.protocols").split(",")));
    lo.set(LDAPConnectionFactory.TRANSPORT_PROVIDER_CLASS_LOADER, SslLdapLoginModule.class.getClassLoader());
    String host = url.substring(url.indexOf("://") + 3, url.lastIndexOf(":"));
    Integer port = useSsl ? 636 : 389;
    try {
        port = Integer.valueOf(url.substring(url.lastIndexOf(":") + 1));
    } catch (NumberFormatException ignore) {
    }
    auditRemoteConnection(host);
    return new LDAPConnectionFactory(host, port, lo);
}