Search in sources :

Example 1 with LdapStoreConfiguration

use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.

the class LDAPResearchTest method testLdapSearch.

@SuppressWarnings("unchecked")
public void testLdapSearch() throws Exception {
    CertCacheFactory.getInstance().flushAll();
    int port = configuration.getLdapPort();
    String url = "ldap://localhost:" + port + "/" + "cn=lookupTest";
    Hashtable<String, String> env = new Hashtable<String, String>();
    env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
    env.put(Context.SECURITY_CREDENTIALS, "secret");
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, url);
    InitialContext initialContext = new InitialContext(env);
    assertNotNull(initialContext);
    DirContext dirContext = (DirContext) initialContext.lookup("");
    Attributes attributes = dirContext.getAttributes("");
    assertNotNull(attributes);
    NamingEnumeration<Attribute> namingEnum = (NamingEnumeration<Attribute>) attributes.getAll();
    while (namingEnum.hasMoreElements()) {
        Attribute attr = namingEnum.nextElement();
        System.out.println("Name: " + attr.getID() + "\r\nValue: " + attr.get() + "\r\n\r\n");
    }
    //Set<SearchResult> results = searchDNs( "(email=gm2552@cerner.com)", "", "ou=privKeys, ou=cerner, ou=com", 
    //        SearchControls.SUBTREE_SCOPE , dirContext);
    LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(new String[] { url }, "", "email", "privKeyStore", "X509");
    LdapCertificateStoreProvider provider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, null);
    LDAPCertificateStore certificateResolver = (LDAPCertificateStore) provider.get();
    Collection<X509Certificate> certs = certificateResolver.getCertificates("gm2552@cerner.com");
    /*LdapEnvironment ldapEnvironment = new LdapEnvironment(env, "privKeyStore", "", "email");
		LdapCertUtilImpl ldapcertUtilImpl = new LdapCertUtilImpl(ldapEnvironment, "", "X.509");
		LDAPCertificateStore ldapCertStore = new LDAPCertificateStore(ldapcertUtilImpl, new KeyStoreCertificateStore(), null);
		
		Collection<X509Certificate> certs = ldapCertStore.getCertificates("gm2552@cerner.com");
		*/
    assertEquals(1, certs.size());
    X509Certificate cert = certs.iterator().next();
    assertFalse(cert instanceof X509CertificateEx);
    assertTrue(cert.getSubjectX500Principal().toString().contains("bob@nhind.hsgincubator.com"));
}
Also used : LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration) BasicAttribute(javax.naming.directory.BasicAttribute) Attribute(javax.naming.directory.Attribute) Hashtable(java.util.Hashtable) BasicAttributes(javax.naming.directory.BasicAttributes) Attributes(javax.naming.directory.Attributes) NamingEnumeration(javax.naming.NamingEnumeration) DirContext(javax.naming.directory.DirContext) InitialContext(javax.naming.InitialContext) X509Certificate(java.security.cert.X509Certificate) X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx) LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore) LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)

Example 2 with LdapStoreConfiguration

use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.

the class WSSmtpAgentConfig method buildLdapCertificateStoreProvider.

protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(String type, String cacheStoreName) {
    //required
    Setting ldapURLSetting;
    Setting ldapSearchBaseSetting;
    Setting ldapSearchAttrSetting;
    Setting ldapCertAttrSetting;
    Setting ldapCertFormatSetting;
    //optional	    
    Setting ldapUserSetting;
    Setting ldapPasswordSetting;
    Setting ldapConnTimeoutSetting;
    Setting ldapCertPassphraseSetting;
    try {
        ldapURLSetting = cfService.getSettingByName(type + "LDAPUrl");
        ldapSearchBaseSetting = cfService.getSettingByName(type + "LDAPSearchBase");
        ldapSearchAttrSetting = cfService.getSettingByName(type + "LDAPSearchAttr");
        ldapCertAttrSetting = cfService.getSettingByName(type + "LDAPCertAttr");
        ldapCertFormatSetting = cfService.getSettingByName(type + "LDAPCertFormat");
        //optional	    
        ldapUserSetting = cfService.getSettingByName(type + "LDAPUser");
        ldapPasswordSetting = cfService.getSettingByName(type + "LDAPPassword");
        ldapConnTimeoutSetting = cfService.getSettingByName(type + "LDAPConnTimeout");
        ldapCertPassphraseSetting = cfService.getSettingByName(type + "LDAPCertPassphrase");
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting LDAP store settings: " + e.getMessage(), e);
    }
    if (ldapURLSetting == null || ldapURLSetting.getValue() == null || ldapURLSetting.getValue().isEmpty())
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing LDAP URL");
    String ldapSearchBase = (ldapSearchBaseSetting == null) ? null : ldapSearchBaseSetting.getValue();
    String ldapSearchAttr = (ldapSearchAttrSetting == null) ? null : ldapSearchAttrSetting.getValue();
    String ldapCertAttr = (ldapCertAttrSetting == null) ? null : ldapCertAttrSetting.getValue();
    String ldapCertFormat = (ldapCertFormatSetting == null) ? null : ldapCertFormatSetting.getValue();
    String[] ldapURL = ldapURLSetting.getValue().split(",");
    if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing required LDAP parameters.");
    }
    String ldapUser = (ldapUserSetting == null) ? null : ldapUserSetting.getValue();
    String ldapPassword = (ldapPasswordSetting == null) ? null : ldapPasswordSetting.getValue();
    String ldapConnTimeout = (ldapConnTimeoutSetting == null) ? null : ldapConnTimeoutSetting.getValue();
    String ldapCertPassphrase = (ldapCertPassphraseSetting == null) ? null : ldapCertPassphraseSetting.getValue();
    if (ldapCertFormat.equalsIgnoreCase("pkcs12") && (ldapCertPassphrase == null || ldapCertPassphrase.isEmpty())) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
    }
    LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
    if (ldapUser != null && !ldapUser.isEmpty() && ldapPassword != null && !ldapPassword.isEmpty()) {
        ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
    }
    if (ldapConnTimeout != null && !ldapConnTimeout.isEmpty()) {
        ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
    }
    if (ldapCertPassphrase != null && !ldapCertPassphrase.isEmpty()) {
        ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
    }
    LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
    return ldapCertificateStoreProvider;
}
Also used : LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) EmployLdapAuthInformation(org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation) Setting(org.nhind.config.Setting) LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore) PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider) LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 3 with LdapStoreConfiguration

use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.

the class XMLSmtpAgentConfig method buildLdapCertificateStoreProvider.

/**
	 * This will build an LdapCertificateStoreProvider to be used to grab certificates from the LDAP store.
	 * @param anchorStoreNode - The Element node in the xml file that contains anchor information
	 * @param cacheStoreName - The name of the bootstrap cacheStore used when cache and LDAP are unreachable.
	 * @return
	 */
protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(Element anchorStoreNode, String cacheStoreName) {
    //required
    String[] ldapURL = anchorStoreNode.getAttribute("ldapURL").split(",");
    String ldapSearchBase = anchorStoreNode.getAttribute("ldapSearchBase");
    String ldapSearchAttr = anchorStoreNode.getAttribute("ldapSearchAttr");
    String ldapCertAttr = anchorStoreNode.getAttribute("ldapCertAttr");
    String ldapCertFormat = anchorStoreNode.getAttribute("ldapCertFormat");
    if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
    }
    //optional	    
    String ldapUser = anchorStoreNode.getAttribute("ldapUser");
    String ldapPassword = anchorStoreNode.getAttribute("ldapPassword");
    String ldapConnTimeout = anchorStoreNode.getAttribute("ldapConnTimeout");
    String ldapCertPassphrase = anchorStoreNode.getAttribute("ldapCertPassphrase");
    if (ldapCertFormat.equalsIgnoreCase("pkcs12") && ldapCertPassphrase.isEmpty()) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
    }
    LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
    if (!(ldapUser.isEmpty() && ldapPassword.isEmpty())) {
        ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
    }
    if (!ldapConnTimeout.isEmpty()) {
        ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
    }
    if (!ldapCertPassphrase.isEmpty()) {
        ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
    }
    LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new DefaultCertStoreCachePolicy());
    return ldapCertificateStoreProvider;
}
Also used : LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) DefaultCertStoreCachePolicy(org.nhindirect.stagent.cert.DefaultCertStoreCachePolicy) EmployLdapAuthInformation(org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation) LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)

Example 4 with LdapStoreConfiguration

use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.

the class RESTSmtpAgentConfig method buildLdapCertificateStoreProvider.

@Override
protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(String type, String cacheStoreName) {
    //required
    Setting ldapURLSetting;
    Setting ldapSearchBaseSetting;
    Setting ldapSearchAttrSetting;
    Setting ldapCertAttrSetting;
    Setting ldapCertFormatSetting;
    //optional	    
    Setting ldapUserSetting;
    Setting ldapPasswordSetting;
    Setting ldapConnTimeoutSetting;
    Setting ldapCertPassphraseSetting;
    try {
        ldapURLSetting = settingsService.getSetting(type + "LDAPUrl");
        ldapSearchBaseSetting = settingsService.getSetting(type + "LDAPSearchBase");
        ldapSearchAttrSetting = settingsService.getSetting(type + "LDAPSearchAttr");
        ldapCertAttrSetting = settingsService.getSetting(type + "LDAPCertAttr");
        ldapCertFormatSetting = settingsService.getSetting(type + "LDAPCertFormat");
        //optional	    
        ldapUserSetting = settingsService.getSetting(type + "LDAPUser");
        ldapPasswordSetting = settingsService.getSetting(type + "LDAPPassword");
        ldapConnTimeoutSetting = settingsService.getSetting(type + "LDAPConnTimeout");
        ldapCertPassphraseSetting = settingsService.getSetting(type + "LDAPCertPassphrase");
    } catch (Exception e) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting LDAP store settings: " + e.getMessage(), e);
    }
    if (ldapURLSetting == null || ldapURLSetting.getValue() == null || ldapURLSetting.getValue().isEmpty())
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing LDAP URL");
    String ldapSearchBase = (ldapSearchBaseSetting == null) ? null : ldapSearchBaseSetting.getValue();
    String ldapSearchAttr = (ldapSearchAttrSetting == null) ? null : ldapSearchAttrSetting.getValue();
    String ldapCertAttr = (ldapCertAttrSetting == null) ? null : ldapCertAttrSetting.getValue();
    String ldapCertFormat = (ldapCertFormatSetting == null) ? null : ldapCertFormatSetting.getValue();
    String[] ldapURL = ldapURLSetting.getValue().split(",");
    if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing required LDAP parameters.");
    }
    String ldapUser = (ldapUserSetting == null) ? null : ldapUserSetting.getValue();
    String ldapPassword = (ldapPasswordSetting == null) ? null : ldapPasswordSetting.getValue();
    String ldapConnTimeout = (ldapConnTimeoutSetting == null) ? null : ldapConnTimeoutSetting.getValue();
    String ldapCertPassphrase = (ldapCertPassphraseSetting == null) ? null : ldapCertPassphraseSetting.getValue();
    if (ldapCertFormat.equalsIgnoreCase("pkcs12") && (ldapCertPassphrase == null || ldapCertPassphrase.isEmpty())) {
        throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
    }
    LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
    if (ldapUser != null && !ldapUser.isEmpty() && ldapPassword != null && !ldapPassword.isEmpty()) {
        ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
    }
    if (ldapConnTimeout != null && !ldapConnTimeout.isEmpty()) {
        ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
    }
    if (ldapCertPassphrase != null && !ldapCertPassphrase.isEmpty()) {
        ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
    }
    LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
    return ldapCertificateStoreProvider;
}
Also used : LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) EmployLdapAuthInformation(org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation) Setting(org.nhindirect.config.model.Setting) LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore) PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider) LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider) AddressException(javax.mail.internet.AddressException) SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException) PolicyParseException(org.nhindirect.policy.PolicyParseException)

Aggregations

LdapStoreConfiguration (org.nhindirect.stagent.cert.impl.LdapStoreConfiguration)4 LdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)4 SmtpAgentException (org.nhindirect.gateway.smtp.SmtpAgentException)3 EmployLdapAuthInformation (org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation)3 LDAPCertificateStore (org.nhindirect.stagent.cert.impl.LDAPCertificateStore)3 AddressException (javax.mail.internet.AddressException)2 PolicyParseException (org.nhindirect.policy.PolicyParseException)2 PublicLdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)2 IOException (java.io.IOException)1 CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1 Hashtable (java.util.Hashtable)1 InitialContext (javax.naming.InitialContext)1 NamingEnumeration (javax.naming.NamingEnumeration)1 Attribute (javax.naming.directory.Attribute)1 Attributes (javax.naming.directory.Attributes)1 BasicAttribute (javax.naming.directory.BasicAttribute)1 BasicAttributes (javax.naming.directory.BasicAttributes)1 DirContext (javax.naming.directory.DirContext)1 Setting (org.nhind.config.Setting)1