Example 1 with LdapStoreConfiguration
use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.
the class LDAPResearchTest method testLdapSearch.
@SuppressWarnings("unchecked")
public void testLdapSearch() throws Exception {
CertCacheFactory.getInstance().flushAll();
int port = configuration.getLdapPort();
String url = "ldap://localhost:" + port + "/" + "cn=lookupTest";
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, url);
InitialContext initialContext = new InitialContext(env);
assertNotNull(initialContext);
DirContext dirContext = (DirContext) initialContext.lookup("");
Attributes attributes = dirContext.getAttributes("");
assertNotNull(attributes);
NamingEnumeration<Attribute> namingEnum = (NamingEnumeration<Attribute>) attributes.getAll();
while (namingEnum.hasMoreElements()) {
Attribute attr = namingEnum.nextElement();
System.out.println("Name: " + attr.getID() + "\r\nValue: " + attr.get() + "\r\n\r\n");
}
//Set<SearchResult> results = searchDNs( "(email=gm2552@cerner.com)", "", "ou=privKeys, ou=cerner, ou=com",
// SearchControls.SUBTREE_SCOPE , dirContext);
LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(new String[] { url }, "", "email", "privKeyStore", "X509");
LdapCertificateStoreProvider provider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, null);
LDAPCertificateStore certificateResolver = (LDAPCertificateStore) provider.get();
Collection<X509Certificate> certs = certificateResolver.getCertificates("gm2552@cerner.com");
/*LdapEnvironment ldapEnvironment = new LdapEnvironment(env, "privKeyStore", "", "email");
LdapCertUtilImpl ldapcertUtilImpl = new LdapCertUtilImpl(ldapEnvironment, "", "X.509");
LDAPCertificateStore ldapCertStore = new LDAPCertificateStore(ldapcertUtilImpl, new KeyStoreCertificateStore(), null);
Collection<X509Certificate> certs = ldapCertStore.getCertificates("gm2552@cerner.com");
*/
assertEquals(1, certs.size());
X509Certificate cert = certs.iterator().next();
assertFalse(cert instanceof X509CertificateEx);
assertTrue(cert.getSubjectX500Principal().toString().contains("bob@nhind.hsgincubator.com"));
}
Also used :
LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration)
BasicAttribute(javax.naming.directory.BasicAttribute)
Attribute(javax.naming.directory.Attribute)
Hashtable(java.util.Hashtable)
BasicAttributes(javax.naming.directory.BasicAttributes)
Attributes(javax.naming.directory.Attributes)
NamingEnumeration(javax.naming.NamingEnumeration)
DirContext(javax.naming.directory.DirContext)
InitialContext(javax.naming.InitialContext)
X509Certificate(java.security.cert.X509Certificate)
X509CertificateEx(org.nhindirect.stagent.cert.X509CertificateEx)
LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore)
LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)
Example 2 with LdapStoreConfiguration
use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.
the class WSSmtpAgentConfig method buildLdapCertificateStoreProvider.
protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(String type, String cacheStoreName) {
//required
Setting ldapURLSetting;
Setting ldapSearchBaseSetting;
Setting ldapSearchAttrSetting;
Setting ldapCertAttrSetting;
Setting ldapCertFormatSetting;
//optional
Setting ldapUserSetting;
Setting ldapPasswordSetting;
Setting ldapConnTimeoutSetting;
Setting ldapCertPassphraseSetting;
try {
ldapURLSetting = cfService.getSettingByName(type + "LDAPUrl");
ldapSearchBaseSetting = cfService.getSettingByName(type + "LDAPSearchBase");
ldapSearchAttrSetting = cfService.getSettingByName(type + "LDAPSearchAttr");
ldapCertAttrSetting = cfService.getSettingByName(type + "LDAPCertAttr");
ldapCertFormatSetting = cfService.getSettingByName(type + "LDAPCertFormat");
//optional
ldapUserSetting = cfService.getSettingByName(type + "LDAPUser");
ldapPasswordSetting = cfService.getSettingByName(type + "LDAPPassword");
ldapConnTimeoutSetting = cfService.getSettingByName(type + "LDAPConnTimeout");
ldapCertPassphraseSetting = cfService.getSettingByName(type + "LDAPCertPassphrase");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting LDAP store settings: " + e.getMessage(), e);
}
if (ldapURLSetting == null || ldapURLSetting.getValue() == null || ldapURLSetting.getValue().isEmpty())
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing LDAP URL");
String ldapSearchBase = (ldapSearchBaseSetting == null) ? null : ldapSearchBaseSetting.getValue();
String ldapSearchAttr = (ldapSearchAttrSetting == null) ? null : ldapSearchAttrSetting.getValue();
String ldapCertAttr = (ldapCertAttrSetting == null) ? null : ldapCertAttrSetting.getValue();
String ldapCertFormat = (ldapCertFormatSetting == null) ? null : ldapCertFormatSetting.getValue();
String[] ldapURL = ldapURLSetting.getValue().split(",");
if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing required LDAP parameters.");
}
String ldapUser = (ldapUserSetting == null) ? null : ldapUserSetting.getValue();
String ldapPassword = (ldapPasswordSetting == null) ? null : ldapPasswordSetting.getValue();
String ldapConnTimeout = (ldapConnTimeoutSetting == null) ? null : ldapConnTimeoutSetting.getValue();
String ldapCertPassphrase = (ldapCertPassphraseSetting == null) ? null : ldapCertPassphraseSetting.getValue();
if (ldapCertFormat.equalsIgnoreCase("pkcs12") && (ldapCertPassphrase == null || ldapCertPassphrase.isEmpty())) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
}
LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
if (ldapUser != null && !ldapUser.isEmpty() && ldapPassword != null && !ldapPassword.isEmpty()) {
ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
}
if (ldapConnTimeout != null && !ldapConnTimeout.isEmpty()) {
ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
}
if (ldapCertPassphrase != null && !ldapCertPassphrase.isEmpty()) {
ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
}
LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
return ldapCertificateStoreProvider;
}
Also used :
LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
EmployLdapAuthInformation(org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation)
Setting(org.nhind.config.Setting)
LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Example 3 with LdapStoreConfiguration
use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.
the class XMLSmtpAgentConfig method buildLdapCertificateStoreProvider.
/**
* This will build an LdapCertificateStoreProvider to be used to grab certificates from the LDAP store.
* @param anchorStoreNode - The Element node in the xml file that contains anchor information
* @param cacheStoreName - The name of the bootstrap cacheStore used when cache and LDAP are unreachable.
* @return
*/
protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(Element anchorStoreNode, String cacheStoreName) {
//required
String[] ldapURL = anchorStoreNode.getAttribute("ldapURL").split(",");
String ldapSearchBase = anchorStoreNode.getAttribute("ldapSearchBase");
String ldapSearchAttr = anchorStoreNode.getAttribute("ldapSearchAttr");
String ldapCertAttr = anchorStoreNode.getAttribute("ldapCertAttr");
String ldapCertFormat = anchorStoreNode.getAttribute("ldapCertFormat");
if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
}
//optional
String ldapUser = anchorStoreNode.getAttribute("ldapUser");
String ldapPassword = anchorStoreNode.getAttribute("ldapPassword");
String ldapConnTimeout = anchorStoreNode.getAttribute("ldapConnTimeout");
String ldapCertPassphrase = anchorStoreNode.getAttribute("ldapCertPassphrase");
if (ldapCertFormat.equalsIgnoreCase("pkcs12") && ldapCertPassphrase.isEmpty()) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
}
LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
if (!(ldapUser.isEmpty() && ldapPassword.isEmpty())) {
ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
}
if (!ldapConnTimeout.isEmpty()) {
ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
}
if (!ldapCertPassphrase.isEmpty()) {
ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
}
LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new DefaultCertStoreCachePolicy());
return ldapCertificateStoreProvider;
}
Also used :
LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
DefaultCertStoreCachePolicy(org.nhindirect.stagent.cert.DefaultCertStoreCachePolicy)
EmployLdapAuthInformation(org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation)
LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)
Example 4 with LdapStoreConfiguration
use of org.nhindirect.stagent.cert.impl.LdapStoreConfiguration in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildLdapCertificateStoreProvider.
@Override
protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(String type, String cacheStoreName) {
//required
Setting ldapURLSetting;
Setting ldapSearchBaseSetting;
Setting ldapSearchAttrSetting;
Setting ldapCertAttrSetting;
Setting ldapCertFormatSetting;
//optional
Setting ldapUserSetting;
Setting ldapPasswordSetting;
Setting ldapConnTimeoutSetting;
Setting ldapCertPassphraseSetting;
try {
ldapURLSetting = settingsService.getSetting(type + "LDAPUrl");
ldapSearchBaseSetting = settingsService.getSetting(type + "LDAPSearchBase");
ldapSearchAttrSetting = settingsService.getSetting(type + "LDAPSearchAttr");
ldapCertAttrSetting = settingsService.getSetting(type + "LDAPCertAttr");
ldapCertFormatSetting = settingsService.getSetting(type + "LDAPCertFormat");
//optional
ldapUserSetting = settingsService.getSetting(type + "LDAPUser");
ldapPasswordSetting = settingsService.getSetting(type + "LDAPPassword");
ldapConnTimeoutSetting = settingsService.getSetting(type + "LDAPConnTimeout");
ldapCertPassphraseSetting = settingsService.getSetting(type + "LDAPCertPassphrase");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting LDAP store settings: " + e.getMessage(), e);
}
if (ldapURLSetting == null || ldapURLSetting.getValue() == null || ldapURLSetting.getValue().isEmpty())
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing LDAP URL");
String ldapSearchBase = (ldapSearchBaseSetting == null) ? null : ldapSearchBaseSetting.getValue();
String ldapSearchAttr = (ldapSearchAttrSetting == null) ? null : ldapSearchAttrSetting.getValue();
String ldapCertAttr = (ldapCertAttrSetting == null) ? null : ldapCertAttrSetting.getValue();
String ldapCertFormat = (ldapCertFormatSetting == null) ? null : ldapCertFormatSetting.getValue();
String[] ldapURL = ldapURLSetting.getValue().split(",");
if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing required LDAP parameters.");
}
String ldapUser = (ldapUserSetting == null) ? null : ldapUserSetting.getValue();
String ldapPassword = (ldapPasswordSetting == null) ? null : ldapPasswordSetting.getValue();
String ldapConnTimeout = (ldapConnTimeoutSetting == null) ? null : ldapConnTimeoutSetting.getValue();
String ldapCertPassphrase = (ldapCertPassphraseSetting == null) ? null : ldapCertPassphraseSetting.getValue();
if (ldapCertFormat.equalsIgnoreCase("pkcs12") && (ldapCertPassphrase == null || ldapCertPassphrase.isEmpty())) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
}
LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
if (ldapUser != null && !ldapUser.isEmpty() && ldapPassword != null && !ldapPassword.isEmpty()) {
ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
}
if (ldapConnTimeout != null && !ldapConnTimeout.isEmpty()) {
ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
}
if (ldapCertPassphrase != null && !ldapCertPassphrase.isEmpty()) {
ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
}
LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
return ldapCertificateStoreProvider;
}
Also used :
LdapStoreConfiguration(org.nhindirect.stagent.cert.impl.LdapStoreConfiguration)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
EmployLdapAuthInformation(org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation)
Setting(org.nhindirect.config.model.Setting)
LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
Aggregations
LdapStoreConfiguration (org.nhindirect.stagent.cert.impl.LdapStoreConfiguration)4
LdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)4
SmtpAgentException (org.nhindirect.gateway.smtp.SmtpAgentException)3
EmployLdapAuthInformation (org.nhindirect.stagent.cert.impl.EmployLdapAuthInformation)3
LDAPCertificateStore (org.nhindirect.stagent.cert.impl.LDAPCertificateStore)3
AddressException (javax.mail.internet.AddressException)2
PolicyParseException (org.nhindirect.policy.PolicyParseException)2
PublicLdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)2
IOException (java.io.IOException)1
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
Hashtable (java.util.Hashtable)1
InitialContext (javax.naming.InitialContext)1
NamingEnumeration (javax.naming.NamingEnumeration)1
Attribute (javax.naming.directory.Attribute)1
Attributes (javax.naming.directory.Attributes)1
BasicAttribute (javax.naming.directory.BasicAttribute)1
BasicAttributes (javax.naming.directory.BasicAttributes)1
DirContext (javax.naming.directory.DirContext)1
Setting (org.nhind.config.Setting)1
