camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ayache khettar (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CAMEL-5842) camel-ldap - Allow to configure SSL using Camels SSL support
Date Mon, 15 Dec 2014 15:57:13 GMT

    [ https://issues.apache.org/jira/browse/CAMEL-5842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14246770#comment-14246770
] 

ayache khettar commented on CAMEL-5842:
---------------------------------------

Hi Claus

I have managed to connect over SSL using the current camel-ldap component. All needed is a
custom socket factory set as a property for the InitialDirContext - see below. If you happy
with the suggestion, I can update the wiki if you wish.

Ayache

*Snippet from the blueprint*
{code:xml}

<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
                 http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">


    <sslContextParameters xmlns="http://camel.apache.org/schema/blueprint"
                          id="sslContextParameters">
        <keyManagers
                keyPassword="{{keystore.spine.pwd}}">
            <keyStore
                    resource="{{keystore.spine.url}}"
                    password="{{keystore.spine.pwd}}"/>
        </keyManagers>
    </sslContextParameters>

    <bean id="customSocketFactory" class="urn.messagebus.services.sdsclient.util.CustomSocketFactory">
        <argument ref="sslContextParameters" />
    </bean>
    <bean id="ldapserver" class="javax.naming.directory.InitialDirContext" scope="prototype">
        <argument>
            <props>
                <prop key="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
                <prop key="java.naming.provider.url" value="ldaps://lab.zotix.co:636"/>
                <prop key="java.naming.security.protocol" value="ssl"/>
                <prop key="java.naming.security.authentication" value="simple" />
                <prop key="java.naming.security.principal" value="cn=Manager,dc=example,dc=com"/>
                <prop key="java.naming.security.credentials" value="passw0rd"/>
                <prop key="java.naming.ldap.factory.socket"
                      value="urn.messagebus.services.sdsclient.util.CustomSocketFactory"/>
            </props>
        </argument>
    </bean>
</blueprint>
{code}

*CustomSocketFactory*
{code:title=CustomSocketFactory.java|borderStyle=solid}
  
import org.apache.camel.util.jsse.SSLContextParameters;

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;

/**
 * The CustomSocketFactory. Loads the KeyStore and creates an instance of SSLSocketFactory
 */
public class CustomSocketFactory extends SSLSocketFactory {

    private static SSLSocketFactory socketFactory;

    /**
     * Called by the getDefault() method.
     */
    public CustomSocketFactory() {

    }

    /**
     * Called by Blueprint DI to initialise an instance of SocketFactory
     *
     * @param sslContextParameters
     */
    public CustomSocketFactory(SSLContextParameters sslContextParameters) {
        try {
            KeyStore keyStore = sslContextParameters.getKeyManagers().getKeyStore().createKeyStore();
            TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
            tmf.init(keyStore);
            SSLContext ctx = SSLContext.getInstance("TLS");
            ctx.init(null, tmf.getTrustManagers(), null);
            socketFactory = ctx.getSocketFactory();
        } catch (Exception ex) {
            ex.printStackTrace(System.err);  /* handle exception */
        }
    }

    /**
     * Getter for the SocketFactory
     *
     * @return
     */
    public static SocketFactory getDefault() {
        return new CustomSocketFactory();
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return socketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return socketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket(Socket socket, String string, int i, boolean bln) throws IOException
{
        return socketFactory.createSocket(socket, string, i, bln);
    }

    @Override
    public Socket createSocket(String string, int i) throws IOException {
        return socketFactory.createSocket(string, i);
    }

    @Override
    public Socket createSocket(String string, int i, InetAddress ia, int i1) throws IOException
{
        return socketFactory.createSocket(string, i, ia, i1);
    }

    @Override
    public Socket createSocket(InetAddress ia, int i) throws IOException {
        return socketFactory.createSocket(ia, i);
    }

    @Override
    public Socket createSocket(InetAddress ia, int i, InetAddress ia1, int i1) throws IOException
{
        return socketFactory.createSocket(ia, i, ia1, i1);
    }
}

{code}



> camel-ldap - Allow to configure SSL using Camels SSL support
> ------------------------------------------------------------
>
>                 Key: CAMEL-5842
>                 URL: https://issues.apache.org/jira/browse/CAMEL-5842
>             Project: Camel
>          Issue Type: New Feature
>          Components: camel-ldap
>            Reporter: Claus Ibsen
>            Priority: Minor
>             Fix For: Future
>
>
> Lets see if it would be possible for end users to use the great SSL support in Camel
to configure the camel-ldap component
> See nabble
> http://camel.465427.n5.nabble.com/LDAP-connection-via-SSL-tp5723224.html
> And Camel SSL configuration
> http://camel.apache.org/camel-configuration-utilities.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message