directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r795551 - in /directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api: LdapConnection.java LdapConnectionConfig.java
Date Sun, 19 Jul 2009 14:51:57 GMT
Author: kayyagari
Date: Sun Jul 19 14:51:57 2009
New Revision: 795551

URL: http://svn.apache.org/viewvc?rev=795551&view=rev
Log:
o added ssl support to LdapConnection
o fixed a bug in the LdapConnection constructor taking the config as param
o made the parameters used for initializing a SSL context configurable
o testing/using of LdapConnection with self signed certs made easier with the above configuration

Modified:
    directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnection.java
    directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnectionConfig.java

Modified: directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnection.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnection.java?rev=795551&r1=795550&r2=795551&view=diff
==============================================================================
--- directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnection.java
(original)
+++ directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnection.java
Sun Jul 19 14:51:57 2009
@@ -467,6 +467,8 @@
     public LdapConnection( LdapConnectionConfig config )
     {
         this.config = config;
+        messageId = new AtomicInteger();
+        operationMutex = new Semaphore(1);
     }
     
     
@@ -578,10 +580,20 @@
             // If we use SSL, we have to add the SslFilter to the chain
             if ( config.isUseSsl() ) 
             {
-                SSLContext sslContext = null; // BogusSslContextFactory.getInstance( false
);
-                SslFilter sslFilter = new SslFilter( sslContext );
-                sslFilter.setUseClientMode(true);
-                connector.getFilterChain().addLast( "sslFilter", sslFilter );
+                try
+                {
+                    SSLContext sslContext = SSLContext.getInstance( config.getSslProtocol()
);
+                    sslContext.init( config.getKeyManagers(), config.getTrustManagers(),
config.getSecureRandom() );
+
+                    SslFilter sslFilter = new SslFilter( sslContext );
+                    sslFilter.setUseClientMode(true);
+                    connector.getFilterChain().addFirst( "sslFilter", sslFilter );
+                }
+                catch( Exception e )
+                {
+                    LOG.error( "Failed to initialize the SSL context", e );
+                    throw new LdapException( e );
+                }
             }
     
             // Inject the protocolHandler

Modified: directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnectionConfig.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnectionConfig.java?rev=795551&r1=795550&r2=795551&view=diff
==============================================================================
--- directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnectionConfig.java
(original)
+++ directory/shared/trunk/client-api/src/main/java/org/apache/directory/shared/ldap/client/api/LdapConnectionConfig.java
Sun Jul 19 14:51:57 2009
@@ -20,6 +20,11 @@
 
 package org.apache.directory.shared.ldap.client.api;
 
+import java.security.SecureRandom;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.TrustManager;
+
 
 /**
  * A class to hold the configuration for creating an LdapConnection.
@@ -44,6 +49,8 @@
     /** The default timeout for operation : 30 seconds */
     public static final long DEFAULT_TIMEOUT = 30000L;
 
+    /** the default protocol used for creating SSL context */
+    public static final String DEFAULT_SSL_PROTOCOL = "TLS";
     
     // --- private members ----
     
@@ -62,7 +69,18 @@
     /** user's credentials ( current implementation supports password only); it must be a
non-null value */
     private byte[] credentials;
 
+    /** an array of key managers, if set, will be used while initializing the SSL context
*/
+    private KeyManager[] keyManagers;
+    
+    /** an instance of SecureRandom, if set, will be used while initializing the SSL context
*/
+    private SecureRandom secureRandom;
+    
+    /** an array of certificate trust managers, if set, will be used while initializing the
SSL context */
+    private TrustManager[] trustManagers;
 
+    /** name of the protocol used for creating SSL context, default value is "TLS" */
+    private String sslProtocol = DEFAULT_SSL_PROTOCOL;
+    
     public boolean isUseSsl()
     {
         return useSsl;
@@ -152,4 +170,52 @@
         return LDAP_V3;
     }
 
+
+    public TrustManager[] getTrustManagers()
+    {
+        return trustManagers;
+    }
+
+
+    public void setTrustManagers( TrustManager[] trustManagers )
+    {
+        this.trustManagers = trustManagers;
+    }
+
+
+    public String getSslProtocol()
+    {
+        return sslProtocol;
+    }
+
+
+    public void setSslProtocol( String sslProtocol )
+    {
+        this.sslProtocol = sslProtocol;
+    }
+
+
+    public KeyManager[] getKeyManagers()
+    {
+        return keyManagers;
+    }
+
+
+    public void setKeyManagers( KeyManager[] keyManagers )
+    {
+        this.keyManagers = keyManagers;
+    }
+
+
+    public SecureRandom getSecureRandom()
+    {
+        return secureRandom;
+    }
+
+
+    public void setSecureRandom( SecureRandom secureRandom )
+    {
+        this.secureRandom = secureRandom;
+    }
+    
 }



Mime
View raw message