directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1028444 - in /directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api: LdapConnectionConfig.java LdapNetworkConnection.java
Date Thu, 28 Oct 2010 19:34:17 GMT
Author: kayyagari
Date: Thu Oct 28 19:34:17 2010
New Revision: 1028444

URL: http://svn.apache.org/viewvc?rev=1028444&view=rev
Log:
o setting default trust manager in the connection config (DIRAPI-38)
o removed default config instance creation in LdapNetworkConnection

Modified:
    directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapConnectionConfig.java
    directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java

Modified: directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapConnectionConfig.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapConnectionConfig.java?rev=1028444&r1=1028443&r2=1028444&view=diff
==============================================================================
--- directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapConnectionConfig.java
(original)
+++ directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapConnectionConfig.java
Thu Oct 28 19:34:17 2010
@@ -21,10 +21,17 @@
 package org.apache.directory.ldap.client.api;
 
 
+import java.security.KeyStore;
 import java.security.SecureRandom;
 
 import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 
 /**
@@ -82,7 +89,45 @@ public class LdapConnectionConfig
     /** name of the protocol used for creating SSL context, default value is "TLS" */
     private String sslProtocol = DEFAULT_SSL_PROTOCOL;
 
+    private static final Logger LOG = LoggerFactory.getLogger( LdapConnectionConfig.class
);
+    
+    public LdapConnectionConfig()
+    {
+        setDefaultTrustManager();
+    }
+
+    
+    /**
+     * sets the default trust manager based on the SunX509 trustManagement algorithm
+     */
+    private void setDefaultTrustManager()
+    {
+        String trustMgmtAlgo = "SunX509";
+
+        try
+        {
+            TrustManagerFactory tmFactory = TrustManagerFactory.getInstance( trustMgmtAlgo
);
+            tmFactory.init( KeyStore.getInstance( KeyStore.getDefaultType() ) );
 
+            TrustManager factoryTrustManagers[] = tmFactory.getTrustManagers();
+
+            for ( int i = 0; i < factoryTrustManagers.length; i++ )
+            {
+                if ( factoryTrustManagers[i] instanceof X509TrustManager )
+                {
+                    trustManagers = new TrustManager[] { factoryTrustManagers[i] };
+                    LOG.debug( "found X509TrustManager {}", factoryTrustManagers[i] );
+                    break;
+                }
+            }
+        }
+        catch( Exception e )
+        {
+            LOG.warn( "couldn't find any default X509 TrustManager with algorithm {}", trustMgmtAlgo
);
+        }
+    }
+    
+    
     /**
      * Checks if SSL (ldaps://) is used.
      *

Modified: directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java?rev=1028444&r1=1028443&r2=1028444&view=diff
==============================================================================
--- directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
(original)
+++ directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
Thu Oct 28 19:34:17 2010
@@ -173,7 +173,7 @@ public class LdapNetworkConnection exten
     private long timeout = LdapConnectionConfig.DEFAULT_TIMEOUT;
 
     /** configuration object for the connection */
-    private LdapConnectionConfig config = new LdapConnectionConfig();
+    private LdapConnectionConfig config;
 
     /** The connector open with the remote server */
     private IoConnector connector;
@@ -330,6 +330,7 @@ public class LdapNetworkConnection exten
      */
     public LdapNetworkConnection()
     {
+        config = new LdapConnectionConfig();
         config.setUseSsl( false );
         config.setLdapPort( config.getDefaultLdapPort() );
         config.setLdapHost( config.getDefaultLdapHost() );
@@ -359,6 +360,7 @@ public class LdapNetworkConnection exten
      */
     public LdapNetworkConnection( boolean useSsl )
     {
+        config = new LdapConnectionConfig();
         config.setUseSsl( useSsl );
         config.setLdapPort( useSsl ? config.getDefaultLdapsPort() : config.getDefaultLdapPort()
);
         config.setLdapHost( config.getDefaultLdapHost() );
@@ -375,6 +377,7 @@ public class LdapNetworkConnection exten
      */
     public LdapNetworkConnection( String server )
     {
+        config = new LdapConnectionConfig();
         config.setUseSsl( false );
         config.setLdapPort( config.getDefaultLdapPort() );
 
@@ -403,6 +406,7 @@ public class LdapNetworkConnection exten
      */
     public LdapNetworkConnection( String server, boolean useSsl )
     {
+        config = new LdapConnectionConfig();
         config.setUseSsl( useSsl );
         config.setLdapPort( useSsl ? config.getDefaultLdapsPort() : config.getDefaultLdapPort()
);
 
@@ -445,6 +449,7 @@ public class LdapNetworkConnection exten
      */
     public LdapNetworkConnection( String server, int port, boolean useSsl )
     {
+        config = new LdapConnectionConfig();
         config.setUseSsl( useSsl );
         config.setLdapPort( port );
 



Mime
View raw message