directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject [43/50] git commit: FC-145 - Add SSL to REST client
Date Mon, 20 Oct 2014 23:07:00 GMT
FC-145 - Add SSL to REST client


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/6d6d1953
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/6d6d1953
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/6d6d1953

Branch: refs/heads/master
Commit: 6d6d19539209a1f9c080545c3b0176d76538c3fb
Parents: 103d2ac
Author: Shawn McKinney <shawn.mckinney@jts.us>
Authored: Sat Aug 9 14:53:50 2014 -0500
Committer: Shawn McKinney <shawn.mckinney@jts.us>
Committed: Sat Aug 9 14:53:50 2014 -0500

----------------------------------------------------------------------
 build.properties                                |  6 ++--
 .../openldap/fortress/ldap/ConnectionPool.java  | 16 +++++------
 .../org/openldap/fortress/rest/RestUtils.java   | 29 +++++++++++++++++++-
 3 files changed, 39 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/6d6d1953/build.properties
----------------------------------------------------------------------
diff --git a/build.properties b/build.properties
index 8095a1e..f9bb753 100644
--- a/build.properties
+++ b/build.properties
@@ -51,6 +51,7 @@ http.user=demouser4
 http.pw=password
 http.host=localhost
 http.port=8080
+http.protocol=http
 
 ########################################################################
 # 3. BEGIN LDAP CLIENT CONFIGURATION SECTION: (Ignore if using HTTP):
@@ -73,9 +74,9 @@ ldap.uris=ldap://${ldap.host}:${ldap.port}
 #ldap.uris=ldap://${ldap.host}:389 ldaps://${ldap.host}:${ldap.port}
 #enable.ldap.ssl=true
 #enable.ldap.ssl.debug=true
-#key.store=/home/smckinn/GIT/fortressDev/openldap-fortress-core/src/test/resources/certs/mykeystore
+#key.store=/home/myuser/fortress/builder/src/test/resources/certs/mykeystore
 #key.store.password=changeit
-#trust.store=/home/smckinn/GIT/fortressDev/openldap-fortress-core/src/test/resources/certs/mytruststore
+#trust.store=/home/myuser/fortress/builder/src/test/resources/certs/mytruststore
 #trust.store.password=changeit
 #trust.store.set.prop=true
 
@@ -199,6 +200,7 @@ dflt.checkpoint=checkpoint	64 5
 ###########################################################################################
 
 slapd.start=${openldap.root}/etc/solserver start
+slapd.stop=${openldap.root}/etc/solserver stop
 
 ## If using Symas OpenLDAP, uncomment single option from #1 - 8 below:
 # Each of the options are used for a particular Symas-OpenLDAP platform.

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/6d6d1953/src/main/java/org/openldap/fortress/ldap/ConnectionPool.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/fortress/ldap/ConnectionPool.java b/src/main/java/org/openldap/fortress/ldap/ConnectionPool.java
index b092ead..df9c0de 100755
--- a/src/main/java/org/openldap/fortress/ldap/ConnectionPool.java
+++ b/src/main/java/org/openldap/fortress/ldap/ConnectionPool.java
@@ -50,6 +50,7 @@ import java.util.Date;
 import com.unboundid.ldap.sdk.migrate.ldapjdk.JavaToLDAPSocketFactory;
 import com.unboundid.util.ssl.SSLUtil;
 import com.unboundid.util.ssl.TrustStoreTrustManager;
+import org.openldap.fortress.GlobalIds;
 import org.openldap.fortress.cfg.Config;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -475,8 +476,6 @@ class ConnectionPool
     }
 
     /**
-     * *** FORTRESS MOD ****
-     *
      * Used to manage trust store properties.  If enabled, create SSL connection.
      *
      */
@@ -486,15 +485,15 @@ class ConnectionPool
     private static final String TRUST_STORE_PW = Config.getProperty( "trust.store.password"
);
     private static final boolean IS_SSL = (
         Config.getProperty( ENABLE_LDAP_SSL ) != null   &&
-        Config.getProperty( ENABLE_LDAP_SSL ).equalsIgnoreCase( "true" ) &&
-        TRUST_STORE      != null   &&
-        TRUST_STORE_PW   != null );
+            Config.getProperty( ENABLE_LDAP_SSL ).equalsIgnoreCase( "true" ) &&
+            TRUST_STORE      != null   &&
+            TRUST_STORE_PW   != null );
 
     private static final String SET_TRUST_STORE_PROP = "trust.store.set.prop";
     private static final boolean IS_SET_TRUST_STORE_PROP = (
         IS_SSL &&
-        Config.getProperty( SET_TRUST_STORE_PROP ) != null   &&
-        Config.getProperty( SET_TRUST_STORE_PROP ).equalsIgnoreCase( "true" ));
+            Config.getProperty( SET_TRUST_STORE_PROP ) != null   &&
+            Config.getProperty( SET_TRUST_STORE_PROP ).equalsIgnoreCase( "true" ));
 
     private static final boolean IS_SSL_DEBUG = ( ( Config.getProperty( ENABLE_LDAP_SSL_DEBUG
) != null ) && ( Config
         .getProperty( ENABLE_LDAP_SSL_DEBUG ).equalsIgnoreCase( "true" ) ) );
@@ -523,7 +522,7 @@ class ConnectionPool
     private LDAPConnection createConnection() throws LDAPException
     {
         LDAPConnection newConn = null;
-        if(IS_SSL)
+        if( IS_SSL)
         {
             // Generate SSL Connection using Unbound compatibility lib utils:
             // http://stackoverflow.com/questions/22672477/unboundid-ldap-jdk-migration
@@ -555,7 +554,6 @@ class ConnectionPool
         return newConn;
     }
 
-
     private int find( LDAPConnection con )
     {
         // Find the matching Connection in the pool

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/6d6d1953/src/main/java/org/openldap/fortress/rest/RestUtils.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/openldap/fortress/rest/RestUtils.java b/src/main/java/org/openldap/fortress/rest/RestUtils.java
index 9a2de20..5e4e1cb 100644
--- a/src/main/java/org/openldap/fortress/rest/RestUtils.java
+++ b/src/main/java/org/openldap/fortress/rest/RestUtils.java
@@ -39,6 +39,7 @@ import org.apache.commons.httpclient.methods.RequestEntity;
 import org.apache.commons.httpclient.methods.StringRequestEntity;
 import org.apache.cxf.common.util.Base64Utility;
 import org.apache.cxf.helpers.IOUtils;
+import org.openldap.fortress.GlobalIds;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -65,15 +66,41 @@ public class RestUtils
         .getProperty( HTTP_PW_PARAM ) ) : Config.getProperty( HTTP_PW_PARAM ) );
     private final static String HTTP_HOST = Config.getProperty( "http.host" );
     private final static String HTTP_PORT = Config.getProperty( "http.port" );
+    private final static String HTTP_PROTOCOL = Config.getProperty( "http.protocol", "http"
);
     private static final String VERSION = System.getProperty( "version" );
     private static final String SERVICE = "enmasse-" + VERSION;
-    private static final String URI = "http://" + HTTP_HOST + ":" + HTTP_PORT + "/" + SERVICE
+ "/";
+    // TODO: add SSL capability here:
+    private static final String URI = HTTP_PROTOCOL + "://" + HTTP_HOST + ":" + HTTP_PORT
+ "/" + SERVICE + "/";
     private static final int HTTP_OK = 200;
     private static final int HTTP_401_UNAUTHORIZED = 401;
     private static final int HTTP_403_FORBIDDEN = 403;
     private static final int HTTP_404_NOT_FOUND = 404;
     private static CachedJaxbContext cachedJaxbContext = new CachedJaxbContext();
 
+    /**
+     * Used to manage trust store properties.  If enabled, create SSL connection.
+     *
+     */
+    private static final String TRUST_STORE = Config.getProperty( "trust.store" );
+    private static final String TRUST_STORE_PW = Config.getProperty( "trust.store.password"
);
+    private static final String SET_TRUST_STORE_PROP = "trust.store.set.prop";
+    private static final boolean IS_SET_TRUST_STORE_PROP = (
+            Config.getProperty( SET_TRUST_STORE_PROP ) != null   &&
+            Config.getProperty( SET_TRUST_STORE_PROP ).equalsIgnoreCase( "true" ));
+
+    static
+    {
+        if(IS_SET_TRUST_STORE_PROP)
+        {
+            LOG.info( "Set JSSE truststore properties:");
+            LOG.info( "javax.net.ssl.trustStore: " + TRUST_STORE );
+            System.setProperty( "javax.net.ssl.trustStore", TRUST_STORE );
+            System.setProperty( "javax.net.ssl.trustStorePassword", TRUST_STORE_PW );
+        }
+    }
+
+
+
 
     /**
      * Marshall the request into an XML String.


Mime
View raw message