directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject directory-fortress-core git commit: FC-140 - System properties cannot override values for trust store
Date Thu, 28 Jan 2016 14:51:29 GMT
Repository: directory-fortress-core
Updated Branches:
  refs/heads/master 4d8ca5f36 -> e05d62908


 FC-140 -  System properties cannot override values for trust store


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/e05d6290
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/e05d6290
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/e05d6290

Branch: refs/heads/master
Commit: e05d62908a9e2b5ae48e5df055bdc3616d48037f
Parents: 4d8ca5f
Author: Shawn McKinney <smckinney@apache.org>
Authored: Wed Jan 27 19:21:03 2016 -0600
Committer: Shawn McKinney <smckinney@apache.org>
Committed: Wed Jan 27 19:21:03 2016 -0600

----------------------------------------------------------------------
 .../directory/fortress/core/GlobalIds.java      |  6 +++--
 .../core/ldap/ApacheDsDataProvider.java         | 24 ++++++++++----------
 2 files changed, 16 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/e05d6290/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index 53972ad..f8e8d3c 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -455,8 +455,10 @@ public final class GlobalIds
     // Used for TLS/SSL client-side configs:
     public static final String ENABLE_LDAP_SSL = "enable.ldap.ssl";
     public static final String ENABLE_LDAP_SSL_DEBUG = "enable.ldap.ssl.debug";
-    public static final String TRUST_STORE = Config.getProperty( "trust.store" );
-    public static final String TRUST_STORE_PW = Config.getProperty( "trust.store.password"
);
+    public static final String TRUST_STORE = "trust.store";
+    public static final String TRUST_STORE_PW = "trust.store.password";
+
+
     public static final String SET_TRUST_STORE_PROP = "trust.store.set.prop";
     public static final String LDAP_HOST = "host";
     public static final String LDAP_PORT = "port";

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/e05d6290/src/main/java/org/apache/directory/fortress/core/ldap/ApacheDsDataProvider.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ldap/ApacheDsDataProvider.java
b/src/main/java/org/apache/directory/fortress/core/ldap/ApacheDsDataProvider.java
index be5d025..0fbe9db 100644
--- a/src/main/java/org/apache/directory/fortress/core/ldap/ApacheDsDataProvider.java
+++ b/src/main/java/org/apache/directory/fortress/core/ldap/ApacheDsDataProvider.java
@@ -114,8 +114,8 @@ public abstract class ApacheDsDataProvider
     private static final boolean IS_SSL = (
         Config.getProperty( GlobalIds.ENABLE_LDAP_SSL ) != null &&
             Config.getProperty( GlobalIds.ENABLE_LDAP_SSL ).equalsIgnoreCase( "true" ) &&
-            GlobalIds.TRUST_STORE != null &&
-        GlobalIds.TRUST_STORE_PW != null );
+            Config.getProperty( GlobalIds.TRUST_STORE ) != null &&
+        Config.getProperty( GlobalIds.TRUST_STORE_PW ) != null );
 
     private static final boolean IS_SET_TRUST_STORE_PROP = (
         IS_SSL &&
@@ -158,10 +158,10 @@ public abstract class ApacheDsDataProvider
         if ( IS_SET_TRUST_STORE_PROP )
         {
             LOG.info( "Set JSSE truststore properties in Apache LDAP client:" );
-            LOG.info( "javax.net.ssl.trustStore: {}", GlobalIds.TRUST_STORE );
+            LOG.info( "javax.net.ssl.trustStore: {}", Config.getProperty( GlobalIds.TRUST_STORE
) );
             LOG.info( "javax.net.debug: {}" + IS_SSL_DEBUG );
-            System.setProperty( "javax.net.ssl.trustStore", GlobalIds.TRUST_STORE );
-            System.setProperty( "javax.net.ssl.trustStorePassword", GlobalIds.TRUST_STORE_PW
);
+            System.setProperty( "javax.net.ssl.trustStore", Config.getProperty( GlobalIds.TRUST_STORE
) );
+            System.setProperty( "javax.net.ssl.trustStorePassword", Config.getProperty( GlobalIds.TRUST_STORE_PW
) );
             System.setProperty( "javax.net.debug", Boolean.valueOf( IS_SSL_DEBUG ).toString()
);
         }
 
@@ -173,11 +173,11 @@ public abstract class ApacheDsDataProvider
         config.setUseSsl( IS_SSL );
         //config.setTrustManagers( new NoVerificationTrustManager() );
 
-        if ( IS_SSL && StringUtils.isNotEmpty( GlobalIds.TRUST_STORE )
-            && StringUtils.isNotEmpty( GlobalIds.TRUST_STORE_PW ) )
+        if ( IS_SSL && StringUtils.isNotEmpty( Config.getProperty( GlobalIds.TRUST_STORE
) )
+            && StringUtils.isNotEmpty( Config.getProperty( GlobalIds.TRUST_STORE_PW
) ) )
         {
             // validate certificates but allow self-signed certs if within this truststore:
-            config.setTrustManagers( new LdapClientTrustStoreManager( GlobalIds.TRUST_STORE,
GlobalIds.TRUST_STORE_PW
+            config.setTrustManagers( new LdapClientTrustStoreManager( Config.getProperty(
GlobalIds.TRUST_STORE ), Config.getProperty( GlobalIds.TRUST_STORE_PW )
                 .toCharArray(), null,
                 true ) );
         }
@@ -248,12 +248,12 @@ public abstract class ApacheDsDataProvider
 
             logConfig.setUseSsl( IS_SSL );
 
-            if ( IS_SSL && StringUtils.isNotEmpty( GlobalIds.TRUST_STORE )
-                && StringUtils.isNotEmpty( GlobalIds.TRUST_STORE_PW ) )
+            if ( IS_SSL && StringUtils.isNotEmpty( Config.getProperty( GlobalIds.TRUST_STORE
) )
+                && StringUtils.isNotEmpty( Config.getProperty( GlobalIds.TRUST_STORE_PW
) ) )
             {
                 // validate certificates but allow self-signed certs if within this truststore:
-                logConfig.setTrustManagers( new LdapClientTrustStoreManager( GlobalIds.TRUST_STORE,
-                    GlobalIds.TRUST_STORE_PW.toCharArray(),
+                logConfig.setTrustManagers( new LdapClientTrustStoreManager( Config.getProperty(
GlobalIds.TRUST_STORE ),
+                    Config.getProperty( Config.getProperty( GlobalIds.TRUST_STORE_PW ) ).toCharArray(),
                     null, true ) );
             }
 


Mime
View raw message