directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bajaj, Yogesh" <Yogesh.Ba...@wyn.com>
Subject Enable SSL for Embed Apache DS Server
Date Wed, 13 May 2015 20:03:02 GMT
Hi Friends,

I set up Apache DS embed server. I am using one of aspect provided in JIRA ticket  to avoid
multiple resources issue. 
This is working fine on local laptop. Now I want to enable SSL for embed LDAP server  as once
I am deploying it on client dev server , I am not able to connect it. My client dev server
requires ssh connection.

Please advise, how to enable SSL for embed LDAP server?. I already did below in embed ldap
server.

transports.setEnableSSL(true);

I am using latest Apache DS version 2.0.0-M20. 


Embed LDAP server java file :-

import java.io.File;
import java.util.List;

import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.apache.directory.api.ldap.model.schema.registries.SchemaLoader;
import org.apache.directory.api.ldap.schema.extractor.SchemaLdifExtractor;
import org.apache.directory.api.ldap.schema.extractor.impl.DefaultSchemaLdifExtractor;
import org.apache.directory.api.ldap.schema.loader.LdifSchemaLoader;
import org.apache.directory.api.ldap.schema.manager.impl.DefaultSchemaManager;

import org.apache.directory.api.util.exception.Exceptions;
import org.apache.directory.server.constants.ServerDNConstants;
import org.apache.directory.server.core.DefaultDirectoryService;
import org.apache.directory.server.core.api.CacheService;
import org.apache.directory.server.core.api.DirectoryService;
import org.apache.directory.server.core.api.DnFactory;
import org.apache.directory.server.core.api.InstanceLayout;
import org.apache.directory.server.core.api.schema.SchemaPartition;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
import org.apache.directory.server.core.partition.ldif.LdifPartition;
import org.apache.directory.server.core.shared.DefaultDnFactory;
import org.apache.directory.server.i18n.I18n;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;



public class EmbeddedADS  {

 
    
    private static final Logger LOGGER = LogManager.getLogger(EmbeddedADS.class);
    /** The directory service */
    private DirectoryService service;

    /** The LDAP server */
    private LdapServer server;
    
    private static EmbeddedADS instance;
    
    
    
    public static EmbeddedADS getInstance(){
        if(instance == null){
            instance= new EmbeddedADS();
        }
        return instance;
    }

    /**
     * initialize the schema manager and add the schema partition to diectory
     * service
     * 
     * @throws Exception
     *             if the schema LDIF files are not found on the classpath
     */
    private void initSchemaPartition() throws Exception {
        final InstanceLayout instanceLayout = this.service.getInstanceLayout();

        final File schemaPartitionDirectory = new File(
                instanceLayout.getPartitionsDirectory(), "schema");

        // Extract the schema on disk (a brand new one) and load the registries
        if (schemaPartitionDirectory.exists()) {
            LOGGER.debug("schema partition already exists, skipping schema extraction");
        } else {
            final SchemaLdifExtractor extractor = new DefaultSchemaLdifExtractor(
                    instanceLayout.getPartitionsDirectory());
            extractor.extractOrCopy();
        }

        final SchemaLoader loader = new LdifSchemaLoader(
                schemaPartitionDirectory);
        final SchemaManager schemaManager = new DefaultSchemaManager(loader);

        // final DnFactory dnFactory = new
        // DefaultDnFactory(schemaManager,service.getDnFactory());

        // We have to load the schema now, otherwise we won't be able
        // to initialize the Partitions, as we won't be able to parse
        // and normalize their suffix Dn
        schemaManager.loadAllEnabled();

        final List<Throwable> errors = schemaManager.getErrors();

        if (errors.size() != 0) {
            throw new Exception(I18n.err(I18n.ERR_317,
                    Exceptions.printErrors(errors)));
        }

        this.service.setSchemaManager(schemaManager);

        // Init the LdifPartition with schema
       DnFactory dnFactory = new DefaultDnFactory(schemaManager, this.service.getCacheService().getCache("dnCache"));
       this.service.setDnFactory(dnFactory);
        final LdifPartition schemaLdifPartition = new LdifPartition(
                schemaManager,  service.getDnFactory());

        schemaLdifPartition.setPartitionPath(schemaPartitionDirectory.toURI());

        // The schema partition
        final SchemaPartition schemaPartition = new SchemaPartition(
                schemaManager);
        schemaPartition.setWrappedPartition(schemaLdifPartition);
        this.service.setSchemaPartition(schemaPartition);
    }

    /**
     * Initialize the server. It creates the partition, adds the index, and
     * injects the context entries for the created partitions.
     * 
     * @param workDir
     *            the directory to be used for storing the data
     * @throws Exception
     *             if there were some problems while initializing the system
     */
    private void initDirectoryService(final File workDir) throws Exception {
        // Initialize the LDAP service
        this.service = new DefaultDirectoryService();
        this.service.setInstanceLayout(new InstanceLayout(workDir));

        final CacheService cacheService = new CacheService();
        cacheService.initialize(this.service.getInstanceLayout());

        this.service.setCacheService(cacheService);

        // first load the schema
        this.initSchemaPartition();

        // then the system partition
        // this is a MANDATORY partition
        // DO NOT add this via addPartition() method, trunk code complains about
        // duplicate partition
        // while initializing
        final JdbmPartition systemPartition = new JdbmPartition(
                this.service.getSchemaManager(), service.getDnFactory());
        systemPartition.setId("system");
        systemPartition.setPartitionPath(new File(this.service
                .getInstanceLayout().getPartitionsDirectory(), systemPartition
                .getId()).toURI());
        systemPartition.setSuffixDn(new Dn(ServerDNConstants.SYSTEM_DN));
        systemPartition.setSchemaManager(this.service.getSchemaManager());

        // mandatory to call this method to set the system partition
        // Note: this system partition might be removed from trunk
        this.service.setSystemPartition(systemPartition);

        // Disable the ChangeLog system
        this.service.getChangeLog().setEnabled(false);
        this.service.setDenormalizeOpAttrsEnabled(true);
        this.service.setShutdownHookEnabled(true);

        // And start the service
        this.service.startup();

        // We are all done !
    }
    
    public EmbeddedADS()  {
      
    }

    /**
     * Creates a new instance of EmbeddedADS. It initializes the directory
     * service.
     * 
     * @throws Exception
     *             If something went wrong
     */
    public void init(final File workDir) throws Exception {
        if (!workDir.exists()) {
            workDir.mkdirs();
            this.initDirectoryService(workDir);
            this.service.shutdown();
        }

        this.initDirectoryService(workDir);
    }

    /**
     * starts the LdapServer
     * 
     * @throws Exception
     */
    public void startServer(File workDir, int serverPort) throws Exception {
        init(workDir);
        this.server = new LdapServer();
        TcpTransport transports = new TcpTransport(serverPort);
        transports.setEnableSSL(true);
        this.server.setTransports(transports);
        this.server.setDirectoryService(this.service);
        

        this.server.start();
       

        LOGGER.debug("The server is running.");
    }
    
    public void shutdownServer() throws Exception {
        
      
        if(this.server != null){
            try {
                this.server.stop();
                LOGGER.debug("LDAP Server stop done");
            } catch (Exception e) {
              LOGGER.error("exception in stop server",e);
            }
        }
       
       
        if(this.service != null){
            try {
                this.service.shutdown();
                LOGGER.debug("Dir Service shutdwon done");
            } catch (Exception e) {
                LOGGER.error("exception in shutdown dir service",e);
            }
        }
        
       
    }
}




The information in this electronic mail ("e-mail") message may contain information that is
confidential and/or privileged, or may otherwise be protected by work product or other legal
rules. It is solely for the use of the individual(s) or the entity (ies) originally intended.
Access to this electronic mail message by anyone else is unauthorized. If you are not the
intended recipient, be advised that any unauthorized review, disclosure, copying, distribution
or use of this information, or any action taken or omitted to be taken in reliance on it,
is prohibited and may be unlawful. Please notify the sender immediately if you have received
this electronic message by mistake, and destroy all copies of the original message.

The sender believes that this e-mail and any attachments were free of any virus, worm, Trojan
horse, malicious code and/or other contaminants when sent. E-mail transmissions cannot be
guaranteed to be secure or error-free, so this message and its attachments could have been
infected, corrupted or made incomplete during transmission. By reading the message and opening
any attachments, the recipient accepts full responsibility for any viruses or other defects
that may arise, and for taking remedial action relating to such viruses and other defects.
Neither Wyndham Worldwide Corporation nor any of its affiliated entities is liable for any
loss or damage arising in any way from, or for errors or omissions in the contents of, this
message or its attachments.
Mime
View raw message