protected LdapNetworkConnection openLdapConnection(LdapSettings ldapSettings) throws LdapException { final LdapConnectionConfig config = new LdapConnectionConfig(); config.setLdapHost(ldapSettings.getUri().getHost()); config.setLdapPort(ldapSettings.getUri().getPort()); config.setUseSsl(ldapSettings.getUri().getScheme().startsWith("ldaps")); config.setUseTls(ldapSettings.isUseStartTls()); if (ldapSettings.isTrustAllCertificates()) { config.setTrustManagers(new TrustAllX509TrustManager()); } config.setName(ldapSettings.getSystemUserName()); config.setCredentials(ldapSettings.getSystemPassword()); return ldapConnector.connect(config); }
private static LdapConnectionPool createConnectionPool(LDAPConfiguration configuration) throws IOException { final LdapConnectionConfig config = new LdapConnectionConfig(); config.setLdapHost(configuration.getHostname()); config.setLdapPort(configuration.getPort()); config.setName(configuration.getBindDn()); config.setCredentials(configuration.getBindPassword()); final DefaultPoolableLdapConnectionFactory factory = new DefaultPoolableLdapConnectionFactory(config); final LdapConnectionPool pool = new LdapConnectionPool(factory); pool.setTestOnBorrow(configuration.isPoolTestOnBorrow()); pool.setTestOnReturn(configuration.isPoolTestOnReturn()); pool.setTestWhileIdle(configuration.isPoolTestWhileIdle()); pool.setMaxActive(configuration.getPoolMaxActive()); pool.setMaxIdle(configuration.getPoolMaxIdle()); pool.setMinIdle(configuration.getPoolMinIdle()); pool.setMaxWait(configuration.getPoolMaxWait()); switch (configuration.getPoolWhenExhaustedAction()) { case BLOCK: pool.setWhenExhaustedAction(LdapConnectionPool.WHEN_EXHAUSTED_BLOCK); break; case FAIL: pool.setWhenExhaustedAction(LdapConnectionPool.WHEN_EXHAUSTED_FAIL); break; case GROW: pool.setWhenExhaustedAction(LdapConnectionPool.WHEN_EXHAUSTED_GROW); break; default: pool.setWhenExhaustedAction(LdapConnectionPool.DEFAULT_WHEN_EXHAUSTED_ACTION); } return pool; }
private static LdapConnectionConfig buildConfig( String server, int port, boolean useSsl ) LdapConnectionConfig config = new LdapConnectionConfig(); config.setUseSsl( useSsl ); config.setLdapPort( port ); config.setLdapPort( config.getDefaultLdapsPort() ); config.setLdapPort( config.getDefaultLdapPort() ); config.setLdapHost( Network.LOOPBACK_HOSTNAME ); config.setLdapHost( server ); config.setBinaryAttributeDetector( new DefaultConfigurableBinaryAttributeDetector() );
/** * Create a new instance of a LdapConnection on localhost, * port 389. */ public LdapConnection() { config.setUseSsl( false ); config.setLdapPort( config.getDefaultLdapPort() ); config.setLdapHost( config.getDefaultLdapHost() ); messageId = new AtomicInteger( 0 ); }
/** * Creates a new connection config based on the config. * @return the connection config. */ @NotNull private LdapConnectionConfig createConnectionConfig() { LdapConnectionConfig cc = new LdapConnectionConfig(); cc.setLdapHost(config.getHostname()); cc.setLdapPort(config.getPort()); cc.setUseSsl(config.useSSL()); cc.setUseTls(config.useTLS()); // todo: implement better trustmanager/keystore management (via sling/felix) if (config.noCertCheck()) { cc.setTrustManagers(new NoVerificationTrustManager()); } if (enabledSSLProtocols != null) { cc.setEnabledProtocols(enabledSSLProtocols); } return cc; }
final boolean useSSL = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_AUTHENTICATION_LDAP_LDAPS_SSL_ENABLED, false); final boolean useStartSSL = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_AUTHENTICATION_LDAP_LDAPS_STARTTLS_ENABLED, false); final LdapConnectionConfig config = new LdapConnectionConfig(); tmf.init(ts); config.setSslProtocol("TLS"); config.setEnabledCipherSuites(SecurityUtil.ENABLED_SSL_CIPHERS); config.setTrustManagers(tmf.getTrustManagers()); config.setUseSsl(useSSL); config.setUseTls(useStartSSL); config.setTimeout(5000L); //5 sec config.setLdapHost(split[0]); config.setLdapPort(Integer.parseInt(split[1])); } else { config.setLdapPort(useSSL ? 636 : 389);
isConnected = true; ldapConnectionConfig = new LdapConnectionConfig(); ldapConnectionConfig.setLdapHost( connection.getHost() ); ldapConnectionConfig.setLdapPort( connection.getPort() ); binaryAttributeDetector = new DefaultConfigurableBinaryAttributeDetector(); ldapConnectionConfig.setBinaryAttributeDetector( binaryAttributeDetector ); if ( ( connection.getEncryptionMethod() == EncryptionMethod.LDAPS ) || ( connection.getEncryptionMethod() == EncryptionMethod.START_TLS ) ) ldapConnectionConfig.setUseSsl( connection.getEncryptionMethod() == EncryptionMethod.LDAPS ); ldapConnectionConfig.setUseTls( connection.getEncryptionMethod() == EncryptionMethod.START_TLS ); ldapConnectionConfig.setTrustManagers( trustManagers );
connectionConfig = new LdapConnectionConfig(); connectionConfig.setLdapHost( delegateHost ); connectionConfig.setLdapPort( delegatePort ); connectionConfig.setTrustManagers( new NoVerificationTrustManager() ); connectionConfig = new LdapConnectionConfig(); connectionConfig.setLdapHost( delegateHost ); connectionConfig.setUseSsl( true ); connectionConfig.setLdapPort( delegatePort ); connectionConfig.setTrustManagers( new NoVerificationTrustManager() ); connectionConfig = new LdapConnectionConfig(); connectionConfig.setLdapHost( delegateHost ); connectionConfig.setLdapPort( delegatePort );
/** * Create a new instance of a LdapConnection on a given * server, and a give port. We set the SSL flag accordingly * to the last parameter. * * @param server The server we want to be connected to * @param port The port the server is listening to * @param useSsl A flag to tell if it's a SSL connection or not. */ public LdapConnection( String server, int port, boolean useSsl ) { config.setUseSsl( useSsl ); config.setLdapPort( port ); config.setLdapHost( server ); messageId = new AtomicInteger(); }
final LdapConnectionConfig lcc = new LdapConnectionConfig(); if (cc.getUseStartTLS() || cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://")) { final SSLContextInitializer contextInit = getHostnameVerifierSSLContextInitializer(cc); lcc.setUseSsl(cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://")); lcc.setTrustManagers(trustManagers); lcc.setKeyManagers(keyManagers); if (cc.getSslConfig() != null && cc.getSslConfig().getEnabledCipherSuites() != null) { lcc.setEnabledCipherSuites(cc.getSslConfig().getEnabledCipherSuites()); lcc.setSslProtocol(cc.getSslConfig().getEnabledProtocols()[0]);
lcc.setUseSsl(isLdaps); lcc.setUseTls(ldapConn.isTlsActivated()); lcc.setTrustManagers(tmf.getTrustManagers()); lcc.setBinaryAttributeDetector(bad);
ldapConnectionConfig.setLdapHost(ldapUrl.getLastEntry().getHostname()); ldapConnectionConfig.setLdapPort(ldapUrl.getLastEntry().getPort());
/** * Create a new instance of a LdapConnection on a given * server, and a give port. This SSL connection will use the provided * TrustManagers * * @param server The server we want to be connected to. If null or empty, * we will default to LocalHost. * @param port The port the server is listening to * @param trustManagers The TrustManager to use */ public LdapNetworkConnection( String server, int port, TrustManager... trustManagers ) { this( buildConfig( server, port, true ) ); config.setTrustManagers( trustManagers ); }
/** * Creates a new LdapNetworkConnection instance * * @param config The configuration to use * @param ldapApiService The LDAP API Service to use */ public LdapNetworkConnection( LdapConnectionConfig config, LdapApiService ldapApiService ) { super( ldapApiService ); this.config = config; if ( config.getBinaryAttributeDetector() == null ) { config.setBinaryAttributeDetector( new DefaultConfigurableBinaryAttributeDetector() ); } this.timeout = config.getTimeout(); }
connection.getConfig().setTrustManagers( config.getTrustManager() ); connection.getConfig().setUseTls( true );
String bindDN = config.getBindDN(); if (bindDN != null && !bindDN.isEmpty()) { cc.setName(bindDN); cc.setCredentials(config.getBindPassword());
/** * {@inheritDoc} */ @Override public void setBinaryAttributeDetector( BinaryAttributeDetector binaryAttributeDetector ) { if ( config != null ) { config.setBinaryAttributeDetector( binaryAttributeDetector ); } }
public LdapConnectionConfig getLdapConnectionConfig() { if (ldapConfiguration == null) { ldapConfiguration = new LdapConnectionConfig(); ldapConfiguration.setLdapHost(ldapConnectionConfig.get("ldapHost")); ldapConfiguration.setLdapPort(Integer.parseInt(ldapConnectionConfig.get("ldapPort"))); ldapConfiguration.setName(ldapConnectionConfig.get("name")); ldapConfiguration.setCredentials(ldapConnectionConfig.get("credentials")); } return ldapConfiguration; }
private static LdapConnectionConfig buildConfig( String server, int port, boolean useSsl ) LdapConnectionConfig config = new LdapConnectionConfig(); config.setUseSsl( useSsl ); config.setLdapPort( port ); config.setLdapPort( config.getDefaultLdapsPort() ); config.setLdapPort( config.getDefaultLdapPort() ); config.setLdapHost( Network.LOOPBACK_HOSTNAME ); config.setLdapHost( server ); config.setBinaryAttributeDetector( new DefaultConfigurableBinaryAttributeDetector() );
/** * Create a new instance of a LdapConnection on localhost, * port 389 if the SSL flag is off, or 636 otherwise. * * @param useSsl A flag to tell if it's a SSL connection or not. */ public LdapConnection( boolean useSsl ) { config.setUseSsl( useSsl ); config.setLdapPort( useSsl ? config.getDefaultLdapsPort() : config.getDefaultLdapPort() ); config.setLdapHost( config.getDefaultLdapHost() ); messageId = new AtomicInteger( 0 ); }