/** * Returns a connection config initialized with the supplied config. * * @param config connection config to read properties from * * @return connection config */ public static ConnectionConfig newConnectionConfig(final ConnectionConfig config) { final ConnectionConfig cc = new ConnectionConfig(); cc.setLdapUrl(config.getLdapUrl()); cc.setConnectTimeout(config.getConnectTimeout()); cc.setResponseTimeout(config.getResponseTimeout()); cc.setSslConfig(config.getSslConfig()); cc.setUseSSL(config.getUseSSL()); cc.setUseStartTLS(config.getUseStartTLS()); cc.setConnectionInitializer(config.getConnectionInitializer()); cc.setConnectionStrategy(config.getConnectionStrategy()); return cc; }
/** * Prepare a new LDAP connection. * * @param ldapURL the ldap uRL * @return connection factory */ protected ConnectionFactory prepareConnectionFactory(final String ldapURL) { final ConnectionConfig cc = ConnectionConfig.newConnectionConfig(this.connectionConfig); cc.setLdapUrl(ldapURL); return new DefaultConnectionFactory(cc); }
@Override public ProviderConnectionFactory<ApacheLdapProviderConfig> getConnectionFactory(final ConnectionConfig cc) { LdapConnectionConfig lcc = config.getLdapConnectionConfig(); if (lcc == null) { lcc = getDefaultLdapConnectionConfig(cc); } return new ApacheLdapConnectionFactory( cc.getLdapUrl(), cc.getConnectionStrategy(), config, lcc, cc.getUseStartTLS(), cc.getResponseTimeout()); }
@Bean public ConnectionConfig connectionConfig() { ConnectionConfig connectionConfig = new ConnectionConfig(); connectionConfig.setConnectTimeout(Duration.ofMillis(configuration.getConnectTimeout())); connectionConfig.setResponseTimeout(Duration.ofMillis(configuration.getResponseTimeout())); connectionConfig.setLdapUrl(configuration.getContextSourceUrl()); BindConnectionInitializer connectionInitializer = new BindConnectionInitializer(configuration.getContextSourceUsername(), new Credential(configuration.getContextSourcePassword())); connectionConfig.setConnectionInitializer(connectionInitializer); return connectionConfig; }
final ConnectionConfig cc = new ConnectionConfig(); final String urls = Arrays.stream(l.getLdapUrl().split(",")).collect(Collectors.joining(" ")); LOGGER.debug("Transformed LDAP urls from [{}] to [{}]", l.getLdapUrl(), urls); cc.setLdapUrl(urls); cc.setUseSSL(l.isUseSsl()); cc.setUseStartTLS(l.isUseStartTls()); cc.setConnectTimeout(newDuration(l.getConnectTimeout())); cc.setSslConfig(new SslConfig(cfg)); } else if (l.getKeystore() != null) { final KeyStoreCredentialConfig cfg = new KeyStoreCredentialConfig(); cfg.setKeyStorePassword(l.getKeystorePassword()); cfg.setKeyStoreType(l.getKeystoreType()); cc.setSslConfig(new SslConfig(cfg)); } else { cc.setSslConfig(new SslConfig()); sc.setSecurityStrength(l.getSaslSecurityStrength()); bc.setBindSaslConfig(sc); cc.setConnectionInitializer(bc); } else if (StringUtils.equals(l.getBindCredential(), "*") && StringUtils.equals(l.getBindDn(), "*")) { cc.setConnectionInitializer(new FastBindOperation.FastBindConnectionInitializer()); } else if (StringUtils.isNotBlank(l.getBindDn()) && StringUtils.isNotBlank(l.getBindCredential())) { cc.setConnectionInitializer(new BindConnectionInitializer(l.getBindDn(), new Credential(l.getBindCredential())));
final ConnectionConfig connectionConfig = new ConnectionConfig(url); connectionConfig.setUseStartTLS(ldap.isUseTls()); connectionConfig.setConnectTimeout(connectTimeout); connectionConfig.setResponseTimeout(responseTimeout); this.username = ldap.getUsername(); this.clearBindCredentials = ldap.getPassword(); connectionConfig.setConnectionInitializer(new BindConnectionInitializer(username, new Credential(clearBindCredentials)));
SslConfig sc = object.getSslConfig(); if (sc == null) { sc = new SslConfig(); scSource.initialize(); if (!sc.isEmpty()) { object.setSslConfig(sc); final ConnectionInitializer ci = object.getConnectionInitializer(); bciSource.initialize(); if (!bci.isEmpty()) { object.setConnectionInitializer(bci);
env.put(CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(VERSION, "3"); if (cc.getUseSSL()) { env.put(PROTOCOL, "ssl"); if (factory != null && (cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://"))) { env.put(JndiProvider.SOCKET_FACTORY, factory); if (cc.getConnectTimeout() != null) { env.put(CONNECT_TIMEOUT, Long.toString(cc.getConnectTimeout().toMillis())); if (cc.getResponseTimeout() != null) { env.put(READ_TIMEOUT, Long.toString(cc.getResponseTimeout().toMillis()));
if (cc.getUseStartTLS() || cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://")) { final SSLContextInitializer contextInit = getHostnameVerifierSSLContextInitializer(cc); final TrustManager[] trustManagers; lcc.setUseSsl(cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://")); lcc.setTrustManagers(trustManagers); lcc.setKeyManagers(keyManagers); if (cc.getSslConfig() != null && cc.getSslConfig().getEnabledCipherSuites() != null) { lcc.setEnabledCipherSuites(cc.getSslConfig().getEnabledCipherSuites()); if (cc.getSslConfig() != null && cc.getSslConfig().getEnabledProtocols() != null) { lcc.setSslProtocol(cc.getSslConfig().getEnabledProtocols()[0]);
/** * Creates a new default connection factory. * * @param ldapUrl to connect to */ public DefaultConnectionFactory(final String ldapUrl) { setConnectionConfig(new ConnectionConfig(ldapUrl)); }
if (factory == null && (cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://"))) { final LdapURL ldapUrl = new LdapURL(cc.getLdapUrl()); factory = ThreadLocalTLSSocketFactory.getHostnameVerifierFactory(cc.getSslConfig(), ldapUrl.getHostnames()); threadLocal = true; return new JndiConnectionFactory( cc.getLdapUrl(), cc.getConnectionStrategy(), config, env != null ? env : getDefaultEnvironment(cc, factory != null ? factory.getClass().getName() : null),
/** * Creates a new connection. Connections returned from this method must be opened before they can be used. * * @param ldapUrl to connect to * * @return connection */ public static Connection getConnection(final String ldapUrl) { final Provider<?> p = DEFAULT_PROVIDER.newInstance(); final ConnectionConfig cc = new ConnectionConfig(ldapUrl); cc.makeImmutable(); return new DefaultConnection(cc, p.getConnectionFactory(cc)); }
/** * Returns a jndi connection factory using the properties found in the supplied connection config. If the supplied env * is null, the environment is retrieved from {@link #getDefaultEnvironment(ConnectionConfig, String)}. * * @param cc connection config * @param env context environment or null to use the default * * @return jndi connection factory */ protected JndiConnectionFactory getJndiConnectionFactory(final ConnectionConfig cc, final Map<String, Object> env) { SSLSocketFactory factory = config.getSslSocketFactory(); if (factory == null && (cc.getUseSSL() || cc.getLdapUrl().toLowerCase().contains("ldaps://"))) { // LDAPS hostname verification does not occur by default // set a default hostname verifier final LdapURL ldapUrl = new LdapURL(cc.getLdapUrl()); factory = ThreadLocalTLSSocketFactory.getHostnameVerifierFactory(cc.getSslConfig(), ldapUrl.getHostnames()); } return new JndiConnectionFactory( cc.getLdapUrl(), config, env != null ? env : getDefaultEnvironment(cc, factory != null ? factory.getClass().getName() : null)); }
if (factory == null && cc.getSslConfig() != null && !cc.getSslConfig().isEmpty()) { final TLSSocketFactory sf = new TLSSocketFactory(); sf.setSslConfig(SslConfig.newSslConfig(cc.getSslConfig())); try { sf.initialize(); if (verifier == null && cc.getSslConfig() != null && !cc.getSslConfig().isEmpty()) { if (cc.getSslConfig().getHostnameVerifier() != null) { verifier = new HostnameVerifierAdapter(cc.getSslConfig().getHostnameVerifier()); cc.getLdapUrl(), cc.getConnectionStrategy(), config, env != null ? env : getDefaultEnvironment(cc, null),
if (factory == null && cc.getSslConfig() != null && !cc.getSslConfig().isEmpty()) { final TLSSocketFactory sf = new TLSSocketFactory(); sf.setSslConfig(cc.getSslConfig()); try { sf.initialize(); cc.getLdapUrl(), config, env != null ? env : getDefaultEnvironment(cc, null),
/** * Creates a new connection config. * * @param url to connect to */ public ConnectionConfig(final String url) { setLdapUrl(url); }
private void configureSSL(final Ldap ldap, final ConnectionConfig userConnectionConfig) { if (ldap.getX509() != null) { final X509CredentialConfig x509CredentialConfig = new X509CredentialConfig(); x509CredentialConfig.setTrustCertificates(ldap.getX509()); // file:/path/to/trust.pem final SslConfig config = new SslConfig(x509CredentialConfig); userConnectionConfig.setSslConfig(config); userConnectionConfig.setUseSSL(ldap.isSsl()); } else { userConnectionConfig.setUseSSL(ldap.isSsl()); } }
@Override public ProviderConnectionFactory<JndiProviderConfig> getConnectionFactory(final ConnectionConfig cc) { final ProviderConnectionFactory<JndiProviderConfig> cf; if (cc.getUseStartTLS()) { cf = getJndiStartTLSConnectionFactory(cc, config.getEnvironment()); } else { cf = getJndiConnectionFactory(cc, config.getEnvironment()); } return cf; }
try { handler.info("ldap", "Obtaining a LDAP Connection for '" + this.pool.getConnectionFactory().getConnectionConfig().getLdapUrl() + "'"); connection = this.pooledConnectionFactory.getConnection();
dnResolver.setFormat(LdapServer.CN + "=%s," + LdapServer.BASE_PEOPLE_DN); final ConnectionConfig connectionConfig = new ConnectionConfig(); connectionConfig.setConnectTimeout(Duration.ofMillis(500)); connectionConfig.setResponseTimeout(Duration.ofSeconds(1)); connectionConfig.setLdapUrl("ldap://localhost:" + LdapServer.PORT);