You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by pa...@apache.org on 2010/10/22 09:27:24 UTC
svn commit: r1026229 - in
/directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io:
api/DirectoryApiConnectionWrapper.java jndi/StudioTrustManager.java
Author: pamarcelot
Date: Fri Oct 22 07:27:24 2010
New Revision: 1026229
URL: http://svn.apache.org/viewvc?rev=1026229&view=rev
Log:
Used StudioTrustManager to allow connection on LDAPS servers.
Modified:
directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/api/DirectoryApiConnectionWrapper.java
directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/StudioTrustManager.java
Modified: directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/api/DirectoryApiConnectionWrapper.java
URL: http://svn.apache.org/viewvc/directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/api/DirectoryApiConnectionWrapper.java?rev=1026229&r1=1026228&r2=1026229&view=diff
==============================================================================
--- directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/api/DirectoryApiConnectionWrapper.java (original)
+++ directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/api/DirectoryApiConnectionWrapper.java Fri Oct 22 07:27:24 2010
@@ -20,6 +20,9 @@
package org.apache.directory.studio.connection.core.io.api;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@@ -33,6 +36,9 @@ import javax.naming.directory.DirContext
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.ldap.Control;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
@@ -41,12 +47,10 @@ import org.apache.directory.shared.ldap.
import org.apache.directory.shared.ldap.entry.DefaultModification;
import org.apache.directory.shared.ldap.entry.Modification;
import org.apache.directory.shared.ldap.entry.ModificationOperation;
-import org.apache.directory.shared.ldap.exception.LdapException;
import org.apache.directory.shared.ldap.filter.SearchScope;
import org.apache.directory.shared.ldap.message.AddRequest;
import org.apache.directory.shared.ldap.message.AddRequestImpl;
import org.apache.directory.shared.ldap.message.AliasDerefMode;
-import org.apache.directory.shared.ldap.message.BindResponse;
import org.apache.directory.shared.ldap.message.DeleteRequest;
import org.apache.directory.shared.ldap.message.DeleteRequestImpl;
import org.apache.directory.shared.ldap.message.ModifyDnRequest;
@@ -60,17 +64,18 @@ import org.apache.directory.shared.ldap.
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.apache.directory.studio.common.core.jobs.StudioProgressMonitor;
import org.apache.directory.studio.connection.core.Connection;
-import org.apache.directory.studio.connection.core.ConnectionCorePlugin;
-import org.apache.directory.studio.connection.core.IAuthHandler;
-import org.apache.directory.studio.connection.core.ICredentials;
import org.apache.directory.studio.connection.core.Connection.AliasDereferencingMethod;
import org.apache.directory.studio.connection.core.Connection.ReferralHandlingMethod;
+import org.apache.directory.studio.connection.core.ConnectionCorePlugin;
import org.apache.directory.studio.connection.core.ConnectionParameter.EncryptionMethod;
+import org.apache.directory.studio.connection.core.IAuthHandler;
+import org.apache.directory.studio.connection.core.ICredentials;
import org.apache.directory.studio.connection.core.Messages;
import org.apache.directory.studio.connection.core.io.ConnectionWrapper;
import org.apache.directory.studio.connection.core.io.StudioNamingEnumeration;
import org.apache.directory.studio.connection.core.io.jndi.CancelException;
import org.apache.directory.studio.connection.core.io.jndi.ReferralsInfo;
+import org.apache.directory.studio.connection.core.io.jndi.StudioTrustManager;
import org.eclipse.osgi.util.NLS;
@@ -119,6 +124,7 @@ public class DirectoryApiConnectionWrapp
*
* @return
* the associated LDAP Connection
+ * @throws Exception
*/
private LdapNetworkConnection getLdapConnection()
{
@@ -132,7 +138,34 @@ public class DirectoryApiConnectionWrapp
config.setLdapPort( connection.getPort() );
config.setName( connection.getBindPrincipal() );
config.setCredentials( connection.getBindPassword() );
- config.setUseSsl( connection.getEncryptionMethod() == EncryptionMethod.LDAPS );
+ if ( connection.getEncryptionMethod() == EncryptionMethod.LDAPS )
+ {
+ config.setUseSsl( true );
+
+ try
+ {
+
+ // get default trust managers (using JVM "cacerts" key store)
+ TrustManagerFactory factory = TrustManagerFactory.getInstance( TrustManagerFactory
+ .getDefaultAlgorithm() );
+ factory.init( ( KeyStore ) null );
+ TrustManager[] defaultTrustManagers = factory.getTrustManagers();
+
+ // create wrappers around the trust managers
+ StudioTrustManager[] trustManagers = new StudioTrustManager[defaultTrustManagers.length];
+ for ( int i = 0; i < defaultTrustManagers.length; i++ )
+ {
+ trustManagers[i] = new StudioTrustManager( ( X509TrustManager ) defaultTrustManagers[i] );
+ trustManagers[i].setHost( connection.getHost() );
+ }
+
+ config.setTrustManagers( trustManagers );
+ }
+ catch ( Exception e )
+ {
+ // TODO: handle exception
+ }
+ }
ldapConnection = new LdapNetworkConnection( config );
@@ -292,15 +325,7 @@ public class DirectoryApiConnectionWrapp
*/
public void unbind()
{
- try
- {
- getLdapConnection().unBind();
- }
- catch ( LdapException e )
- {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
+ disconnect();
}
Modified: directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/StudioTrustManager.java
URL: http://svn.apache.org/viewvc/directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/StudioTrustManager.java?rev=1026229&r1=1026228&r2=1026229&view=diff
==============================================================================
--- directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/StudioTrustManager.java (original)
+++ directory/studio/branches/studio-connection-refactoring/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/StudioTrustManager.java Fri Oct 22 07:27:24 2010
@@ -49,7 +49,7 @@ import org.apache.http.conn.ssl.BrowserC
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
*/
-class StudioTrustManager implements X509TrustManager
+public class StudioTrustManager implements X509TrustManager
{
private X509TrustManager jvmTrustManager;
private String host;
@@ -62,7 +62,7 @@ class StudioTrustManager implements X509
*
* @throws Exception the exception
*/
- StudioTrustManager( X509TrustManager jvmTrustManager ) throws Exception
+ public StudioTrustManager( X509TrustManager jvmTrustManager ) throws Exception
{
this.jvmTrustManager = jvmTrustManager;
}
@@ -73,7 +73,7 @@ class StudioTrustManager implements X509
*
* @param host the new host
*/
- void setHost( String host )
+ public void setHost( String host )
{
this.host = host;
}