You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@directory.apache.org by el...@apache.org on 2017/01/04 19:09:46 UTC

svn commit: r1777365 - /directory/site/trunk/content/api/user-guide/5.1-ssl.mdtext

Author: elecharny
Date: Wed Jan  4 19:09:46 2017
New Revision: 1777365

URL: http://svn.apache.org/viewvc?rev=1777365&view=rev
Log:
Added a primer on LDAPS

Modified:
    directory/site/trunk/content/api/user-guide/5.1-ssl.mdtext

Modified: directory/site/trunk/content/api/user-guide/5.1-ssl.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/api/user-guide/5.1-ssl.mdtext?rev=1777365&r1=1777364&r2=1777365&view=diff
==============================================================================
--- directory/site/trunk/content/api/user-guide/5.1-ssl.mdtext (original)
+++ directory/site/trunk/content/api/user-guide/5.1-ssl.mdtext Wed Jan  4 19:09:46 2017
@@ -42,6 +42,30 @@ There are many version that can be used,
 |---|---|---|---|---|
 | 2.0 | N/A | N/A | N/A | N/A |
 | 3.0 | Disabled | Disabled | N/A | N/A |
-| 3.1 (aka TLSv1) | Enabled | Enabled | Enabled | Enabled |
-| 3.2 (aka TLSv1.1 | Disabled | Enabled | Enabled | Enabled |
-| 3.3 (aka TLSv1.2) | Disabled | Enabled | Enabled | Enabled |
+| 3.1 (aka TLSv1) | **Enabled** | **Enabled** | **Enabled** | **Enabled** |
+| 3.2 (aka TLSv1.1 | Disabled | **Enabled** | **Enabled** | **Enabled** |
+| 3.3 (aka TLSv1.2) | Disabled | **Enabled** | **Enabled** | **Enabled** |
+
+(_Disabled_ mean it's not active by default, and must be activated explicitely).
+
+The default is for Java to pick the one that fits, assuming that it will always start with the newest version (**TLSv1.2**).
+
+Still, you can enforce the version if needed.
+
+## A quick primer
+
+Here is all what you need to get a **LDAPS** connection established with a server :
+
+        try ( LdapConnection connection = new LdapNetworkConnection( "server-name", 636, true ) )
+        {
+            connection.bind( "uid=admin,ou=system", "secret" );
+
+            assertTrue( connection.isAuthenticated() );
+        }
+
+This is as simple as that ! The **636* port is the default **LDAPS** port for standard **LDAP** servers, when running as **root**, and for **ApacheDS** you will have to pick **10636**. The **true** flag is set to secure the connection. You don't need to close the connection, it will be done automatically when exiting the try{...} block.
+
+By default, the selected protocol is **TLS**, and we wont verify the server's certificate.
+
+
+