You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by tr...@apache.org on 2006/01/13 05:39:37 UTC
svn commit: r368585 - in /directory/sandbox/trustin/ldaps:
apacheds-server-ssl/ apacheds-server-ssl/src/ apacheds-server-ssl/src/main/
apacheds-server-ssl/src/main/java/ apacheds-server-ssl/src/main/java/org/
apacheds-server-ssl/src/main/java/org/apach...
Author: trustin
Date: Thu Jan 12 20:39:18 2006
New Revision: 368585
URL: http://svn.apache.org/viewcvs?rev=368585&view=rev
Log:
Moved LDAPS support to the new subproject, apacheds-server-ssl
Added:
directory/sandbox/trustin/ldaps/apacheds-server-ssl/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/
directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert (with props)
Removed:
directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java
directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ssl/
Modified:
directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml Thu Jan 12 20:39:18 2006
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<project>
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-build</artifactId>
+ <version>0.9.4-SNAPSHOT</version>
+ </parent>
+ <artifactId>org.apache.ldap.server.ssl</artifactId>
+ <name>apacheds-server-ssl</name>
+ <packaging>jar</packaging>
+ <dependencies>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>nlog4j</artifactId>
+ <version>1.2.17</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>org.apache.ldap.server</artifactId>
+ <version>0.9.4-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>org.apache.ldap.server.unit</artifactId>
+ <version>0.9.4-SNAPSHOT</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.mina</groupId>
+ <artifactId>org.apache.mina.filter.ssl</artifactId>
+ <version>0.9.1-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.4</source>
+ <target>1.4</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
+
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java Thu Jan 12 20:39:18 2006
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+
+import javax.naming.NamingException;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+
+import org.apache.ldap.server.configuration.ServerStartupConfiguration;
+import org.apache.ldap.server.jndi.ssl.support.ServerX509TrustManager;
+import org.apache.mina.common.DefaultIoFilterChainBuilder;
+import org.apache.mina.common.IoFilterChainBuilder;
+import org.apache.mina.filter.SSLFilter;
+
+/**
+ * Loads the certificate file for LDAPS support and creates the appropriate
+ * MINA filter chain.
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev: 368358 $, $Date: 2006-01-12 12:50:40Z $
+ *
+ */
+public class LdapsInitializer
+{
+ public static IoFilterChainBuilder init( ServerStartupConfiguration cfg ) throws NamingException
+ {
+ // Load the certificate
+ char[] certPasswdChars = cfg.getLdapsCertificatePassword().toCharArray();
+ String storePath = cfg.getLdapsCertificateFile().getPath();
+
+ KeyStore ks = null;
+ try
+ {
+ ks = loadKeyStore( storePath, "PKCS12" );
+ }
+ catch( Exception e )
+ {
+ try
+ {
+ ks = loadKeyStore( storePath, "JKS" );
+ }
+ catch( Exception e2 )
+ {
+ throw ( NamingException ) new NamingException( "Failed to load a certificate: " + storePath ).initCause( e );
+ }
+ }
+
+ SSLContext sslCtx;
+ try
+ {
+ // Set up key manager factory to use our key store
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
+ kmf.init( ks, certPasswdChars );
+
+ // Initialize the SSLContext to work with our key managers.
+ sslCtx = SSLContext.getInstance( "TLS" );
+ sslCtx.init( kmf.getKeyManagers(),
+ new TrustManager[] { new ServerX509TrustManager() }, new SecureRandom() );
+ }
+ catch( Exception e )
+ {
+ throw ( NamingException ) new NamingException( "Failed to create a SSL context." ).initCause( e );
+ }
+
+ DefaultIoFilterChainBuilder chain = new DefaultIoFilterChainBuilder();
+ chain.addLast( "SSL", new SSLFilter( sslCtx ) );
+ return chain;
+ }
+
+ private static KeyStore loadKeyStore( String storePath, String storeType ) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException
+ {
+ FileInputStream in = null;
+ // Create keystore
+ KeyStore ks = KeyStore.getInstance( storeType );
+ try
+ {
+ in = new FileInputStream( storePath );
+ ks.load( in, null );
+ return ks;
+ }
+ finally
+ {
+ if( in != null )
+ {
+ try
+ {
+ in.close();
+ }
+ catch( IOException ignored )
+ {
+ }
+ }
+ }
+ }
+}
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java Thu Jan 12 20:39:18 2006
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * An {@link X509TrustManager} for LDAP server.
+ *
+ * @author Trustin Lee
+ * @version $Rev: 368356 $, $Date: 2006-01-12 12:35:14Z $
+ */
+public class ServerX509TrustManager implements X509TrustManager
+{
+ public ServerX509TrustManager()
+ {
+ }
+
+ public void checkClientTrusted( X509Certificate[] arg0, String arg1 ) throws CertificateException
+ {
+ // We don't check clients at all right now.
+ // XXX: Do we need a client-side certificates?
+ }
+
+ public void checkServerTrusted( X509Certificate[] arg0, String arg1 ) throws CertificateException
+ {
+ // It is server-side trust manager, so we don't need to check the server itself.
+ }
+
+ public X509Certificate[] getAcceptedIssuers()
+ {
+ return null;
+ }
+}
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java Thu Jan 12 20:39:18 2006
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl;
+
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.util.Hashtable;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.ldap.server.AbstractServerTest;
+import org.apache.ldap.server.jndi.ssl.support.SSLSocketFactory;
+import org.apache.mina.util.AvailablePortFinder;
+
+
+/**
+ * Test case to verify DIREVE-216. Starts up the server binds via SUN JNDI provider
+ * to perform add modify operations on entries.
+ *
+ * @author szoerner
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 365899 $
+ */
+public class LdapsTest extends AbstractServerTest
+{
+ private static final String RDN = "cn=The Person";
+
+ private DirContext ctx = null;
+
+
+ /**
+ * Create an entry for a person.
+ */
+ public void setUp() throws Exception
+ {
+ doDelete( configuration.getWorkingDirectory() );
+
+ int ldapsPort = AvailablePortFinder.getNextAvailable( 8192 );
+ configuration.setEnableLdaps( true );
+ configuration.setLdapsCertificatePassword( "boguspw" );
+ configuration.setLdapsPort( ldapsPort );
+
+ // Copy the bogus certificate to the certificates directory.
+ InputStream in = getClass().getResourceAsStream( "/bogus.cert" );
+ configuration.getLdapsCertificateFile().getParentFile().mkdirs();
+
+ System.out.println( configuration.getLdapsCertificateFile().getAbsolutePath() );
+ FileOutputStream out = new FileOutputStream(
+ configuration.getLdapsCertificateFile() );
+
+ for( ;; )
+ {
+ int c = in.read();
+ if( c < 0 )
+ break;
+ {
+ }
+ out.write( c );
+ }
+
+ in.close();
+ out.close();
+
+ doDelete = false;
+ super.setUp();
+ doDelete = true;
+
+ Hashtable env = new Hashtable();
+ env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( "java.naming.provider.url", "ldap://localhost:" + ldapsPort + "/ou=system" );
+ env.put( "java.naming.ldap.factory.socket", SSLSocketFactory.class.getName() );
+ env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+ env.put( "java.naming.security.credentials", "secret" );
+ env.put( "java.naming.security.authentication", "simple" );
+ ctx = new InitialDirContext( env );
+ }
+
+
+ /**
+ * Remove the person.
+ */
+ public void tearDown() throws Exception
+ {
+ ctx.unbind(RDN);
+ ctx.close();
+ ctx = null;
+ super.tearDown();
+ }
+
+
+ /**
+ * Just a little test to check if the connection is made successfully.
+ */
+ public void testSetUpTearDown() throws NamingException
+ {
+ // Create a person
+ Attributes attributes = new BasicAttributes( true );
+ Attribute attribute = new BasicAttribute( "objectClass" );
+ attribute.add( "top" );
+ attribute.add( "person" );
+ attributes.put( attribute );
+ attributes.put( "cn", "The Person" );
+ attributes.put( "sn", "Person" );
+ attributes.put( "description", "this is a person" );
+ DirContext person = ctx.createSubcontext( RDN, attributes );
+
+ assertNotNull( person );
+ }
+}
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java Thu Jan 12 20:39:18 2006
@@ -0,0 +1,160 @@
+/*
+ * @(#) $Id: BogusSSLContextFactory.java 365899 2006-01-04 12:24:30Z trustin $
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+
+/**
+ * Factory to create a bougus SSLContext.
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev: 365899 $, $Date: 2006-01-04 21:24:30 +0900 (ì, 04 1ì 2006) $
+ */
+public class BogusSSLContextFactory
+{
+
+ /**
+ * Protocol to use.
+ */
+ private static final String PROTOCOL = "TLS";
+
+ /**
+ * Bougus Server certificate keystore file name.
+ */
+ private static final String BOGUS_KEYSTORE = "/bogus.cert";
+
+ // NOTE: The keystore was generated using keytool:
+ // keytool -genkey -alias bogus -keysize 512 -validity 3650
+ // -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
+ // O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
+ // -keypass boguspw -storepass boguspw -keystore bogus.cert
+
+ /**
+ * Bougus keystore password.
+ */
+ private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p',
+ 'w' };
+
+ private static SSLContext serverInstance = null;
+
+ private static SSLContext clientInstance = null;
+
+ /**
+ * Get SSLContext singleton.
+ *
+ * @return SSLContext
+ * @throws java.security.GeneralSecurityException
+ *
+ */
+ public static SSLContext getInstance( boolean server )
+ throws GeneralSecurityException
+ {
+ SSLContext retInstance = null;
+ if( server )
+ {
+ if( serverInstance == null )
+ {
+ synchronized( BogusSSLContextFactory.class )
+ {
+ if( serverInstance == null )
+ {
+ try
+ {
+ serverInstance = createBougusServerSSLContext();
+ }
+ catch( Exception ioe )
+ {
+ throw new GeneralSecurityException(
+ "Can't create Server SSLContext:" + ioe );
+ }
+ }
+ }
+ }
+ retInstance = serverInstance;
+ }
+ else
+ {
+ if( clientInstance == null )
+ {
+ synchronized( BogusSSLContextFactory.class )
+ {
+ if( clientInstance == null )
+ {
+ clientInstance = createBougusClientSSLContext();
+ }
+ }
+ }
+ retInstance = clientInstance;
+ }
+ return retInstance;
+ }
+
+ private static SSLContext createBougusServerSSLContext()
+ throws GeneralSecurityException, IOException
+ {
+ // Create keystore
+ KeyStore ks = KeyStore.getInstance( "JKS" );
+ InputStream in = null;
+ try
+ {
+ in = BogusSSLContextFactory.class
+ .getResourceAsStream( BOGUS_KEYSTORE );
+ ks.load( in, BOGUS_PW );
+ }
+ finally
+ {
+ if( in != null )
+ {
+ try
+ {
+ in.close();
+ }
+ catch( IOException ignored )
+ {
+ }
+ }
+ }
+
+ // Set up key manager factory to use our key store
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
+ kmf.init( ks, BOGUS_PW );
+
+ // Initialize the SSLContext to work with our key managers.
+ SSLContext sslContext = SSLContext.getInstance( PROTOCOL );
+ sslContext.init( kmf.getKeyManagers(),
+ BogusTrustManagerFactory.X509_MANAGERS, null );
+
+ return sslContext;
+ }
+
+ private static SSLContext createBougusClientSSLContext()
+ throws GeneralSecurityException
+ {
+ SSLContext context = SSLContext.getInstance( PROTOCOL );
+ context.init( null, BogusTrustManagerFactory.X509_MANAGERS, null );
+ return context;
+ }
+
+}
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java Thu Jan 12 20:39:18 2006
@@ -0,0 +1,81 @@
+/*
+ * @(#) $Id: BogusTrustManagerFactory.java 365899 2006-01-04 12:24:30Z trustin $
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactorySpi;
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * Bogus trust manager factory. Creates BogusX509TrustManager
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev: 365899 $, $Date: 2006-01-04 21:24:30 +0900 (ì, 04 1ì 2006) $
+ */
+class BogusTrustManagerFactory extends TrustManagerFactorySpi
+{
+
+ static final X509TrustManager X509 = new X509TrustManager()
+ {
+ public void checkClientTrusted( X509Certificate[] x509Certificates,
+ String s ) throws CertificateException
+ {
+ }
+
+ public void checkServerTrusted( X509Certificate[] x509Certificates,
+ String s ) throws CertificateException
+ {
+ }
+
+ public X509Certificate[] getAcceptedIssuers()
+ {
+ return new X509Certificate[ 0 ];
+ }
+ };
+
+ static final TrustManager[] X509_MANAGERS = new TrustManager[] { X509 };
+
+ public BogusTrustManagerFactory()
+ {
+ }
+
+ protected TrustManager[] engineGetTrustManagers()
+ {
+ return X509_MANAGERS;
+ }
+
+ protected void engineInit( KeyStore keystore ) throws KeyStoreException
+ {
+ // noop
+ }
+
+ protected void engineInit(
+ ManagerFactoryParameters managerFactoryParameters )
+ throws InvalidAlgorithmParameterException
+ {
+ // noop
+ }
+}
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java Thu Jan 12 20:39:18 2006
@@ -0,0 +1,142 @@
+/*
+ * @(#) $Id: SSLSocketFactory.java 365899 2006-01-04 12:24:30Z trustin $
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.GeneralSecurityException;
+
+import javax.net.SocketFactory;
+
+/**
+ * Simple Socket factory to create sockets with or without SSL enabled.
+ * If SSL enabled a "bougus" SSL Context is used (suitable for test purposes)
+ *
+ * @version $Rev: 365899 $, $Date: 2006-01-04 21:24:30 +0900 (ì, 04 1ì 2006) $
+ */
+public class SSLSocketFactory extends SocketFactory
+{
+ private static boolean sslEnabled = true;
+
+ private static javax.net.ssl.SSLSocketFactory sslFactory = null;
+
+ private static javax.net.SocketFactory factory = null;
+
+ public static SocketFactory getDefault()
+ {
+ return new SSLSocketFactory();
+ }
+
+ public SSLSocketFactory()
+ {
+ super();
+ }
+
+ public Socket createSocket( String arg1, int arg2 ) throws IOException,
+ UnknownHostException
+ {
+ if( isSslEnabled() )
+ {
+ return getSSLFactory().createSocket( arg1, arg2 );
+ }
+ else
+ {
+ return new Socket( arg1, arg2 );
+ }
+ }
+
+ public Socket createSocket( String arg1, int arg2, InetAddress arg3,
+ int arg4 ) throws IOException,
+ UnknownHostException
+ {
+ if( isSslEnabled() )
+ {
+ return getSSLFactory().createSocket( arg1, arg2, arg3, arg4 );
+ }
+ else
+ {
+ return new Socket( arg1, arg2, arg3, arg4 );
+ }
+ }
+
+ public Socket createSocket( InetAddress arg1, int arg2 )
+ throws IOException
+ {
+ if( isSslEnabled() )
+ {
+ return getSSLFactory().createSocket( arg1, arg2 );
+ }
+ else
+ {
+ return new Socket( arg1, arg2 );
+ }
+ }
+
+ public Socket createSocket( InetAddress arg1, int arg2, InetAddress arg3,
+ int arg4 ) throws IOException
+ {
+ if( isSslEnabled() )
+ {
+ return getSSLFactory().createSocket( arg1, arg2, arg3, arg4 );
+ }
+ else
+ {
+ return new Socket( arg1, arg2, arg3, arg4 );
+ }
+ }
+
+ public static javax.net.SocketFactory getSocketFactory()
+ {
+ if( factory == null )
+ {
+ factory = new SSLSocketFactory();
+ }
+ return factory;
+ }
+
+ private javax.net.ssl.SSLSocketFactory getSSLFactory()
+ {
+ if( sslFactory == null )
+ {
+ try
+ {
+ sslFactory = BogusSSLContextFactory.getInstance( false )
+ .getSocketFactory();
+ }
+ catch( GeneralSecurityException e )
+ {
+ throw new RuntimeException( "could not create SSL socket", e );
+ }
+ }
+ return sslFactory;
+ }
+
+ public static boolean isSslEnabled()
+ {
+ return sslEnabled;
+ }
+
+ public static void setSslEnabled( boolean newSslEnabled )
+ {
+ sslEnabled = newSslEnabled;
+ }
+
+}
Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert?rev=368585&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified: directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java?rev=368585&r1=368584&r2=368585&view=diff
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java (original)
+++ directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java Thu Jan 12 20:39:18 2006
@@ -368,7 +368,7 @@
try
{
chain = ( IoFilterChainBuilder ) Class.forName(
- "org.apache.ldap.server.jndi.ssl.support.LdapsInitializer",
+ "org.apache.ldap.server.jndi.ssl.LdapsInitializer",
true,
ServerContextFactory.class.getClassLoader() ).getMethod(
"init", new Class[] { ServerStartupConfiguration.class } ).invoke(