Example usage for javax.naming.ldap InitialLdapContext extendedOperation

List of usage examples for javax.naming.ldap InitialLdapContext extendedOperation

  1. HOME
  2. Java
  3. javax
  4. javax.naming.ldap.*
  5. InitialLdapContext
  6. extendedOperation

Introduction

In this page you can find the example usage for javax.naming.ldap InitialLdapContext extendedOperation.

Prototype

public ExtendedResponse extendedOperation(ExtendedRequest request) throws NamingException

Source Link

Usage

From source file:org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore.java

protected StartTlsResponse startTls(InitialLdapContext ctx) throws NamingException, IOException {
    if (getTrustStore() != null && !getTrustStore().equals("")) {
        System.setProperty("javax.net.ssl.trustStore", getTrustStore());
    }//w  w  w  .j  a  v a2  s  .  c o  m
    if (getTrustStorePassword() != null && !getTrustStorePassword().equals("")) {
        System.setProperty("javax.net.ssl.trustStorePassword", getTrustStorePassword());
    }

    // Specify client's keyStore where client's certificate is located.
    // Note: Client's keyStore is optional for StartTLS negotiation and connection,
    // but it is required for implicit client indendity assertion
    // by SASL EXTERNAL where client ID is extracted from certificate subject.
    //System.setProperty("javax.net.ssl.keyStore", "myKey.pfx");
    //System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
    //System.setProperty("javax.net.ssl.keyStorePassword", "secret");

    StartTlsResponse tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
    tls.negotiate();
    return tls;
}

From source file:org.sonar.plugins.ldap.LdapContextFactory.java

private InitialDirContext createInitialDirContext(String principal, String credentials, boolean pooling)
        throws NamingException {
    final InitialLdapContext ctx;
    if (startTLS) {
        // Note that pooling is not enabled for such connections, because "Stop TLS" is not performed.
        Properties env = new Properties();
        env.put(Context.INITIAL_CONTEXT_FACTORY, factory);
        env.put(Context.PROVIDER_URL, providerUrl);
        env.put(Context.REFERRAL, DEFAULT_REFERRAL);
        // At this point env should not contain properties SECURITY_AUTHENTICATION, SECURITY_PRINCIPAL and SECURITY_CREDENTIALS to avoid "bind" operation prior to StartTLS:
        ctx = new InitialLdapContext(env, null);
        // http://docs.oracle.com/javase/jndi/tutorial/ldap/ext/starttls.html
        StartTlsResponse tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
        try {/*from w  w w .j  av a  2s . co  m*/
            tls.negotiate();
        } catch (IOException e) {
            NamingException ex = new NamingException("StartTLS failed");
            ex.initCause(e);
            throw ex;
        }
        // Explicitly initiate "bind" operation:
        ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, authentication);
        ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, principal);
        ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials);
        ctx.reconnect(null);
    } else {
        ctx = new InitialLdapContext(getEnvironment(principal, credentials, pooling), null);
    }
    return ctx;
}