Examples of javax.naming.ldap.InitialLdapContext

• javax.naming.ldap.InitialLdapContext
  This is used as the starting context when the LDAPv3 extended functionality provided by the javax.naming.ldap package is required. See LdapContext for a description of the Request and Response controls. @see LdapContext

        if (LOG.isInfoEnabled()) {
            LOG.info("Getting initial context for realm base at " + dn + " for " + config.getPrimaryRealm());
        }

        return new InitialLdapContext(cloned, new Control[] {});
    }

        env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
        env.put( "java.naming.provider.url", "ldap://localhost:" + getLdapServer().getPort() );
        env.put( "java.naming.security.principal", "uid=admin,ou=system" );
        env.put( "java.naming.security.credentials", "secret" );
        env.put( "java.naming.security.authentication", "simple" );
        LdapContext ctx = new InitialLdapContext( env, null );
        StartTlsResponse tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
        tls.setHostnameVerifier( new HostnameVerifier()
        {
            public boolean verify( String hostname, SSLSession session )
            {
                return true;
            }
        } );
        tls.negotiate( BogusSSLContextFactory.getInstance( false ).getSocketFactory() );

        // create a new certificate
        String newIssuerDN = "cn=new_issuer_dn";
        String newSubjectDN = "cn=new_subject_dn";
        Entry entry = getLdapServer().getDirectoryService().getAdminSession().lookup(
            new Dn( "uid=admin,ou=system" ) );
        TlsKeyGenerator.addKeyPair( entry, newIssuerDN, newSubjectDN, "RSA" );

        // now update the certificate (over the wire)
        ModificationItem[] mods = new ModificationItem[3];
        mods[0] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
            TlsKeyGenerator.PRIVATE_KEY_AT, entry.get( TlsKeyGenerator.PRIVATE_KEY_AT ).getBytes() ) );
        mods[1] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
            TlsKeyGenerator.PUBLIC_KEY_AT, entry.get( TlsKeyGenerator.PUBLIC_KEY_AT ).getBytes() ) );
        mods[2] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
            TlsKeyGenerator.USER_CERTIFICATE_AT, entry.get( TlsKeyGenerator.USER_CERTIFICATE_AT ).getBytes() ) );
        ctx.modifyAttributes( "uid=admin,ou=system", mods );
        ctx.close();

        getLdapServer().reloadSslContext();

        // create a new secure connection
        ctx = new InitialLdapContext( env, null );
        tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
        tls.setHostnameVerifier( new HostnameVerifier()
        {
            public boolean verify( String hostname, SSLSession session )
            {
                return true;

        env.put( "java.naming.ldap.version", "3" );
        env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
        env.put( Context.SECURITY_CREDENTIALS, "secret" );
        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
        InitialLdapContext ctx = new InitialLdapContext( env, null );

        Attributes user = new BasicAttributes( "cn", "Kate Bush", true );
        Attribute oc = new BasicAttribute( "objectClass" );
        oc.add( "top" );
        oc.add( "person" );
        oc.add( "organizationalPerson" );
        oc.add( "inetOrgPerson" );
        user.put( oc );
        user.put( "sn", "Bush" );
        user.put( "userPassword", "Aerial" );
        ctx.setRequestControls( JndiUtils.toJndiControls( getLdapServer().getDirectoryService().getLdapCodecService(),
            new Control[]
                { unsupported } ) );

        try
        {
            ctx.createSubcontext( "cn=Kate Bush", user );
            fail();
        }
        catch ( OperationNotSupportedException e )
        {
        }

        unsupported.setCritical( false );
        ctx.setRequestControls( JndiUtils.toJndiControls( getLdapServer().getDirectoryService().getLdapCodecService(),
            new Control[]
                { unsupported } ) );

        DirContext kate = ctx.createSubcontext( "cn=Kate Bush", user );
        assertNotNull( kate );
        assertTrue( ArrayUtils.isEquals( Asn1StringUtils.getBytesUtf8( "Aerial" ), kate.getAttributes( "" ).get(
            "userPassword" ).get() ) );

        ctx.destroySubcontext( "cn=Kate Bush" );
    }

        env.put( Context.PROVIDER_URL, "ldap://localhost:" + ldapServer.getPort() );
        env.put( Context.SECURITY_PRINCIPAL, ServerDNConstants.ADMIN_SYSTEM_DN );
        env.put( Context.SECURITY_CREDENTIALS, "secret" );
        env.put( Context.SECURITY_AUTHENTICATION, "simple" );

        return new InitialLdapContext( env, JndiUtils.toJndiControls(
            ldapServer.getDirectoryService().getLdapCodecService(),
            controls ) );
    }

        // Must use the name of the server that is found in its certificate?
        env.put( Context.PROVIDER_URL, "ldap://localhost:" + getLdapServer().getPort() );

        // Create initial context
        LOG.debug( "About to get initial context" );
        LdapContext ctx = new InitialLdapContext( env, null );

        // Start TLS
        LOG.debug( "About send startTls extended operation" );
        StartTlsResponse tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
        LOG.debug( "Extended operation issued" );
        tls.setHostnameVerifier( new HostnameVerifier()
        {
            public boolean verify( String hostname, SSLSession session )
            {

            // Must use the name of the server that is found in its certificate?
            env.put( Context.PROVIDER_URL, "ldap://localhost:" + getLdapServer().getPort() );

            // Create initial context
            LOG.debug( "About to get initial context" );
            LdapContext ctx = new InitialLdapContext( env, null );

            // Start TLS
            LOG.debug( "About send startTls extended operation" );
            StartTlsResponse tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
            LOG.debug( "Extended operation issued" );
            tls.setHostnameVerifier( new HostnameVerifier()
            {
                public boolean verify( String hostname, SSLSession session )
                {
                    return true;
                }
            } );
            LOG.debug( "TLS negotion about to begin" );
            tls.negotiate( ReloadableSSLSocketFactory.getDefault() );

            search( ii, ctx );

            // Don't call tls.close(), sometimes it hangs in socket.read() operation:
            // Stack trace:
            //     java.net.SocketInputStream.socketRead0(Native Method)
            //     java.net.SocketInputStream.read(SocketInputStream.java:129)
            //     com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
            //     com.sun.net.ssl.internal.ssl.InputRecord.readV3Record(InputRecord.java:405)
            //     com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:360)
            //     com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
            //        - locked java.lang.obj...@3dec90c3
            //     com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1467)
            //     com.sun.net.ssl.internal.ssl.SSLSocketImpl.closeInternal(SSLSocketImpl.java:1419)
            //     com.sun.net.ssl.internal.ssl.SSLSocketImpl.close(SSLSocketImpl.java:1313)
            //     com.sun.jndi.ldap.ext.StartTlsResponseImpl.close(StartTlsResponseImpl.java:267)
            // tls.close();
            ctx.close();
        }
    }

      env.setProperty(Context.PROVIDER_URL, providerUrl);

      env.setProperty(Context.SECURITY_PRINCIPAL, principal);
      env.setProperty(Context.SECURITY_CREDENTIALS, credentials);

      InitialLdapContext ctx = new InitialLdapContext(env, null);
      return ctx;
   }

   public boolean authenticate(String username, String password)
   {
      final String securityPrincipal = getUserDN(username);

      InitialLdapContext ctx = null;
      try
      {
         ctx = initialiseContext(securityPrincipal, password);

         if (getEnabledAttribute() != null)
         {
            Attributes attribs = ctx.getAttributes(securityPrincipal, new String[] { getEnabledAttribute() });
            Attribute enabledAttrib = attribs.get( getEnabledAttribute() );
            if (enabledAttrib != null)
            {
               for (int r = 0; r < enabledAttrib.size(); r++)
               {
                  Object value = enabledAttrib.get(r);
                  if (LDAP_BOOLEAN_TRUE.equals(value)) return true;
               }
            }
            return false;
         }

         return true;
      }
      catch (NamingException ex)
      {
         throw new IdentityManagementException("Authentication error", ex);
      }
      finally
      {
         if (ctx != null)
         {
            try
            {
               ctx.close();
            }
            catch (NamingException ex) {}
         }
      }
   }

      }
   }

   public boolean changePassword(String name, String password)
   {
      InitialLdapContext ctx = null;
      try
      {
         ctx = initialiseContext();

         BasicAttribute passwordAttrib = new BasicAttribute(getUserPasswordAttribute(), password);
         ModificationItem mod = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, passwordAttrib);
         ctx.modifyAttributes(getUserDN(name), new ModificationItem[] { mod });

         return true;
      }
      catch (NamingException ex)
      {
         throw new IdentityManagementException("Failed to change password", ex);
      }
      finally
      {
         if (ctx != null)
         {
            try
            {
               ctx.close();
            }
            catch (NamingException ex) {}
         }
      }
   }

      }
   }

   public boolean createRole(String role)
   {
      InitialLdapContext ctx = null;
      try
      {
         ctx = initialiseContext();

         Attributes roleAttribs = new BasicAttributes();

         BasicAttribute roleClass = new BasicAttribute(getObjectClassAttribute());
         for (String objectClass : getRoleObjectClasses())
         {
            roleClass.add(objectClass);
         }

         roleAttribs.put(roleClass);
         roleAttribs.put(new BasicAttribute(getRoleNameAttribute(), role));

         String roleDN = getRoleDN(role);
         ctx.createSubcontext(roleDN, roleAttribs);

         return true;
      }
      catch (NamingException ex)
      {
         throw new IdentityManagementException("Failed to create role", ex);
      }
      finally
      {
         if (ctx != null)
         {
            try
            {
               ctx.close();
            }
            catch (NamingException ex) {}
         }
      }
   }