Examples of javax.naming.ldap.StartTlsRequest

javax.naming.ldap.StartTlsRequest

etf.org/rfc/rfc2830.txt">Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security The object identifier for StartTLS is 1.3.6.1.4.1.1466.20037 and no extended request value is defined.

StartTlsRequest/StartTlsResponse are used to establish a TLS connection over the existing LDAP connection associated with the JNDI context on which extendedOperation() is invoked. Typically, a JNDI program uses these classes as follows.

 import javax.naming.ldap.*; // Open an LDAP association LdapContext ctx = new InitialLdapContext(); // Perform a StartTLS extended operation StartTlsResponse tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest()); // Open a TLS connection (over the existing LDAP association) and get details // of the negotiated TLS session: cipher suite, peer certificate, etc. SSLSession session = tls.negotiate(); // ... use ctx to perform protected LDAP operations // Close the TLS connection (revert back to the underlying LDAP association) tls.close(); // ... use ctx to perform unprotected LDAP operations // Close the LDAP association ctx.close;

@since 1.4 @see StartTlsResponse @author Vincent Ryan

                    if ( useStartTLS )
                    {
                        try
                        {
                            StartTlsResponse tls = ( StartTlsResponse ) context
                                .extendedOperation( new StartTlsRequest() );
                            tls.setHostnameVerifier( new HostnameVerifier()
                            {
                                public boolean verify( String arg0, SSLSession arg1 )
                                {
                                    return true;

View Full Code Here

                    if ( useStartTLS )
                    {
                        try
                        {
                            StartTlsResponse tls = ( StartTlsResponse ) context
                                .extendedOperation( new StartTlsRequest() );
                            tls.setHostnameVerifier( new HostnameVerifier()
                            {
                                public boolean verify( String arg0, SSLSession arg1 )
                                {
                                    return true;

View Full Code Here

            ctx = new InitialLdapContext(env, null);


            if (tls) {
                // Requesting to start TLS on an LDAP association
                tlsResponse = (StartTlsResponse) ctx.extendedOperation(
                        new StartTlsRequest());


                // Starting TLS
                tlsResponse.negotiate();
            }

View Full Code Here

                    if ( useStartTLS )
                    {
                        try
                        {
                            StartTlsResponse tls = ( StartTlsResponse ) context
                                .extendedOperation( new StartTlsRequest() );
                            tls.setHostnameVerifier( new HostnameVerifier()
                            {
                                public boolean verify( String arg0, SSLSession arg1 )
                                {
                                    return true;

View Full Code Here

                    if ( useStartTLS )
                    {
                        try
                        {
                            StartTlsResponse tls = ( StartTlsResponse ) context
                                .extendedOperation( new StartTlsRequest() );
                            // deactivate host name verification at this level,
                            // host name verification is done in StudioTrustManager
                            tls.setHostnameVerifier( new HostnameVerifier()
                            {
                                public boolean verify( String hostname, SSLSession session )

View Full Code Here

        env.put( "java.naming.provider.url", "ldap://localhost:" + getLdapServer().getPort() );
        env.put( "java.naming.security.principal", "uid=admin,ou=system" );
        env.put( "java.naming.security.credentials", "secret" );
        env.put( "java.naming.security.authentication", "simple" );
        LdapContext ctx = new InitialLdapContext( env, null );
        StartTlsResponse tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
        tls.setHostnameVerifier( new HostnameVerifier()
        {
            public boolean verify( String hostname, SSLSession session )
            {
                return true;
            }
        } );
        tls.negotiate( BogusSSLContextFactory.getInstance( false ).getSocketFactory() );


        // create a new certificate
        String newIssuerDN = "cn=new_issuer_dn";
        String newSubjectDN = "cn=new_subject_dn";
        Entry entry = getLdapServer().getDirectoryService().getAdminSession().lookup(
            new Dn( "uid=admin,ou=system" ) );
        TlsKeyGenerator.addKeyPair( entry, newIssuerDN, newSubjectDN, "RSA" );


        // now update the certificate (over the wire)
        ModificationItem[] mods = new ModificationItem[3];
        mods[0] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
            TlsKeyGenerator.PRIVATE_KEY_AT, entry.get( TlsKeyGenerator.PRIVATE_KEY_AT ).getBytes() ) );
        mods[1] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
            TlsKeyGenerator.PUBLIC_KEY_AT, entry.get( TlsKeyGenerator.PUBLIC_KEY_AT ).getBytes() ) );
        mods[2] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(
            TlsKeyGenerator.USER_CERTIFICATE_AT, entry.get( TlsKeyGenerator.USER_CERTIFICATE_AT ).getBytes() ) );
        ctx.modifyAttributes( "uid=admin,ou=system", mods );
        ctx.close();


        getLdapServer().reloadSslContext();


        // create a new secure connection
        ctx = new InitialLdapContext( env, null );
        tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
        tls.setHostnameVerifier( new HostnameVerifier()
        {
            public boolean verify( String hostname, SSLSession session )
            {
                return true;

View Full Code Here

        LOG.debug( "About to get initial context" );
        LdapContext ctx = new InitialLdapContext( env, null );


        // Start TLS
        LOG.debug( "About send startTls extended operation" );
        StartTlsResponse tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
        LOG.debug( "Extended operation issued" );
        tls.setHostnameVerifier( new HostnameVerifier()
        {
            public boolean verify( String hostname, SSLSession session )
            {

View Full Code Here

            LOG.debug( "About to get initial context" );
            LdapContext ctx = new InitialLdapContext( env, null );


            // Start TLS
            LOG.debug( "About send startTls extended operation" );
            StartTlsResponse tls = ( StartTlsResponse ) ctx.extendedOperation( new StartTlsRequest() );
            LOG.debug( "Extended operation issued" );
            tls.setHostnameVerifier( new HostnameVerifier()
            {
                public boolean verify( String hostname, SSLSession session )
                {

View Full Code Here

          savedEnv.put(key, entry);
        }
      }
      delegate = new InitialLdapContext(env, null);
      tls = (StartTlsResponse) delegate
          .extendedOperation(new StartTlsRequest());
      tls.setHostnameVerifier(new HostnameVerifier() {


        @Override
        public boolean verify(String hostname, SSLSession session) {
          return true;

View Full Code Here

    final LdapContext ctx = new InitialLdapContext(env, null);


    StartTlsResponse response = null;
    try {
      if (LdapProtocol.TLS.equals(Protocol)) {
        StartTlsRequest request = new StartTlsRequest();
        response = (StartTlsResponse) ctx.extendedOperation(request);
        response.negotiate();
        if (username != null && password != null) {
          ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION,
              "simple");

View Full Code Here

0 1 2 3 4

TOP

Related Classes of javax.naming.ldap.StartTlsRequest

com.agiletec.plugins.jpldap.aps.system.services.user.LdapUserDAO

com.founder.fix.fixflow.expand.connector.LDAPConnector.LDAPConnector

com.sun.naming.internal.VersionHelper

de.sub.goobi.helper.ldap.Ldap

org.apache.directory.ldapstudio.browser.core.internal.model.JNDIConnectionContext

org.apache.directory.server.ssl.StartTlsConfidentialityIT

org.apache.directory.server.ssl.StartTlsIT

org.apache.directory.server.ssl.StartTlsUpdateCertificateIT

org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper

org.apache.harmony.jndi.tests.javax.naming.ldap.extras.TestSerialization

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.