001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 021package org.apache.directory.ldap.client.api; 022 023 024import java.security.SecureRandom; 025 026import javax.net.ssl.KeyManager; 027import javax.net.ssl.TrustManager; 028import javax.net.ssl.X509TrustManager; 029 030import org.apache.directory.api.ldap.codec.api.BinaryAttributeDetector; 031import org.apache.directory.api.ldap.codec.api.LdapApiService; 032import org.apache.directory.api.util.Network; 033import org.slf4j.Logger; 034import org.slf4j.LoggerFactory; 035 036 037/** 038 * A class to hold the configuration for creating an LdapConnection. 039 * 040 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 041 */ 042public class LdapConnectionConfig 043{ 044 /** A logger for this class */ 045 private static final Logger LOG = LoggerFactory.getLogger( LdapConnectionConfig.class ); 046 047 /** Default ports for LDAP */ 048 public static final int DEFAULT_LDAP_PORT = 389; 049 050 /** Default port for LDAPS */ 051 public static final int DEFAULT_LDAPS_PORT = 636; 052 053 /** The default host : localhost */ 054 public static final String DEFAULT_LDAP_HOST = "localhost"; 055 056 /** The LDAP version */ 057 public static final int LDAP_V3 = 3; 058 059 /** The default timeout for operation : 30 seconds */ 060 public static final long DEFAULT_TIMEOUT = 30000L; 061 062 /** the default protocol used for creating SSL context */ 063 public static final String DEFAULT_SSL_PROTOCOL = "TLS"; 064 065 // --- private members ---- 066 /** A flag indicating if we are using SSL or not, default value is false */ 067 private boolean useSsl = false; 068 069 /** The session timeout */ 070 private long timeout = DEFAULT_TIMEOUT; 071 072 /** A flag indicating if we are using TLS or not, default value is false */ 073 private boolean useTls = false; 074 075 /** The selected LDAP port */ 076 private int ldapPort; 077 078 /** the remote LDAP host */ 079 private String ldapHost; 080 081 /** a valid Dn to authenticate the user */ 082 private String name; 083 084 /** user's credentials ( current implementation supports password only); it must be a non-null value */ 085 private String credentials; 086 087 /** an array of key managers, if set, will be used while initializing the SSL context */ 088 private KeyManager[] keyManagers; 089 090 /** an instance of SecureRandom, if set, will be used while initializing the SSL context */ 091 private SecureRandom secureRandom; 092 093 /** an array of certificate trust managers, if set, will be used while initializing the SSL context */ 094 private TrustManager[] trustManagers; 095 096 /** an array of cipher suites which are enabled, if set, will be used while initializing the SSL context */ 097 private String[] enabledCipherSuites; 098 099 /** an array of protocols which are enabled, if set, will be used while initializing the SSL context */ 100 private String[] enabledProtocols; 101 102 /** name of the protocol used for creating SSL context, default value is "TLS" */ 103 private String sslProtocol = DEFAULT_SSL_PROTOCOL; 104 105 /** The class used to detect if an attribute is HR or not */ 106 private BinaryAttributeDetector binaryAttributeDetector; 107 108 /** The Service to use internally when creating connections */ 109 private LdapApiService ldapApiService; 110 111 112 /** 113 * Creates a default LdapConnectionConfig instance 114 */ 115 public LdapConnectionConfig() 116 { 117 setDefaultTrustManager(); 118 } 119 120 121 /** 122 * sets the default trust manager based on the SunX509 trustManagement algorithm. 123 * 124 * We use a non-verification Trust Manager 125 */ 126 private void setDefaultTrustManager() 127 { 128 trustManagers = new X509TrustManager[] { new NoVerificationTrustManager() }; 129 } 130 131 132 /** 133 * Checks if SSL (ldaps://) is used. 134 * 135 * @return true, if SSL is used 136 */ 137 public boolean isUseSsl() 138 { 139 return useSsl; 140 } 141 142 143 /** 144 * Sets whether SSL should be used. 145 * 146 * @param useSsl true to use SSL 147 */ 148 public void setUseSsl( boolean useSsl ) 149 { 150 this.useSsl = useSsl; 151 } 152 153 154 /** 155 * Gets the LDAP port. 156 * 157 * @return the LDAP port 158 */ 159 public int getLdapPort() 160 { 161 return ldapPort; 162 } 163 164 165 /** 166 * Sets the LDAP port. 167 * 168 * @param ldapPort the new LDAP port 169 */ 170 public void setLdapPort( int ldapPort ) 171 { 172 this.ldapPort = ldapPort; 173 } 174 175 176 /** 177 * Gets the LDAP host. 178 * 179 * @return the LDAP host 180 */ 181 public String getLdapHost() 182 { 183 return ldapHost; 184 } 185 186 187 /** 188 * Sets the LDAP host. 189 * 190 * @param ldapHost the new LDAP host 191 */ 192 public void setLdapHost( String ldapHost ) 193 { 194 this.ldapHost = ldapHost; 195 } 196 197 198 /** 199 * Gets the name that is used to authenticate the user. 200 * 201 * @return the name 202 */ 203 public String getName() 204 { 205 return name; 206 } 207 208 209 /** 210 * Sets the name which is used to authenticate the user. 211 * 212 * @param name the new name 213 */ 214 public void setName( String name ) 215 { 216 this.name = name; 217 } 218 219 220 /** 221 * Gets the credentials. 222 * 223 * @return the credentials 224 */ 225 public String getCredentials() 226 { 227 return credentials; 228 } 229 230 231 /** 232 * Sets the credentials. 233 * 234 * @param credentials the new credentials 235 */ 236 public void setCredentials( String credentials ) 237 { 238 this.credentials = credentials; 239 } 240 241 242 /** 243 * Gets the default LDAP port. 244 * 245 * @return the default LDAP port 246 */ 247 public int getDefaultLdapPort() 248 { 249 return DEFAULT_LDAP_PORT; 250 } 251 252 253 /** 254 * Gets the default LDAPS port. 255 * 256 * @return the default LDAPS port 257 */ 258 public int getDefaultLdapsPort() 259 { 260 return DEFAULT_LDAPS_PORT; 261 } 262 263 264 /** 265 * Gets the default LDAP host. 266 * 267 * @return the default LDAP host 268 */ 269 public String getDefaultLdapHost() 270 { 271 return Network.LOOPBACK_HOSTNAME; 272 } 273 274 275 /** 276 * Gets the default timeout. 277 * 278 * @return the default timeout 279 */ 280 public long getDefaultTimeout() 281 { 282 return DEFAULT_TIMEOUT; 283 } 284 285 286 /** 287 * Gets the timeout. 288 * 289 * @return the timeout 290 */ 291 public long getTimeout() 292 { 293 return timeout; 294 } 295 296 297 /** 298 * Sets the timeout. 299 * 300 * @param timeout the timeout to set 301 */ 302 public void setTimeout( long timeout ) 303 { 304 this.timeout = timeout; 305 } 306 307 308 /** 309 * Gets the supported LDAP version. 310 * 311 * @return the supported LDAP version 312 */ 313 public int getSupportedLdapVersion() 314 { 315 return LDAP_V3; 316 } 317 318 319 /** 320 * Gets the trust managers. 321 * 322 * @return the trust managers 323 */ 324 public TrustManager[] getTrustManagers() 325 { 326 return trustManagers; 327 } 328 329 330 /** 331 * Sets the trust managers. 332 * 333 * @param trustManagers the new trust managers 334 */ 335 public void setTrustManagers( TrustManager... trustManagers ) 336 { 337 this.trustManagers = trustManagers; 338 } 339 340 341 /** 342 * Gets the SSL protocol. 343 * 344 * @return the SSL protocol 345 */ 346 public String getSslProtocol() 347 { 348 return sslProtocol; 349 } 350 351 352 /** 353 * Sets the SSL protocol. 354 * 355 * @param sslProtocol the new SSL protocol 356 */ 357 public void setSslProtocol( String sslProtocol ) 358 { 359 this.sslProtocol = sslProtocol; 360 } 361 362 363 /** 364 * Gets the key managers. 365 * 366 * @return the key managers 367 */ 368 public KeyManager[] getKeyManagers() 369 { 370 return keyManagers; 371 } 372 373 374 /** 375 * Sets the key managers. 376 * 377 * @param keyManagers the new key managers 378 */ 379 public void setKeyManagers( KeyManager[] keyManagers ) 380 { 381 this.keyManagers = keyManagers; 382 } 383 384 385 /** 386 * Gets the secure random. 387 * 388 * @return the secure random 389 */ 390 public SecureRandom getSecureRandom() 391 { 392 return secureRandom; 393 } 394 395 396 /** 397 * Sets the secure random. 398 * 399 * @param secureRandom the new secure random 400 */ 401 public void setSecureRandom( SecureRandom secureRandom ) 402 { 403 this.secureRandom = secureRandom; 404 } 405 406 407 /** 408 * Gets the cipher suites which are enabled. 409 * 410 * @return the cipher suites which are enabled 411 */ 412 public String[] getEnabledCipherSuites() 413 { 414 return enabledCipherSuites; 415 } 416 417 418 /** 419 * Sets the cipher suites which are enabled 420 * 421 * @param enabledCipherSuites the cipher suites which are enabled 422 */ 423 public void setEnabledCipherSuites( String[] enabledCipherSuites ) 424 { 425 this.enabledCipherSuites = enabledCipherSuites; 426 } 427 428 429 /** 430 * Gets the protocols which are enabled. 431 * 432 * @return the protocol which are enabled 433 */ 434 public String[] getEnabledProtocols() 435 { 436 return enabledProtocols; 437 } 438 439 440 /** 441 * Sets the protocols which are enabled 442 * 443 * @param enabledProtocols the protocols which are enabled 444 */ 445 public void setEnabledProtocols( String... enabledProtocols ) 446 { 447 this.enabledProtocols = enabledProtocols; 448 } 449 450 451 /** 452 * @return the binaryAttributeDetector 453 */ 454 public BinaryAttributeDetector getBinaryAttributeDetector() 455 { 456 return binaryAttributeDetector; 457 } 458 459 460 /** 461 * @param binaryAttributeDetector the binaryAttributeDetector to set 462 */ 463 public void setBinaryAttributeDetector( BinaryAttributeDetector binaryAttributeDetector ) 464 { 465 this.binaryAttributeDetector = binaryAttributeDetector; 466 } 467 468 469 /** 470 * Checks if TLS is used. 471 * 472 * @return true, if TLS is used 473 */ 474 public boolean isUseTls() 475 { 476 return useTls; 477 } 478 479 480 /** 481 * Sets whether TLS should be used. 482 * 483 * @param useTls true to use TLS 484 */ 485 public void setUseTls( boolean useTls ) 486 { 487 this.useTls = useTls; 488 } 489 490 491 /** 492 * @return the ldapApiService 493 */ 494 public LdapApiService getLdapApiService() 495 { 496 return ldapApiService; 497 } 498 499 500 /** 501 * @param ldapApiService the ldapApiService to set 502 */ 503 public void setLdapApiService( LdapApiService ldapApiService ) 504 { 505 this.ldapApiService = ldapApiService; 506 } 507}