|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.unboundid.ldap.sdk.LDAPRequest
com.unboundid.ldap.sdk.ExtendedRequest
com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest
@NotMutable @ThreadSafety(level=NOT_THREADSAFE) public final class StartTLSExtendedRequest
This class provides an implementation of the LDAP StartTLS extended request
as defined in RFC 4511
section 4.14. It may be used to establish a secure communication channel
over an otherwise unencrypted connection.
Note that when using the StartTLS extended operation, you should establish
a connection to the server's unencrypted LDAP port rather than its secure
port. Then, you can use the StartTLS extended request in order to secure
that connection.
SSLUtil
class in conjunction
with the TrustStoreTrustManager
class to
ensure that only certificates from trusted authorities will be accepted.
// Create an SSLContext that will be used to perform the cryptographic // processing. SSLUtil sslUtil = new SSLUtil(new TrustStoreTrustManager(trustStorePath)); SSLContext sslContext = sslUtil.createSSLContext(); // Create and process the extended request to secure a connection. StartTLSExtendedRequest startTLSRequest = new StartTLSExtendedRequest(sslContext); ExtendedResult startTLSResult; try { startTLSResult = connection.processExtendedOperation(startTLSRequest); // This doesn't necessarily mean that the operation was successful, since // some kinds of extended operations return non-success results under // normal conditions. } catch (LDAPException le) { // For an extended operation, this generally means that a problem was // encountered while trying to send the request or read the result. startTLSResult = new ExtendedResult(le); } // Make sure that we can use the connection to interact with the server. RootDSE rootDSE = connection.getRootDSE();
Field Summary | |
---|---|
static java.lang.String |
STARTTLS_REQUEST_OID
The OID (1.3.6.1.4.1.1466.20037) for the StartTLS extended request. |
Fields inherited from class com.unboundid.ldap.sdk.ExtendedRequest |
---|
TYPE_EXTENDED_REQUEST_OID, TYPE_EXTENDED_REQUEST_VALUE |
Constructor Summary | |
---|---|
StartTLSExtendedRequest()
Creates a new StartTLS extended request using a default SSL context. |
|
StartTLSExtendedRequest(Control[] controls)
Creates a new StartTLS extended request using a default SSL context. |
|
StartTLSExtendedRequest(ExtendedRequest extendedRequest)
Creates a new StartTLS extended request from the provided generic extended request. |
|
StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext)
Creates a new StartTLS extended request using the provided SSL context. |
|
StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext,
Control[] controls)
Creates a new StartTLS extended request. |
|
StartTLSExtendedRequest(javax.net.ssl.SSLSocketFactory sslSocketFactory)
Creates a new StartTLS extended request using the provided SSL socket factory. |
|
StartTLSExtendedRequest(javax.net.ssl.SSLSocketFactory sslSocketFactory,
Control[] controls)
Creates a new StartTLS extended request. |
Method Summary | |
---|---|
StartTLSExtendedRequest |
duplicate()
Creates a new instance of this LDAP request that may be modified without impacting this request. |
StartTLSExtendedRequest |
duplicate(Control[] controls)
Creates a new instance of this LDAP request that may be modified without impacting this request. |
java.lang.String |
getExtendedRequestName()
Retrieves the user-friendly name for the extended request, if available. |
ExtendedResult |
process(LDAPConnection connection,
int depth)
Sends this StartTLS request to the server and performs the necessary client-side security processing if the operation is processed successfully. |
void |
toString(java.lang.StringBuilder buffer)
Appends a string representation of this request to the provided buffer. |
Methods inherited from class com.unboundid.ldap.sdk.ExtendedRequest |
---|
encodeProtocolOp, getLastMessageID, getOID, getOperationType, getProtocolOpType, getValue, hasValue, responseReceived, toCode, writeTo |
Methods inherited from class com.unboundid.ldap.sdk.LDAPRequest |
---|
followReferrals, getControl, getControlList, getControls, getIntermediateResponseListener, getResponseTimeoutMillis, hasControl, hasControl, setFollowReferrals, setIntermediateResponseListener, setResponseTimeoutMillis, toString |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String STARTTLS_REQUEST_OID
Constructor Detail |
---|
public StartTLSExtendedRequest() throws LDAPException
LDAPException
- If a problem occurs while trying to initialize a
default SSL context.public StartTLSExtendedRequest(Control[] controls) throws LDAPException
controls
- The set of controls to include in the request.
LDAPException
- If a problem occurs while trying to initialize a
default SSL context.public StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext) throws LDAPException
sslContext
- The SSL context to use to perform the negotiation. It
may be null
to indicate that a default SSL
context should be used. If an SSL context is provided,
then it must already be initialized.
LDAPException
- If a problem occurs while trying to initialize a
default SSL context.public StartTLSExtendedRequest(javax.net.ssl.SSLSocketFactory sslSocketFactory) throws LDAPException
sslSocketFactory
- The SSL socket factory to use to convert an
insecure connection into a secure connection. It
may be null
to indicate that a default
SSL socket factory should be used.
LDAPException
- If a problem occurs while trying to initialize a
default SSL socket factory.public StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext, Control[] controls) throws LDAPException
sslContext
- The SSL context to use to perform the negotiation. It
may be null
to indicate that a default SSL
context should be used. If an SSL context is provided,
then it must already be initialized.controls
- The set of controls to include in the request.
LDAPException
- If a problem occurs while trying to initialize a
default SSL context.public StartTLSExtendedRequest(javax.net.ssl.SSLSocketFactory sslSocketFactory, Control[] controls) throws LDAPException
sslSocketFactory
- The SSL socket factory to use to convert an
insecure connection into a secure connection. It
may be null
to indicate that a default
SSL socket factory should be used.controls
- The set of controls to include in the request.
LDAPException
- If a problem occurs while trying to initialize a
default SSL context.public StartTLSExtendedRequest(ExtendedRequest extendedRequest) throws LDAPException
extendedRequest
- The generic extended request to use to create this
StartTLS extended request.
LDAPException
- If a problem occurs while decoding the request.Method Detail |
---|
public ExtendedResult process(LDAPConnection connection, int depth) throws LDAPException
LDAPException
if the
server returns a non-success result.
process
in class ExtendedRequest
connection
- The connection to use to communicate with the directory
server.depth
- The current referral depth for this request. It should
always be zero for the initial request, and should only
be incremented when following referrals.
LDAPException
- If the server returned a non-success result, or if
a problem was encountered while performing
client-side security processing.public StartTLSExtendedRequest duplicate()
duplicate
in interface ReadOnlyLDAPRequest
duplicate
in class ExtendedRequest
public StartTLSExtendedRequest duplicate(Control[] controls)
duplicate
in interface ReadOnlyLDAPRequest
duplicate
in class ExtendedRequest
controls
- The set of controls to include in the duplicate request.
public java.lang.String getExtendedRequestName()
getExtendedRequestName
in class ExtendedRequest
public void toString(java.lang.StringBuilder buffer)
toString
in interface ProtocolOp
toString
in interface ReadOnlyLDAPRequest
toString
in class ExtendedRequest
buffer
- The buffer to which to append a string representation of
this request.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |