001/*
002 *   Licensed to the Apache Software Foundation (ASF) under one
003 *   or more contributor license agreements.  See the NOTICE file
004 *   distributed with this work for additional information
005 *   regarding copyright ownership.  The ASF licenses this file
006 *   to you under the Apache License, Version 2.0 (the
007 *   "License"); you may not use this file except in compliance
008 *   with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 *   Unless required by applicable law or agreed to in writing,
013 *   software distributed under the License is distributed on an
014 *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *   KIND, either express or implied.  See the License for the
016 *   specific language governing permissions and limitations
017 *   under the License.
018 *
019 */
020
021package org.apache.directory.ldap.client.api;
022
023
024import java.security.SecureRandom;
025
026import javax.net.ssl.KeyManager;
027import javax.net.ssl.TrustManager;
028import javax.net.ssl.X509TrustManager;
029
030import org.apache.directory.api.ldap.codec.api.BinaryAttributeDetector;
031import org.apache.directory.api.ldap.codec.api.LdapApiService;
032import org.apache.directory.api.util.Network;
033import org.slf4j.Logger;
034import org.slf4j.LoggerFactory;
035
036
037/**
038 * A class to hold the configuration for creating an LdapConnection.
039 *
040 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
041 */
042public class LdapConnectionConfig
043{
044    /** A logger for this class */
045    private static final Logger LOG = LoggerFactory.getLogger( LdapConnectionConfig.class );
046
047    /** Default ports for LDAP */
048    public static final int DEFAULT_LDAP_PORT = 389;
049
050    /** Default port for LDAPS */
051    public static final int DEFAULT_LDAPS_PORT = 636;
052
053    /** The default host : localhost */
054    public static final String DEFAULT_LDAP_HOST = "localhost";
055
056    /** The LDAP version */
057    public static final int LDAP_V3 = 3;
058
059    /** The default timeout for operation : 30 seconds */
060    public static final long DEFAULT_TIMEOUT = 30000L;
061
062    /** the default protocol used for creating SSL context */
063    public static final String DEFAULT_SSL_PROTOCOL = "TLS";
064
065    // --- private members ----
066    /** A flag indicating if we are using SSL or not, default value is false */
067    private boolean useSsl = false;
068
069    /** The session timeout */
070    private long timeout = DEFAULT_TIMEOUT;
071
072    /** A flag indicating if we are using TLS or not, default value is false */
073    private boolean useTls = false;
074
075    /** The selected LDAP port */
076    private int ldapPort;
077
078    /** the remote LDAP host */
079    private String ldapHost;
080
081    /** a valid Dn to authenticate the user */
082    private String name;
083
084    /** user's credentials ( current implementation supports password only); it must be a non-null value */
085    private String credentials;
086
087    /** an array of key managers, if set, will be used while initializing the SSL context */
088    private KeyManager[] keyManagers;
089
090    /** an instance of SecureRandom, if set, will be used while initializing the SSL context */
091    private SecureRandom secureRandom;
092
093    /** an array of certificate trust managers, if set, will be used while initializing the SSL context */
094    private TrustManager[] trustManagers;
095
096    /** an array of cipher suites which are enabled, if set, will be used while initializing the SSL context */
097    private String[] enabledCipherSuites;
098
099    /** an array of protocols which are enabled, if set, will be used while initializing the SSL context */
100    private String[] enabledProtocols;
101
102    /** name of the protocol used for creating SSL context, default value is "TLS" */
103    private String sslProtocol = DEFAULT_SSL_PROTOCOL;
104
105    /** The class used to detect if an attribute is HR or not */
106    private BinaryAttributeDetector binaryAttributeDetector;
107
108    /** The Service to use internally when creating connections */
109    private LdapApiService ldapApiService;
110
111
112    /**
113     * Creates a default LdapConnectionConfig instance
114     */
115    public LdapConnectionConfig()
116    {
117        setDefaultTrustManager();
118    }
119
120
121    /**
122     * sets the default trust manager based on the SunX509 trustManagement algorithm.
123     * 
124     * We use a non-verification Trust Manager
125     */
126    private void setDefaultTrustManager()
127    {
128        trustManagers = new X509TrustManager[] { new NoVerificationTrustManager() };
129    }
130
131
132    /**
133     * Checks if SSL (ldaps://) is used.
134     *
135     * @return true, if SSL is used
136     */
137    public boolean isUseSsl()
138    {
139        return useSsl;
140    }
141
142
143    /**
144     * Sets whether SSL should be used.
145     *
146     * @param useSsl true to use SSL
147     */
148    public void setUseSsl( boolean useSsl )
149    {
150        this.useSsl = useSsl;
151    }
152
153
154    /**
155     * Gets the LDAP port.
156     *
157     * @return the LDAP port
158     */
159    public int getLdapPort()
160    {
161        return ldapPort;
162    }
163
164
165    /**
166     * Sets the LDAP port.
167     *
168     * @param ldapPort the new LDAP port
169     */
170    public void setLdapPort( int ldapPort )
171    {
172        this.ldapPort = ldapPort;
173    }
174
175
176    /**
177     * Gets the LDAP host.
178     *
179     * @return the LDAP host
180     */
181    public String getLdapHost()
182    {
183        return ldapHost;
184    }
185
186
187    /**
188     * Sets the LDAP host.
189     *
190     * @param ldapHost the new LDAP host
191     */
192    public void setLdapHost( String ldapHost )
193    {
194        this.ldapHost = ldapHost;
195    }
196
197
198    /**
199     * Gets the name that is used to authenticate the user.
200     *
201     * @return the name
202     */
203    public String getName()
204    {
205        return name;
206    }
207
208
209    /**
210     * Sets the name which is used to authenticate the user.
211     *
212     * @param name the new name
213     */
214    public void setName( String name )
215    {
216        this.name = name;
217    }
218
219
220    /**
221     * Gets the credentials.
222     *
223     * @return the credentials
224     */
225    public String getCredentials()
226    {
227        return credentials;
228    }
229
230
231    /**
232     * Sets the credentials.
233     *
234     * @param credentials the new credentials
235     */
236    public void setCredentials( String credentials )
237    {
238        this.credentials = credentials;
239    }
240
241
242    /**
243     * Gets the default LDAP port.
244     *
245     * @return the default LDAP port
246     */
247    public int getDefaultLdapPort()
248    {
249        return DEFAULT_LDAP_PORT;
250    }
251
252
253    /**
254     * Gets the default LDAPS port.
255     *
256     * @return the default LDAPS port
257     */
258    public int getDefaultLdapsPort()
259    {
260        return DEFAULT_LDAPS_PORT;
261    }
262
263
264    /**
265     * Gets the default LDAP host.
266     *
267     * @return the default LDAP host
268     */
269    public String getDefaultLdapHost()
270    {
271        return Network.LOOPBACK_HOSTNAME;
272    }
273
274
275    /**
276     * Gets the default timeout.
277     *
278     * @return the default timeout
279     */
280    public long getDefaultTimeout()
281    {
282        return DEFAULT_TIMEOUT;
283    }
284
285
286    /**
287     * Gets the timeout.
288     *
289     * @return the timeout
290     */
291    public long getTimeout()
292    {
293        return timeout;
294    }
295
296
297    /**
298     * Sets the timeout.
299     *
300     * @param timeout the timeout to set
301     */
302    public void setTimeout( long timeout )
303    {
304        this.timeout = timeout;
305    }
306
307
308    /**
309     * Gets the supported LDAP version.
310     *
311     * @return the supported LDAP version
312     */
313    public int getSupportedLdapVersion()
314    {
315        return LDAP_V3;
316    }
317
318
319    /**
320     * Gets the trust managers.
321     *
322     * @return the trust managers
323     */
324    public TrustManager[] getTrustManagers()
325    {
326        return trustManagers;
327    }
328
329
330    /**
331     * Sets the trust managers.
332     *
333     * @param trustManagers the new trust managers
334     */
335    public void setTrustManagers( TrustManager... trustManagers )
336    {
337        this.trustManagers = trustManagers;
338    }
339
340
341    /**
342     * Gets the SSL protocol.
343     *
344     * @return the SSL protocol
345     */
346    public String getSslProtocol()
347    {
348        return sslProtocol;
349    }
350
351
352    /**
353     * Sets the SSL protocol.
354     *
355     * @param sslProtocol the new SSL protocol
356     */
357    public void setSslProtocol( String sslProtocol )
358    {
359        this.sslProtocol = sslProtocol;
360    }
361
362
363    /**
364     * Gets the key managers.
365     *
366     * @return the key managers
367     */
368    public KeyManager[] getKeyManagers()
369    {
370        return keyManagers;
371    }
372
373
374    /**
375     * Sets the key managers.
376     *
377     * @param keyManagers the new key managers
378     */
379    public void setKeyManagers( KeyManager[] keyManagers )
380    {
381        this.keyManagers = keyManagers;
382    }
383
384
385    /**
386     * Gets the secure random.
387     *
388     * @return the secure random
389     */
390    public SecureRandom getSecureRandom()
391    {
392        return secureRandom;
393    }
394
395
396    /**
397     * Sets the secure random.
398     *
399     * @param secureRandom the new secure random
400     */
401    public void setSecureRandom( SecureRandom secureRandom )
402    {
403        this.secureRandom = secureRandom;
404    }
405
406
407    /**
408     * Gets the cipher suites which are enabled.
409     * 
410     * @return the cipher suites which are enabled
411     */
412    public String[] getEnabledCipherSuites()
413    {
414        return enabledCipherSuites;
415    }
416
417
418    /**
419     * Sets the cipher suites which are enabled
420     * 
421     * @param enabledCipherSuites the cipher suites which are enabled
422     */
423    public void setEnabledCipherSuites( String[] enabledCipherSuites )
424    {
425        this.enabledCipherSuites = enabledCipherSuites;
426    }
427
428
429    /**
430     * Gets the protocols which are enabled.
431     * 
432     * @return the protocol which are enabled
433     */
434    public String[] getEnabledProtocols()
435    {
436        return enabledProtocols;
437    }
438
439
440    /**
441     * Sets the protocols which are enabled
442     * 
443     * @param enabledProtocols the protocols which are enabled
444     */
445    public void setEnabledProtocols( String... enabledProtocols )
446    {
447        this.enabledProtocols = enabledProtocols;
448    }
449
450
451    /**
452     * @return the binaryAttributeDetector
453     */
454    public BinaryAttributeDetector getBinaryAttributeDetector()
455    {
456        return binaryAttributeDetector;
457    }
458
459
460    /**
461     * @param binaryAttributeDetector the binaryAttributeDetector to set
462     */
463    public void setBinaryAttributeDetector( BinaryAttributeDetector binaryAttributeDetector )
464    {
465        this.binaryAttributeDetector = binaryAttributeDetector;
466    }
467
468
469    /**
470     * Checks if TLS is used.
471     *
472     * @return true, if TLS is used
473     */
474    public boolean isUseTls()
475    {
476        return useTls;
477    }
478
479
480    /**
481     * Sets whether TLS should be used.
482     *
483     * @param useTls true to use TLS
484     */
485    public void setUseTls( boolean useTls )
486    {
487        this.useTls = useTls;
488    }
489
490
491    /**
492     * @return the ldapApiService
493     */
494    public LdapApiService getLdapApiService()
495    {
496        return ldapApiService;
497    }
498
499
500    /**
501     * @param ldapApiService the ldapApiService to set
502     */
503    public void setLdapApiService( LdapApiService ldapApiService )
504    {
505        this.ldapApiService = ldapApiService;
506    }
507}