connectiondata.java

JAVA开源LDAP浏览器jxplorer的源码!

package com.ca.commons.jndi;

import javax.naming.NamingException;
import javax.naming.Context;
import java.util.*;

/**
 * The ConnectionData inner class is used to pass
 * connection data around.  Not all fields are
 * guaranteed to be valid values.
 */

public class ConnectionData
{
    /**
     * The base to start browsing from, e.g.'o=Democorp,c=au'.
     * (This is often reset to what the directory says the base
     * is in practice).
     */

    public String baseDN = "";

    /**
     * The LDAP Version (2 or 3) being used.
     */

    public int version = 3;  // default to 3...

    /**
     * Which protocol to use (currently "ldap", "dsml")
     */

    public static final String LDAP = "ldap";
    public static final String DSML = "dsml";
    public String protocol = LDAP;  // default is always to use LDAP

    /**
     * A URL of the form ldap://hostname:portnumber.
     */

    public String url;

    /**
     * The Manager User's distinguished name (optionally null if not used).
     */

    public String userDN;

    /**
     * The Manager User's password - (is null if user is not manager).
     */

    public char[] pwd;

    /**
     * The jndi ldap referral type: [follow:ignore:throw] (may be null - defaults to 'follow').
     */

    public String referralType = "follow";

    /**
     * How aliases should be handled in searches ('always'|'never'|'find'|'search').
     */

    public String aliasType = "searching";

    /**
     * Whether to use SSL (either simple or client-authenticated).
     */

    public boolean useSSL;
    
    /**
     * The file containing the trusted server certificates (no keys).
     */

    // XXX we may want to expand this later to 'SSL type'
    public String cacerts;

    /**
     * The file containing client certificates and private key(s).
     */

    public String clientcerts;

    /**
     * The password to the ca's keystore (may be null for non-client authenticated ssl).
     */

    public char[] caKeystorePwd;

    /**
     * The password to the client's keystore (may be null for non-client authenticated ssl).
     */

    public char[] clientKeystorePwd;

    /**
     * The type of ca keystore file; e.g. 'JKS', or 'PKCS12'.
     */

    public String caKeystoreType;

    /**
     * The type of client keystore file; e.g. 'JKS', or 'PKCS12'.
     */

    public String clientKeystoreType;

    /**
     * The SSL connection socket factory.  This defaults to com.ca.commons.jndi.JndiSocketFactory
     */

    public String sslSocketFactory = "com.ca.commons.jndi.JndiSocketFactory";

    /**
     * Whether to set BER tracing on or not.  (This is a very verbose
     * dump of all the raw ldap data as it streams past).
     */

    public boolean tracing;

    /**
     * Whether to set SSL tracing on or not.  (This is a very verbose
     * dump of all the SSL data as it streams past).
     */

    public boolean sslTracing;


    private static final String DEFAULT_CTX = "com.sun.jndi.ldap.LdapCtxFactory";

//    private static final String DEFAULT_DSML_CTX = "com.sun.jndi.dsmlv2.soap.DsmlSoapCtxFactory";
    private static final String DEFAULT_DSML_CTX = "com.ca.jndiproviders.dsml.DsmlCtxFactory";


    // Vadim: GSSAPI

        /**
         * Whether to use GSSAPI
         */

    public boolean useGSSAPI;

    /**
     *  Any extra environment magic required; e.g. to make GSSAPI work
     */
    public Properties extraProperties;


    /**
     * Empty constructor - data fields are intended
     * to be set directly.
     */

    public ConnectionData()
    {
    }

    /**
     * This sets up a full connection data object with the information needed to
     * create a jndi environment properties object.  Usually you won't need to use
     * the full method, and can use one of the shorter versions that sets empty
     * defaults for the unused bits.
     *
     * @param version
     * @param url
     * @param userDN
     * @param pwd
     * @param tracing
     * @param referralType
     * @param aliasType
     * @param useSSL
     * @param cacerts
     * @param clientcerts
     * @param caKeystorePwd
     * @param clientKeystorePwd
     * @param caKeystoreType
     * @param clientKeystoreType
     * @param useGSSAPI whether to use the GSSAPI protocol (e.g. for Kerberos support)
     * @param extraProperties a 'get out of jail free' for any bizarre properties that haven't
     * already been covered, or that are introduced in the future.  Using this isn't really
     * good coding practice, since we don't know what there properties are, but is sometimes
     * required...
     *
     */
    public ConnectionData(int version,
                          String url,
                          String userDN,
                          char[] pwd,
                          boolean tracing,
                          String referralType,
                          String aliasType,
                          boolean useSSL,
                          String cacerts,
                          String clientcerts,
                          char[] caKeystorePwd,
                          char[] clientKeystorePwd,
                          String caKeystoreType,
                          String clientKeystoreType,
                          boolean useGSSAPI,
                          Properties extraProperties)
    {
        this.version = version;
        this.url = url;
        this.userDN = userDN;
        this.pwd = pwd;
        this.referralType = referralType;
        this.aliasType = aliasType;
        this.useSSL = useSSL;
        this.cacerts = cacerts;
        this.clientcerts = clientcerts;
        this.caKeystorePwd = caKeystorePwd;
        this.clientKeystorePwd = clientKeystorePwd;
        this.caKeystoreType = caKeystoreType;
        this.clientKeystoreType = clientKeystoreType;
        this.tracing = tracing;

        this.sslTracing = tracing;  // XXX for the time being, BER tracing and SSL Tracing are entwined :-).

        this.useGSSAPI = useGSSAPI;
        this.extraProperties = extraProperties;
    }

    /**
     * Utility method for test routines
     *
     * @param version
     * @param url
     * @param userDN
     * @param pwd
     * @param tracing
     * @param referralType
     * @param aliasType
     */ 
    public ConnectionData(int version,
                          String url,
                          String userDN,
                          char[] pwd,
                          boolean tracing,
                          String referralType,
                          String aliasType)
    {
        this.version = version;
        this.url = url;
        this.userDN = userDN;
        this.pwd = pwd;
        this.referralType = referralType;
        this.aliasType = aliasType;
        this.sslTracing = tracing;  // XXX for the time being, BER tracing and SSL Tracing are entwined :-).
    }


    public void setProtocol(String newProtocol)
    {
        if (newProtocol.equalsIgnoreCase(LDAP))
            protocol = LDAP;
        else if (newProtocol.equalsIgnoreCase(DSML))
            protocol = DSML;
        else
            System.err.println("Unknown Protocol " + newProtocol);
    }

    /**
     * This should be used to clear all the passwords
     * saved in this data object when they have been
     * used and are no longer needed... make sure however
     * that no references to the passwords remain to be
     * used by other parts of the program first :-)!
     * <p/>
     * (nb - since JNDI uses the passwords as Strings, they
     * can still be sniffed from JNDI :-( ).
     */

    public void clearPasswords()
    {
        if (pwd != null) for (int i = 0; i < pwd.length; i++) pwd[i] = ' ';  //TE: null is incompatible.
        if (caKeystorePwd != null) for (int i = 0; i < caKeystorePwd.length; i++) caKeystorePwd[i] = ' ';
        if (clientKeystorePwd != null) for (int i = 0; i < clientKeystorePwd.length; i++) clientKeystorePwd[i] = ' ';