/** {@inheritDoc} */
public LDAPConnection getConnection() throws LDAPException {
if (M_log.isDebugEnabled()) {
M_log.debug("getConnection()");
}
LDAPConnection conn = newConnection();
if (config.isAutoBind()) {
if (M_log.isDebugEnabled()) {
M_log.debug("getConnection(): auto-binding");
}
try {
bind(conn, config.getLdapUser(), config.getLdapPassword());
} catch (LDAPException ldape) {
if (ldape.getResultCode() == LDAPException.INVALID_CREDENTIALS) {
M_log.warn(
"Failed to bind against: "
+ conn.getHost()
+ " with user: "******" password: "******".", "*"));
}
throw ldape;
}
}
return conn;
}
/**
* Applies <code>LDAPConstraints</code> to the specified <code>LDAPConnection</code>. Implemented
* to assign <code>timeLimit</code> and <code>referralFollowing</code> constraint values retrieved
* from the currently assigned {@link LdapConnectionManagerConfig}.
*
* @param conn
*/
protected void applyConstraints(LDAPConnection conn) {
int timeout = config.getOperationTimeout();
boolean followReferrals = config.isFollowReferrals();
if (M_log.isDebugEnabled()) {
M_log.debug(
"applyConstraints(): values [timeout = "
+ timeout
+ "][follow referrals = "
+ followReferrals
+ "]");
}
LDAPConstraints constraints = new LDAPConstraints();
constraints.setTimeLimit(timeout);
constraints.setReferralFollowing(followReferrals);
conn.setConstraints(constraints);
}
/**
* Caches a keystore location as a system property. No-op if the {@link
* #KEYSTORE_LOCATION_SYS_PROP_KEY} system property has a non-<code>null</code> value. Otherwise
* caches the keystore location from the currently assigned {@link LdapConnectionManagerConfig}.
*
* @param config
* @throws NullPointerException if a non-null keystore location cannot be resolved
*/
protected void initKeystoreLocation() {
if (M_log.isDebugEnabled()) {
M_log.debug("initKeystoreLocation()");
}
String sysKeystoreLocation = System.getProperty(KEYSTORE_LOCATION_SYS_PROP_KEY);
if (sysKeystoreLocation == null) {
String configuredKeystoreLocation = config.getKeystoreLocation();
if (configuredKeystoreLocation != null) {
if (M_log.isDebugEnabled()) {
M_log.debug(
"initKeystoreLocation(): setting system property [location = "
+ configuredKeystoreLocation
+ "]");
}
System.setProperty(KEYSTORE_LOCATION_SYS_PROP_KEY, configuredKeystoreLocation);
}
} else {
if (M_log.isDebugEnabled()) {
M_log.debug(
"initKeystoreLocation(): retained existing system property [location = "
+ sysKeystoreLocation
+ "]");
}
}
}
/**
* Return a new LDAPConnection with the appropriate socket factory set for the connection type.
*/
private LDAPConnection createConnectionWithSocketFactory() {
LDAPSocketFactory factory;
if (config.isSecureConnection()) {
factory = config.getSecureSocketFactory();
if (factory == null) {
throw new RuntimeException(
"You must set a 'secureSocketFactory' (in jldap-beans.xml) when using LDAPS");
}
} else {
factory = config.getSocketFactory();
}
if (factory == null) {
return new LDAPConnection();
} else {
return new LDAPConnection(factory);
}
}
protected void postConnect(LDAPConnection conn) throws LDAPException {
if (M_log.isDebugEnabled()) {
M_log.debug("postConnect()");
}
if (config.isSecureConnection() && isTlsSocketFactory()) {
if (M_log.isDebugEnabled()) {
M_log.debug("postConnect(): starting TLS");
}
conn.startTLS();
}
}
/** {@inheritDoc} */
public void init() {
if (M_log.isDebugEnabled()) {
M_log.debug("init()");
}
if (config.isSecureConnection()) {
if (M_log.isDebugEnabled()) {
M_log.debug("init(): initializing keystore");
}
initKeystoreLocation();
initKeystorePassword();
}
}
/**
* Caches a keystore password as a system property. No-op if the {@link
* #KEYSTORE_PASSWORD_SYS_PROP_KEY} system property has a non-<code>null</code> value. Otherwise
* caches the keystore password from the currently assigned {@link LdapConnectionManagerConfig}.
*
* @param config
* @throws NullPointerException if a non-null keystore password cannot be resolved
*/
protected void initKeystorePassword() {
if (M_log.isDebugEnabled()) {
M_log.debug("initKeystorePassword()");
}
String sysKeystorePassword = System.getProperty(KEYSTORE_PASSWORD_SYS_PROP_KEY);
if (sysKeystorePassword == null) {
String configuredKeystorePassword = config.getKeystorePassword();
if (configuredKeystorePassword != null) {
if (M_log.isDebugEnabled()) {
M_log.debug("initKeystorePassword(): setting system property");
}
System.setProperty(KEYSTORE_PASSWORD_SYS_PROP_KEY, configuredKeystorePassword);
}
} else {
if (M_log.isDebugEnabled()) {
M_log.debug("initKeystorePassword(): retained existing system property");
}
}
}
/**
* Connects the specified <code>LDAPConnection</code> to the currently configured host and port.
*
* @param conn an <code>LDAPConnection</code>
* @throws LDAPConnection if the connect attempt fails
*/
protected void connect(LDAPConnection conn) throws LDAPException {
if (M_log.isDebugEnabled()) {
M_log.debug("connect()");
}
conn.connect(config.getLdapHost(), config.getLdapPort());
try {
postConnect(conn);
} catch (LDAPException e) {
M_log.error(
"Failed to completely initialize a connection [host = "
+ config.getLdapHost()
+ "][port = "
+ config.getLdapPort()
+ "]",
e);
try {
conn.disconnect();
} catch (LDAPException ee) {
}
throw e;
} catch (Throwable e) {
M_log.error(
"Failed to completely initialize a connection [host = "
+ config.getLdapHost()
+ "][port = "
+ config.getLdapPort()
+ "]",
e);
try {
conn.disconnect();
} catch (LDAPException ee) {
}
if (e instanceof Error) {
throw (Error) e;
}
if (e instanceof RuntimeException) {
throw (RuntimeException) e;
}
throw new RuntimeException("LDAPConnection allocation failure", e);
}
}
protected boolean isTlsSocketFactory() {
return config.getSecureSocketFactory() instanceof LDAPTLSSocketFactory;
}