35 import javax.naming.NamingException; |
35 import javax.naming.NamingException; |
36 import javax.naming.NameNotFoundException; |
36 import javax.naming.NameNotFoundException; |
37 import javax.naming.directory.Attribute; |
37 import javax.naming.directory.Attribute; |
38 import javax.naming.directory.Attributes; |
38 import javax.naming.directory.Attributes; |
39 import javax.naming.directory.BasicAttributes; |
39 import javax.naming.directory.BasicAttributes; |
40 import javax.naming.directory.DirContext; |
|
41 import javax.naming.directory.InitialDirContext; |
|
42 |
40 |
43 import java.security.*; |
41 import java.security.*; |
44 import java.security.cert.Certificate; |
42 import java.security.cert.Certificate; |
45 import java.security.cert.*; |
43 import java.security.cert.*; |
|
44 import javax.naming.CommunicationException; |
|
45 import javax.naming.ldap.InitialLdapContext; |
|
46 import javax.naming.ldap.LdapContext; |
46 import javax.security.auth.x500.X500Principal; |
47 import javax.security.auth.x500.X500Principal; |
47 |
48 |
48 import sun.misc.HexDumpEncoder; |
49 import sun.misc.HexDumpEncoder; |
49 import sun.security.provider.certpath.X509CertificatePair; |
50 import sun.security.provider.certpath.X509CertificatePair; |
50 import sun.security.util.Cache; |
51 import sun.security.util.Cache; |
158 */ |
159 */ |
159 private CertificateFactory cf; |
160 private CertificateFactory cf; |
160 /** |
161 /** |
161 * The JNDI directory context. |
162 * The JNDI directory context. |
162 */ |
163 */ |
163 private DirContext ctx; |
164 private LdapContext ctx; |
|
165 |
|
166 /** |
|
167 * Flag indicating that communication error occurred. |
|
168 */ |
|
169 private boolean communicationError = false; |
164 |
170 |
165 /** |
171 /** |
166 * Flag indicating whether we should prefetch CRLs. |
172 * Flag indicating whether we should prefetch CRLs. |
167 */ |
173 */ |
168 private boolean prefetchCRLs = false; |
174 private boolean prefetchCRLs = false; |
216 */ |
222 */ |
217 private static final Cache<LDAPCertStoreParameters, CertStore> |
223 private static final Cache<LDAPCertStoreParameters, CertStore> |
218 certStoreCache = Cache.newSoftMemoryCache(185); |
224 certStoreCache = Cache.newSoftMemoryCache(185); |
219 static synchronized CertStore getInstance(LDAPCertStoreParameters params) |
225 static synchronized CertStore getInstance(LDAPCertStoreParameters params) |
220 throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { |
226 throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { |
|
227 // if necessary, convert params to SunLDAPCertStoreParameters because |
|
228 // LDAPCertStoreParameters does not override equals() and hashCode() |
|
229 if (! (params instanceof SunLDAPCertStoreParameters)) { |
|
230 params = new SunLDAPCertStoreParameters(params.getServerName(), params.getPort()); |
|
231 } |
221 CertStore lcs = certStoreCache.get(params); |
232 CertStore lcs = certStoreCache.get(params); |
222 if (lcs == null) { |
233 if (lcs == null) { |
223 lcs = CertStore.getInstance("LDAP", params); |
234 lcs = CertStore.getInstance("LDAP", params); |
224 certStoreCache.put(params, lcs); |
235 certStoreCache.put(params, lcs); |
225 } else { |
236 } else { |
254 } |
265 } |
255 env.put("com.sun.naming.disable.app.resource.files", "true"); |
266 env.put("com.sun.naming.disable.app.resource.files", "true"); |
256 } |
267 } |
257 |
268 |
258 try { |
269 try { |
259 ctx = new InitialDirContext(env); |
270 ctx = new InitialLdapContext(env, null); |
260 /* |
271 /* |
261 * By default, follow referrals unless application has |
272 * By default, follow referrals unless application has |
262 * overridden property in an application resource file. |
273 * overridden property in an application resource file. |
263 */ |
274 */ |
264 Hashtable<?,?> currentEnv = ctx.getEnvironment(); |
275 Hashtable<?,?> currentEnv = ctx.getEnvironment(); |
367 } |
378 } |
368 } |
379 } |
369 valueMap = new HashMap<>(8); |
380 valueMap = new HashMap<>(8); |
370 String[] attrIds = requestedAttributes.toArray(STRING0); |
381 String[] attrIds = requestedAttributes.toArray(STRING0); |
371 Attributes attrs; |
382 Attributes attrs; |
|
383 |
|
384 if (communicationError) { |
|
385 ctx.reconnect(null); |
|
386 communicationError = false; |
|
387 } |
|
388 |
372 try { |
389 try { |
373 attrs = ctx.getAttributes(name, attrIds); |
390 attrs = ctx.getAttributes(name, attrIds); |
|
391 } catch (CommunicationException ce) { |
|
392 communicationError = true; |
|
393 throw ce; |
374 } catch (NameNotFoundException e) { |
394 } catch (NameNotFoundException e) { |
375 // name does not exist on this LDAP server |
395 // name does not exist on this LDAP server |
376 // treat same as not attributes found |
396 // treat same as not attributes found |
377 attrs = EMPTY_ATTRIBUTES; |
397 attrs = EMPTY_ATTRIBUTES; |
378 } |
398 } |
882 super(serverName); |
902 super(serverName); |
883 } |
903 } |
884 SunLDAPCertStoreParameters() { |
904 SunLDAPCertStoreParameters() { |
885 super(); |
905 super(); |
886 } |
906 } |
|
907 @Override |
887 public boolean equals(Object obj) { |
908 public boolean equals(Object obj) { |
|
909 if (obj == null) { |
|
910 return false; |
|
911 } |
|
912 |
888 if (!(obj instanceof LDAPCertStoreParameters)) { |
913 if (!(obj instanceof LDAPCertStoreParameters)) { |
889 return false; |
914 return false; |
890 } |
915 } |
891 LDAPCertStoreParameters params = (LDAPCertStoreParameters) obj; |
916 LDAPCertStoreParameters params = (LDAPCertStoreParameters) obj; |
892 return (getPort() == params.getPort() && |
917 return (getPort() == params.getPort() && |
893 getServerName().equalsIgnoreCase(params.getServerName())); |
918 getServerName().equalsIgnoreCase(params.getServerName())); |
894 } |
919 } |
|
920 @Override |
895 public int hashCode() { |
921 public int hashCode() { |
896 if (hashCode == 0) { |
922 if (hashCode == 0) { |
897 int result = 17; |
923 int result = 17; |
898 result = 37*result + getPort(); |
924 result = 37*result + getPort(); |
899 result = 37*result + |
925 result = 37*result + |