/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Copyright 2010 Sun Microsystems, Inc. */ package org.opends.sdk; import java.util.LinkedList; import java.util.List; import java.util.concurrent.TimeUnit; import javax.net.ssl.SSLContext; import org.glassfish.grizzly.nio.transport.TCPNIOTransport; import com.sun.opends.sdk.util.Validator; /** * Common options for LDAP client connections. */ public final class LDAPOptions { private SSLContext sslContext; private boolean useStartTLS; private long timeoutInMillis; private DecodeOptions decodeOptions; /** * The list of cipher suite */ private List enabledCipherSuites = new LinkedList(); /** * the list of protocols */ private List enabledProtocols = new LinkedList(); private TCPNIOTransport transport; /** * Creates a new set of connection options with default settings. SSL will not * be enabled, and a default set of decode options will be used. */ public LDAPOptions() { this.sslContext = null; this.timeoutInMillis = 0; this.useStartTLS = false; this.decodeOptions = new DecodeOptions(); this.transport = null; } /** * Creates a new set of connection options having the same initial set of * options as the provided set of connection options. * * @param options * The set of connection options to be copied. */ public LDAPOptions(final LDAPOptions options) { this.sslContext = options.sslContext; this.timeoutInMillis = options.timeoutInMillis; this.useStartTLS = options.useStartTLS; this.decodeOptions = new DecodeOptions(options.decodeOptions); this.enabledCipherSuites.addAll(options.getEnabledCipherSuites()); this.enabledProtocols.addAll(options.getEnabledProtocols()); this.transport = options.transport; } /** * Returns the decoding options which will be used to control how requests and * responses are decoded. * * @return The decoding options which will be used to control how requests and * responses are decoded (never {@code null}). */ public final DecodeOptions getDecodeOptions() { return decodeOptions; } /** * Returns the SSL context which will be used when initiating connections with * the Directory Server. By default no SSL context will be used, indicating * that connections will not be secured. If a non-{@code null} SSL context is * returned then connections will be secured using either SSL or StartTLS * depending on {@link #useStartTLS()}. * * @return The SSL context which will be used when initiating secure * connections with the Directory Server, which may be {@code null} * indicating that connections will not be secured. */ public final SSLContext getSSLContext() { return sslContext; } /** * Returns the Grizzly TCP transport which will be used when initiating * connections with the Directory Server. By default this method will return * {@code null} indicating that the default transport factory should be used * to obtain a TCP transport. * * @return The Grizzly TCP transport which will be used when initiating * connections with the Directory Server, or {@code null} if the * default transport factory should be used to obtain a TCP transport. */ public final TCPNIOTransport getTCPNIOTransport() { return transport; } /** * Returns the operation timeout in the specified unit. * * @param unit * The time unit of use. * @return The operation timeout. */ public final long getTimeout(final TimeUnit unit) { return unit.convert(timeoutInMillis, TimeUnit.MILLISECONDS); } /** * Sets the decoding options which will be used to control how requests and * responses are decoded. * * @param decodeOptions * The decoding options which will be used to control how requests * and responses are decoded (never {@code null}). * @return A reference to this LDAP connection options. * @throws NullPointerException * If {@code decodeOptions} was {@code null}. */ public final LDAPOptions setDecodeOptions(final DecodeOptions decodeOptions) throws NullPointerException { Validator.ensureNotNull(decodeOptions); this.decodeOptions = decodeOptions; return this; } /** * Sets the SSL context which will be used when initiating connections with * the Directory Server. By default no SSL context will be used, indicating * that connections will not be secured. If a non-{@code null} SSL context is * returned then connections will be secured using either SSL or StartTLS * depending on {@link #useStartTLS()}. * * @param sslContext * The SSL context which will be used when initiating secure * connections with the Directory Server, which may be {@code null} * indicating that connections will not be secured. * @return A reference to this LDAP connection options. */ public final LDAPOptions setSSLContext(final SSLContext sslContext) { this.sslContext = sslContext; return this; } /** * Sets the Grizzly TCP transport which will be used when initiating * connections with the Directory Server. By default this method will return * {@code null} indicating that the default transport factory will be used to * obtain a TCP transport. * * @param transport * The Grizzly TCP transport which will be used when initiating * connections with the Directory Server, or {@code null} if the * default transport factory should be used to obtain a TCP * transport. * @return A reference to this LDAP connection options. */ public final LDAPOptions setTCPNIOTransport(final TCPNIOTransport transport) { this.transport = transport; return this; } /** * Sets the operation timeout. If the response is not received from the * Directory Server in the timeout period, the operation will be abandoned and * an error result returned. A timeout setting of 0 disables timeout limits. * * @param timeout * The operation timeout to use. * @param unit * the time unit of the time argument. * @return A reference to this LDAP connection options. */ public final LDAPOptions setTimeout(final long timeout, final TimeUnit unit) { this.timeoutInMillis = unit.toMillis(timeout); return this; } /** * Specifies whether or not SSL or StartTLS should be used for securing * connections when an SSL context is specified. By default SSL will be used * in preference to StartTLS. * * @param useStartTLS * {@code true} if StartTLS should be used for securing connections * when an SSL context is specified, otherwise {@code false} * indicating that SSL should be used. * @return A reference to this LDAP connection options. */ public final LDAPOptions setUseStartTLS(final boolean useStartTLS) { this.useStartTLS = useStartTLS; return this; } /** * Indicates whether or not SSL or StartTLS should be used for securing * connections when an SSL context is specified. By default SSL will be used * in preference to StartTLS. * * @return {@code true} if StartTLS should be used for securing connections * when an SSL context is specified, otherwise {@code false} * indicating that SSL should be used. */ public final boolean useStartTLS() { return useStartTLS; } /** * Adds the protocol versions enabled for secure connections with the * Directory Server. * * The protocols must be supported by the SSLContext specified in * {@link #setSSLContext(SSLContext)}. Following a successful call to * this method, only the protocols listed in the protocols parameter are * enabled for use. * * @param protocols Names of all the protocols to enable. * @return A reference to this LDAP connection options. */ public final LDAPOptions addEnabledProtocol(String... protocols) { for (final String protocol : protocols) { this.enabledProtocols.add(Validator.ensureNotNull(protocol)); } return this; } /** * Adds the cipher suites enabled for secure connections with the * Directory Server. * * The suites must be supported by the SSLContext specified in * {@link #setSSLContext(SSLContext)}. Following a successful call to * this method, only the suites listed in the protocols parameter are * enabled for use. * * @param suites Names of all the suites to enable. * @return A reference to this LDAP connection options. */ public final LDAPOptions addEnabledCipherSuite(String... suites) { for (final String suite : suites) { this.enabledCipherSuites.add(Validator.ensureNotNull(suite)); } return this; } /** * Returns the names of the protocol versions which are currently enabled * for secure connections with the Directory Server. * * @return an array of protocols or empty set if the default protocols * are to be used. */ public final List getEnabledProtocols() { return this.enabledProtocols; } /** * Returns the names of the protocol versions which are currently enabled * for secure connections with the Directory Server. * * @return an array of protocols or empty set if the default protocols * are to be used. */ public final List getEnabledCipherSuites() { return this.enabledCipherSuites; } }