//Sample code file: var/ndk/webBuildengine/tmp/viewable_samples/f91a68eb-ad37-4526-92b1-b1938f37b871/security/StartTLS.java //Warning: This code has been marked up for HTML
 

/*******************************************************************************

 * $Novell: StartTLS.java,v 1.7 2003/08/21 11:56:19 $

 * Copyright (C) 1999, 2000, 2001 Novell, Inc. All Rights Reserved.

 *

 * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND

 * TREATIES. USE AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO THE LICENSE

 * AGREEMENT ACCOMPANYING THE SOFTWARE DEVELOPMENT KIT (SDK) THAT CONTAINS

 * THIS WORK. PURSUANT TO THE SDK LICENSE AGREEMENT, NOVELL HEREBY GRANTS TO

 * DEVELOPER A ROYALTY-FREE, NON-EXCLUSIVE LICENSE TO INCLUDE NOVELL'S SAMPLE

 * CODE IN ITS PRODUCT. NOVELL GRANTS DEVELOPER WORLDWIDE DISTRIBUTION RIGHTS

 * TO MARKET, DISTRIBUTE, OR SELL NOVELL'S SAMPLE CODE AS A COMPONENT OF

 * DEVELOPER'S PRODUCTS. NOVELL SHALL HAVE NO OBLIGATIONS TO DEVELOPER OR

 * DEVELOPER'S CUSTOMERS WITH RESPECT TO THIS CODE.

 *

 * $name:           StartTLS.java

 * $description:    The StartTLS.java sample shows how to set up a secure

 *                  TLS connection.  This sample needs the path to a keystore

 *                  where a certificate of the server is stored.  The sample

 *                  TLSTrustManager can create a keystore for you.  For

 *                  information on manually creating a keystore, see the keytool

 *                  documentation of a Java Developer Kit.

 *

 *                  Note: eDirectory 8.7 and above support TLS.

 ******************************************************************************/

import com.novell.ldap.*;

import java.security.Security;

import java.io.UnsupportedEncodingException;



public class StartTLS

{

    public static void main( String[] args )

    {

        if (args.length != 4) {

           System.err.println("Usage:   java StartTLS <host>"

                            + " <login dn> <password> <keystore_path>");

           System.err.println("Example: java StartTLS nldap.novell.com"

                            + " \"cn=user,o=novell\" password "

                            + "/keystorePath/ssl.keystore");

           System.exit(1);

        }



        int ldapPort = LDAPConnection.DEFAULT_PORT;

        int ldapVersion = LDAPConnection.LDAP_V3;

        String ldapHost = args[0];

        String loginDN = args[1];

        String password = args[2];

        String path = args[3];

        LDAPSocketFactory ssf;



        try {



           // Dynamically set Sun as the security provider


            Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());



           // Dynamically set the property that JSSE uses to identify


           // the keystore that holds trusted root certificates


            System.setProperty("javax.net.ssl.trustStore", path);



           // Set the socket factory for this connection


           // Note: the socket factory can also set for all connections.


            LDAPConnection lc = new LDAPConnection(

                new LDAPJSSEStartTLSFactory());



           // connect to the server: Anonymous authentication, clear text


            lc.connect( ldapHost, ldapPort );



           // secure the connection: Anonymous, encrypted text


            lc.startTLS();



            System.out.println( "Successful startTLS");



           // bind to the server: Authenticated, encrypted text


            lc.bind(ldapVersion,loginDN, password.getBytes("UTF8"));



            System.out.println( "Successful secured bind with server.");



            lc.stopTLS();



            System.out.println( "Successful stopTLS.");



            lc.disconnect();

        }

        catch( LDAPException e ) {

            System.out.println("Error: " + e.toString());

        }

        catch( UnsupportedEncodingException e ) {

            System.out.println( "Error: " + e.toString() );

        }

    }

}