Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.unboundid.ldap.sdk.extensions
Class StartTLSExtendedRequest

java.lang.Object
  extended by com.unboundid.ldap.sdk.LDAPRequest
      extended by com.unboundid.ldap.sdk.ExtendedRequest
          extended by com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest
All Implemented Interfaces:
ProtocolOp, ReadOnlyLDAPRequest, java.io.Serializable
@NotMutable
@ThreadSafety(level=NOT_THREADSAFE)
public final class StartTLSExtendedRequest
extends ExtendedRequest

This class provides an implementation of the LDAP StartTLS extended request as defined in RFC 4511 section 4.14. It may be used to establish a secure communication channel over an otherwise unencrypted connection.

Note that when using the StartTLS extended operation, you should establish a connection to the server's unencrypted LDAP port rather than its secure port. Then, you can use the StartTLS extended request in order to secure that connection.

Example

The following example attempts to use the StartTLS extended request in order to secure communication on a previously insecure connection. In this case, it will use the SSLUtil class in conjunction with the TrustAllTrustManager class to simplify the process of performing the SSL negotiation by blindly trusting whatever certificate the server might happen to present. In real-world applications, if stronger verification is required then it is recommended that you use an SSLContext that is configured to perform an appropriate level of validation. 
   SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
   SSLContext sslContext = sslUtil.createSSLContext();
   ExtendedResult extendedResult = connection.processExtendedOperation(
        new StartTLSExtendedRequest(sslContext));

   // NOTE:  The processExtendedOperation method will only throw an exception
   // if a problem occurs while trying to send the request or read the
   // response.  It will not throw an exception because of a non-success
   // response.

   if (extendedResult.getResultCode() == ResultCode.SUCCESS)
   {
     System.out.println("Communication with the server is now secure.");
   }
   else
   {
     System.err.println("An error occurred while attempting to perform " +
          "StartTLS negotiation.  The connection can no longer be used.");
     connection.close();
   }

See Also:
Serialized Form

Field Summary
static java.lang.String STARTTLS_REQUEST_OID
          The OID (1.3.6.1.4.1.1466.20037) for the StartTLS extended request.
 
Fields inherited from class com.unboundid.ldap.sdk.ExtendedRequest
TYPE_EXTENDED_REQUEST_OID, TYPE_EXTENDED_REQUEST_VALUE
 
Constructor Summary
StartTLSExtendedRequest()
          Creates a new StartTLS extended request using a default SSL context.
StartTLSExtendedRequest(Control[] controls)
          Creates a new StartTLS extended request using a default SSL context.
StartTLSExtendedRequest(ExtendedRequest extendedRequest)
          Creates a new StartTLS extended request from the provided generic extended request.
StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext)
          Creates a new StartTLS extended request using the provided SSL context.
StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext, Control[] controls)
          Creates a new StartTLS extended request.
 
Method Summary
 StartTLSExtendedRequest duplicate()
          Creates a new instance of this LDAP request that may be modified without impacting this request.
 StartTLSExtendedRequest duplicate(Control[] controls)
          Creates a new instance of this LDAP request that may be modified without impacting this request.
 java.lang.String getExtendedRequestName()
          Retrieves the user-friendly name for the extended request, if available.
 ExtendedResult process(LDAPConnection connection, int depth)
          Sends this extended request to the directory server over the provided connection and returns the associated response.
 void toString(java.lang.StringBuilder buffer)
          Appends a string representation of this request to the provided buffer.
 
Methods inherited from class com.unboundid.ldap.sdk.ExtendedRequest
encodeProtocolOp, getLastMessageID, getOID, getOperationType, getProtocolOpType, getValue, hasValue, responseReceived, writeTo
 
Methods inherited from class com.unboundid.ldap.sdk.LDAPRequest
followReferrals, getControl, getControlList, getControls, getIntermediateResponseListener, getResponseTimeoutMillis, hasControl, hasControl, setFollowReferrals, setIntermediateResponseListener, setResponseTimeoutMillis, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

STARTTLS_REQUEST_OID

public static final java.lang.String STARTTLS_REQUEST_OID
The OID (1.3.6.1.4.1.1466.20037) for the StartTLS extended request.

See Also:
Constant Field Values
Constructor Detail

StartTLSExtendedRequest

public StartTLSExtendedRequest()
                        throws LDAPException
Creates a new StartTLS extended request using a default SSL context.

Throws:
LDAPException - If a problem occurs while trying to initialize a default SSL context.

StartTLSExtendedRequest

public StartTLSExtendedRequest(Control[] controls)
                        throws LDAPException
Creates a new StartTLS extended request using a default SSL context.

Parameters:
controls - The set of controls to include in the request.
Throws:
LDAPException - If a problem occurs while trying to initialize a default SSL context.

StartTLSExtendedRequest

public StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext)
                        throws LDAPException
Creates a new StartTLS extended request using the provided SSL context.

Parameters:
sslContext - The SSL context to use to perform the negotiation. It may be null to indicate that a default SSL context should be used. If an SSL context is provided, then it must already be initialized.
Throws:
LDAPException - If a problem occurs while trying to initialize a default SSL context.

StartTLSExtendedRequest

public StartTLSExtendedRequest(javax.net.ssl.SSLContext sslContext,
                               Control[] controls)
                        throws LDAPException
Creates a new StartTLS extended request.

Parameters:
sslContext - The SSL context to use to perform the negotiation. It may be null to indicate that a default SSL context should be used. If an SSL context is provided, then it must already be initialized.
controls - The set of controls to include in the request.
Throws:
LDAPException - If a problem occurs while trying to initialize a default SSL context.

StartTLSExtendedRequest

public StartTLSExtendedRequest(ExtendedRequest extendedRequest)
                        throws LDAPException
Creates a new StartTLS extended request from the provided generic extended request.

Parameters:
extendedRequest - The generic extended request to use to create this StartTLS extended request.
Throws:
LDAPException - If a problem occurs while decoding the request.
Method Detail

process

public ExtendedResult process(LDAPConnection connection,
                              int depth)
                       throws LDAPException
Sends this extended request to the directory server over the provided connection and returns the associated response.

Overrides:
process in class ExtendedRequest
Parameters:
connection - The connection to use to communicate with the directory server.
depth - The current referral depth for this request. It should always be one for the initial request, and should only be incremented when following referrals.
Returns:
An LDAP result object that provides information about the result of the extended operation processing.
Throws:
LDAPException - If a problem occurs while sending the request or reading the response.

duplicate

public StartTLSExtendedRequest duplicate()
Creates a new instance of this LDAP request that may be modified without impacting this request.. Subclasses should override this method to return a duplicate of the appropriate type.

Specified by:
duplicate in interface ReadOnlyLDAPRequest
Overrides:
duplicate in class ExtendedRequest
Returns:
A new instance of this LDAP request that may be modified without impacting this request.

duplicate

public StartTLSExtendedRequest duplicate(Control[] controls)
Creates a new instance of this LDAP request that may be modified without impacting this request. The provided controls will be used for the new request instead of duplicating the controls from this request.. Subclasses should override this method to return a duplicate of the appropriate type.

Specified by:
duplicate in interface ReadOnlyLDAPRequest
Overrides:
duplicate in class ExtendedRequest
Parameters:
controls - The set of controls to include in the duplicate request.
Returns:
A new instance of this LDAP request that may be modified without impacting this request.

getExtendedRequestName

public java.lang.String getExtendedRequestName()
Retrieves the user-friendly name for the extended request, if available. If no user-friendly name has been defined, then the OID will be returned.

Overrides:
getExtendedRequestName in class ExtendedRequest
Returns:
The user-friendly name for this extended request, or the OID if no user-friendly name is available.

toString

public void toString(java.lang.StringBuilder buffer)
Appends a string representation of this request to the provided buffer.

Specified by:
toString in interface ProtocolOp
Specified by:
toString in interface ReadOnlyLDAPRequest
Overrides:
toString in class ExtendedRequest
Parameters:
buffer - The buffer to which to append a string representation of this request.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD