Skip to content

Instantly share code, notes, and snippets.

@Gsealy

Gsealy/LdapsNoVerifySSLSocketFactory.java

Last active April 2, 2020 01:39
Show Gist options
  • Save Gsealy/e4b7adb21518a259d8a6967301128dbc to your computer and use it in GitHub Desktop.
Save Gsealy/e4b7adb21518a259d8a6967301128dbc to your computer and use it in GitHub Desktop.
Download ZIP
Raw
LdapsNoVerifySSLSocketFactory.java
package io.gsealy;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
/**
* Do not verify cert IP or DNS Extensions.
*
* @author <a href="mailto:[email protected]">Gsealy</a>
*/
public class LdapsNoVerifySSLSocketFactory extends SSLSocketFactory {
private final SSLContext sslContext;
private static SSLSocketFactory socketFactory;
public LdapsNoVerifySSLSocketFactory() throws NoSuchAlgorithmException, KeyManagementException {
NoVerificationTrustManager noVerificationTrustManager = new NoVerificationTrustManager();
sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] {noVerificationTrustManager}, new SecureRandom());
socketFactory = sslContext.getSocketFactory();
SSLContext.setDefault(sslContext);
}
public static synchronized SocketFactory getDefault() {
if (socketFactory == null) {
try {
socketFactory = new LdapsNoVerifySSLSocketFactory();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
}
return socketFactory;
}
@Override
public String[] getDefaultCipherSuites() {
return socketFactory.getDefaultCipherSuites();
}
@Override
public String[] getSupportedCipherSuites() {
return socketFactory.getSupportedCipherSuites();
}
@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose)
throws IOException {
return socketFactory.createSocket(s, host, port, autoClose);
}
@Override
public Socket createSocket(String host, int port) throws IOException {
SSLSocketFactory socketFactory = sslContext.getSocketFactory();
return socketFactory.createSocket(host, port);
}
@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort)
throws IOException, UnknownHostException {
return socketFactory.createSocket(host, port, localHost, localPort);
}
@Override
public Socket createSocket(InetAddress host, int port) throws IOException {
return socketFactory.createSocket(host, port);
}
@Override
public Socket createSocket(InetAddress address, int port, InetAddress localAddress,
int localPort) throws IOException {
return socketFactory.createSocket(address, port, localAddress, localPort);
}
static class NoVerificationTrustManager extends X509ExtendedTrustManager {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String authType,
Socket socket) throws CertificateException {}
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String authType,
SSLEngine engine) throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String authType,
Socket socket) throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String authType,
SSLEngine engine) throws CertificateException {}
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
}
Raw
Test.java
package io.gsealy;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import java.util.Map.Entry;
import javax.naming.Context;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
/**
* @author Gsealy
*/
public class Test {
public static void main(String[] args) throws Exception {
Hashtable<String, String> env = new Hashtable<>();
// String ldapURL = "ldaps://10.20.61.26:636";
String ldapURL = "ldaps://10.20.70.72:636";
String adminName = "CN=Administrator,CN=Users,DC=com,DC=cn";
String adminPassword = "11111111";
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPassword);
System.err.println(LdapsNoVerifySSLSocketFactory.class.getName());
env.put("java.naming.ldap.factory.socket", LdapsNoVerifySSLSocketFactory.class.getName());
LdapContext ctx = null;
try {
env.put(Context.PROVIDER_URL, ldapURL);
ctx = new InitialLdapContext(env, null);
System.out.println(ctx.getEnvironment());
} catch (NamingException e) {
e.printStackTrace();
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment