org.apache.directory.server.protocol.shared.transport.TcpTransport Java Examples

private static void startLdapServer() throws Exception {
    createWorkingDir();
    DirectoryServiceFactory dsf = new DefaultDirectoryServiceFactory();
    dsf.init(DIRECTORY_NAME);
    directoryService = dsf.getDirectoryService();
    directoryService.addLast(new KeyDerivationInterceptor()); // Derives the Kerberos keys for new entries.
    directoryService.getChangeLog().setEnabled(false);
    SchemaManager schemaManager = directoryService.getSchemaManager();

    createPartition(dsf, schemaManager, "users", "ou=users,dc=undertow,dc=io");

    CoreSession adminSession = directoryService.getAdminSession();
    Map<String, String> mappings = Collections.singletonMap("hostname", DefaultServer.getDefaultServerAddress().getHostString());
    processLdif(schemaManager, adminSession, "partition.ldif", mappings);
    processLdif(schemaManager, adminSession, "krbtgt.ldif", mappings);
    processLdif(schemaManager, adminSession, "user.ldif", mappings);
    processLdif(schemaManager, adminSession, "server.ldif", mappings);

    ldapServer = new LdapServer();
    ldapServer.setServiceName("DefaultLDAP");
    Transport ldap = new TcpTransport( "0.0.0.0", LDAP_PORT, 3, 5 );
    ldapServer.addTransports(ldap);
    ldapServer.setDirectoryService(directoryService);
    ldapServer.start();
}
 

public EmbeddedLdapServer(
    File workingDir,
    String partitionDn,
    String partitionId,
    int port,
    boolean enableChangelog,
    boolean allowAnonymousAccess,
    long maxSizeLimit)
    throws Exception {
  requireNonNull(partitionDn, "Required non-null partition dn");
  requireNonNull(partitionId, "Required non-null partition id");
  this.workingDir = workingDir;
  this.baseDn = new DN(partitionDn);
  this.port = port > 0 ? port : PORT_SERVICE.acquire();
  this.url = "ldap://localhost:" + this.port;
  ldapServer = new LdapServer();
  ldapServer.setTransports(new TcpTransport(this.port));
  if (maxSizeLimit > 0) {
    ldapServer.setMaxSizeLimit(maxSizeLimit);
  }
  service =
      initDirectoryService(
          workingDir, partitionId, partitionDn, enableChangelog, allowAnonymousAccess);
  ldapServer.setDirectoryService(service);
}
 

private static void startSlaveLdapServer() throws Exception {
    slaveWorkingDir = createWorkingDir(slaveWorkingDir, "slave");
    DirectoryServiceFactory dsf = new InMemoryDirectoryServiceFactory();
    dsf.init(SLAVE_DIRECTORY_NAME);
    slaveDirectoryService = dsf.getDirectoryService();
    slaveDirectoryService.getChangeLog().setEnabled(false);
    SchemaManager schemaManager = slaveDirectoryService.getSchemaManager();

    createPartition(dsf, schemaManager, "simple", "dc=simple,dc=wildfly,dc=org", slaveDirectoryService, slaveWorkingDir);
    createPartition(dsf, schemaManager, "group-to-principal", "dc=group-to-principal,dc=wildfly,dc=org", slaveDirectoryService, slaveWorkingDir);
    createPartition(dsf, schemaManager, "principal-to-group", "dc=principal-to-group,dc=wildfly,dc=org", slaveDirectoryService, slaveWorkingDir);

    CoreSession adminSession = slaveDirectoryService.getAdminSession();
    processLdif(schemaManager, adminSession, "memberOf-schema.ldif");
    processLdif(schemaManager, adminSession, "simple-partition-slave.ldif");
    processLdif(schemaManager, adminSession, "group-to-principal-slave.ldif");
    processLdif(schemaManager, adminSession, "principal-to-group-slave.ldif");

    slaveLdapServer = new LdapServer();
    slaveLdapServer.setServiceName("DefaultLDAP");
    Transport ldap = new TcpTransport( "0.0.0.0", SLAVE_LDAP_PORT, 3, 5 );
    slaveLdapServer.addTransports(ldap);
    slaveLdapServer.setDirectoryService(slaveDirectoryService);
    slaveLdapServer.start();
}
 

/**
 * Create a single LDAP server.
 *
 * @param ldifFile
 * @throws Exception
 */
public LdapServer(String ldifFile) throws Exception {
   InMemoryDirectoryServiceFactory dsFactory = new InMemoryDirectoryServiceFactory();
   dsFactory.init("ds");

   directoryService = dsFactory.getDirectoryService();

   final SchemaManager schemaManager = directoryService.getSchemaManager();
   importLdif(directoryService, schemaManager, new LdifReader(ldifFile));

   ldapServer = new org.apache.directory.server.ldap.LdapServer();
   ldapServer.setTransports(new TcpTransport("127.0.0.1", 1024));
   ldapServer.setDirectoryService(directoryService);

   ldapServer.start();
}
 

private void configureTransportHandlers(KdcConfiguration configuration) {

        int port = getServerPort(configuration);
        if (configuration.getKdcCommunicationProtocol() ==
                KdcConfiguration.ProtocolType.UDP_PROTOCOL) {

            logger.info("Starting KDC on UDP mode at port - " + port + " at host - " +
                    configuration.getKdcHostAddress());

            UdpTransport defaultTransport = new UdpTransport(port);
            this.kdcServer.addTransports(defaultTransport);

        } else {

            logger.info("Starting KDC on a TCP port " + port + " at host " +
                    configuration.getKdcHostAddress());
            Transport tcp =
                    new TcpTransport(configuration.getKdcHostAddress(), port,
                            configuration.getNumberOfThreads(),
                            configuration.getBackLogCount());
            this.kdcServer.addTransports(tcp);

        }
    }
 

private static void startMasterLdapServer() throws Exception {
    masterWorkingDir = createWorkingDir(masterWorkingDir, "master");
    DirectoryServiceFactory dsf = new InMemoryDirectoryServiceFactory();
    dsf.init(MASTER_DIRECTORY_NAME);
    masterDirectoryService = dsf.getDirectoryService();
    masterDirectoryService.getChangeLog().setEnabled(false);
    SchemaManager schemaManager = masterDirectoryService.getSchemaManager();

    createPartition(dsf, schemaManager, "simple", "dc=simple,dc=wildfly,dc=org", masterDirectoryService, masterWorkingDir);
    createPartition(dsf, schemaManager, "group-to-principal", "dc=group-to-principal,dc=wildfly,dc=org", masterDirectoryService, masterWorkingDir);
    createPartition(dsf, schemaManager, "principal-to-group", "dc=principal-to-group,dc=wildfly,dc=org", masterDirectoryService, masterWorkingDir);

    CoreSession adminSession = masterDirectoryService.getAdminSession();
    processLdif(schemaManager, adminSession, "memberOf-schema.ldif");
    processLdif(schemaManager, adminSession, "simple-partition.ldif");
    processLdif(schemaManager, adminSession, "group-to-principal.ldif");
    processLdif(schemaManager, adminSession, "principal-to-group.ldif");

    masterLdapServer = new LdapServer();
    masterLdapServer.setServiceName("DefaultLDAP");
    Transport ldap = new TcpTransport( "0.0.0.0", MASTER_LDAP_PORT, 3, 5 );
    masterLdapServer.addTransports(ldap);
    masterLdapServer.setDirectoryService(masterDirectoryService);
    masterLdapServer.start();
}
 

@Before
public void setup() throws Exception {
	LdapServer ldapServer = new LdapServer();
	ldapServer.setSaslHost("127.0.0.1");
	ldapServer.setSearchBaseDn("DC=ranger,DC=qe,DC=hortonworks,DC=com");
	String ldapPort = System.getProperty("ldap.port");
	Assert.assertNotNull("Property 'ldap.port' null", ldapPort);
	ldapServer.setTransports(new TcpTransport("127.0.0.1", Integer.parseInt(ldapPort)));
	ldapServer.setDirectoryService(getService());
	ldapServer.setMaxSizeLimit( LdapServer.NO_SIZE_LIMIT );
	setLdapServer(ldapServer);
	getService().startup();
	getLdapServer().start();
	config = UserGroupSyncConfig.getInstance();	
	ldapBuilder = new LdapUserGroupBuilder();
}
 

/**
 * Adds a TCP server to the directory service.
 *
 * Note: The TCP server is not started until start() is called on this Builder.
 *
 * @param serviceName - The name of this server.
 * @param hostName - The host name to listen on.
 * @param port - The port to listen on.
 * @return This Builder for subsequent changes.
 */
public Builder addTcpServer(final String serviceName, final String hostName, final int port, final String keyStore, final String keyStorePassword) throws URISyntaxException {
    assertNotStarted();
    if (directoryService == null) {
        throw new IllegalStateException("The Directory service has not been created.");
    }

    LdapServer server = new LdapServer();
    server.setServiceName(serviceName);
    Transport ldaps = new TcpTransport( hostName, port, 3, 5 );
    ldaps.enableSSL(true);
    server.addTransports(ldaps);
    server.setKeystoreFile(new File(getClass().getResource(keyStore).getFile()).getAbsolutePath());
    server.setCertificatePassword(keyStorePassword);
    server.setDirectoryService(directoryService);
    servers.add(server);

    return this;
}
 

public int setupLdap( int port, File ldifConfig ) throws Exception {
  ldapTransport = new TcpTransport( port );
  ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", ldifConfig, ldapTransport );
  ldap.start();
  log.info( "LDAP port = " + ldapTransport.getAcceptor().getLocalAddress().getPort() );
  return port;
}
 

/**
 * starts the LdapServer
 *
 * @throws Exception
 */
public void startServer() throws Exception {
  ldapService = new LdapServer();
  Properties properties = loadTestProperties();
  String port = properties.getProperty("ldap.server.port");
  ldapService.setTransports(new TcpTransport(Integer.parseInt(port)));
  ldapService.setDirectoryService(service);
  ldapService.start();
}
 

public static EmbeddedLdapServer newEmbeddedServer(String defaultPartitionName, String defaultPartitionSuffix, int port)
        throws Exception{
    workingDirectory = new File(System.getProperty("java.io.tmpdir") + "/apacheds-test1");
    FileUtils.deleteDirectory(workingDirectory);

    DefaultDirectoryService directoryService = new DefaultDirectoryService();
    directoryService.setShutdownHookEnabled(true);
    directoryService.setAllowAnonymousAccess(true);

    directoryService.setWorkingDirectory(workingDirectory);
    directoryService.getChangeLog().setEnabled( false );

    JdbmPartition partition = new JdbmPartition();
    partition.setId(defaultPartitionName);
    partition.setSuffix(defaultPartitionSuffix);
    directoryService.addPartition(partition);

    directoryService.startup();

    // Inject the apache root entry if it does not already exist
    if ( !directoryService.getAdminSession().exists( partition.getSuffixDn() ) )
    {
        ServerEntry entry = directoryService.newEntry(new LdapDN(defaultPartitionSuffix));
        entry.add("objectClass", "top", "domain", "extensibleObject");
        entry.add("dc", defaultPartitionName);
        directoryService.getAdminSession().add( entry );
    }

    LdapServer ldapServer = new LdapServer();
    ldapServer.setDirectoryService(directoryService);

    TcpTransport ldapTransport = new TcpTransport(port);
    ldapServer.setTransports( ldapTransport );
    ldapServer.start();

    return new EmbeddedLdapServer(directoryService, ldapServer);
}
 

public void startLdapServer(MiniKdc miniKdc) throws Exception {
    ldapServer = new LdapServer();
    Field f = MiniKdc.class.getDeclaredField("ds");
    f.setAccessible(true);
    DirectoryService ds = (DirectoryService) f.get(miniKdc);
    ldapServer.setDirectoryService(ds);
    TcpTransport tcpTransport = new TcpTransport(4016);
    ldapServer.setTransports(tcpTransport);
    LOG.info(ds.getAdminSession().getAuthenticatedPrincipal().getDn());
    ldapServer.start();
}
 

/**
 * starts the LdapServer
 *
 * @throws Exception
 */
public void startServer() throws Exception
{
    server = new LdapServer();

    server.setTransports( new TcpTransport( serverPort ) );
    server.setDirectoryService( service );

    server.start();
}
 

public void init() throws Exception {
    if (getDirectoryService() == null) {
        if (getDeleteInstanceDirectoryOnStartup()) {
            deleteDirectory(getGuessedInstanceDirectory());
        }

        DefaultDirectoryServiceFactory serviceFactory = new DefaultDirectoryServiceFactory();
        serviceFactory.init(getDirectoryServiceName());
        setDirectoryService(serviceFactory.getDirectoryService());

        getDirectoryService().getChangeLog().setEnabled(false);
        getDirectoryService().setDenormalizeOpAttrsEnabled(true);

        createBasePartition();

        getDirectoryService().startup();

        createRootEntry();
    }

    if (getLdapServer() == null) {
        setLdapServer(new LdapServer());
        getLdapServer().setDirectoryService(getDirectoryService());
        getLdapServer().setTransports(new TcpTransport(getLdapServerPort()));
        getLdapServer().start();
    }
}
 

/**
 * starts the LdapServer
 *
 * @throws Exception
 */
public void startServer() throws Exception {
  server = new LdapServer();
  int serverPort = 10389;
  server.setTransports(new TcpTransport(serverPort));
  server.setDirectoryService(service);

  server.start();
}
 

private static Transport createTransport( CreateTransport transportBuilder, int startPort ) {
    String protocol = transportBuilder.protocol();
    int port = transportBuilder.port();
    int nbThreads = transportBuilder.nbThreads();
    int backlog = transportBuilder.backlog();
    String address = transportBuilder.address();

    if ( port == -1 )
    {
        port = AvailablePortFinder.getNextAvailable( startPort );
        startPort = port + 1;
    }

    if ( protocol.equalsIgnoreCase( "TCP" ) )
    {
        Transport tcp = new TcpTransport( address, port, nbThreads, backlog );
        return tcp;
    }
    else if ( protocol.equalsIgnoreCase( "UDP" ) )
    {
        UdpTransport udp = new UdpTransport( address, port );
        return udp;
    }
    else
    {
        throw new IllegalArgumentException( I18n.err( I18n.ERR_689, protocol ) );
    }
}
 

public static void setupLdap() throws Exception {
  String basedir = System.getProperty("basedir");
  if (basedir == null) {
    basedir = new File(".").getCanonicalPath();
  }

  final Path path = FileSystems
      .getDefault().getPath(basedir, "/src/test/resources/users.ldif");

  ldapTransport = new TcpTransport(0);
  ldap = new SimpleLdapDirectoryServer("dc=hadoop,dc=apache,dc=org", path.toFile(), ldapTransport);
  ldap.start();
  LOG.info("LDAP port = " + ldapTransport.getPort());
}
 

@BeforeClass
public static void setUpBeforeClass() throws Exception {
  ldifFile = new File( ClassLoader.getSystemResource( "users.ldif" ).toURI() );
  ldapTransport = new TcpTransport( 0 );
  ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", ldifFile, ldapTransport );
  ldap.start();
  port = ldapTransport.getAcceptor().getLocalAddress().getPort();
}
 

protected void initializeLDAPServer()
        throws DirectoryServerException {

    if (null == this.service || null == this.ldapConfigurations) {
        throw new DirectoryServerException(
                "The default apacheds service is not initialized. " +
                        "Make sure apacheds service is initialized first.");
    }

    this.ldapServer = new LdapServer();

    this.ldapServer.setTransports(new TcpTransport(this.ldapConfigurations.getLdapPort()));

    // set server initial properties
    this.ldapServer.setAllowAnonymousAccess(false);
    this.ldapServer.setMaxTimeLimit(this.ldapConfigurations.getMaxTimeLimit());
    this.ldapServer.setMaxSizeLimit(this.ldapConfigurations.getMaxSizeLimit());
    this.ldapServer.setSaslHost(this.ldapConfigurations.getSaslHostName());
    this.ldapServer.setSaslPrincipal(this.ldapConfigurations.getSaslPrincipalName());

    // add the apacheds service
    this.ldapServer.setDirectoryService(this.service);

    setupSaslMechanisms();

    try {
        this.ldapServer.addExtendedOperationHandler(new StartTlsHandler());
        this.ldapServer.addExtendedOperationHandler(
                new StoredProcedureExtendedOperationHandler());
    } catch (Exception e) {
        throw new DirectoryServerException("can not add the extension handlers ", e);
    }
}
 

public void start() throws Exception {
    DirectoryServiceFactory factory = new DefaultDirectoryServiceFactory();
    factory.init("server");
    service = factory.getDirectoryService();
    service.addPartition(createPartition("default", "cn=test"));
    service.addPartition(createPartition("domain", "dc=example,dc=com"));

    server = new LdapServer();
    server.setDirectoryService(service);
    server.setTransports(new TcpTransport(PORT));
    server.start();
}
 

/**
 * starts the LdapServer
 *
 * @throws Exception
 */
public void startServer() throws Exception {
	server = new LdapServer();
	int serverPort = 10389;
	server.setTransports(new TcpTransport(serverPort));
	server.setDirectoryService(service);

	server.start();
}
 

private static void startLdapServer() throws Exception {
    createWorkingDir();
    DirectoryServiceFactory dsf = new DefaultDirectoryServiceFactory();
    dsf.init(DIRECTORY_NAME);
    directoryService = dsf.getDirectoryService();
    directoryService.addLast(new KeyDerivationInterceptor()); // Derives the Kerberos keys for new entries.
    directoryService.getChangeLog().setEnabled(false);
    SchemaManager schemaManager = directoryService.getSchemaManager();

    createPartition(dsf, schemaManager, "users", "ou=users,dc=undertow,dc=io");

    CoreSession adminSession = directoryService.getAdminSession();
    //Map<String, String> mappings = Collections.singletonMap("hostname", DefaultServer.getDefaultServerAddress().getHostString());
    Map<String, String> mappings = Collections.singletonMap("hostname", "localhost");
    processLdif(schemaManager, adminSession, "partition.ldif", mappings);
    processLdif(schemaManager, adminSession, "krbtgt.ldif", mappings);
    processLdif(schemaManager, adminSession, "user.ldif", mappings);
    processLdif(schemaManager, adminSession, "server.ldif", mappings);

    ldapServer = new LdapServer();
    ldapServer.setServiceName("DefaultLDAP");
    Transport ldap = new TcpTransport( "0.0.0.0", LDAPS_PORT, 3, 5 );
    ldap.enableSSL(true);
    ldapServer.addTransports(ldap);
    ldapServer.setKeystoreFile(ApacheDirectoryServer.class.getResource("/config/server.keystore").getFile());
    ldapServer.setCertificatePassword("password");
    ldapServer.loadKeyStore();
    ldapServer.setDirectoryService(directoryService);
    ldapServer.start();
}
 

private static void startLdapServer() throws Exception {
    createWorkingDir();
    DirectoryServiceFactory dsf = new DefaultDirectoryServiceFactory();
    dsf.init(DIRECTORY_NAME);
    directoryService = dsf.getDirectoryService();
    directoryService.addLast(new KeyDerivationInterceptor()); // Derives the Kerberos keys for new entries.
    directoryService.getChangeLog().setEnabled(false);
    SchemaManager schemaManager = directoryService.getSchemaManager();

    createPartition(dsf, schemaManager, "users", "ou=users,dc=undertow,dc=io");

    CoreSession adminSession = directoryService.getAdminSession();
    //Map<String, String> mappings = Collections.singletonMap("hostname", DefaultServer.getDefaultServerAddress().getHostString());
    Map<String, String> mappings = Collections.singletonMap("hostname", "localhost");
    processLdif(schemaManager, adminSession, "partition.ldif", mappings);
    processLdif(schemaManager, adminSession, "krbtgt.ldif", mappings);
    processLdif(schemaManager, adminSession, "user.ldif", mappings);
    processLdif(schemaManager, adminSession, "server.ldif", mappings);

    ldapServer = new LdapServer();
    ldapServer.setServiceName("DefaultLDAP");
    Transport ldap = new TcpTransport( "0.0.0.0", LDAPS_PORT, 3, 5 );
    ldap.enableSSL(true);
    ldapServer.addTransports(ldap);
    ldapServer.setKeystoreFile(ApacheDirectoryServer.class.getResource("/config/server.keystore").getFile());
    ldapServer.setCertificatePassword("password");
    ldapServer.loadKeyStore();
    ldapServer.setDirectoryService(directoryService);
    ldapServer.start();
}
 

/**
 * Create a single LDAP server.
 *
 * @throws Exception
 */
public LdapStandaloneServer() throws Exception {
    long startTime = System.currentTimeMillis();

    InMemoryDirectoryServiceFactory dsFactory = new InMemoryDirectoryServiceFactory();
    dsFactory.init("ds");

    directoryService = dsFactory.getDirectoryService();
    System.out.println("Directory service started in " + (System.currentTimeMillis() - startTime) + "ms");
    directoryService.setAllowAnonymousAccess(true);
    importLdif("src/dev/resources/ldap/microsoft.ldif",
            "src/dev/resources/ldap/users.ldif");

    ldapServer = new org.apache.directory.server.ldap.LdapServer();
    TcpTransport tcp = new TcpTransport("0.0.0.0", 10389);
    TcpTransport ldapsTcp = new TcpTransport("0.0.0.0", 10636);
    ldapsTcp.setEnableSSL(true);
    ldapsTcp.setEnabledProtocols(Collections.singletonList("TLSv1.2"));
    ldapServer.setKeystoreFile("src/dev/resources/bouncr.jks");
    ldapServer.setCertificatePassword("password");
    ldapServer.setTransports(tcp, ldapsTcp);
    ldapServer.setDirectoryService(directoryService);
    ldapServer.start();

    System.out.println("You can connect to the server now");
    final String host = "127.0.0.1";
    System.out.println("URL:      ldap://" + formatPossibleIpv6(host) + ":" + 10389);
    System.out.println("User DN:  uid=admin,ou=system");
    System.out.println("Password: secret");
    System.out.println("LDAP server started in " + (System.currentTimeMillis() - startTime) + "ms");
}
 

public void afterPropertiesSet() throws Exception {

		if (this.enabledLdapOverSsl && this.keyStoreFile == null) {
			throw new IllegalArgumentException("When LdapOverSsl is enabled, the keyStoreFile property must be set.");
		}

		if (workingDir == null) {
			String apacheWorkDir = System.getProperty("apacheDSWorkDir");

			if (apacheWorkDir == null) {
				apacheWorkDir = createTempDirectory("apacheds-spring-security-");
			}

			setWorkingDirectory(new File(apacheWorkDir));
		}

		server = new LdapServer();

		// AbstractLdapIntegrationTests assume IPv4, so we specify the same here
		TcpTransport transport = new TcpTransport(port);

		if (enabledLdapOverSsl) {
			transport.setEnableSSL(true);
			server.setKeystoreFile(this.keyStoreFile.getAbsolutePath());
			server.setCertificatePassword(this.keyStorePassword);
		}

		server.setTransports(transport);
		server.setDirectoryService(service);
		start();
	}
 

/**
 * Initialize the LDAPS server.
 *
 * @param ldapServer The LDAP server instance
 * @param transport The TCP transport that contains the SSL configuration
 * @return A IoFilter chain
 * @throws LdapException If we had a pb
 */
public static IoFilterChainBuilder init( LdapServer ldapServer, TcpTransport transport ) throws LdapException
{
    SSLContext sslCtx;

    try
    {
    	sslCtx = ldapServer.getSSLContext();
    	
    	//TODO see if this is correct
    	// Initialize the SSLContext to work with our key managers.
        //sslCtx = SSLContext.getInstance( "TLS" );
        //sslCtx.init( ldapServer.getKeyManagerFactory().getKeyManagers(), new TrustManager[]
        //    { new NoVerificationTrustManager() }, new SecureRandom() );
    	
    }
    catch ( Exception e )
    {
        throw new LdapException( I18n.err( I18n.ERR_683 ), e );
    }

    DefaultIoFilterChainBuilder chain = new DefaultIoFilterChainBuilder();
    SslFilter sslFilter = new SslFilter( sslCtx );

    // The ciphers
    List<String> cipherSuites = transport.getCipherSuite();

    if ( ( cipherSuites != null ) && !cipherSuites.isEmpty() )
    {
        sslFilter.setEnabledCipherSuites( cipherSuites.toArray( new String[cipherSuites.size()] ) );
    }

    // The protocols
    List<String> enabledProtocols = transport.getEnabledProtocols();

    if ( ( enabledProtocols != null ) && !enabledProtocols.isEmpty() )
    {
        sslFilter.setEnabledProtocols( enabledProtocols.toArray( new String[enabledProtocols.size()] ) );
    }
    else
    {
        // Be sure we disable SSLV3
        sslFilter.setEnabledProtocols( new String[]
            { "SSLv2Hello", "TLSv1", "TLSv1.1", "TLSv1.2" } );
    }

    // The remaining SSL parameters
    sslFilter.setNeedClientAuth( transport.isNeedClientAuth() );
    sslFilter.setWantClientAuth( transport.isWantClientAuth() );
    
    chain.addLast( "sslFilter", sslFilter );

    return chain;
}
 

protected LdapServer createLdapServer() {
    LdapServer ldapServer = new LdapServer();

    ldapServer.setServiceName("DefaultLdapServer");
    ldapServer.setSearchBaseDn(this.baseDN);
    // Tolerate plaintext LDAP connections from clients by default
    ldapServer.setConfidentialityRequired(this.setConfidentialityRequired);

    // Read the transports
    Transport ldap = new TcpTransport(this.bindHost, this.bindPort, 3, 50);
    ldapServer.addTransports( ldap );
    if (enableSSL || enableStartTLS) {
        ldapServer.setKeystoreFile(keystoreFile);
        ldapServer.setCertificatePassword(certPassword);
        if (enableSSL) {
            Transport ldaps = new TcpTransport(this.bindHost, this.bindLdapsPort, 3, 50);
            ldaps.setEnableSSL(true);
            ldapServer.addTransports( ldaps );
            if (ldaps.isSSLEnabled()) {
                log.info("Enabled SSL support on the LDAP server.");
            }
        }
        if (enableStartTLS) {
            try {
                ldapServer.addExtendedOperationHandler(new StartTlsHandler());
            } catch (Exception e) {
                throw new IllegalStateException("Cannot add the StartTLS extension handler: ", e);
            }
            for (ExtendedOperationHandler eoh : ldapServer.getExtendedOperationHandlers()) {
                if (eoh.getOid().equals(StartTlsHandler.EXTENSION_OID)) {
                    log.info("Enabled StartTLS support on the LDAP server.");
                    break;
                }
            }
        }
    }

    // Require the LDAP server to accept only encrypted connections if confidentiality requested
    if (setConfidentialityRequired) {
        ldapServer.setConfidentialityRequired(true);
        if (ldapServer.isConfidentialityRequired()) {
            log.info("Configured the LDAP server to accepts only requests with a secured connection.");
        }
    }

    // Associate the DS to this LdapServer
    ldapServer.setDirectoryService( directoryService );

    // Support for extended password modify as described in https://tools.ietf.org/html/rfc3062
    try {
        ldapServer.addExtendedOperationHandler(new PwdModifyHandler());
    } catch (LdapException le) {
        throw new IllegalStateException("It wasn't possible to add PwdModifyHandler");
    }

    if (enableAccessControl) {
        if (enableAnonymousAccess) {
            throw new IllegalStateException("Illegal to enable both the access control subsystem and the anonymous access at the same time! See: http://directory.apache.org/apacheds/gen-docs/latest/apidocs/src-html/org/apache/directory/server/core/DefaultDirectoryService.html#line.399 for details.");
        } else {
            directoryService.setAccessControlEnabled(true);
            if (directoryService.isAccessControlEnabled()) {
                log.info("Enabled basic access control checks on the LDAP server.");
            }
        }
    } else {
        if (enableAnonymousAccess) {
            directoryService.setAllowAnonymousAccess(true);
            // Since per ApacheDS JavaDoc: http://directory.apache.org/apacheds/gen-docs/latest/apidocs/src-html/org/apache/directory/server/core/DefaultDirectoryService.html#line.399
            // "if the access control subsystem is enabled then access to some entries may not
            // be allowed even when full anonymous access is enabled", disable the access control
            // subsystem together with enabling anonymous access to prevent this
            directoryService.setAccessControlEnabled(false);
            if (directoryService.isAllowAnonymousAccess() && !directoryService.isAccessControlEnabled()) {
                log.info("Enabled anonymous access on the LDAP server.");
            }
        }
    }

    return ldapServer;
}