Hi All,

I am an intern who is currently working on the project for implementing a
LDAP Connector for carbon 5 User Core  which supports StartTLS.

StartTLS allows to serialize secure and plain requests against a LDAP
server on a single connection.Where, an initial context is created first
and a TLS can be initiated, followed by a TLS handshake. Any method that is
invoked in the context will use security layer that is negotiated. The TLS
can be terminated  without closing the underlying network connection and
the context can be used to communicate with the server without a TLS
security.

The LDAP connector to be implemented will be consisting  the identity
store[1] which is defined with the user management operations and the
credential store[2] that manages the credentials and authentication.

The credential store methods will be using the security layer by
initializing the StartTLS.And, in identity store, the "write methods" will
be supporting the Start TLS whereas the "read methods" are to be invoked as
plain requests.

[1]
https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/user/core/store/IdentityStore.java
<https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fwso2%2Fcarbon-security%2Fblob%2Fmaster%2Fcomponents%2Forg.wso2.carbon.security.caas%2Fsrc%2Fmain%2Fjava%2Forg%2Fwso2%2Fcarbon%2Fsecurity%2Fcaas%2Fuser%2Fcore%2Fstore%2FIdentityStore.java&sa=D&sntz=1&usg=AFQjCNGHPALQiY61bk_QwCmrPPCedxdHrQ>

[2]
https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/user/core/store/CredentialStore.java


If there are any suggestions for changes, please do reply and specify.


Regards,

Vithusha Aarabhi
Intern ,Software Engineering
WSO2, Inc.
Lean. Enterprise. Middleware.
Mobile: +94772069460
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to