Add EdConstants class containing common ED constants and use in ED-ID sample.

Improve ED-ID sample for clarity and best practices. git-svn-id: https://svn.middleware.vt.edu/svn/ed/edsamples@10061 fa4a4108-76f2-0310-9f0d-ba9fffaf4ff6

Add EdConstants class containing common ED constants and use in ED-ID sample.
Improve ED-ID sample for clarity and best practices. git-svn-id: https://svn.middleware.vt.edu/svn/ed/edsamples@10061 fa4a4108-76f2-0310-9f0d-ba9fffaf4ff6
df5f4d2e · Marvin S. Addison · 3ee60641 · df5f4d2e · df5f4d2e · df5f4d2e
Commit df5f4d2e authored Nov 16, 2010 by Marvin S. Addison
--- a/dotnet/EdTest/EdCommon/EdCommon.csproj
+++ b/dotnet/EdTest/EdCommon/EdCommon.csproj
@@ -46,6 +46,7 @@
    <Reference Include="System.Xml" />
  </ItemGroup>
  <ItemGroup>
+    <Compile Include="EdConstants.cs" />
    <Compile Include="EdHostnameVerifier.cs" />
    <Compile Include="Properties\AssemblyInfo.cs" />
  </ItemGroup>

--- a/dotnet/EdTest/EdCommon/EdConstants.cs
+++ b/dotnet/EdTest/EdCommon/EdConstants.cs
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace EdCommon
+{
+    public class EdConstants
+    {
+        public const string ED_AUTH = "authn.directory.vt.edu";
+        public const string ED_ID = "id.directory.vt.edu";
+        public const string ED_LITE = "directory.vt.edu";
+        public const string SEARCH_BASE = "ou=People,dc=vt,dc=edu";
+    }
+}
--- a/dotnet/EdTest/EdIdTest/Program.cs
+++ b/dotnet/EdTest/EdIdTest/Program.cs
@@ -8,10 +8,6 @@ namespace EdIdTest
 {
    class Program
    {
-        const string LDAP_HOST = "id.directory.vt.edu";
-        const int LDAP_PORT = 636;
-        const string LDAP_BASE = "ou=people,dc=vt,dc=edu";
-
        static void Main(string[] args)
        {
            if (args.Length < 2)
@@ -22,52 +18,68 @@ namespace EdIdTest
            // The following should be the uusid of your ED-ID service
            string certCN = args[0];
            string ldapQuery = args[1];
+            string ldapHost = EdConstants.ED_ID;
+            int ldapPort = 389;

-            Console.WriteLine(string.Format("Querying {0} as service {1} for {2}", LDAP_HOST, certCN, ldapQuery));
+            Console.WriteLine(string.Format("Querying {0} as service {1} for {2}", ldapHost, certCN, ldapQuery));

            // Create connection and attempt to bind and search
            LdapConnection conn = null;
            try
            {
                conn = new LdapConnection(
-                  new LdapDirectoryIdentifier(LDAP_HOST, LDAP_PORT),
+                  new LdapDirectoryIdentifier(ldapHost, ldapPort),
                  null,
                  AuthType.External);
                // VT Enterprise Directory requires LDAPv3
                conn.SessionOptions.ProtocolVersion = 3;
-                conn.SessionOptions.SecureSocketLayer = true;

                // Must use custom hostname verification strategy due to DNS aliases
-                conn.SessionOptions.VerifyServerCertificate += new VerifyServerCertificateCallback(
-                    new EdHostnameVerifier(LDAP_HOST).VerifyCertificate);
+                conn.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(
+                    new EdHostnameVerifier(ldapHost).VerifyCertificate);

                // Look up client cert in Local Machine store by subject CN
                conn.SessionOptions.QueryClientCertificate =
                  delegate(LdapConnection c, byte[][] trustedCAs)
                  {
                      X509Store lmStore = new X509Store(StoreName.My, StoreLocation.LocalMachine);
-                      lmStore.Open(OpenFlags.ReadOnly);
-                      // Uncomment the following lines to help diagnose cert problems
-                      //Console.WriteLine();
-                      //Console.WriteLine("Available certificates in Local Machine store:");
-                      //foreach (X509Certificate cert in lmStore.Certificates)
-                      //{
-                      //    Console.WriteLine("   " + cert.Subject);
-                      //}
-                      //Console.WriteLine("Querying Local Machine store for valid cert with subject " + certCN);
-                      X509Certificate2Collection clientCerts = lmStore.Certificates.Find(
-                        X509FindType.FindBySubjectName, certCN, true);
-                      if (clientCerts.Count == 0)
+                      try
+                      {
+                          lmStore.Open(OpenFlags.ReadOnly);
+                          // Uncomment the following lines to help diagnose cert problems
+                          //Console.WriteLine();
+                          //Console.WriteLine("Available certificates in Local Machine store:");
+                          //foreach (X509Certificate cert in lmStore.Certificates)
+                          //{
+                          //    Console.WriteLine("   " + cert.Subject);
+                          //}
+                          //Console.WriteLine("Querying Local Machine store for valid cert with subject " + certCN);
+                          X509Certificate2Collection clientCerts = lmStore.Certificates.Find(
+                            X509FindType.FindBySubjectName, certCN, true);
+                          if (clientCerts.Count == 0)
+                          {
+                              throw new ArgumentException("Cannot find valid certificate with subject " + certCN);
+                          }
+                          return clientCerts[0];
+                      }
+                      finally
                      {
-                          throw new ArgumentException("Cannot find valid certificate with subject " + certCN);
+                          lmStore.Close();
                      }
-                      return clientCerts[0];
                  };
+                conn.SessionOptions.StartTransportLayerSecurity(null);
                conn.Bind();

-                // The 4th parameter, attributeList, is omitted to indicate all available attributes
+                // 4th parameter, attributeList, is omitted to indicate all available attributes
                SearchResponse response = (SearchResponse)conn.SendRequest(
-                  new SearchRequest(LDAP_BASE, ldapQuery, SearchScope.Subtree));
+                  new SearchRequest(EdConstants.SEARCH_BASE, ldapQuery, SearchScope.Subtree));
+
+                // Stopping TLS is demonstrated for completeness.
+                // Ideally ED-ID connections are pooled and the TLS session is maintained
+                // for the life of the connection.
+                conn.SessionOptions.StopTransportLayerSecurity();
+
+                // Print attributes of result entries
                Console.WriteLine();
                Console.WriteLine(response.Entries.Count + " entries found:");
                foreach (SearchResultEntry entry in response.Entries)