public class PKITrustManager
extends java.lang.Object
implements javax.net.ssl.X509TrustManager
JGLOBUS-97 : ability to accept anonymous connections?
Modifier and Type | Field and Description |
---|---|
private org.apache.commons.logging.Log |
logger |
private X509ProxyCertPathParameters |
parameters |
private java.security.cert.CertPathValidatorResult |
result |
private java.security.cert.CertPathValidatorSpi |
validator |
Constructor and Description |
---|
PKITrustManager(java.security.cert.CertPathValidatorSpi initValidator,
X509ProxyCertPathParameters initParameters)
Create a trust manager with the pre-configured cert path validator and proxy parameters.
|
Modifier and Type | Method and Description |
---|---|
void |
checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates,
java.lang.String authType)
Test if the client is trusted based on the certificate chain.
|
void |
checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates,
java.lang.String authType)
Test if the server is trusted based on the certificate chain.
|
java.security.cert.X509Certificate[] |
getAcceptedIssuers()
Get the collection of trusted certificate issuers.
|
java.security.cert.CertPathValidatorResult |
getValidationResult()
Return the result of the last certificate validation.
|
private java.security.cert.CertPathValidatorSpi validator
private X509ProxyCertPathParameters parameters
private java.security.cert.CertPathValidatorResult result
private org.apache.commons.logging.Log logger
public PKITrustManager(java.security.cert.CertPathValidatorSpi initValidator, X509ProxyCertPathParameters initParameters)
initValidator
- A cert path validator to be used by this trust manager.initParameters
- The proxy cert parameters, populated with trust store, cert store, etc.public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, java.lang.String authType) throws java.security.cert.CertificateException
checkClientTrusted
in interface javax.net.ssl.X509TrustManager
x509Certificates
- The certificate chain to test for validity.authType
- The authentication type based on the client certificate.java.security.cert.CertificateException
- If the path validation fails.public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, java.lang.String authType) throws java.security.cert.CertificateException
checkServerTrusted
in interface javax.net.ssl.X509TrustManager
x509Certificates
- The certificate chain to test for validity.authType
- The authentication type based on the server certificate.java.security.cert.CertificateException
- If the path validation fails.public java.security.cert.X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers
in interface javax.net.ssl.X509TrustManager
public java.security.cert.CertPathValidatorResult getValidationResult()