AuthSSLX509TrustManager


1   /*
2    * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/AuthSSLX509TrustManager.java,v 1.2 2004/06/10 18:25:24 olegk Exp $
3    * $Revision$
4    * $Date$
5    *
6    * ====================================================================
7    *
8    *  Copyright 2002-2004 The Apache Software Foundation
9    *
10   *  Licensed under the Apache License, Version 2.0 (the "License");
11   *  you may not use this file except in compliance with the License.
12   *  You may obtain a copy of the License at
13   *
14   *      http://www.apache.org/licenses/LICENSE-2.0
15   *
16   *  Unless required by applicable law or agreed to in writing, software
17   *  distributed under the License is distributed on an "AS IS" BASIS,
18   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19   *  See the License for the specific language governing permissions and
20   *  limitations under the License.
21   * ====================================================================
22   *
23   * This software consists of voluntary contributions made by many
24   * individuals on behalf of the Apache Software Foundation.  For more
25   * information on the Apache Software Foundation, please see
26   * <http://www.apache.org/>.
27   *
28   */
29  
30  package org.apache.commons.httpclient.contrib.ssl;
31  
32  import java.security.cert.X509Certificate  ;
33  
34  import javax.net.ssl.X509TrustManager;
35  import java.security.cert.CertificateException  ;
36  import org.apache.commons.logging.Log; 
37  import org.apache.commons.logging.LogFactory;
38  
39  /**
40   * <p>
41   * AuthSSLX509TrustManager can be used to extend the default {@link X509TrustManager} 
42   * with additional trust decisions.
43   * </p>
44   * 
45   * @author <a HREF="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
46   * 
47   * <p>
48   * DISCLAIMER: HttpClient developers DO NOT actively support this component.
49   * The component is provided as a reference material, which may be inappropriate
50   * for use without additional customization.
51   * </p>
52   */
53  
54  public class AuthSSLX509TrustManager implements X509TrustManager
55  {
56      private X509TrustManager defaultTrustManager = null;
57  
58      /** Log object for this class. */
59      private static final Log LOG = LogFactory.getLog(AuthSSLX509TrustManager.class);
60  
61      /**
62       * Constructor for AuthSSLX509TrustManager.
63       */
64      public AuthSSLX509TrustManager(final X509TrustManager defaultTrustManager) {
65          super();
66          if (defaultTrustManager == null) {
67              throw new IllegalArgumentException  ("Trust manager may not be null");
68          }
69          this.defaultTrustManager = defaultTrustManager;
70      }
71  
72      /**
73       * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
74       */
75      public void checkClientTrusted(X509Certificate  [] certificates,String   authType) throws CertificateException   {
76          if (LOG.isInfoEnabled() && certificates != null) {
77              for (int c = 0; c < certificates.length; c++) {
78                  X509Certificate   cert = certificates[c];
79                  LOG.info(" Client certificate " + (c + 1) + ":");
80                  LOG.info("  Subject DN: " + cert.getSubjectDN());
81                  LOG.info("  Signature Algorithm: " + cert.getSigAlgName());
82                  LOG.info("  Valid from: " + cert.getNotBefore() );
83                  LOG.info("  Valid until: " + cert.getNotAfter());
84                  LOG.info("  Issuer: " + cert.getIssuerDN());
85              }
86          }
87          defaultTrustManager.checkClientTrusted(certificates,authType);
88      }
89  
90      /**
91       * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
92       */
93      public void checkServerTrusted(X509Certificate  [] certificates,String   authType) throws CertificateException   {
94          if (LOG.isInfoEnabled() && certificates != null) {
95              for (int c = 0; c < certificates.length; c++) {
96                  X509Certificate   cert = certificates[c];
97                  LOG.info(" Server certificate " + (c + 1) + ":");
98                  LOG.info("  Subject DN: " + cert.getSubjectDN());
99                  LOG.info("  Signature Algorithm: " + cert.getSigAlgName());
100                 LOG.info("  Valid from: " + cert.getNotBefore() );
101                 LOG.info("  Valid until: " + cert.getNotAfter());
102                 LOG.info("  Issuer: " + cert.getIssuerDN());
103             }
104         }
105         defaultTrustManager.checkServerTrusted(certificates,authType);
106     }
107 
108     /**
109      * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
110      */
111     public X509Certificate  [] getAcceptedIssuers() {
112         return this.defaultTrustManager.getAcceptedIssuers();
113     }
114 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags