KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jivesoftware > messenger > net > SSLJiveTrustManagerFactory


1 /**
2  * $RCSfile: SSLJiveTrustManagerFactory.java,v $
3  * $Revision: 1.4 $
4  * $Date: 2005/04/11 21:04:00 $
5  *
6  * Copyright (C) 2004 Jive Software. All rights reserved.
7  *
8  * This software is published under the terms of the GNU Public License (GPL),
9  * a copy of which is included in this distribution.
10  */
11
12 package org.jivesoftware.messenger.net;
13
14 import com.sun.net.ssl.TrustManager;
15 import com.sun.net.ssl.TrustManagerFactory;
16
17 import java.io.FileInputStream JavaDoc;
18 import java.io.IOException JavaDoc;
19 import java.security.KeyStore JavaDoc;
20 import java.security.KeyStoreException JavaDoc;
21 import java.security.NoSuchAlgorithmException JavaDoc;
22 import java.security.cert.CertificateException JavaDoc;
23
24 /**
25  * A custom TrustManagerFactory that creates a trust manager list using the
26  * default trust manager or a standard keystore as specified in jive_config.xml.
27  * There is no default trust keystore provided with the Jive distribution as most
28  * clients will not need to be authenticated with the server.
29  * <p/>
30  * The Java Keystore (JKS) takes a single password which must apply to both the
31  * keystore and the key itself. Users may specify another keystore type and keystore
32  * location. Alternatively, don't set a keystore type to use the JVM defaults and
33  * configure your JVMs security files (see your JVM documentation) to plug in
34  * any TrustManagerFactory provider.
35  *
36  * @author Iain Shigeoka
37  */
38 public class SSLJiveTrustManagerFactory {
39
40     /**
41      * Creates a TrustManager list which is null if the storeType is null, or
42      * is a standard TrustManager that uses a KeyStore of type storeType,
43      * located at 'keystore' location under home, and uses 'keypass' as
44      * the password for the keystore password and key password (note that
45      * trust managers typically don't need a key password as public keys
46      * are stored in the clear and can be obtained without a key password).
47      * The default Jive distribution doesn't ship with a trust keystore
48      * as it is not needed (the server does not require client authentication).
49      *
50      * @param storeType The type of keystore (e.g. "JKS") to use or null to indicate no keystore should be used
51      * @param truststore The relative location of the keystore under home
52      * @param trustpass The password for the keystore and key
53      * @return An array of relevant KeyManagers (may be null indicating a default KeyManager should be created)
54      * @throws NoSuchAlgorithmException If the keystore type doesn't exist (not provided or configured with your JVM)
55      * @throws KeyStoreException If the keystore is corrupt
56      * @throws IOException If the keystore could not be located or loaded
57      * @throws CertificateException If there were no certificates to be loaded or they are invalid
58      */
59     public static TrustManager[] getTrustManagers(String JavaDoc storeType, String JavaDoc truststore, String JavaDoc trustpass) throws NoSuchAlgorithmException JavaDoc, KeyStoreException JavaDoc, IOException JavaDoc, CertificateException JavaDoc {
60         TrustManager[] trustManagers;
61         if (truststore == null) {
62             trustManagers = null;
63         }
64         else {
65             TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
66             if (trustpass == null) {
67                 trustpass = "";
68             }
69             KeyStore JavaDoc keyStore = KeyStore.getInstance(storeType);
70             keyStore.load(new FileInputStream JavaDoc(truststore), trustpass.toCharArray());
71             trustFactory.init(keyStore);
72             trustManagers = trustFactory.getTrustManagers();
73         }
74         return trustManagers;
75     }
76 }
77
Popular Tags