Package org.ldaptive.ssl

Class X509ExtendedTrustManagerWrapper

  • All Implemented Interfaces:
    javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager
    public class X509ExtendedTrustManagerWrapper
extends javax.net.ssl.X509ExtendedTrustManager
    Wraps an X509TrustManager in order to provide hostname verification.
    Author:
    Middleware Services

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected org.slf4j.Logger logger
      Logger for this class.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType)  
      void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)  
      void checkClientTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)  
      void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType)  
      void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, java.net.Socket socket)  
      void checkServerTrusted​(java.security.cert.X509Certificate[] chain, java.lang.String authType, javax.net.ssl.SSLEngine engine)  
      java.security.cert.X509Certificate[] getAcceptedIssuers()  
      protected void verifyHostname​(javax.net.ssl.SSLSession session, java.security.cert.X509Certificate cert)
      Resolves a hostname from the supplied session and invokes hostnameVerifier.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • logger

        protected final org.slf4j.Logger logger
        Logger for this class.

    • Constructor Detail

      • X509ExtendedTrustManagerWrapper

        public X509ExtendedTrustManagerWrapper​(javax.net.ssl.X509TrustManager manager,
                                       CertificateHostnameVerifier verifier)
        Creates a new X509 extended trust manager wrapper.
        Parameters:
        manager - to wrap
        verifier - to verify hostname

    • Method Detail

      • verifyHostname

        protected void verifyHostname​(javax.net.ssl.SSLSession session,
                              java.security.cert.X509Certificate cert)
                       throws java.security.cert.CertificateException
        Resolves a hostname from the supplied session and invokes hostnameVerifier.
        Parameters:
        session - to extract hostname from
        cert - to verify hostname against
        Throws:
        java.security.cert.CertificateException - if the hostname cannot be verified

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException
        Specified by:
        checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException
        Specified by:
        checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               javax.net.ssl.SSLEngine engine)
                        throws java.security.cert.CertificateException
        Specified by:
        checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType,
                               javax.net.ssl.SSLEngine engine)
                        throws java.security.cert.CertificateException
        Specified by:
        checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] chain,
                               java.lang.String authType)
                        throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • getAcceptedIssuers

        public java.security.cert.X509Certificate[] getAcceptedIssuers()