001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: package org.apache.jmeter.util;
019:
020: import java.security.cert.CertificateException;
021: import java.security.cert.X509Certificate;
022:
023: import javax.net.ssl.X509TrustManager;
024:
025: import org.apache.jorphan.logging.LoggingManager;
026: import org.apache.log.Logger;
027:
028: /**
029: * Custom TrustManager ignores all certificate errors
030: *
031: * TODO: implement conditional checking and logging
032: *
033: * (Derived from AuthSSLX509TrustManager in HttpClient contrib directory)
034: */
035:
036: public class CustomX509TrustManager implements X509TrustManager {
037: private X509TrustManager defaultTrustManager = null;
038:
039: private static final Logger log = LoggingManager
040: .getLoggerForClass();
041:
042: public CustomX509TrustManager(
043: final X509TrustManager defaultTrustManager) {
044: super ();
045: if (defaultTrustManager == null) {
046: throw new IllegalArgumentException(
047: "Trust manager may not be null");
048: }
049: this .defaultTrustManager = defaultTrustManager;
050: }
051:
052: /**
053: * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String)
054: */
055: public void checkClientTrusted(X509Certificate[] certificates,
056: String authType) throws CertificateException {
057: if (log.isDebugEnabled() && certificates != null) {
058: for (int c = 0; c < certificates.length; c++) {
059: X509Certificate cert = certificates[c];
060: log.debug(" Client certificate " + (c + 1) + ":");
061: log.debug(" Subject DN: " + cert.getSubjectDN());
062: log.debug(" Signature Algorithm: "
063: + cert.getSigAlgName());
064: log.debug(" Valid from: " + cert.getNotBefore());
065: log.debug(" Valid until: " + cert.getNotAfter());
066: log.debug(" Issuer: " + cert.getIssuerDN());
067: }
068: }
069: // try {
070: // defaultTrustManager.checkClientTrusted(certificates,authType);
071: // } catch (CertificateException e){
072: // log.warn("Ignoring failed Client trust check: "+e.getMessage());
073: // }
074: }
075:
076: /**
077: * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String)
078: */
079: public void checkServerTrusted(X509Certificate[] certificates,
080: String authType) throws CertificateException {
081: if (log.isDebugEnabled() && certificates != null) {
082: for (int c = 0; c < certificates.length; c++) {
083: X509Certificate cert = certificates[c];
084: log.debug(" Server certificate " + (c + 1) + ":");
085: log.debug(" Subject DN: " + cert.getSubjectDN());
086: log.debug(" Signature Algorithm: "
087: + cert.getSigAlgName());
088: log.debug(" Valid from: " + cert.getNotBefore());
089: log.debug(" Valid until: " + cert.getNotAfter());
090: log.debug(" Issuer: " + cert.getIssuerDN());
091: }
092: }
093: // try{
094: // defaultTrustManager.checkServerTrusted(certificates,authType);
095: // } catch (CertificateException e){
096: // log.warn("Ignoring failed Server trust check: "+e.getMessage());
097: // }
098: }
099:
100: /**
101: * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
102: */
103: public X509Certificate[] getAcceptedIssuers() {
104: return this.defaultTrustManager.getAcceptedIssuers();
105: }
106: }
|