Source Code Cross Referenced for EasyX509TrustManager.java in  » Web-Crawler » webharvest » org » apache » commons » httpclient » contrib » ssl » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * ====================================================================
003:         *
004:         *  Copyright 2002-2004 The Apache Software Foundation
005:         *
006:         *  Licensed under the Apache License, Version 2.0 (the "License");
007:         *  you may not use this file except in compliance with the License.
008:         *  You may obtain a copy of the License at
009:         *
010:         *      http://www.apache.org/licenses/LICENSE-2.0
011:         *
012:         *  Unless required by applicable law or agreed to in writing, software
013:         *  distributed under the License is distributed on an "AS IS" BASIS,
014:         *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015:         *  See the License for the specific language governing permissions and
016:         *  limitations under the License.
017:         * ====================================================================
018:         *
019:         * This software consists of voluntary contributions made by many
020:         * individuals on behalf of the Apache Software Foundation.  For more
021:         * information on the Apache Software Foundation, please see
022:         * <http://www.apache.org/>.
023:         *
024:         */
025:
026:        package org.apache.commons.httpclient.contrib.ssl;
027:
028:        import java.security.KeyStore;
029:        import java.security.KeyStoreException;
030:        import java.security.NoSuchAlgorithmException;
031:        import java.security.cert.CertificateException;
032:        import java.security.cert.X509Certificate;
033:
034:        import javax.net.ssl.TrustManagerFactory;
035:        import javax.net.ssl.TrustManager;
036:        import javax.net.ssl.X509TrustManager;
037:        import org.apache.commons.logging.Log;
038:        import org.apache.commons.logging.LogFactory;
039:
040:        /**
041:         * <p>
042:         * EasyX509TrustManager unlike default {@link X509TrustManager} accepts 
043:         * self-signed certificates. 
044:         * </p>
045:         * <p>
046:         * This trust manager SHOULD NOT be used for productive systems 
047:         * due to security reasons, unless it is a concious decision and 
048:         * you are perfectly aware of security implications of accepting 
049:         * self-signed certificates
050:         * </p>
051:         * 
052:         * @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a>
053:         * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
054:         * 
055:         * <p>
056:         * DISCLAIMER: HttpClient developers DO NOT actively support this component.
057:         * The component is provided as a reference material, which may be inappropriate
058:         * for use without additional customization.
059:         * </p>
060:         */
061:
062:        public class EasyX509TrustManager implements  X509TrustManager {
063:            private X509TrustManager standardTrustManager = null;
064:
065:            /** Log object for this class. */
066:            private static final Log LOG = LogFactory
067:                    .getLog(EasyX509TrustManager.class);
068:
069:            /**
070:             * Constructor for EasyX509TrustManager.
071:             */
072:            public EasyX509TrustManager(KeyStore keystore)
073:                    throws NoSuchAlgorithmException, KeyStoreException {
074:                super ();
075:                TrustManagerFactory factory = TrustManagerFactory
076:                        .getInstance(TrustManagerFactory.getDefaultAlgorithm());
077:                factory.init(keystore);
078:                TrustManager[] trustmanagers = factory.getTrustManagers();
079:                if (trustmanagers.length == 0) {
080:                    throw new NoSuchAlgorithmException("no trust manager found");
081:                }
082:                this .standardTrustManager = (X509TrustManager) trustmanagers[0];
083:            }
084:
085:            /**
086:             * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
087:             */
088:            public void checkClientTrusted(X509Certificate[] certificates,
089:                    String authType) throws CertificateException {
090:                standardTrustManager.checkClientTrusted(certificates, authType);
091:            }
092:
093:            /**
094:             * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
095:             */
096:            public void checkServerTrusted(X509Certificate[] certificates,
097:                    String authType) throws CertificateException {
098:                if ((certificates != null) && LOG.isDebugEnabled()) {
099:                    LOG.debug("Server certificate chain:");
100:                    for (int i = 0; i < certificates.length; i++) {
101:                        LOG.debug("X509Certificate[" + i + "]="
102:                                + certificates[i]);
103:                    }
104:                }
105:                if ((certificates != null) && (certificates.length == 1)) {
106:                    certificates[0].checkValidity();
107:                } else {
108:                    standardTrustManager.checkServerTrusted(certificates,
109:                            authType);
110:                }
111:            }
112:
113:            /**
114:             * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
115:             */
116:            public X509Certificate[] getAcceptedIssuers() {
117:                return this.standardTrustManager.getAcceptedIssuers();
118:            }
119:        }