|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectwjhk.jupload2.upload.InteractiveTrustManager
public class InteractiveTrustManager
An implementation of X509TrustManager which can operate
in different modes. If mode is NONE, then any server certificate is
accepted and no certificate-based client authentication is performed. If mode
is SERVER, then server certificates are verified and if verification is
unsuccessful, a dialog is presented to the user, which allows accepting a
certificate temporarily or permanently. If mode is CLIENT, then
certificate-based client authentication is performed. Finally, there is a
mode STRICT, which combines both SERVER and CLIENT modes.
| Field Summary | |
|---|---|
static int |
CLIENT
Mode for using client certificates. |
private java.lang.String |
hostname
|
private static javax.net.ssl.KeyManagerFactory |
kmf
|
private java.security.KeyStore |
ks
The keystore for client certificates. |
private int |
mode
|
static int |
NONE
Mode for accepting any certificate. |
static int |
SERVER
Mode for verifying server certificate chains. |
static int |
STRICT
Mode for performing both client authentication and server cert verification. |
private javax.net.ssl.TrustManagerFactory |
tmf
|
private static java.security.KeyStore |
ts
The truststore for validation of server certificates |
private static java.lang.String |
TS
|
private static java.lang.String |
TSKEY
|
private java.lang.String |
tsname
Absolute path of the truststore to use. |
private java.lang.String |
tspasswd
|
private UploadPolicy |
uploadPolicy
|
private static java.lang.String |
USERTS
|
| Constructor Summary | |
|---|---|
InteractiveTrustManager(UploadPolicy p,
java.lang.String hostname,
java.lang.String passwd)
Create a new instance. |
|
| Method Summary | |
|---|---|
private void |
CertDialog(java.security.cert.X509Certificate c)
|
void |
checkClientTrusted(java.security.cert.X509Certificate[] arg0,
java.lang.String arg1)
As this class is used on the client side only, The implementation of this method does nothing. |
void |
checkServerTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
|
private java.lang.String |
formatDN(java.lang.String dn,
java.lang.String cn,
java.util.Vector<java.lang.String> reason)
Format a DN. |
java.security.cert.X509Certificate[] |
getAcceptedIssuers()
|
javax.net.ssl.KeyManager[] |
getKeyManagers()
Retrieve key managers. |
private java.lang.String |
getPassword(java.lang.String storename)
|
javax.net.ssl.X509TrustManager[] |
getTrustManagers()
Retrieve trust managers. |
void |
handle(javax.security.auth.callback.Callback[] callbacks)
|
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final int NONE
public static final int SERVER
public static final int CLIENT
public static final int STRICT
private UploadPolicy uploadPolicy
private int mode
private java.lang.String hostname
private static final java.lang.String TS
private static final java.lang.String TSKEY
private static final java.lang.String USERTS
private java.lang.String tsname
private java.lang.String tspasswd
private javax.net.ssl.TrustManagerFactory tmf
private static javax.net.ssl.KeyManagerFactory kmf
private static java.security.KeyStore ts
private java.security.KeyStore ks
| Constructor Detail |
|---|
public InteractiveTrustManager(UploadPolicy p,
java.lang.String hostname,
java.lang.String passwd)
throws java.security.NoSuchAlgorithmException,
java.security.KeyStoreException,
java.security.cert.CertificateException,
java.lang.IllegalArgumentException,
java.security.UnrecoverableKeyException
p - The UploadPolicy to use for this instance.hostname - passwd - An optional password for the truststore.
java.security.NoSuchAlgorithmException
java.security.KeyStoreException
java.security.cert.CertificateException
java.lang.IllegalArgumentException
java.security.UnrecoverableKeyException| Method Detail |
|---|
private java.lang.String getPassword(java.lang.String storename)
public void handle(javax.security.auth.callback.Callback[] callbacks)
throws javax.security.auth.callback.UnsupportedCallbackException
handle in interface javax.security.auth.callback.CallbackHandlerjavax.security.auth.callback.UnsupportedCallbackExceptionCallbackHandler.handle(javax.security.auth.callback.Callback[])public javax.net.ssl.KeyManager[] getKeyManagers()
public javax.net.ssl.X509TrustManager[] getTrustManagers()
public void checkClientTrusted(java.security.cert.X509Certificate[] arg0,
java.lang.String arg1)
checkClientTrusted in interface javax.net.ssl.X509TrustManagerX509TrustManager.checkClientTrusted(java.security.cert.X509Certificate[],
java.lang.String)
private java.lang.String formatDN(java.lang.String dn,
java.lang.String cn,
java.util.Vector<java.lang.String> reason)
X500Principal.getName() to
HTML table columns.
dn - The DN to format.cn - An optional CN (Common Name) to match against the CN in the DN.
If this parameter is non null and the CN, encoded in the DN
does not match the CN specified, it is considered an error and
the CN is printed accordingly (red).reason - A vector of error-strings. If the CN-comparison fails, an
explanation is added to this vector.
private void CertDialog(java.security.cert.X509Certificate c)
throws java.security.cert.CertificateException
java.security.cert.CertificateException
public void checkServerTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
throws java.security.cert.CertificateException
checkServerTrusted in interface javax.net.ssl.X509TrustManagerjava.security.cert.CertificateExceptionX509TrustManager.checkServerTrusted(java.security.cert.X509Certificate[],
java.lang.String)public java.security.cert.X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers in interface javax.net.ssl.X509TrustManagerX509TrustManager.getAcceptedIssuers()
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||