Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.archive.httpclient
Class ConfigurableX509TrustManager

java.lang.Object
  extended by org.archive.httpclient.ConfigurableX509TrustManager
All Implemented Interfaces:
javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager
public class ConfigurableX509TrustManager
extends java.lang.Object
implements javax.net.ssl.X509TrustManager

A configurable trust manager built on X509TrustManager. If set to 'open' trust, the default, will get us into sites for whom we do not have the CA or any of intermediary CAs that go to make up the cert chain of trust. Will also get us past selfsigned and expired certs. 'loose' trust will get us into sites w/ valid certs even if they are just selfsigned. 'normal' is any valid cert not including selfsigned. 'strict' means cert must be valid and the cert DN must match server name.

Based on pointers in SSL Guide, and readings done in JSSE Guide.

TODO: Move to an ssl subpackage when we have other classes other than just this one.

Version:
$Id: ConfigurableX509TrustManager.java 4232 2006-05-15 21:52:30Z stack-sf $
Author:
stack

Field Summary
static java.lang.String DEFAULT
          Default setting for trust level.
static java.lang.String[] LEVELS_AS_ARRAY
          All the levels of trust as an array from babe-in-the-wood to strict.
protected static java.util.logging.Logger logger
          Logging instance.
static java.lang.String LOOSE
          Trust any valid cert including self-signed certificates.
static java.lang.String NORMAL
          Normal jsse behavior.
static java.lang.String OPEN
          Trust anything given us.
static java.lang.String STRICT
          Strict trust.
 
Constructor Summary
ConfigurableX509TrustManager()
           
ConfigurableX509TrustManager(java.lang.String level)
          Constructor.
 
Method Summary
 void checkClientTrusted(java.security.cert.X509Certificate[] certificates, java.lang.String type)
           
 void checkServerTrusted(java.security.cert.X509Certificate[] certificates, java.lang.String type)
           
 java.security.cert.X509Certificate[] getAcceptedIssuers()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected static java.util.logging.Logger logger
Logging instance.

OPEN

public static final java.lang.String OPEN
Trust anything given us. Default setting.

See e502. Disabling Certificate Validation in an HTTPS Connection from the java almanac for how to trust all.

See Also:
Constant Field Values

LOOSE

public static final java.lang.String LOOSE
Trust any valid cert including self-signed certificates.

See Also:
Constant Field Values

NORMAL

public static final java.lang.String NORMAL
Normal jsse behavior. Seemingly any certificate that supplies valid chain of trust.

See Also:
Constant Field Values

STRICT

public static final java.lang.String STRICT
Strict trust. Ensure server has same name as cert DN.

See Also:
Constant Field Values

LEVELS_AS_ARRAY

public static java.lang.String[] LEVELS_AS_ARRAY
All the levels of trust as an array from babe-in-the-wood to strict.

DEFAULT

public static final java.lang.String DEFAULT
Default setting for trust level.

See Also:
Constant Field Values
Constructor Detail

ConfigurableX509TrustManager

public ConfigurableX509TrustManager()
                             throws java.security.NoSuchAlgorithmException,
                                    java.security.KeyStoreException
Throws:
java.security.NoSuchAlgorithmException
java.security.KeyStoreException

ConfigurableX509TrustManager

public ConfigurableX509TrustManager(java.lang.String level)
                             throws java.security.NoSuchAlgorithmException,
                                    java.security.KeyStoreException
Constructor.

Parameters:
level - Level of trust to effect.
Throws:
java.security.NoSuchAlgorithmException
java.security.KeyStoreException
Method Detail

checkClientTrusted

public void checkClientTrusted(java.security.cert.X509Certificate[] certificates,
                               java.lang.String type)
                        throws java.security.cert.CertificateException
Specified by:
checkClientTrusted in interface javax.net.ssl.X509TrustManager
Throws:
java.security.cert.CertificateException

checkServerTrusted

public void checkServerTrusted(java.security.cert.X509Certificate[] certificates,
                               java.lang.String type)
                        throws java.security.cert.CertificateException
Specified by:
checkServerTrusted in interface javax.net.ssl.X509TrustManager
Throws:
java.security.cert.CertificateException

getAcceptedIssuers

public java.security.cert.X509Certificate[] getAcceptedIssuers()
Specified by:
getAcceptedIssuers in interface javax.net.ssl.X509TrustManager
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2011 Internet Archive. All Rights Reserved.