|
J2EE1.4 SDK | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.sun.appserv.management.client.TrustStoreTrustManager
This X509TrustManager implementation supports a trust-store file and allows adding new certificates to it. It is designed to allow a subclass to override a variety of protected methods including those of TrustManager:
For convenience, if setPrompt( true ) is called, then when a new Certificate is encountered, askShouldAddToTrustStore( c ) prompts the user via System.in as to whether to accept this new Certificate as trusted. Subclasses can of course override this behavior any any desired way.
Field Summary | |
static java.lang.String |
TRUSTSTORE_FILE_SPROP
Standard system property denoting the trust-store. |
static java.lang.String |
TRUSTSTORE_PASSWORD_SPROP
Standard system property denoting the trust-store password. |
Constructor Summary | |
TrustStoreTrustManager(java.io.File trustStoreFile,
char[] trustStorePassword)
calls this( trustStoreFile,"JKS", trustStorePassword ) |
|
TrustStoreTrustManager(java.io.File trustStoreFile,
java.lang.String keyStoreType,
char[] trustStorePassword)
Create a new instance with the specified File and password The trustStoreFile must exist. |
Method Summary | |
protected void |
addCertificateToTrustStore(java.security.cert.Certificate c)
Add the Certificate to the trust-store, using the alias returned by getCertificateAlias( c ). |
protected void |
addCertificateToTrustStore(java.lang.String alias,
java.security.cert.Certificate c)
Add the Certificate with the specified alias to the trust-store. |
protected boolean |
askShouldAddToTrustStore(java.security.cert.Certificate c)
Prompts via System.in to ask whether the Certificate should be added. |
protected void |
certificateNotInTrustStore(java.security.cert.Certificate c)
The Certificate is not found in the trust-store. |
protected void |
checkCertificate(java.security.cert.X509Certificate[] chain)
|
void |
checkClientTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
|
void |
checkServerTrusted(java.security.cert.X509Certificate[] chain,
java.lang.String authType)
|
java.security.cert.X509Certificate[] |
getAcceptedIssuers()
By default, no issuers are trusted. |
protected java.lang.String |
getCertificateAlias(java.security.cert.Certificate c)
Return an alias for a Certificate to be added to the TrustStore. |
static TrustStoreTrustManager |
getSystemInstance()
Create an instance using the system trust-store as returned by getSystemTrustStoreFile(). |
static java.io.File |
getSystemTrustStoreFile()
Use System.getProperty( "javax.net.ssl.trustStore" ) to find a trust-store. |
static char[] |
getSystemTrustStorePassword()
Use System.getProperty( "javax.net.ssl.trustStorePassword" ) to find the trust-store password. |
protected java.security.KeyStore |
getTrustStore()
Get the KeyStore containing the Certificates to be trusted. |
java.io.File |
getTrustStoreFile()
Return the trust-store that was initially passed in. |
protected char[] |
getTrustStorePassword()
Subclass may choose to override this method to get the password from any desired source. |
void |
setPrompt(boolean prompt)
If set to true, then when a new Certificate is encountered, the user will be prompted via System.in as to whether it should be trusted. |
protected boolean |
shouldAddToTrustStore(java.security.cert.Certificate c)
Subclass may wish to override this routine and call defaultShouldAddToTrustStore( c ); |
java.lang.String |
toString()
|
protected void |
writeStore()
Write the store to disk. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
public static final java.lang.String TRUSTSTORE_FILE_SPROP
public static final java.lang.String TRUSTSTORE_PASSWORD_SPROP
Constructor Detail |
public TrustStoreTrustManager(java.io.File trustStoreFile, java.lang.String keyStoreType, char[] trustStorePassword)
trustStoreFile
- (not required to exist)keyStoreType
- keystore (truststore) type, eg "JKS"trustStorePassword
- (may be null)public TrustStoreTrustManager(java.io.File trustStoreFile, char[] trustStorePassword)
Method Detail |
public void setPrompt(boolean prompt)
prompt
- public static TrustStoreTrustManager getSystemInstance()
public static java.io.File getSystemTrustStoreFile()
public static char[] getSystemTrustStorePassword()
public final java.io.File getTrustStoreFile()
protected char[] getTrustStorePassword()
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
checkClientTrusted
in interface javax.net.ssl.X509TrustManager
java.security.cert.CertificateException
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, java.lang.String authType) throws java.security.cert.CertificateException
checkServerTrusted
in interface javax.net.ssl.X509TrustManager
java.security.cert.CertificateException
public java.security.cert.X509Certificate[] getAcceptedIssuers()
getAcceptedIssuers
in interface javax.net.ssl.X509TrustManager
protected boolean askShouldAddToTrustStore(java.security.cert.Certificate c) throws java.io.IOException
c
-
java.io.IOException
protected boolean shouldAddToTrustStore(java.security.cert.Certificate c) throws java.io.IOException
c
-
java.io.IOException
protected java.lang.String getCertificateAlias(java.security.cert.Certificate c)
c
-
protected void addCertificateToTrustStore(java.lang.String alias, java.security.cert.Certificate c) throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException
alias
- c
-
java.io.IOException
java.security.KeyStoreException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
protected void addCertificateToTrustStore(java.security.cert.Certificate c) throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException
c
-
java.io.IOException
java.security.KeyStoreException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
protected void writeStore() throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException
java.io.IOException
java.security.KeyStoreException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
protected void certificateNotInTrustStore(java.security.cert.Certificate c) throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException
c
-
java.io.IOException
java.security.KeyStoreException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
protected java.security.KeyStore getTrustStore() throws java.io.IOException, java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.security.KeyStoreException, java.io.FileNotFoundException
java.io.IOException
java.security.cert.CertificateException
java.security.NoSuchAlgorithmException
java.security.KeyStoreException
java.io.FileNotFoundException
protected void checkCertificate(java.security.cert.X509Certificate[] chain) throws java.lang.RuntimeException, java.security.cert.CertificateException
chain
-
java.lang.RuntimeException
java.security.cert.CertificateException
public java.lang.String toString()
|
J2EE1.4 SDK | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright 2003 Sun Microsystems, Inc. All rights reserved.