📄 configurablex509trustmanager.html
字号:
<a name="101" href="#101">101</a> <em> */</em><a name="102" href="#102">102</a> <strong>public</strong> <strong>static</strong> String [] LEVELS_AS_ARRAY = {OPEN, LOOSE, NORMAL, STRICT};<a name="103" href="#103">103</a> <a name="104" href="#104">104</a> <em>/**<em>*</em></em><a name="105" href="#105">105</a> <em> * Levels as a list.</em><a name="106" href="#106">106</a> <em> */</em><a name="107" href="#107">107</a> <strong>private</strong> <strong>static</strong> List LEVELS = Arrays.asList(LEVELS_AS_ARRAY);<a name="108" href="#108">108</a> <a name="109" href="#109">109</a> <em>/**<em>*</em></em><a name="110" href="#110">110</a> <em> * Default setting for trust level.</em><a name="111" href="#111">111</a> <em> */</em><a name="112" href="#112">112</a> <strong>public</strong> <strong>final</strong> <strong>static</strong> String DEFAULT = OPEN;<a name="113" href="#113">113</a> <a name="114" href="#114">114</a> <em>/**<em>*</em></em><a name="115" href="#115">115</a> <em> * Trust level.</em><a name="116" href="#116">116</a> <em> */</em><a name="117" href="#117">117</a> <strong>private</strong> String trustLevel = DEFAULT;<a name="118" href="#118">118</a> <a name="119" href="#119">119</a> <a name="120" href="#120">120</a> <em>/**<em>*</em></em><a name="121" href="#121">121</a> <em> * An instance of the SUNX509TrustManager that we adapt variously</em><a name="122" href="#122">122</a> <em> * depending upon passed configuration.</em><a name="123" href="#123">123</a> <em> *</em><a name="124" href="#124">124</a> <em> * We have it do all the work we don't want to.</em><a name="125" href="#125">125</a> <em> */</em><a name="126" href="#126">126</a> <strong>private</strong> X509TrustManager standardTrustManager = <strong>null</strong>;<a name="127" href="#127">127</a> <a name="128" href="#128">128</a> <a name="129" href="#129">129</a> <strong>public</strong> ConfigurableX509TrustManager()<a name="130" href="#130">130</a> throws NoSuchAlgorithmException, KeyStoreException {<a name="131" href="#131">131</a> <strong>this</strong>(DEFAULT);<a name="132" href="#132">132</a> }<a name="133" href="#133">133</a> <a name="134" href="#134">134</a> <em>/**<em>*</em></em><a name="135" href="#135">135</a> <em> * Constructor.</em><a name="136" href="#136">136</a> <em> *</em><a name="137" href="#137">137</a> <em> * @param level Level of trust to effect.</em><a name="138" href="#138">138</a> <em> *</em><a name="139" href="#139">139</a> <em> * @throws NoSuchAlgorithmException</em><a name="140" href="#140">140</a> <em> * @throws KeyStoreException</em><a name="141" href="#141">141</a> <em> */</em><a name="142" href="#142">142</a> <strong>public</strong> ConfigurableX509TrustManager(String level)<a name="143" href="#143">143</a> throws NoSuchAlgorithmException, KeyStoreException {<a name="144" href="#144">144</a> <strong>super</strong>();<a name="145" href="#145">145</a> TrustManagerFactory factory = TrustManagerFactory.<a name="146" href="#146">146</a> getInstance(TrustManagerFactory.getDefaultAlgorithm());<a name="147" href="#147">147</a> <a name="148" href="#148">148</a> <em class="comment">// Pass in a null (Trust) KeyStore. Null says use the 'default'</em><a name="149" href="#149">149</a> <em class="comment">// 'trust' keystore (KeyStore class is used to hold keys and to hold</em><a name="150" href="#150">150</a> <em class="comment">// 'trusts' (certs)). See 'X509TrustManager Interface' in this doc:</em><a name="151" href="#151">151</a> <em class="comment">// http://java.sun.com</em><a name="152" href="#152">152</a> <em class="comment">// /j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#Introduction</em><a name="153" href="#153">153</a> factory.init((KeyStore)<strong>null</strong>);<a name="154" href="#154">154</a> TrustManager[] trustmanagers = factory.getTrustManagers();<a name="155" href="#155">155</a> <strong>if</strong> (trustmanagers.length == 0) {<a name="156" href="#156">156</a> <strong>throw</strong> <strong>new</strong> NoSuchAlgorithmException(TrustManagerFactory.<a name="157" href="#157">157</a> getDefaultAlgorithm() + <span class="string">" trust manager not supported"</span>);<a name="158" href="#158">158</a> }<a name="159" href="#159">159</a> <strong>this</strong>.standardTrustManager = (X509TrustManager)trustmanagers[0];<a name="160" href="#160">160</a> <a name="161" href="#161">161</a> <strong>this</strong>.trustLevel =<a name="162" href="#162">162</a> (LEVELS.contains(level.toLowerCase()))? level: DEFAULT;<a name="163" href="#163">163</a> }<a name="164" href="#164">164</a> <a name="165" href="#165">165</a> <strong>public</strong> <strong>void</strong> checkClientTrusted(X509Certificate[] certificates, String type)<a name="166" href="#166">166</a> throws CertificateException {<a name="167" href="#167">167</a> <strong>if</strong> (<strong>this</strong>.trustLevel.equals(OPEN)) {<a name="168" href="#168">168</a> <strong>return</strong>;<a name="169" href="#169">169</a> }<a name="170" href="#170">170</a> <a name="171" href="#171">171</a> <strong>this</strong>.standardTrustManager.checkClientTrusted(certificates, type);<a name="172" href="#172">172</a> }<a name="173" href="#173">173</a> <a name="174" href="#174">174</a> <strong>public</strong> <strong>void</strong> checkServerTrusted(X509Certificate[] certificates, String type)<a name="175" href="#175">175</a> throws CertificateException {<a name="176" href="#176">176</a> <strong>if</strong> (<strong>this</strong>.trustLevel.equals(OPEN)) {<a name="177" href="#177">177</a> <strong>return</strong>;<a name="178" href="#178">178</a> }<a name="179" href="#179">179</a> <a name="180" href="#180">180</a> <strong>try</strong> {<a name="181" href="#181">181</a> <strong>this</strong>.standardTrustManager.checkServerTrusted(certificates, type);<a name="182" href="#182">182</a> <strong>if</strong> (<strong>this</strong>.trustLevel.equals(STRICT)) {<a name="183" href="#183">183</a> logger.severe(STRICT + <span class="string">" not implemented."</span>);<a name="184" href="#184">184</a> }<a name="185" href="#185">185</a> } <strong>catch</strong> (CertificateException e) {<a name="186" href="#186">186</a> <strong>if</strong> (<strong>this</strong>.trustLevel.equals(LOOSE) &&<a name="187" href="#187">187</a> certificates != <strong>null</strong> && certificates.length == 1)<a name="188" href="#188">188</a> {<a name="189" href="#189">189</a> <em class="comment">// If only one cert and its valid and it caused a</em><a name="190" href="#190">190</a> <em class="comment">// CertificateException, assume its selfsigned.</em><a name="191" href="#191">191</a> X509Certificate certificate = certificates[0];<a name="192" href="#192">192</a> certificate.checkValidity();<a name="193" href="#193">193</a> } <strong>else</strong> {<a name="194" href="#194">194</a> <em class="comment">// If we got to here, then we're probably NORMAL. Rethrow.</em><a name="195" href="#195">195</a> <strong>throw</strong> e;<a name="196" href="#196">196</a> }<a name="197" href="#197">197</a> }<a name="198" href="#198">198</a> }<a name="199" href="#199">199</a> <a name="200" href="#200">200</a> <strong>public</strong> X509Certificate[] getAcceptedIssuers() {<a name="201" href="#201">201</a> <strong>return</strong> <strong>this</strong>.standardTrustManager.getAcceptedIssuers();<a name="202" href="#202">202</a> }<a name="203" href="#203">203</a> }</pre><hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body></html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -