Class LdapClientTrustStoreManager
- java.lang.Object
-
- org.apache.directory.fortress.core.ldap.LdapClientTrustStoreManager
-
- All Implemented Interfaces:
Serializable
,TrustManager
,X509TrustManager
public final class LdapClientTrustStoreManager extends Object implements X509TrustManager, Serializable
Implement the X509TrustManager interface which will be used during JSSE truststore manager initialization for LDAP client-to-server communications over TLS/SSL. It is used during certificate validation operations within JSSE.There are the controlling fortress.properties:
- trust.store : contains the name of the truststore (must be fully qualified iff trust.store.onclasspath=false
- trust.store.password : contains the pw for the specified truststore
- trust.onclasspath : if false name must be fully qualified, otherwise file must be on classpath as named
- Author:
- Apache Directory Project
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description LdapClientTrustStoreManager(String trustStoreFile, char[] trustStorePw, String trustStoreFormat, boolean isExamineValidity)
Constructor used by connection configuration utility to load trust store manager.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
checkClientTrusted(X509Certificate[] x509Chain, String authNType)
Determine if client certificate is to be trusted.void
checkServerTrusted(X509Certificate[] x509Chain, String authNType)
Determine if server certificate is to be trusted.X509Certificate[]
getAcceptedIssuers()
Return the list of accepted issuers for this trust manager.
-
-
-
Constructor Detail
-
LdapClientTrustStoreManager
public LdapClientTrustStoreManager(String trustStoreFile, char[] trustStorePw, String trustStoreFormat, boolean isExamineValidity)
Constructor used by connection configuration utility to load trust store manager.- Parameters:
trustStoreFile
- contains name of trust store file.trustStorePw
- contains the password for trust storetrustStoreFormat
- contains the format for trust storeisExamineValidity
- boolean var determines if certificate will be examined for valid dates on load.
-
-
Method Detail
-
checkClientTrusted
public void checkClientTrusted(X509Certificate[] x509Chain, String authNType) throws CertificateException
Determine if client certificate is to be trusted.- Specified by:
checkClientTrusted
in interfaceX509TrustManager
- Parameters:
x509Chain
-authNType
-- Throws:
CertificateException
-
checkServerTrusted
public void checkServerTrusted(X509Certificate[] x509Chain, String authNType) throws CertificateException
Determine if server certificate is to be trusted.- Specified by:
checkServerTrusted
in interfaceX509TrustManager
- Parameters:
x509Chain
-authNType
-- Throws:
CertificateException
-
getAcceptedIssuers
public X509Certificate[] getAcceptedIssuers()
Return the list of accepted issuers for this trust manager.- Specified by:
getAcceptedIssuers
in interfaceX509TrustManager
- Returns:
- array of accepted issuers
-
-