com.sun.enterprise.admin.util

Class AsadminTrustManager

java.lang.Object

com.sun.enterprise.admin.util.AsadminTrustManager

All Implemented Interfaces:

TrustManager, X509TrustManager

public class AsadminTrustManager
extends Object
implements X509TrustManager

An implementation of X509TrustManager that provides basic support for Trust Management. It checks if the server is trusted and displays the certificate that was received from the server. The user is then prompted to confirm the certificate. If confirmed, the certificate is entered into the client side asadmintruststore (default name is ~/.gfclient/truststore). Once in the truststore, the user is never prompted to confirm a second time.

Constructor Summary

Constructors

Constructor and Description
AsadminTrustManager() Creates an instance of the SunOneBasicX509TrustManager A date/time stamp is used of the trusted server certificate in the client side trust store.
AsadminTrustManager(Object alias, Map env) Creates an instance of the AsadminTrustManager

Method Summary

Modifier and Type	Method and Description
protected void	checkCertificate(X509Certificate[] chain) This function validates the cert and ensures that it is trusted.
void	checkClientTrusted(X509Certificate[] x509Certificate, String authType) Checks if client is trusted given the certificate chain and authorization type string, e.g., "RSA".
void	checkServerTrusted(X509Certificate[] chain, String authType) Checs if the server is trusted.
X509Certificate[]	getAcceptedIssuers()
void	setInteractive(boolean mode) Set the interactive mode for the trust manager.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AsadminTrustManager

public AsadminTrustManager(Object alias,
                           Map env)

Creates an instance of the AsadminTrustManager

Parameters:

alias - The toString() of the alias object concatenated with a date/time stamp is used as the alias of the trusted server certificate in the client side trust store. When null, only a date / timestamp is used as an alias.

AsadminTrustManager

public AsadminTrustManager()

Creates an instance of the SunOneBasicX509TrustManager A date/time stamp is used of the trusted server certificate in the client side trust store.

Method Detail

setInteractive

public void setInteractive(boolean mode)

Set the interactive mode for the trust manager. If false, it will not prompt for any confirmations and will just trust certificates. By default it is true.

checkClientTrusted

public void checkClientTrusted(X509Certificate[] x509Certificate,
                               String authType)
                        throws CertificateException

Checks if client is trusted given the certificate chain and authorization type string, e.g., "RSA".

Specified by:

checkClientTrusted in interface X509TrustManager

Throws:

CertificateException

UnsupportedOperationException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] chain,
                               String authType)
                        throws CertificateException

Checs if the server is trusted.

Specified by:

checkServerTrusted in interface X509TrustManager

Parameters:

chain - The server certificate to be validated.

authType -

Throws:

CertificateException

getAcceptedIssuers

public X509Certificate[] getAcceptedIssuers()

Specified by:

getAcceptedIssuers in interface X509TrustManager

checkCertificate

protected void checkCertificate(X509Certificate[] chain)
                         throws RuntimeException,
                                CertificateException,
                                IllegalArgumentException

This function validates the cert and ensures that it is trusted.

Parameters:

chain -

Throws:

RuntimeException

CertificateException

IllegalArgumentException