Package org.ldaptive.ssl
Class AggregateTrustManager
java.lang.Object
javax.net.ssl.X509ExtendedTrustManager
org.ldaptive.ssl.AggregateTrustManager
- All Implemented Interfaces:
TrustManager,X509TrustManager
Trust manager that delegates to multiple trust managers.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumEnum to define how trust managers should be processed.private static interfaceInterface for consuming a trust manager. -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final intMaximum number of certificates to log.protected final LoggerLogger for this class.private final X509ExtendedTrustManager[]Trust managers to invoke.private final AggregateTrustManager.StrategyWhether to require all trust managers succeed. -
Constructor Summary
ConstructorsConstructorDescriptionAggregateTrustManager(X509TrustManager... managers) Creates a new aggregate trust manager with the ALLAggregateTrustManager.Strategy.AggregateTrustManager(AggregateTrustManager.Strategy strategy, X509TrustManager... managers) Creates a new aggregate trust manager. -
Method Summary
Modifier and TypeMethodDescriptionprivate StringcertsToString(X509Certificate[] chain, boolean withIssuer) Returns a simple string representation of the supplied certificate chain.private StringcertToString(X509Certificate cert, boolean withIssuer) Returns a simple string representation of the supplied certificate.voidcheckClientTrusted(X509Certificate[] chain, String authType) voidcheckClientTrusted(X509Certificate[] chain, String authType, Socket socket) voidcheckClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) voidcheckServerTrusted(X509Certificate[] chain, String authType) voidcheckServerTrusted(X509Certificate[] chain, String authType, Socket socket) voidcheckServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) protected StringCreates an exception message for the supplied certificate chain.Returns the trust managers that are aggregated.Returns the trust strategy.toString()private voidInvoke the supplied consumer for each trust manager.
-
Field Details
-
DEFAULT_CHAIN_LOG_DEPTH
private static final int DEFAULT_CHAIN_LOG_DEPTHMaximum number of certificates to log.- See Also:
-
logger
Logger for this class. -
trustManagers
Trust managers to invoke. -
trustStrategy
Whether to require all trust managers succeed.
-
-
Constructor Details
-
AggregateTrustManager
Creates a new aggregate trust manager with the ALLAggregateTrustManager.Strategy.- Parameters:
managers- to aggregate
-
AggregateTrustManager
Creates a new aggregate trust manager.- Parameters:
strategy- for processing trust managersmanagers- to aggregate
-
-
Method Details
-
getTrustManagers
Returns the trust managers that are aggregated.- Returns:
- trust managers
-
getTrustStrategy
Returns the trust strategy.- Returns:
- trust strategy
-
checkClientTrusted
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException - Specified by:
checkClientTrustedin classX509ExtendedTrustManager- Throws:
CertificateException
-
checkClientTrusted
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException - Specified by:
checkClientTrustedin classX509ExtendedTrustManager- Throws:
CertificateException
-
checkClientTrusted
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException - Throws:
CertificateException
-
checkServerTrusted
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) throws CertificateException - Specified by:
checkServerTrustedin classX509ExtendedTrustManager- Throws:
CertificateException
-
checkServerTrusted
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) throws CertificateException - Specified by:
checkServerTrustedin classX509ExtendedTrustManager- Throws:
CertificateException
-
checkServerTrusted
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException - Throws:
CertificateException
-
getAcceptedIssuers
-
toString
-
createCertificateExceptionMessage
Creates an exception message for the supplied certificate chain.- Parameters:
chain- to create message for- Returns:
- string representation of certificate chain
-
certsToString
Returns a simple string representation of the supplied certificate chain.- Parameters:
chain- to logwithIssuer- whether to include the certificate issuer- Returns:
- string representation of certificate chain
-
certToString
Returns a simple string representation of the supplied certificate.- Parameters:
cert- to convert to string formatwithIssuer- whether to include the certificate issuer- Returns:
- string representation of the certificate
-
trustManagerCheck
private void trustManagerCheck(AggregateTrustManager.TrustManagerConsumer consumer) throws CertificateException Invoke the supplied consumer for each trust manager.- Parameters:
consumer- to invoke- Throws:
CertificateException- if trust check fails. For multiple failures the first exception is thrown
-