You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2014/01/06 14:05:58 UTC
svn commit: r1555738 -
/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
Author: ashakirin
Date: Mon Jan 6 13:05:58 2014
New Revision: 1555738
URL: http://svn.apache.org/r1555738
Log:
Improved XKMS validation error handling
Modified:
cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java?rev=1555738&r1=1555737&r2=1555738&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java Mon Jan 6 13:05:58 2014
@@ -97,19 +97,19 @@ public class TrustedAuthorityValidator i
validator.validate(certPath, pkixParams);
} catch (InvalidAlgorithmParameterException e) {
- LOG.log(Level.SEVERE,
+ LOG.log(Level.WARNING,
"Invalid algorithm parameter by certificate chain validation. "
+ "It is likely that issuer certificates are not found in XKMS trusted storage. "
+ e.getMessage(), e);
- throw new RuntimeException(e);
+ return false;
} catch (NoSuchAlgorithmException e) {
- LOG.log(Level.SEVERE, "Unknown algorithm by certificate chain validation: " + e.getMessage(), e);
- throw new RuntimeException(e);
+ LOG.log(Level.WARNING, "Unknown algorithm by trust chain validation: " + e.getMessage(), e);
+ return false;
} catch (CertPathBuilderException e) {
- LOG.log(Level.WARNING, "Certificate chain invalid: " + e.getMessage(), e);
+ LOG.log(Level.WARNING, "Cannot build certification path: " + e.getMessage(), e);
return false;
} catch (CertPathValidatorException e) {
- LOG.log(Level.WARNING, "Certificate chain invalid: " + e.getMessage(), e);
+ LOG.log(Level.WARNING, "Cannot vaidate certification path: " + e.getMessage(), e);
return false;
}
return true;