You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by as...@apache.org on 2014/01/06 14:05:58 UTC

svn commit: r1555738 - /cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java

Author: ashakirin
Date: Mon Jan  6 13:05:58 2014
New Revision: 1555738

URL: http://svn.apache.org/r1555738
Log:
Improved XKMS validation error handling

Modified:
    cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java

Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java?rev=1555738&r1=1555737&r2=1555738&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java Mon Jan  6 13:05:58 2014
@@ -97,19 +97,19 @@ public class TrustedAuthorityValidator i
             validator.validate(certPath, pkixParams);
             
         } catch (InvalidAlgorithmParameterException e) {
-            LOG.log(Level.SEVERE,
+            LOG.log(Level.WARNING,
                     "Invalid algorithm parameter by certificate chain validation. "
                         + "It is likely that issuer certificates are not found in XKMS trusted storage. "
                         + e.getMessage(), e);
-            throw new RuntimeException(e);
+            return false;
         } catch (NoSuchAlgorithmException e) {
-            LOG.log(Level.SEVERE, "Unknown algorithm by certificate chain validation: " + e.getMessage(), e);
-            throw new RuntimeException(e);
+            LOG.log(Level.WARNING, "Unknown algorithm by trust chain validation: " + e.getMessage(), e);
+            return false;
         } catch (CertPathBuilderException e) {
-            LOG.log(Level.WARNING, "Certificate chain invalid: " + e.getMessage(), e);
+            LOG.log(Level.WARNING, "Cannot build certification path: " + e.getMessage(), e);
             return false;
         } catch (CertPathValidatorException e) {
-            LOG.log(Level.WARNING, "Certificate chain invalid: " + e.getMessage(), e);
+            LOG.log(Level.WARNING, "Cannot vaidate certification path: " + e.getMessage(), e);
             return false;
         }
         return true;