You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Wolter Eldering (JIRA)" <ji...@apache.org> on 2006/09/24 23:18:22 UTC
[jira] Created: (DIRMINA-271) Configuration enhancement of the
TrustManagerFactory in SSLContextFactoryBean
Configuration enhancement of the TrustManagerFactory in SSLContextFactoryBean
-----------------------------------------------------------------------------
Key: DIRMINA-271
URL: http://issues.apache.org/jira/browse/DIRMINA-271
Project: Directory MINA
Issue Type: Improvement
Affects Versions: 1.0
Reporter: Wolter Eldering
Priority: Minor
The current implementation of SSLContextFactoryBean will always call trustManagerFactory init(keyStore) if a TrustManagerFactory is configured.
For more flexibel and advanced configuration of TrustManagerFactories init(ManagerFactoryParameters spec) can be used.
I'd like to suggest to following changes to the SSLContextFactoryBean:
- add a trustManagerFactoryParameters property to SSLContextFactoryBean
- when this property is set use its value to initialize the trustManagerFactory, otherwise use the trustManagerFactoryKeystore property for initialization
A keystore can still be configured when using the trustManagerFactoryParameters.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DIRMINA-271) Configuration enhancement of the
TrustManagerFactory in SSLContextFactoryBean
Posted by "Wolter Eldering (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRMINA-271?page=all ]
Wolter Eldering updated DIRMINA-271:
------------------------------------
Attachment: SSLContextFactoryBean.java
The changes I'd like to suggest to SSLContextFactoryBean.java
--- SSLContextFactoryBean.java (revision 449402)
+++ SSLContextFactoryBean.java (working copy)
@@ -27,7 +27,9 @@
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.ManagerFactoryParameters;
+
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.util.Assert;
@@ -73,6 +75,7 @@
private String trustManagerFactoryAlgorithm = null;
private String trustManagerFactoryProvider = null;
private boolean trustManagerFactoryAlgorithmUseDefault = false;
+ private ManagerFactoryParameters trustManagerFactoryParameters = null;
protected Object createInstance() throws Exception
{
@@ -131,7 +134,14 @@
TrustManager[] trustManagers = null;
if( tmf != null )
{
- tmf.init( trustManagerFactoryKeyStore );
+ if( trustManagerFactoryParameters != null )
+ {
+ tmf.init( trustManagerFactoryParameters );
+ }
+ else
+ {
+ tmf.init( trustManagerFactoryKeyStore );
+ }
trustManagers = tmf.getTrustManagers();
}
@@ -324,6 +334,10 @@
* Sets the {@link KeyStore} which will be used in the call to
* {@link TrustManagerFactory#init(java.security.KeyStore)} when
* the {@link SSLContext} is created.
+ * <p>
+ * This property will be ignored if {@link ManagerFactoryParameters} has been
+ * set directly using {@link #setTrustManagerFactoryParameters(ManagerFactoryParameters)}.
+ * </p>
*
* @param keyStore the key store.
*/
@@ -333,6 +347,18 @@
}
/**
+ * Sets the {@link ManagerFactoryParameters} which will be used in the call to
+ * {@link TrustManagerFactory#init(javax.net.ssl.ManagerFactoryParameters)} when
+ * the {@link SSLContext} is created.
+ *
+ * @param parameters describing provider-specific trust material
+ */
+ public void setTrustManagerFactoryParameters( ManagerFactoryParameters parameters )
+ {
+ this.trustManagerFactoryParameters = parameters;
+ }
+
+ /**
* Sets the provider to use when creating the {@link TrustManagerFactory}
* using
* {@link TrustManagerFactory#getInstance(java.lang.String, java.lang.String)}.
> Configuration enhancement of the TrustManagerFactory in SSLContextFactoryBean
> -----------------------------------------------------------------------------
>
> Key: DIRMINA-271
> URL: http://issues.apache.org/jira/browse/DIRMINA-271
> Project: Directory MINA
> Issue Type: Improvement
> Affects Versions: 1.0
> Reporter: Wolter Eldering
> Priority: Minor
> Attachments: SSLContextFactoryBean.java
>
>
> The current implementation of SSLContextFactoryBean will always call trustManagerFactory init(keyStore) if a TrustManagerFactory is configured.
> For more flexibel and advanced configuration of TrustManagerFactories init(ManagerFactoryParameters spec) can be used.
> I'd like to suggest to following changes to the SSLContextFactoryBean:
> - add a trustManagerFactoryParameters property to SSLContextFactoryBean
> - when this property is set use its value to initialize the trustManagerFactory, otherwise use the trustManagerFactoryKeystore property for initialization
> A keystore can still be configured when using the trustManagerFactoryParameters.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Assigned: (DIRMINA-271) Configuration enhancement of the
TrustManagerFactory in SSLContextFactoryBean
Posted by "Niklas Therning (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRMINA-271?page=all ]
Niklas Therning reassigned DIRMINA-271:
---------------------------------------
Assignee: Niklas Therning
> Configuration enhancement of the TrustManagerFactory in SSLContextFactoryBean
> -----------------------------------------------------------------------------
>
> Key: DIRMINA-271
> URL: http://issues.apache.org/jira/browse/DIRMINA-271
> Project: Directory MINA
> Issue Type: Improvement
> Affects Versions: 1.0
> Reporter: Wolter Eldering
> Assigned To: Niklas Therning
> Priority: Minor
> Attachments: SSLContextFactoryBean.java
>
>
> The current implementation of SSLContextFactoryBean will always call trustManagerFactory init(keyStore) if a TrustManagerFactory is configured.
> For more flexibel and advanced configuration of TrustManagerFactories init(ManagerFactoryParameters spec) can be used.
> I'd like to suggest to following changes to the SSLContextFactoryBean:
> - add a trustManagerFactoryParameters property to SSLContextFactoryBean
> - when this property is set use its value to initialize the trustManagerFactory, otherwise use the trustManagerFactoryKeystore property for initialization
> A keystore can still be configured when using the trustManagerFactoryParameters.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Resolved: (DIRMINA-271) Configuration enhancement of the
TrustManagerFactory in SSLContextFactoryBean
Posted by "Niklas Therning (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRMINA-271?page=all ]
Niklas Therning resolved DIRMINA-271.
-------------------------------------
Fix Version/s: 1.0
Resolution: Fixed
The patch has been applied. Thank you Wolter for submitting it! Please close this issue.
> Configuration enhancement of the TrustManagerFactory in SSLContextFactoryBean
> -----------------------------------------------------------------------------
>
> Key: DIRMINA-271
> URL: http://issues.apache.org/jira/browse/DIRMINA-271
> Project: Directory MINA
> Issue Type: Improvement
> Affects Versions: 1.0
> Reporter: Wolter Eldering
> Assigned To: Niklas Therning
> Priority: Minor
> Fix For: 1.0
>
> Attachments: SSLContextFactoryBean.java
>
>
> The current implementation of SSLContextFactoryBean will always call trustManagerFactory init(keyStore) if a TrustManagerFactory is configured.
> For more flexibel and advanced configuration of TrustManagerFactories init(ManagerFactoryParameters spec) can be used.
> I'd like to suggest to following changes to the SSLContextFactoryBean:
> - add a trustManagerFactoryParameters property to SSLContextFactoryBean
> - when this property is set use its value to initialize the trustManagerFactory, otherwise use the trustManagerFactoryKeystore property for initialization
> A keystore can still be configured when using the trustManagerFactoryParameters.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (DIRMINA-271) Configuration enhancement of the
TrustManagerFactory in SSLContextFactoryBean
Posted by "Wolter Eldering (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRMINA-271?page=all ]
Wolter Eldering closed DIRMINA-271.
-----------------------------------
> Configuration enhancement of the TrustManagerFactory in SSLContextFactoryBean
> -----------------------------------------------------------------------------
>
> Key: DIRMINA-271
> URL: http://issues.apache.org/jira/browse/DIRMINA-271
> Project: Directory MINA
> Issue Type: Improvement
> Affects Versions: 1.0
> Reporter: Wolter Eldering
> Assigned To: Niklas Therning
> Priority: Minor
> Fix For: 1.0
>
> Attachments: SSLContextFactoryBean.java
>
>
> The current implementation of SSLContextFactoryBean will always call trustManagerFactory init(keyStore) if a TrustManagerFactory is configured.
> For more flexibel and advanced configuration of TrustManagerFactories init(ManagerFactoryParameters spec) can be used.
> I'd like to suggest to following changes to the SSLContextFactoryBean:
> - add a trustManagerFactoryParameters property to SSLContextFactoryBean
> - when this property is set use its value to initialize the trustManagerFactory, otherwise use the trustManagerFactoryKeystore property for initialization
> A keystore can still be configured when using the trustManagerFactoryParameters.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira