You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by lu...@apache.org on 2003/08/09 01:40:17 UTC
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSE14SocketFactory.java
luehe 2003/08/08 16:40:17
Modified: util/java/org/apache/tomcat/util/net/jsse
JSSE14SocketFactory.java
Log:
Allow for customization of JSSE trust and key managers.
Revision Changes Path
1.5 +41 -17 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java
Index: JSSE14SocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- JSSE14SocketFactory.java 18 Jul 2003 05:26:45 -0000 1.4
+++ JSSE14SocketFactory.java 8 Aug 2003 23:40:17 -0000 1.5
@@ -71,6 +71,7 @@
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
@@ -116,27 +117,13 @@
String algorithm = (String)attributes.get("algorithm");
if (algorithm == null) algorithm = defaultAlgorithm;
- // Set up KeyManager, which will extract server key
- KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
String keystoreType = (String)attributes.get("keystoreType");
- if (keystoreType == null)
- keystoreType = defaultKeystoreType;
- String keystorePass = getKeystorePassword();
- kmf.init(getKeystore(keystoreType, keystorePass),
- keystorePass.toCharArray());
-
- // Set up TrustManager
- TrustManager[] tm = null;
- KeyStore trustStore = getTrustStore(keystoreType);
- if (trustStore != null) {
- TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
- tmf.init(trustStore);
- tm = tmf.getTrustManagers();
- }
// Create and init SSLContext
SSLContext context = SSLContext.getInstance(protocol);
- context.init(kmf.getKeyManagers(), tm, new SecureRandom());
+ context.init(getKeyManagers(keystoreType, algorithm),
+ getTrustManagers(keystoreType),
+ new SecureRandom());
// create proxy
sslProxy = context.getServerSocketFactory();
@@ -151,4 +138,41 @@
}
}
+ /**
+ * Gets the initialized key managers.
+ */
+ protected KeyManager[] getKeyManagers(String keystoreType,
+ String algorithm)
+ throws Exception {
+
+ if (keystoreType == null) {
+ keystoreType = defaultKeystoreType;
+ }
+
+ String keystorePass = getKeystorePassword();
+
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
+ kmf.init(getKeystore(keystoreType, keystorePass),
+ keystorePass.toCharArray());
+
+ return kmf.getKeyManagers();
+ }
+
+ /**
+ * Gets the intialized trust managers.
+ */
+ protected TrustManager[] getTrustManagers(String keystoreType)
+ throws Exception {
+
+ TrustManager[] tm = null;
+
+ KeyStore trustStore = getTrustStore(keystoreType);
+ if (trustStore != null) {
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+ tmf.init(trustStore);
+ tm = tmf.getTrustManagers();
+ }
+
+ return tm;
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: cvs commit:
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse
JSSE14SocketFactory.java
Posted by Jan Luehe <Ja...@Sun.COM>.
Bill Barker wrote:
>> + protected TrustManager[] getTrustManagers(String keystoreType)
>> + throws Exception {
>> +
>> + TrustManager[] tm = null;
>
>
> Don't you need a check for keystoreType == null here?
Yes, thanks, just added one.
Jan
>
>> +
>> + KeyStore trustStore = getTrustStore(keystoreType);
>> + if (trustStore != null) {
>> + TrustManagerFactory tmf =
>
> TrustManagerFactory.getInstance("SunX509");
>
>> + tmf.init(trustStore);
>> + tm = tmf.getTrustManagers();
>> + }
>> +
>> + return tm;
>> + }
>> }
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>
>
>
> ------------------------------------------------------------------------
>
> This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
>
> In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
>
>
>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: cvs commit:
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse
JSSE14SocketFactory.java
Posted by Jan Luehe <Ja...@Sun.COM>.
Bill Barker wrote:
>> + protected TrustManager[] getTrustManagers(String keystoreType)
>> + throws Exception {
>> +
>> + TrustManager[] tm = null;
>
>
> Don't you need a check for keystoreType == null here?
Yes, thanks, just added one.
Jan
>
>> +
>> + KeyStore trustStore = getTrustStore(keystoreType);
>> + if (trustStore != null) {
>> + TrustManagerFactory tmf =
>
> TrustManagerFactory.getInstance("SunX509");
>
>> + tmf.init(trustStore);
>> + tm = tmf.getTrustManagers();
>> + }
>> +
>> + return tm;
>> + }
>> }
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>
>
>
> ------------------------------------------------------------------------
>
> This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments.
>
> In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
>
>
>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Re: cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSE14SocketFactory.java
Posted by Bill Barker <wb...@wilshire.com>.
> + protected TrustManager[] getTrustManagers(String keystoreType)
> + throws Exception {
> +
> + TrustManager[] tm = null;
Don't you need a check for keystoreType == null here?
> +
> + KeyStore trustStore = getTrustStore(keystoreType);
> + if (trustStore != null) {
> + TrustManagerFactory tmf =
TrustManagerFactory.getInstance("SunX509");
> + tmf.init(trustStore);
> + tm = tmf.getTrustManagers();
> + }
> +
> + return tm;
> + }
> }
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>