You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by as...@apache.org on 2013/10/29 17:32:11 UTC

svn commit: r1536797 - /cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java

Author: ashakirin
Date: Tue Oct 29 16:32:10 2013
New Revision: 1536797

URL: http://svn.apache.org/r1536797
Log:
Improved logging in XKMS trust chain validation

Modified:
    cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java

Modified: cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java?rev=1536797&r1=1536796&r2=1536797&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java (original)
+++ cxf/trunk/services/xkms/xkms-x509-handlers/src/main/java/org/apache/cxf/xkms/x509/validator/TrustedAuthorityValidator.java Tue Oct 29 16:32:10 2013
@@ -95,15 +95,18 @@ public class TrustedAuthorityValidator i
                 
             CertPathValidator validator = CertPathValidator.getInstance("PKIX");
             validator.validate(certPath, pkixParams);
+            
         } catch (InvalidAlgorithmParameterException e) {
+            LOG.log(Level.SEVERE, "Invalid algorithm by certificate chain validation: " + e.getMessage(), e);
             throw new RuntimeException(e);
         } catch (NoSuchAlgorithmException e) {
+            LOG.log(Level.SEVERE, "Unknown algorithm by certificate chain validation: " + e.getMessage(), e);
             throw new RuntimeException(e);
         } catch (CertPathBuilderException e) {
-            LOG.log(Level.INFO, e.getMessage(), e);
+            LOG.log(Level.WARNING, "Certificate chain invalid: " + e.getMessage(), e);
             return false;
         } catch (CertPathValidatorException e) {
-            LOG.log(Level.INFO, e.getMessage(), e);
+            LOG.log(Level.WARNING, "Certificate chain invalid: " + e.getMessage(), e);
             return false;
         }
         return true;