You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2006/08/23 22:55:34 UTC
svn commit: r434173 -
/geronimo/branches/1.1/modules/security/src/java/org/apache/geronimo/security/realm/providers/CertificateChainCallbackHandler.java
Author: djencks
Date: Wed Aug 23 13:55:33 2006
New Revision: 434173
URL: http://svn.apache.org/viewvc?rev=434173&view=rev
Log:
GERONIMO-2350 clearer error message
Modified:
geronimo/branches/1.1/modules/security/src/java/org/apache/geronimo/security/realm/providers/CertificateChainCallbackHandler.java
Modified: geronimo/branches/1.1/modules/security/src/java/org/apache/geronimo/security/realm/providers/CertificateChainCallbackHandler.java
URL: http://svn.apache.org/viewvc/geronimo/branches/1.1/modules/security/src/java/org/apache/geronimo/security/realm/providers/CertificateChainCallbackHandler.java?rev=434173&r1=434172&r2=434173&view=diff
==============================================================================
--- geronimo/branches/1.1/modules/security/src/java/org/apache/geronimo/security/realm/providers/CertificateChainCallbackHandler.java (original)
+++ geronimo/branches/1.1/modules/security/src/java/org/apache/geronimo/security/realm/providers/CertificateChainCallbackHandler.java Wed Aug 23 13:55:33 2006
@@ -19,14 +19,19 @@
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.security.cert.Certificate;
+
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.callback.CallbackHandler;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
/**
* @version $Rev$ $Date$
*/
public class CertificateChainCallbackHandler implements CallbackHandler {
+ private static final Log log = LogFactory.getLog(CertificateChainCallbackHandler.class);
Certificate[] certificateChain;
public CertificateChainCallbackHandler(Certificate[] certificateChain) {
@@ -39,14 +44,27 @@
if (callback instanceof CertificateChainCallback) {
CertificateChainCallback cc = (CertificateChainCallback) callback;
cc.setCertificateChain(certificateChain);
- } else if (callback instanceof CertificateCallback
- && certificateChain != null
- && certificateChain.length > 0
- && certificateChain[0] instanceof X509Certificate) {
- CertificateCallback cc = (CertificateCallback) callback;
- cc.setCertificate((X509Certificate) certificateChain[0]);
+ } else if (callback instanceof CertificateCallback) {
+ if (certificateChain != null
+ && certificateChain.length > 0
+ && certificateChain[0] instanceof X509Certificate) {
+ CertificateCallback cc = (CertificateCallback) callback;
+ cc.setCertificate((X509Certificate) certificateChain[0]);
+ } else {
+ StringBuffer buf = new StringBuffer("Invalid certificate chain: \n");
+ if (certificateChain == null) {
+ buf.append("certificate chain is null");
+ } else {
+ buf.append("certificate chain length: ").append(certificateChain.length).append("\n");
+ if (certificateChain.length > 0) {
+ buf.append("first certificate is a: ").append(certificateChain[0].getClass()).append("\n");
+ buf.append("certificate is an X509Certificate: ").append(certificateChain[0] instanceof X509Certificate).append("\n");
+ }
+ }
+ throw new UnsupportedCallbackException(callback, buf.toString());
+ }
} else {
- throw new UnsupportedCallbackException(callback);
+ throw new UnsupportedCallbackException(callback, "Wrong callback type: " + callback.getClass());
}
}
}