directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRAPI-91) Use SUN default TrustManager
Date Fri, 05 Oct 2012 08:46:47 GMT

    [ https://issues.apache.org/jira/browse/DIRAPI-91?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13470111#comment-13470111
] 

Emmanuel Lecharny commented on DIRAPI-91:
-----------------------------------------

Hmmm, I think that Raphaël is right here.

The way we initiliaze he TM is not necessarily good :
    public LdapConnectionConfig()
    {
        setDefaultTrustManager();
    }



    /**
     * sets the default trust manager based on the SunX509 trustManagement algorithm
     */
    private void setDefaultTrustManager()
    {
        String trustMgmtAlgo = "SunX509";

        try
        {
            TrustManagerFactory tmFactory = TrustManagerFactory.getInstance( trustMgmtAlgo
);
            tmFactory.init( KeyStore.getInstance( KeyStore.getDefaultType() ) );
...

I'd rather use what Rapheël is proposing, and remove the hard coded "SunX509" value.
                
> Use SUN default TrustManager
> ----------------------------
>
>                 Key: DIRAPI-91
>                 URL: https://issues.apache.org/jira/browse/DIRAPI-91
>             Project: Directory Client API
>          Issue Type: Improvement
>    Affects Versions: 1.0.0-M11, 1.0.0-M12
>            Reporter: Raphaël Ouazana
>
> I want to connect to an OpenLDAP directory with LDAPS.
> With JNDI, I just need to modify the common keystore, or to add a specific one with javax.net.ssl.trustStore.
> With DIRAPI, I need to provide a TrustManager (which I eventually can initialize with
SUN one).
> I suggest to initialize the default TrustManager to SUN one. This can be done in LdapConnectionConfig
by replacing:
>             TrustManagerFactory tmFactory = TrustManagerFactory.getInstance( trustMgmtAlgo
);
>             tmFactory.init( KeyStore.getInstance( KeyStore.getDefaultType() ) );
> with:
>             TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
>             tmFactory.init((KeyStore)null);

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message