tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chandan Gupta <gupta.chan...@gmail.com>
Subject Overriding default trustmanager in Tomcat
Date Tue, 30 Aug 2005 22:47:13 GMT
Hi
 I think this problem would have been well discussed. I tried looking this 
up in the forums but couldnt find an answer
 Im using Tomcat 5.0.28 and JRE 1.5 and trying to override default 
TrustManager with my own. I have written the following SSLImplementation.
 The problem here is that even when the getAcceptedIssuers is being called 
the checkClientTrusted method is not being called!!!! Im returning null from 
getAcceptedIssuers so that it accepts all issuers.
What Im doing wrong
 
public class MYSSLImplementation extends JSSEImplementation
{

MyServerSocketFactory myServerSocketFactory;
static boolean usingMyServerSocketFactory = false;
static final String SSLSocketClass = "javax.net.ssl.SSLSocket";
public MySSLImplementation() throws ClassNotFoundException {
super();
System.out.println("This class has been called. Yippy!");
// TODO Auto-generated method stub
Class.forName(SSLSocketClass);
if( JdkCompat.isJava14() )
{
myServerSocketFactory = new MyServerSocketFactory();
usingMyServerSocketFactory = true;
}
// TODO Auto-generated constructor stub
}

public String getImplementationName() {
// TODO Auto-generated method stub

return super.getImplementationName();
}

public ServerSocketFactory getServerSocketFactory() {

if (usingControlIDServerSocketFactory)
return ctrlIDServerSocketFactory;
else
return super.getServerSocketFactory();
}

public SSLSupport getSSLSupport(Socket arg0) {
return super.getSSLSupport(arg0);
}

}

Here is my ServerSocketFactory

 ublic class MyServerSocketFactory extends JSSE14SocketFactory{
public MyServerSocketFactory()
{
super();
}

/**
* Gets the intialized trust managers.
*/
protected TrustManager[] getTrustManagers(String keystoreType, String 
algorithm)
throws Exception {

X509TrustManager tm = new MyX509TrustManager();
TrustManager tms[] = {tm};
System.out.println("Getting trust managers");
System.out.println("Keystore type:" + keystoreType);
System.out.println("Algorithm:"+ algorithm);

 return tms;
}

 and finally here is my TrustManager 

class MyX509TrustManager implements X509TrustManager {

X509TrustManager sunX509TrustManager;

public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("->DummyTrustManager:checkClientTrusted()");
for (int c = 0; c < chain.length; c++) {
X509Certificate cert = chain[c];
System.out.println(" Client certificate " + (c + 1) + ":");
System.out.println(" Subject DN: " + cert.getSubjectDN());
System.out
.println(" Signature Algorithm: " + cert.getSigAlgName());
System.out.println(" Valid from: " + cert.getNotBefore());
System.out.println(" Valid until: " + cert.getNotAfter());
System.out.println(" Issuer: " + cert.getIssuerDN());

}
}

public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
System.out.println("->DummyTrustManager:checkServerTrusted()");
}

public X509Certificate[] getAcceptedIssuers() {
System.out.println("->DummyTrustManager:getAcceptedIssuers()");
throw new RuntimeException("Problematic area");
//return null;
}

}

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message