org.apache.axis2.java.security
Class TrustAllTrustManager
java.lang.Object
org.apache.axis2.java.security.TrustAllTrustManager
- All Implemented Interfaces:
- TrustManager, X509TrustManager
public class TrustAllTrustManager
- extends Object
- implements X509TrustManager
Normally when we connect over HTTPS, if the server sends us a certificate that is not well
known, we have to specify a keystore using system properties:
System.setProperty("javax.net.ssl.trustStore","path to keystore" );
System.setProperty("javax.net.ssl.trustStorePassword","apache");
Using this X509TrustManager we can allow the client to disregard the certificate and trust the
server. One of the reason this may be done is because clients are sometimes deployed on systems
where the developers haveno access to the file system and therefore cannot configure the
keystores.
This TrustManager can be used in the client stub as follows:
SSLContext sslCtx = SSLContext.getInstance("http");
sslCtx.init(null, new TrustManager[] {new TrustAllTrustManager()}, null);
stub._getServiceClient().getOptions().setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER,
new Protocol("https",(ProtocolSocketFactory)new SSLProtocolSocketFactory(sslCtx),443));
- See Also:
SSLProtocolSocketFactory
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TrustAllTrustManager
public TrustAllTrustManager()
getAcceptedIssuers
public X509Certificate[] getAcceptedIssuers()
- Specified by:
getAcceptedIssuers in interface X509TrustManager
checkClientTrusted
public void checkClientTrusted(X509Certificate[] certs,
String authType)
- Specified by:
checkClientTrusted in interface X509TrustManager
checkServerTrusted
public void checkServerTrusted(X509Certificate[] certs,
String authType)
- Specified by:
checkServerTrusted in interface X509TrustManager
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.