001: /*
002: * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
003: * PROPRIETARY/CONFIDENTIAL. Use of this product is subject to license terms.
004: */
005: package com.sun.portal.monitoring.security.ssl;
006:
007: import com.sun.portal.monitoring.security.CertificateContext;
008: import com.sun.portal.log.common.PortalLogger;
009:
010: import javax.net.ssl.X509TrustManager;
011: import java.security.cert.CertificateException;
012: import java.security.cert.X509Certificate;
013: import java.util.logging.Level;
014: import java.util.logging.Logger;
015: import java.util.logging.LogRecord;
016:
017: public class DemoTrustManager extends DemoManagersBase implements
018: X509TrustManager {
019: private static final Logger logger = PortalLogger
020: .getLogger(DemoTrustManager.class);
021:
022: private static LogRecord getLogRecord(Level level, String message,
023: Object[] parameters, Throwable t) {
024: LogRecord result = new LogRecord(level, message);
025: result.setLoggerName(logger.getName());
026: result.setParameters(parameters);
027: result.setThrown(t);
028: return result;
029: }
030:
031: public void checkClientTrusted(X509Certificate[] x509Certificates,
032: String authType) throws CertificateException {
033: if (logger.isLoggable(Level.FINEST)) {
034: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6005",
035: new Object[] { "checkClientTrusted" }, null));
036: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6009",
037: new Object[] { authType }, null));
038: }
039: }
040:
041: public void checkServerTrusted(X509Certificate[] x509Certificates,
042: String authType) throws CertificateException {
043: Boolean trusted = getSslContext().getTrustAllCertificates();
044: if (trusted.booleanValue()) {
045: if (logger.isLoggable(Level.WARNING)) {
046: logger.log(getLogRecord(Level.WARNING, "PSMN_CSPM1000",
047: null, null));
048: }
049: }
050:
051: if (logger.isLoggable(Level.FINEST)) {
052: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6005",
053: new Object[] { "checkServerTrusted" }, null));
054: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6009",
055: new Object[] { authType }, null));
056: logger
057: .log(getLogRecord(Level.FINEST, "PSMN_CSPM6010",
058: new Object[] { new Integer(
059: x509Certificates.length) }, null));
060: }
061:
062: for (int i = 0; i < x509Certificates.length; i++) {
063: X509Certificate x509Certificate = x509Certificates[i];
064:
065: if (logger.isLoggable(Level.FINEST)) {
066: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6011",
067: new Object[] { x509Certificate.getIssuerDN() },
068: null));
069: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6012",
070: new Object[] { x509Certificate
071: .getIssuerUniqueID() }, null));
072: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6013",
073: new Object[] { x509Certificate
074: .getIssuerX500Principal().getName() },
075: null));
076: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6014",
077: new Object[] { x509Certificate.getNotAfter() },
078: null));
079: logger
080: .log(getLogRecord(Level.FINEST,
081: "PSMN_CSPM6015",
082: new Object[] { x509Certificate
083: .getNotBefore() }, null));
084: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6016",
085: new Object[] { x509Certificate
086: .getSerialNumber() }, null));
087: logger
088: .log(getLogRecord(Level.FINEST,
089: "PSMN_CSPM6017",
090: new Object[] { x509Certificate
091: .getSigAlgName() }, null));
092: logger
093: .log(getLogRecord(Level.FINEST,
094: "PSMN_CSPM6018",
095: new Object[] { x509Certificate
096: .getSigAlgOID() }, null));
097: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6019",
098: new Object[] { x509Certificate.getSubjectDN()
099: .getName() }, null));
100: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6020",
101: new Object[] { x509Certificate
102: .getSubjectX500Principal().getName() },
103: null));
104: }
105:
106: CertificateContext certificateContext = new CertificateContext();
107: certificateContext.setDn(x509Certificate.getIssuerDN()
108: .toString());
109: String issuerHostName = certificateContext.getCn();
110: if (issuerHostName.equals(getSslContext().getHostName())) {
111: trusted = Boolean.TRUE;
112: break;
113: } else {
114: logger.log(getLogRecord(Level.WARNING, "PSMN_CSPM1001",
115: new Object[] { issuerHostName,
116: getSslContext().getHostName() }, null));
117: }
118: }
119:
120: if (!trusted.booleanValue()) {
121: throw new CertificateException();
122: }
123: }
124:
125: public X509Certificate[] getAcceptedIssuers() {
126: if (logger.isLoggable(Level.FINEST)) {
127: logger.log(getLogRecord(Level.FINEST, "PSMN_CSPM6005",
128: new Object[] { "getAcceptedIssuers" }, null));
129: }
130:
131: return new X509Certificate[0];
132: }
133: }
|