/** * Create a CertConstraints object from a JAXB CertificateConstraintsType */ public static CertConstraints createCertConstraints( CertificateConstraintsType certConstraints ) { List<String> subjectRegexps = getSubjectConstraints(certConstraints); CertConstraints.Combinator subjectCombinator = getSubjectConstraintsCombinator(certConstraints); List<String> issuerRegexps = getIssuerConstraints(certConstraints); CertConstraints.Combinator issuerCombinator = getIssuerConstraintsCombinator(certConstraints); return new CertConstraints( subjectRegexps, subjectCombinator, issuerRegexps, issuerCombinator); }
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getServerCertificates() == null || info.getServerCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "No server certificates were found" ); } X509Certificate[] certs = (X509Certificate[])info.getServerCertificates(); if (!certConstraints.matches(certs[0])) { throw new UntrustedURLConnectionIOException( "The server certificate(s) do not match the defined cert constraints" ); } } }
if (!certConstraints.matches(x509Certs[0])) { throw new UntrustedURLConnectionIOException( "The client certificate does not match the defined cert constraints"
/** * Create a CertConstraints object from a JAXB CertificateConstraintsType */ public static CertConstraints createCertConstraints( CertificateConstraintsType certConstraints ) { List<String> subjectRegexps = getSubjectConstraints(certConstraints); CertConstraints.Combinator subjectCombinator = getSubjectConstraintsCombinator(certConstraints); List<String> issuerRegexps = getIssuerConstraints(certConstraints); CertConstraints.Combinator issuerCombinator = getIssuerConstraintsCombinator(certConstraints); return new CertConstraints( subjectRegexps, subjectCombinator, issuerRegexps, issuerCombinator); }
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getServerCertificates() == null || info.getServerCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "No server certificates were found" ); } X509Certificate[] certs = (X509Certificate[])info.getServerCertificates(); if (!certConstraints.matches(certs[0])) { throw new UntrustedURLConnectionIOException( "The server certificate(s) do not match the defined cert constraints" ); } } }
/** * Create a CertConstraints object from a JAXB CertificateConstraintsType */ public static CertConstraints createCertConstraints( CertificateConstraintsType certConstraints ) { List<String> subjectRegexps = getSubjectConstraints(certConstraints); CertConstraints.Combinator subjectCombinator = getSubjectConstraintsCombinator(certConstraints); List<String> issuerRegexps = getIssuerConstraints(certConstraints); CertConstraints.Combinator issuerCombinator = getIssuerConstraintsCombinator(certConstraints); return new CertConstraints( subjectRegexps, subjectCombinator, issuerRegexps, issuerCombinator); }
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getServerCertificates() == null || info.getServerCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "No server certificates were found" ); } else { X509Certificate[] certs = (X509Certificate[])info.getServerCertificates(); if (!certConstraints.matches(certs[0])) { throw new UntrustedURLConnectionIOException( "The server certificate(s) do not match the defined cert constraints" ); } } } }
if (!certConstraints.matches(x509Certs[0])) { throw new UntrustedURLConnectionIOException( "The client certificate does not match the defined cert constraints"
} else { X509Certificate[] x509Certs = (X509Certificate[])certs; if (!certConstraints.matches(x509Certs[0])) { throw new UntrustedURLConnectionIOException( "The client certificate does not match the defined cert constraints"