Package org.apache.axis2.java.security
Class TrustAllTrustManager
java.lang.Object
org.apache.axis2.java.security.TrustAllTrustManager
- All Implemented Interfaces:
TrustManager,X509TrustManager
Normally when we connect over HTTPS, if the server sends us a certificate that is not well
known, we have to specify a keystore using system properties:
System.setProperty("javax.net.ssl.trustStore","path to keystore" );
System.setProperty("javax.net.ssl.trustStorePassword","apache");
Using this X509TrustManager we can allow the client to disregard the certificate and trust the
server. One of the reason this may be done is because clients are sometimes deployed on systems
where the developers haveno access to the file system and therefore cannot configure the
keystores.
This TrustManager can be used in the client stub as follows:
SSLContext sslCtx = SSLContext.getInstance("http");
sslCtx.init(null, new TrustManager[] {new TrustAllTrustManager()}, null);
stub._getServiceClient().getOptions().setProperty(HTTPConstants.CUSTOM_PROTOCOL_HANDLER,
new Protocol("https",(ProtocolSocketFactory)new SSLProtocolSocketFactory(sslCtx),443));
- See Also:
-
SSLProtocolSocketFactory
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidcheckClientTrusted(X509Certificate[] certs, String authType) voidcheckServerTrusted(X509Certificate[] certs, String authType)
-
Constructor Details
-
TrustAllTrustManager
public TrustAllTrustManager()
-
-
Method Details
-
getAcceptedIssuers
- Specified by:
getAcceptedIssuersin interfaceX509TrustManager
-
checkClientTrusted
- Specified by:
checkClientTrustedin interfaceX509TrustManager
-
checkServerTrusted
- Specified by:
checkServerTrustedin interfaceX509TrustManager
-