[ http://issues.apache.org/jira/browse/DIRMINA-271?page=all ]
Wolter Eldering updated DIRMINA-271:
------------------------------------
Attachment: SSLContextFactoryBean.java
The changes I'd like to suggest to SSLContextFactoryBean.java
--- SSLContextFactoryBean.java (revision 449402)
+++ SSLContextFactoryBean.java (working copy)
@@ -27,7 +27,9 @@
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.ManagerFactoryParameters;
+
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.util.Assert;
@@ -73,6 +75,7 @@
private String trustManagerFactoryAlgorithm = null;
private String trustManagerFactoryProvider = null;
private boolean trustManagerFactoryAlgorithmUseDefault = false;
+ private ManagerFactoryParameters trustManagerFactoryParameters = null;
protected Object createInstance() throws Exception
{
@@ -131,7 +134,14 @@
TrustManager[] trustManagers = null;
if( tmf != null )
{
- tmf.init( trustManagerFactoryKeyStore );
+ if( trustManagerFactoryParameters != null )
+ {
+ tmf.init( trustManagerFactoryParameters );
+ }
+ else
+ {
+ tmf.init( trustManagerFactoryKeyStore );
+ }
trustManagers = tmf.getTrustManagers();
}
@@ -324,6 +334,10 @@
* Sets the [EMAIL PROTECTED] KeyStore} which will be used in the call to
* [EMAIL PROTECTED] TrustManagerFactory#init(java.security.KeyStore)} when
* the [EMAIL PROTECTED] SSLContext} is created.
+ * <p>
+ * This property will be ignored if [EMAIL PROTECTED]
ManagerFactoryParameters} has been
+ * set directly using [EMAIL PROTECTED]
#setTrustManagerFactoryParameters(ManagerFactoryParameters)}.
+ * </p>
*
* @param keyStore the key store.
*/
@@ -333,6 +347,18 @@
}
/**
+ * Sets the [EMAIL PROTECTED] ManagerFactoryParameters} which will be used
in the call to
+ * [EMAIL PROTECTED]
TrustManagerFactory#init(javax.net.ssl.ManagerFactoryParameters)} when
+ * the [EMAIL PROTECTED] SSLContext} is created.
+ *
+ * @param parameters describing provider-specific trust material
+ */
+ public void setTrustManagerFactoryParameters( ManagerFactoryParameters
parameters )
+ {
+ this.trustManagerFactoryParameters = parameters;
+ }
+
+ /**
* Sets the provider to use when creating the [EMAIL PROTECTED]
TrustManagerFactory}
* using
* [EMAIL PROTECTED] TrustManagerFactory#getInstance(java.lang.String,
java.lang.String)}.
> Configuration enhancement of the TrustManagerFactory in SSLContextFactoryBean
> -----------------------------------------------------------------------------
>
> Key: DIRMINA-271
> URL: http://issues.apache.org/jira/browse/DIRMINA-271
> Project: Directory MINA
> Issue Type: Improvement
> Affects Versions: 1.0
> Reporter: Wolter Eldering
> Priority: Minor
> Attachments: SSLContextFactoryBean.java
>
>
> The current implementation of SSLContextFactoryBean will always call
> trustManagerFactory init(keyStore) if a TrustManagerFactory is configured.
> For more flexibel and advanced configuration of TrustManagerFactories
> init(ManagerFactoryParameters spec) can be used.
> I'd like to suggest to following changes to the SSLContextFactoryBean:
> - add a trustManagerFactoryParameters property to SSLContextFactoryBean
> - when this property is set use its value to initialize the
> trustManagerFactory, otherwise use the trustManagerFactoryKeystore property
> for initialization
> A keystore can still be configured when using the
> trustManagerFactoryParameters.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
