Examples with TrustManager javax.net.ssl.TrustManager used on opensource projects

Example 71 with TrustManager

use of javax.net.ssl.TrustManager in project midpoint by Evolveum.

the class AbstractLdapTest method ldapConnect.

protected LdapNetworkConnection ldapConnect(UserLdapConnectionConfig config) throws LdapException, IOException {
    if (config == null) {
        config = new UserLdapConnectionConfig();
        config.setLdapHost(getLdapServerHost());
        config.setLdapPort(getLdapServerPort());
        config.setBindDn(getLdapBindDn());
        config.setBindPassword(getLdapBindPassword());
    }
    LOGGER.trace("LDAP connect to {}:{} as {}", config.getLdapHost(), config.getLdapPort(), config.getBindDn());
    if (useSsl()) {
        config.setUseSsl(true);
        TrustManager trustManager = new X509TrustManager() {

            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
        config.setTrustManagers(trustManager);
    }
    config.setBinaryAttributeDetector(binaryAttributeDetector);
    LdapNetworkConnection connection = new LdapNetworkConnection(config);
    boolean connected = connection.connect();
    if (!connected) {
        AssertJUnit.fail("Cannot connect to LDAP server " + config.getLdapHost() + ":" + config.getLdapPort());
    }
    LOGGER.trace("LDAP connected to {}:{}, executing bind as {}", config.getLdapHost(), config.getLdapPort(), config.getBindDn());
    BindRequest bindRequest = new BindRequestImpl();
    bindRequest.setDn(new Dn(config.getBindDn()));
    bindRequest.setCredentials(config.getBindPassword());
    bindRequest.setSimple(true);
    BindResponse bindResponse = connection.bind(bindRequest);
    if (bindResponse.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
        ldapDisconnect(connection);
        throw new SecurityException("Bind as " + config.getBindDn() + " failed: " + bindResponse.getLdapResult().getDiagnosticMessage() + " (" + bindResponse.getLdapResult().getResultCode() + ")");
    }
    LOGGER.trace("LDAP connected to {}:{}, bound as {}", config.getLdapHost(), config.getLdapPort(), config.getBindDn());
    return connection;
}

Example 72 with TrustManager

use of javax.net.ssl.TrustManager in project midpoint by Evolveum.

the class AbstractIntegrationTest method logTrustManagers.

protected void logTrustManagers() throws NoSuchAlgorithmException, KeyStoreException {
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init((KeyStore) null);
    for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
        if (trustManager instanceof X509TrustManager) {
            X509TrustManager x509TrustManager = (X509TrustManager) trustManager;
            LOGGER.debug("TrustManager(X509): {}", x509TrustManager);
            X509Certificate[] acceptedIssuers = x509TrustManager.getAcceptedIssuers();
            if (acceptedIssuers != null) {
                for (X509Certificate acceptedIssuer : acceptedIssuers) {
                    LOGGER.debug("    acceptedIssuer: {}", acceptedIssuer);
                }
            }
        } else {
            LOGGER.debug("TrustManager: {}", trustManager);
        }
    }
}

Example 73 with TrustManager

use of javax.net.ssl.TrustManager in project midpoint by Evolveum.

the class ConnectorFactoryConnIdImpl method getRemoteConnectorInfoManager.

/**
	 * Returns ICF connector info manager that manages local connectors. The
	 * manager will be created if it does not exist yet.
	 * 
	 * @return ICF connector info manager that manages local connectors
	 */
private ConnectorInfoManager getRemoteConnectorInfoManager(ConnectorHostType hostType) {
    String hostname = hostType.getHostname();
    int port = Integer.parseInt(hostType.getPort());
    GuardedString key;
    try {
        key = new GuardedString(protector.decryptString(hostType.getSharedSecret()).toCharArray());
    } catch (EncryptionException e) {
        throw new SystemException("Shared secret decryption error: " + e.getMessage(), e);
    }
    Integer timeout = hostType.getTimeout();
    if (timeout == null) {
        timeout = 0;
    }
    boolean useSSL = false;
    if (hostType.isProtectConnection() != null) {
        useSSL = hostType.isProtectConnection();
    }
    List<TrustManager> trustManagers = protector.getTrustManagers();
    LOGGER.trace("Creating RemoteFrameworkConnectionInfo: hostname={}, port={}, key={}, useSSL={}, trustManagers={}, timeout={}", new Object[] { hostname, port, key, useSSL, trustManagers, timeout });
    RemoteFrameworkConnectionInfo remoteFramewrorkInfo = new RemoteFrameworkConnectionInfo(hostname, port, key, useSSL, trustManagers, timeout);
    return connectorInfoManagerFactory.getRemoteManager(remoteFramewrorkInfo);
}

Example 74 with TrustManager

use of javax.net.ssl.TrustManager in project BBS-Android by bdpqchen.

the class CollectionClient method getUnSaveBuilder.

private static OkHttpClient.Builder getUnSaveBuilder() {
    try {
        // Create a trust manager that does not validate certificate chains
        final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            @Override
            public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
            }

            @Override
            public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
            }

            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return new java.security.cert.X509Certificate[] {};
            }
        } };
        // Install the all-trusting trust manager
        final SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
        // Create an ssl socket factory with our all-trusting manager
        final javax.net.ssl.SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.sslSocketFactory(sslSocketFactory);
        builder.hostnameVerifier(new HostnameVerifier() {

            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });
        return builder;
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

Example 75 with TrustManager

use of javax.net.ssl.TrustManager in project android_frameworks_base by crdroidandroid.

the class XmlConfigTests method testTrustManagerKeystore.

public void testTrustManagerKeystore() throws Exception {
    XmlConfigSource source = new XmlConfigSource(getContext(), R.xml.bad_pin, true);
    ApplicationConfig appConfig = new ApplicationConfig(source);
    Provider provider = new NetworkSecurityConfigProvider();
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX", provider);
    KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    keystore.load(null);
    int i = 0;
    for (X509Certificate cert : SystemCertificateSource.getInstance().getCertificates()) {
        keystore.setEntry(String.valueOf(i), new KeyStore.TrustedCertificateEntry(cert), null);
        i++;
    }
    tmf.init(keystore);
    TrustManager[] tms = tmf.getTrustManagers();
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, tms, null);
    TestUtils.assertConnectionSucceeds(context, "android.com", 443);
}