Mercurial > dive4elements > river
changeset 2949:abf267708672
Add a TrustStategy to be able to ignore SSL Certificate issues with GGinA
This class should be removed later or its isTrusted method must be implemented.
It's a security risc to accept alle ssl certificates for ggina.
flys-client/trunk@4926 c6561f87-3c4e-4783-a992-168aeb5c3f6f
| author | Bjoern Ricks <bjoern.ricks@intevation.de> |
|---|---|
| date | Wed, 11 Jul 2012 10:29:23 +0000 |
| parents | 83c962be0dde |
| children | 192eddbbd4cf |
| files | flys-client/ChangeLog flys-client/src/main/java/de/intevation/flys/client/server/GGInATrustStrategy.java |
| diffstat | 2 files changed, 25 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/flys-client/ChangeLog Wed Jul 11 10:11:04 2012 +0000 +++ b/flys-client/ChangeLog Wed Jul 11 10:29:23 2012 +0000 @@ -1,3 +1,8 @@ +2012-07-11 Björn Ricks <bjoern.ricks@intevation.de> + + * src/main/java/de/intevation/flys/client/server/GGInATrustStrategy.java: + Add a TrustStrategy to be able to accept all SSL certificates. + 2012-07-11 Björn Ricks <bjoern.ricks@intevation.de> * src/main/java/de/intevation/flys/client/server/was/User.java:
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/GGInATrustStrategy.java Wed Jul 11 10:29:23 2012 +0000 @@ -0,0 +1,20 @@ +package de.intevation.flys.client.server; + +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; + +import org.apache.http.conn.ssl.TrustStrategy; + +public class GGInATrustStrategy implements TrustStrategy { + + /** + * Tempoary class to accept all certificates for GGinA Authentication + */ + + @Override + public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { + // FIXME validate Certificate + return true; + } +} +