org.jivesoftware.openfire.net

Class SSLJiveTrustManagerFactory

java.lang.Object

org.jivesoftware.openfire.net.SSLJiveTrustManagerFactory

public class SSLJiveTrustManagerFactory
extends Object

A custom TrustManagerFactory that creates a trust manager list using the default trust manager or a standard keystore as specified in openfire.xml. There is no default trust keystore provided with the Jive distribution as most clients will not need to be authenticated with the server.

The Java Keystore (JKS) takes a single password which must apply to both the keystore and the key itself. Users may specify another keystore type and keystore location. Alternatively, don't set a keystore type to use the JVM defaults and configure your JVMs security files (see your JVM documentation) to plug in any TrustManagerFactory provider.

Author:

Iain Shigeoka

Constructor Summary

Constructors

Constructor and Description
SSLJiveTrustManagerFactory()

Method Summary

Methods

Modifier and Type	Method and Description
static TrustManager[]	getTrustManagers(KeyStore truststore, String trustpass)
static TrustManager[]	getTrustManagers(String storeType, String truststore, String trustpass) Creates a TrustManager list which is null if the storeType is null, or is a standard TrustManager that uses a KeyStore of type storeType, located at 'keystore' location under home, and uses 'keypass' as the password for the keystore password and key password (note that trust managers typically don't need a key password as public keys are stored in the clear and can be obtained without a key password).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SSLJiveTrustManagerFactory

public SSLJiveTrustManagerFactory()

Method Detail

getTrustManagers

public static TrustManager[] getTrustManagers(String storeType,
                              String truststore,
                              String trustpass)
                                       throws NoSuchAlgorithmException,
                                              KeyStoreException,
                                              IOException,
                                              CertificateException

Creates a TrustManager list which is null if the storeType is null, or is a standard TrustManager that uses a KeyStore of type storeType, located at 'keystore' location under home, and uses 'keypass' as the password for the keystore password and key password (note that trust managers typically don't need a key password as public keys are stored in the clear and can be obtained without a key password). The default Jive distribution doesn't ship with a trust keystore as it is not needed (the server does not require client authentication).

Parameters:

storeType - The type of keystore (e.g. "JKS") to use or null to indicate no keystore should be used

truststore - The relative location of the keystore under home

trustpass - The password for the keystore and key

Returns:

An array of relevant KeyManagers (may be null indicating a default KeyManager should be created)

Throws:

NoSuchAlgorithmException - If the keystore type doesn't exist (not provided or configured with your JVM)

KeyStoreException - If the keystore is corrupt

IOException - If the keystore could not be located or loaded

CertificateException - If there were no certificates to be loaded or they are invalid

getTrustManagers

public static TrustManager[] getTrustManagers(KeyStore truststore,
                              String trustpass)