All Downloads are FREE. Search and download functionalities are using the official Maven repository.

at.spardat.xma.boot.transport.HostnameVerifierImpl Maven / Gradle / Ivy

There is a newer version: 1.16.0
Show newest version
/*******************************************************************************
 * Copyright (c) 2003, 2007 s IT Solutions AT Spardat GmbH .
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *     s IT Solutions AT Spardat GmbH - initial API and implementation
 *******************************************************************************/

/*
 * @(#) $Id: HostnameVerifierImpl.java 2648 2008-08-27 08:15:43Z webok $
 */
package at.spardat.xma.boot.transport;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.StringTokenizer;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;

import at.spardat.xma.boot.Statics;
import at.spardat.xma.boot.logger.LogLevel;
import at.spardat.xma.boot.logger.Logger;

/**
 * This class checks if the common name contained in a server certificate
 * is appropriate for the desired https server.
 * It can be attached to an HttpsUrlConnection by calling
 * {@link javax.net.ssl.HttpsURLConnection#setHostnameVerifier(javax.net.ssl.HostnameVerifier)}
 * Then it will be called by the JDK1.4 JSSE HTTPS implementation if the
 * name contained in the certificate does not exactly match the hostname part of the url.
 *
 * @author s2877
 * @since 1.3.0
 */
public class HostnameVerifierImpl implements HostnameVerifier {
    private List ignoredHostNames = new ArrayList();

    /**
     * Constructs the hostname verifier. The String ignores
     * contains the list of hosts for which name is accepted. This list is
     * seperated by '|' or ';' and every entry may contain one wildcard character ('*').
     * @param ignores the string containing the hostnames seperated by '|' or ';'
     */
    public HostnameVerifierImpl(String ignores) {
        if(ignores!=null) {
            ignores = ignores.replace(';','|');
            for(StringTokenizer tok=new StringTokenizer(ignores,"|");tok.hasMoreTokens();) {
                String hostname = tok.nextToken();
                int wild = hostname.indexOf('*');
                if(wild>=0&&wild!=hostname.lastIndexOf('*')) {// not understood
                    Logger.getLogger("boot.transport.http").log(LogLevel.WARNING,"pattern not understood: "+hostname); //$NON-NLS-1$
                    continue;
                }
                ignoredHostNames.add(hostname);
            }
        }
    }

    /**
     * Checks if the given hostname accepted. If it is contained in the list given
     * in the property "boot.transport.hostnameverify.ignore" it is accepted.
     * This method is called by JDK1.4 JSSE HTTPS implementation only if the name
     * contained in the certificate does not exactly match the hostname part of the url.
     * @param hostname DNS-name or IP-address of the SSL-server
     * @param session ignored
     * @return true if accepted false otherwise
     */
    public boolean verify(String hostname, SSLSession session) {
        if(match(hostname)) return true;
        try {
            InetAddress[] ip = InetAddress.getAllByName(hostname);
            for(int i=0;i0&&wild




© 2015 - 2024 Weber Informatics LLC | Privacy Policy