SSLWLSHostnameVerifier.DefaultHostnameVerifier (Oracle WebLogic Server API Reference)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Oracle Fusion Middleware
Oracle WebLogic Server API Reference
11g Release 1 (10.3.6)

Part Number E13941-06

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

weblogic.security.utils
Class SSLWLSHostnameVerifier.DefaultHostnameVerifier

java.lang.Object
  weblogic.security.utils.SSLWLSHostnameVerifier.DefaultHostnameVerifier

All Implemented Interfaces:: HostnameVerifier

Direct Known Subclasses:: SSLWLSWildcardHostnameVerifier

Enclosing class:: SSLWLSHostnameVerifier

public static class SSLWLSHostnameVerifier.DefaultHostnameVerifier
extends Object
implements HostnameVerifier
extends Object
implements HostnameVerifier

The SSLWLSHostnameVerifier.DefaultHostnameVerifier is called for SSL hostname verification and will apply hostname verification checks during an SSL handshake. This is the default hostname verifier called by WebLogic.

Method Summary
`boolean`	`verify(String urlhostname, SSLSession session)` Verify peer hostname against peer certificate of the SSL session.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

verify

public boolean verify(String urlhostname,
                      SSLSession session)

Verify peer hostname against peer certificate of the SSL session.

This method verifies the CommonName attribute of the peer certificate's SubjectDN or the DNSNames of the peer certificate's SubjectAlternativeNames extension against the urlhostname. The certificate attribute must case-sensitively match the urlhostname.

The SubjectDN CommonName attribute is verified first, and if successful, the SubjectAlternativeNames attributes are not verified. If the peer certificate doesn't have a SubjectDN, or the SubjectDN doesn't have a CommonName attribute, then the SubjectAlternativeName attributes of type DNSNames are compared to the urlhostname. The first successful comparison to a DNSName causes this method to return true without comparing any other DNSNames.

To verify successfully the url hostname must be case-sensitively equal to the certificate attribute being compared.

Alternatively, this method will return true if one of the following is true:

the SSL session's peer certificate is a WebLogic Demo certificate
the SSL session's peer certificate's SubjectDN CommonName attribute is equal to the local machine's hostname AND the local machine's hostname or ip address matches the urlhostname parameter.
the urlhostname parameter can be verified to be a loopback address or the local hostname.

Specified by:: verify in interface HostnameVerifier

Parameters:: urlhostname - Hostname of the system which is servicing the request.; session - SSL session of the current SSL handshake
Returns:: Returns true if hostname verifies successfully, false if it does not.