weblogic.webservice.client
Interface TrustManager
- public interface TrustManager
- extends com.certicom.net.ssl.TrustManager
The TrustManager interface permits the user to override certain validation
errors in the peer's certificate chain and allow the handshake to continue.
This interface also permits the user to perform additional validation on the
peer certificate chain and interrupt the handshake if need be.
- Author:
- Copyright © 2002 BEA Systems, Inc. All Rights Reserved.
Fields inherited from class com.certicom.net.ssl.TrustManager |
ERR_CERT_CHAIN_INCOMPLETE,
ERR_CERT_CHAIN_INVALID,
ERR_CERT_CHAIN_UNTRUSTED,
ERR_CERT_EXPIRED,
ERR_NONE,
ERR_SIGNATURE_INVALID |
Method Summary
|
boolean |
certificateCallback(javax.security.cert.X509Certificate[] chain,
int validateErr,
java.lang.Object certificateCallbackRef)
Called by the adapter when a peer presents a certificate chain. |
certificateCallback
public boolean certificateCallback(javax.security.cert.X509Certificate[] chain,
int validateErr,
java.lang.Object certificateCallbackRef)
- Called by the adapter when a peer presents a certificate chain.
This can be used to override certain errors in the peer certificate chain
to allow the handshake to continue.
The parameter validateErr indicates the validation errors present in the
certificate chain. validateErr has the following properties:
ERR_CERT_CHAIN_INVALID bit is set if the certificate chain is invalid;
ERR_CERT_EXPIRED bit is set if any of the certificates are expired;
ERR_CERT_CHAIN_INCOMPLETE bit is set if the certificate chain is
incomplete;
ERR_SIGNATURE_INVALID bit is set if any of the certificates have an
invaid signature;
ERR_CERT_CHAIN_UNTRUSTED bit is set if the certificate chain is not
trusted.
- Specified by:
- certificateCallback in interface com.certicom.net.ssl.TrustManager
- Parameters:
chain
- The peer's certificate chainvalidateErr
- The validation errors present in the certificate chain.certificateCallbackRef
- The value specified in WLSSLAdapter.setTrustManager- Returns:
- true If the certificate chain is trusted, false otherwise