SSLWLSWildcardHostnameVerifier (Java API Reference for Oracle WebLogic Server)

java.lang.Object
- weblogic.security.utils.SSLWLSHostnameVerifier.DefaultHostnameVerifier
- - weblogic.security.utils.SSLWLSWildcardHostnameVerifier

All Implemented Interfaces:

HostnameVerifier
```
public class SSLWLSWildcardHostnameVerifier
extends SSLWLSHostnameVerifier.DefaultHostnameVerifier
```
The SSLWLSHostnameVerifier is called for hostname verification and will apply hostname verification checks configured for Weblogic.

This hostname verifier is instantiated by the WebLogic hostname verifier wrapper that checks for proxies, expectedName, etc. It obtains this hostname verifier class name from the SSLMBean or the hostname verifier property. This class is used internally by Weblogic Server, and is documented for informational purposes only.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`verify(java.lang.String urlhostname, javax.net.ssl.SSLSession session)`	Verify peer hostname against peer certificate of the SSL session, allowing wildcarded certificates.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - verify
```
public boolean verify(java.lang.String urlhostname,
                      javax.net.ssl.SSLSession session)
```
    Verify peer hostname against peer certificate of the SSL session, allowing wildcarded certificates. Hostname verification has two phases:
    - verification with wildcarding
    - if verification with wildcarding fails, then verification without wildcarding is performed.
    Verification with Wildcarding
    If the peer certificate of the SSL session's peer certificate SubjectDN CommonName attribute supports wildcarding, the CommonName attribute must meet the following:
    - the CN must have at least two dot ('.') characters
    - the CN must start with "*."
    - the CN can have only one "*" character
    In addition, the non-wildcarded portion of the CommonName attribute must equal domain portion of the urlhostname parameter, in a case-sensitive String comparison. The domain portion of the urlhostname parameter string is the urlhostname substring left after the 'hostname' substring is removed. The 'hostname' portion of the urlhostname is the substring up to and excluding the first '.' of the urlhostname parameter string. For example:
    - urlhostname: mymachine.oracle.com CommonName: *.oracle.com '.oracle.com' will compare successfully with '.oracle.com'
    - urlhostname: mymachine.uk.oracle.com CommonName: *.oracle.com '.uk.oracle.com' will not compare successfully with '.oracle.com'
    DNSNames obtained from the peer certificate's SubjectAlternativeNames extension may be wildcarded.
    
    Verification without Wildcarding
    
    If wildcarded hostname verification fails, this method performs non-wildcarded verification as described for weblogic.security.utils.SSLWLSHostnameVerifier
    Specified by:
    
    verify in interface HostnameVerifier
    
    Overrides:
    
    verify in class SSLWLSHostnameVerifier.DefaultHostnameVerifier
    
    Parameters:
    
    urlhostname - Hostname of the system which is servicing the request.
    
    session - SSL session of the current SSL handshake
    
    Returns:
    
    Returns true if hostname verification succeeds, false if not.
    
    See Also:
    
    SSLWLSHostnameVerifier

Class SSLWLSWildcardHostnameVerifier

Method Summary

Methods inherited from class java.lang.Object

Method Detail

verify