001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2015 ForgeRock AS. 015 */ 016 017package org.forgerock.openig.security; 018 019import java.security.cert.CertificateException; 020import java.security.cert.X509Certificate; 021 022import javax.net.ssl.X509TrustManager; 023 024import org.forgerock.openig.heap.GenericHeaplet; 025import org.forgerock.openig.heap.HeapException; 026 027/** 028 * Trust all certificates that this class is asked to check. 029 */ 030public class TrustAllManager implements X509TrustManager { 031 032 @Override 033 public void checkClientTrusted(final X509Certificate[] certificates, final String authType) 034 throws CertificateException { } 035 036 @Override 037 public void checkServerTrusted(final X509Certificate[] certificates, final String authType) 038 throws CertificateException { } 039 040 @Override 041 public X509Certificate[] getAcceptedIssuers() { 042 return new X509Certificate[0]; 043 } 044 045 /** 046 * Creates and initializes a trust-all manager in a heap environment. 047 */ 048 public static class Heaplet extends GenericHeaplet { 049 @Override 050 public Object create() throws HeapException { 051 logger.warning("Using TrustAllManager is not safe when deployed in production. " 052 + "Declare the appropriate KeyStore and linked TrustManager(s) instead."); 053 return new TrustAllManager(); 054 } 055 } 056}