NaiveTrustManager.java example

Explorer
extension-aws-master
- src
- webapp
  - WEB-INF
    - base
      - aws
        src
        model
        amazon
        S3RepositoryTest.java
package org.openedit.entermedia.util;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/**
 * This Trust Manager is "naive" because it trusts everyone.
 **/
public class NaiveTrustManager implements X509TrustManager
{
	// private static final Log log =
	// LogFactory.getLog(NaiveTrustManager.class);

	/**
	 * Doesn't throw an exception, so this is how it approves a certificate.
	 * 
	 * @see javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.X509Certificate[],
	 *      String)
	 **/
	public void checkClientTrusted(X509Certificate[] cert, String authType) throws CertificateException
	{
	}

	/**
	 * Doesn't throw an exception, so this is how it approves a certificate.
	 * 
	 * @see javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.X509Certificate[],
	 *      String)
	 **/
	public void checkServerTrusted(X509Certificate[] cert, String authType) throws CertificateException
	{
	}

	/**
	 * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
	 **/
	public X509Certificate[] getAcceptedIssuers()
	{
		return null; // I've seen someone return new X509Certificate[ 0 ];
	}

	private static SSLSocketFactory sslSocketFactory;

	/**
	 * Returns a SSL Factory instance that accepts all server certificates.
	 * 
	 * <pre>
	 * SSLSocket sock = (SSLSocket) getSocketFactory.createSocket(host, 443);
	 * </pre>
	 * 
	 * @return An SSL-specific socket factory.
	 **/
	public static final SSLSocketFactory getSocketFactory()
	{
		if (sslSocketFactory == null)
		{
			try
			{
				TrustManager[] tm = new TrustManager[] { new NaiveTrustManager() };
				SSLContext context = SSLContext.getInstance("SSL");
				context.init(new KeyManager[0], tm, new SecureRandom());

				sslSocketFactory = (SSLSocketFactory) context.getSocketFactory();

			}
			catch (KeyManagementException e)
			{
				System.out.println("No SSL algorithm support: " + e.getMessage());
			}
			catch (NoSuchAlgorithmException e)
			{
				System.out.println("Exception when setting up the Naive key management." + e);
			}
		}
		return sslSocketFactory;
	}
	protected static boolean disabled = false;
	public static void disableHttps()
	{
		if( disabled )
		{
			return;
		}
		disabled = true;
		// Install the all-trusting trust manager
		try
		{
			TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager()
			{
				public java.security.cert.X509Certificate[] getAcceptedIssuers()
				{
					return null;
				}

				public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
				{
				}

				public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
				{
				}
			} };

			SSLContext sc = SSLContext.getInstance("SSL");
			sc.init(null, trustAllCerts, new java.security.SecureRandom());
			HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
		}
		catch (Exception e)
		{
		}
	}

}