package hudson.plugins.collabnet;
import org.apache.axis.AxisProperties;
import org.apache.axis.components.net.JSSESocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
/**
* Makes Axis bypass SSL server certficate validation.
* Useful if you need to talk to a bogus self-signed SSL server.
*
* @author Kohsuke Kawaguchi
*/
public class TrustAllSocketFactory extends JSSESocketFactory {
public static void install() {
// TODO: figure out how to avoid VM-wide changes.
AxisProperties.setProperty("axis.socketSecureFactory",TrustAllSocketFactory.class.getName());
}
public TrustAllSocketFactory(Hashtable attributes) {
super(attributes);
}
@Override
protected void initFactory() throws IOException {
try {
SSLContext context = SSLContext.getInstance("SSL");
context.init(null, new TrustManager[]{new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}}, new SecureRandom());
sslFactory = context.getSocketFactory();
} catch (NoSuchAlgorithmException e) {
throw new Error(e);
} catch (KeyManagementException e) {
throw new Error(e);
}
}
}