com.unboundid.util.ssl
Class HostNameSSLSocketVerifier

java.lang.Object
  extended by com.unboundid.util.ssl.SSLSocketVerifier
      extended by com.unboundid.util.ssl.HostNameSSLSocketVerifier

@NotMutable
@ThreadSafety(level=COMPLETELY_THREADSAFE)
public final class HostNameSSLSocketVerifier
extends SSLSocketVerifier

This class provides an implementation of an SSLSocket verifier that will verify that the presented server certificate includes the address to which the client intended to establish a connection. It will check the CN attribute of the certificate subject, as well as certain subjectAltName extensions, including dNSName, uniformResourceIdentifier, and iPAddress.


Constructor Summary
HostNameSSLSocketVerifier(boolean allowWildcards)
          Creates a new instance of this SSLSocket verifier.
 
Method Summary
 void verifySSLSocket(java.lang.String host, int port, javax.net.ssl.SSLSocket sslSocket)
          Verifies that the provided SSLSocket is acceptable and the connection should be allowed to remain established.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

HostNameSSLSocketVerifier

public HostNameSSLSocketVerifier(boolean allowWildcards)
Creates a new instance of this SSLSocket verifier.

Parameters:
allowWildcards - Indicates whether to allow wildcard certificates which contain an asterisk as the first component of a CN subject attribute or dNSName subjectAltName extension.
Method Detail

verifySSLSocket

public void verifySSLSocket(java.lang.String host,
                            int port,
                            javax.net.ssl.SSLSocket sslSocket)
                     throws LDAPException
Verifies that the provided SSLSocket is acceptable and the connection should be allowed to remain established.

Specified by:
verifySSLSocket in class SSLSocketVerifier
Parameters:
host - The address to which the client intended the connection to be established.
port - The port to which the client intended the connection to be established.
sslSocket - The SSLSocket that should be verified.
Throws:
LDAPException - If a problem is identified that should prevent the provided SSLSocket from remaining established.