blob: c0f35c97f4951ed69896aec008498157fd3bc193 [file] [log] [blame]
/*-
* Copyright (C) 2002, 2018, Oracle and/or its affiliates. All rights reserved.
*
* This file was distributed by Oracle as part of a version of Oracle Berkeley
* DB Java Edition made available at:
*
* http://www.oracle.com/technetwork/database/database-technologies/berkeleydb/downloads/index.html
*
* Please see the LICENSE file included in the top-level directory of the
* appropriate version of Oracle Berkeley DB Java Edition for a copy of the
* license and additional information.
*/
package com.sleepycat.je.rep.utilint.net;
import javax.net.ssl.SSLSession;
import com.sleepycat.je.rep.net.SSLAuthenticator;
import com.sleepycat.je.rep.net.InstanceParams;
/**
* This is an implementation of SSLAuthenticator which authenticates based
* on the Distinguished Name (DN) in the SSL peer's certificate. Matching
* is done using Java regular expressions against the RFC1779 normalized
* DN. This may be used to match against the complete DN or just a portion,
* such as the CN portion.
*/
public class SSLDNAuthenticator
extends SSLDNMatcher
implements SSLAuthenticator {
/**
* Construct an SSLDNAuthenticator
*
* @param params The parameter for authentication creation. This class
* requires a Java regular expression to be applied to the subject
* common name.
*/
public SSLDNAuthenticator(InstanceParams params) {
super(params);
}
/*
* Based on the information in the SSLSession object, should the peer
* be trusted as an internal entity? This should be called only after
* The SSL handshake has completed.
*/
@Override
public boolean isTrusted(SSLSession sslSession) {
return peerMatches(sslSession);
}
/**
* Verify that the string is a valid pattern.
* @throws IllegalArgumentException if not a valid pattern.
*/
public static void validate(String regex)
throws IllegalArgumentException {
validateRegex(regex);
}
}