1
/*-------------------------------------------------------------------------
3
* Copyright (c) 2004-2005, PostgreSQL Global Development Group
6
* $PostgreSQL: pgjdbc/org/postgresql/ssl/NonValidatingFactory.java,v 1.5 2005/01/17 09:52:13 jurka Exp $
8
*-------------------------------------------------------------------------
10
package org.postgresql.ssl;
12
import javax.net.ssl.SSLContext;
13
import javax.net.ssl.SSLSocketFactory;
14
import javax.net.ssl.TrustManager;
15
import javax.net.ssl.X509TrustManager;
16
import java.security.cert.X509Certificate;
17
import java.security.GeneralSecurityException;
20
* Provide a SSLSocketFactory that allows SSL connections to be
21
* made without validating the server's certificate. This is more
22
* convenient for some applications, but is less secure as it allows
23
* "man in the middle" attacks.
25
public class NonValidatingFactory extends WrappedFactory {
28
* We provide a constructor that takes an unused argument solely
29
* because the ssl calling code will look for this constructor
30
* first and then fall back to the no argument constructor, so
31
* we avoid an exception and additional reflection lookups.
33
public NonValidatingFactory(String arg) throws GeneralSecurityException {
34
SSLContext ctx = SSLContext.getInstance("TLS"); // or "SSL" ?
37
new TrustManager[] { new NonValidatingTM() },
40
_factory = ctx.getSocketFactory();
43
class NonValidatingTM implements X509TrustManager {
45
public X509Certificate[] getAcceptedIssuers() {
46
return new X509Certificate[0];
49
public void checkClientTrusted(X509Certificate[] certs, String authType) {
52
public void checkServerTrusted(X509Certificate[] certs, String authType) {