DefaultHostnameVerifier

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

SAP NetWeaver 7.40 (SP 05) Composition Environment

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.sap.security.core.server.https

Class DefaultHostnameVerifier

java.lang.Object
  com.sap.security.core.server.https.DefaultHostnameVerifier

All Implemented Interfaces:: HostnameVerifier

public final class DefaultHostnameVerifier
extends Object
implements HostnameVerifier
extends Object
implements HostnameVerifier

This class provides a default implementation of hostname verifier.

This verifier is called to compare the host name from the URL, where the client was connected, with the host name from server certificate. The way how hostname ist determined from server certificate is described here.

There are two instances of DefaultHostnameVerifier available and they can be retrieved using the static methods:

getNonStrictInstance () - writes warning to System.err but returns true even if verification fails
getStrictInstance () - returns false if verification fails

The library uses nonStrictInstance if nothing was specified. This can be changed for each factory by using

factory.setHostnameVerifier( DefaultHostnameVerifier.getStictInstance() )
or by implementing own verification rules.

Method Summary
`static DefaultHostnameVerifier`	`getNonStrictInstance()`
`static DefaultHostnameVerifier`	`getStrictInstance()`
`boolean`	`verify(String urlHostname, String certHostname)` Compares the hostname with the name from server certifiate.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

verify

public boolean verify(String urlHostname,
                      String certHostname)

Compares the hostname with the name from server certifiate.

This method compares parameters case insensitiv and accepts first character "*" in certHostname as wildcard.

Specified by:: verify in interface HostnameVerifier

Parameters:: urlHostname - the hostname; certHostname - the name from server certifiate
Returns:: true if the hostname is acceptable or if the connection should be established anyway.

getStrictInstance

public static DefaultHostnameVerifier getStrictInstance()

getNonStrictInstance

public static DefaultHostnameVerifier getNonStrictInstance()

Access Rights

This class can be accessed from:

SC	DC	Public Part	ACH
`[sap.com] CORE-TOOLS`	`[sap.com] com.sap.engine.client.libdeprecated`	`default`	`BC-JAS`
`[sap.com] ENGFACADE`	`[sap.com] tc/bl/security/lib`	`api`	`BC-JAS-SEC`
`[sap.com] ENGINEAPI`	`[sap.com] security.classdeprecated`	`-`	`BC-JAS-SEC`
`[sap.com] ENGINEAPI`	`[sap.com] security.classdeprecated`	`default`	`BC-JAS-SEC`
`[sap.com] SAP_BUILDT`	`[sap.com] tc/bi/wstech`	`def`	`BC-CTS-CBS-PLG`