[jboss-cvs] Picketbox SVN: r159 - trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Jan 27 06:53:12 EST 2011


Author: mmoyses
Date: 2011-01-27 06:53:12 -0500 (Thu, 27 Jan 2011)
New Revision: 159

Modified:
   trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java
Log:
SECURITY-558: use truststore by default and fallback to keystore

Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java	2011-01-21 15:10:44 UTC (rev 158)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java	2011-01-27 11:53:12 UTC (rev 159)
@@ -366,13 +366,13 @@
             log.trace("Validating cert using: "+verifier);
          isValid = verifier.verify(cert, alias, keyStore, trustStore);
       }
-      else if (keyStore != null && cert != null)
+      else if (trustStore != null && cert != null)
       {
-         // Look for the cert in the keystore using the alias
+         // Look for the cert in the truststore using the alias
          X509Certificate storeCert = null;
          try
          {
-            storeCert = (X509Certificate) keyStore.getCertificate(alias);
+            storeCert = (X509Certificate) trustStore.getCertificate(alias);
             if( trace )
             {
                StringBuffer buf = new StringBuffer("\n\tSupplied Credential: ");
@@ -390,7 +390,7 @@
                else
                {
                   ArrayList<String> aliases = new ArrayList<String>();
-                  Enumeration<String> en = keyStore.aliases();
+                  Enumeration<String> en = trustStore.aliases();
                   while (en.hasMoreElements())
                   {
                      aliases.add(en.nextElement());



More information about the jboss-cvs-commits mailing list