[jboss-cvs] Picketbox SVN: r159 - trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jan 27 06:53:12 EST 2011
Author: mmoyses
Date: 2011-01-27 06:53:12 -0500 (Thu, 27 Jan 2011)
New Revision: 159
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java
Log:
SECURITY-558: use truststore by default and fallback to keystore
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java 2011-01-21 15:10:44 UTC (rev 158)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java 2011-01-27 11:53:12 UTC (rev 159)
@@ -366,13 +366,13 @@
log.trace("Validating cert using: "+verifier);
isValid = verifier.verify(cert, alias, keyStore, trustStore);
}
- else if (keyStore != null && cert != null)
+ else if (trustStore != null && cert != null)
{
- // Look for the cert in the keystore using the alias
+ // Look for the cert in the truststore using the alias
X509Certificate storeCert = null;
try
{
- storeCert = (X509Certificate) keyStore.getCertificate(alias);
+ storeCert = (X509Certificate) trustStore.getCertificate(alias);
if( trace )
{
StringBuffer buf = new StringBuffer("\n\tSupplied Credential: ");
@@ -390,7 +390,7 @@
else
{
ArrayList<String> aliases = new ArrayList<String>();
- Enumeration<String> en = keyStore.aliases();
+ Enumeration<String> en = trustStore.aliases();
while (en.hasMoreElements())
{
aliases.add(en.nextElement());
More information about the jboss-cvs-commits
mailing list