Package com.isode.dsapi

Class DirectorySession.SessionCertificates

    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      protected SessionCertificates​(java.util.List<byte[]> certs, boolean checkResult)  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.util.List<byte[]> getCertificates()
      Return a list of the certificates presented in the handshake.
      boolean isServerIdentityOK()
      Determine whether the server's identity matched that provided in the server certificate.
      java.lang.String toString()
      Returns a String representation of the object.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • SessionCertificates

        protected SessionCertificates​(java.util.List<byte[]> certs,
                              boolean checkResult)

    • Method Detail

      • getCertificates

        public java.util.List<byte[]> getCertificates()
        Return a list of the certificates presented in the handshake.

        The order of values returned by in the list is significant: the first value (at index zero) will be the server's own certificate (the "peer" certificate); subsequent values are progressively "higher" level CA certificates.

        Returns:
        an ordered list containing the certificates (each of which is returned in its DER encoded representation) presented by the server, or null if none were presented.

      • isServerIdentityOK

        public boolean isServerIdentityOK()
        Determine whether the server's identity matched that provided in the server certificate.

        For DAP connections, the test considers whether the subject DN of the server's certificate matches the DSA's DN.

        For LDAP connections, the test returns a value which has been derived using the algorithm described in RFC 4513 3.1.3, and so provides some assurance against the possibility of a man-in-the-middle attack.

        If this method returns a value of false, clients may wish to perform additional checks on the server certificate, according to local policy.

        Returns:
        true if the certificate used by the server appears to correspond with what is known about the directory server, false otherwise.

      • toString

        public java.lang.String toString()
        Returns a String representation of the object.
        Overrides:
        toString in class java.lang.Object
        Returns:
        a String representation of the object.