Package com.isode.dsapi
Class DirectorySession.SessionCertificates
java.lang.Object
com.isode.dsapi.DirectorySession.SessionCertificates
- Enclosing class:
- DirectorySession
A SessionCertificates object is used to return information about the
certificates presented by a server during a strong bind (either DAP
or LDAP/TLS negotiation).
- Since:
- 14.4
- See Also:
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedSessionCertificates(List<byte[]> certs, boolean checkResult) -
Method Summary
-
Constructor Details
-
SessionCertificates
-
-
Method Details
-
getCertificates
Return a list of the certificates presented in the handshake.The order of values returned by in the list is significant: the first value (at index zero) will be the server's own certificate (the "peer" certificate); subsequent values are progressively "higher" level CA certificates.
- Returns:
- an ordered list containing the certificates (each of
which is returned in its DER encoded representation) presented
by the server, or
nullif none were presented.
-
isServerIdentityOK
public boolean isServerIdentityOK()Determine whether the server's identity matched that provided in the server certificate.For DAP connections, the test considers whether the subject DN of the server's certificate matches the DSA's DN.
For LDAP connections, the test returns a value which has been derived using the algorithm described in RFC 4513 3.1.3, and so provides some assurance against the possibility of a man-in-the-middle attack.
If this method returns a value of false, clients may wish to perform additional checks on the server certificate, according to local policy.
- Returns:
- true if the certificate used by the server appears to correspond with what is known about the directory server, false otherwise.
-
toString
Returns a String representation of the object.
-