org.tmatesoft.svn.core.auth

Interface ISVNSSLManager

public interface ISVNSSLManager

The ISVNSSLManager interface is intended for creating secure SSL contexts over sockets used for data i/o.

When accessing a repository over http:// there's a risk that passwords (in the case of a BASIC authentication they are transmitted as a plain text) may be sniffed by a malefactor. SSL manager provides a secure connection encrypting all data i/o over a socket.

To get an SSL manager to access a particular repository use the getSSLManager() method of an authentication manager.

A default implementation of ISVNSSLManager (that comes along with a default implementation of ISVNAuthenticationManager - org.tmatesoft.svn.core.internal.wc.DefaultSVNAuthenticationManager) uses ssl options from the standard servers file (it can be found in the Subversion runtime configuration area - read more here). That is to accept a server certificate, it first looks for the "trusted" CA sertificate in the in-memory runtime auth storage (see ISVNAuthenticationStorage). If the one is not found, it then tries to find it in the disk auth storage in the runtime config area. Also if the "ssl-trust-default-ca" is set to "yes", then SVNKit will trust those CAs found in the JDK "JKS" KeyStore. User certificates are also got from the options in the servers file.

An SSL manager is invoked when a user tries to access a repository via the https:// protocol.

Version: 1.1.1

Author: TMate Software Ltd.

See Also: ISVNAuthenticationManager

Method Summary
voidacknowledgeSSLContext(boolean accepted, SVNErrorMessage errorMessage)
Accepts this SSL context if authentication has succeeded or not if authentication failed.
SVNSSLAuthenticationgetClientAuthentication()
Returns client authentication.
ThrowablegetClientCertLoadingError()
SSLContextgetSSLContext()
Returns an SSL context for the appropriate authentiation realm.
booleanisClientCertPromptRequired()
voidsetClientAuthentication(SVNSSLAuthentication sslAuthentication)
Sets client authentication that will be used in SSLContext.

Method Detail

acknowledgeSSLContext

public void acknowledgeSSLContext(boolean accepted, SVNErrorMessage errorMessage)
Accepts this SSL context if authentication has succeeded or not if authentication failed.

Parameters: accepted true if authentication succeeded, otherwise false errorMessage the reason of the authentication failure

getClientAuthentication

public SVNSSLAuthentication getClientAuthentication()
Returns client authentication.

Returns: client authentication

getClientCertLoadingError

public Throwable getClientCertLoadingError()

Returns: error occured during loading of client certificate or null.

getSSLContext

public SSLContext getSSLContext()
Returns an SSL context for the appropriate authentiation realm.

Returns: an ssl context

Throws: IOException if an i/o error occurred

isClientCertPromptRequired

public boolean isClientCertPromptRequired()

Returns: true if user should be prompted for client certificate

setClientAuthentication

public void setClientAuthentication(SVNSSLAuthentication sslAuthentication)
Sets client authentication that will be used in SSLContext.

Parameters: sslAuthentication a client authentication

Copyright © 2004-2007 TMate Software Ltd. All Rights Reserved.