io.undertow.server.RenegotiationRequiredException Java Examples

The following examples show how to use io.undertow.server.RenegotiationRequiredException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DatawaveAuthenticationMechanism.java    From datawave with Apache License 2.0 6 votes vote down vote up 
private Certificate[] getPeerCertificates(HttpServerExchange exchange, SSLSessionInfo sslSession, SecurityContext securityContext)
                throws SSLPeerUnverifiedException {
    try {
        return sslSession.getPeerCertificates();
    } catch (RenegotiationRequiredException e) {
        // we only renegotiate if authentication is required
        if (forceRenegotiation && securityContext.isAuthenticationRequired()) {
            try {
                sslSession.renegotiate(exchange, SslClientAuthMode.REQUESTED);
                return sslSession.getPeerCertificates();
            } catch (IOException | RenegotiationRequiredException e1) {
                // ignore
            }
        }
    }
    throw new SSLPeerUnverifiedException("");
}
Example #2
Source File: Http2SslSessionInfo.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
@Override
public Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException, RenegotiationRequiredException {
    try {
        return channel.getSslSession().getPeerCertificates();
    } catch (SSLPeerUnverifiedException e) {
        try {
            SslClientAuthMode sslClientAuthMode = channel.getOption(Options.SSL_CLIENT_AUTH_MODE);
            if (sslClientAuthMode == SslClientAuthMode.NOT_REQUESTED) {
                throw new RenegotiationRequiredException();
            }
        } catch (IOException e1) {
            //ignore, will not actually happen
        }
        throw e;
    }
}
Example #3
Source File: Http2SslSessionInfo.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
@Override
public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException, RenegotiationRequiredException {
    try {
        return channel.getSslSession().getPeerCertificateChain();
    } catch (SSLPeerUnverifiedException e) {
        try {
            SslClientAuthMode sslClientAuthMode = channel.getOption(Options.SSL_CLIENT_AUTH_MODE);
            if (sslClientAuthMode == SslClientAuthMode.NOT_REQUESTED) {
                throw new RenegotiationRequiredException();
            }
        } catch (IOException e1) {
            //ignore, will not actually happen
        }
        throw e;
    }
}
Example #4
Source File: ManagementHttpServer.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up 
private static boolean clientCertPotentiallyPossible(final SecurityRealm securityRealm, final HttpServerExchange exchange) {
    if (securityRealm.getSupportedAuthenticationMechanisms().contains(AuthMechanism.CLIENT_CERT) == false) {
        return false;
    }

    SSLSessionInfo session = exchange.getConnection().getSslSessionInfo();
    if (session != null) {
        try {
            // todo: renegotiation?
            return session.getPeerCertificates()[0] instanceof X509Certificate;
        } catch (SSLPeerUnverifiedException | RenegotiationRequiredException e) {
        }
    }

    return false;
}