#90 Added support for TrustManager

rjrudin · rjrudin · commit 83aeb9668c2c · 2018-02-05T19:37:50.000-05:00
diff --git a/src/main/java/com/marklogic/client/ext/DatabaseClientConfig.java b/src/main/java/com/marklogic/client/ext/DatabaseClientConfig.java
@@ -1,16 +1,12 @@
 package com.marklogic.client.ext;
 
-import javax.net.ssl.SSLContext;
-
-import com.marklogic.client.DatabaseClientFactory.Authentication;
 import com.marklogic.client.DatabaseClientFactory.SSLHostnameVerifier;
 
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.X509TrustManager;
+
 /**
  * Captures all the possible inputs used to construct an instance of DatabaseClient.
- *
- * The Authentication attribute is deprecated, as this class is deprecated in version 4.x of the Java Client API.
- * Use securityContextType and the constants defined in this class to define the particular kind of security context
- * that should be constructed.
  */
 public class DatabaseClientConfig {
 
@@ -25,9 +21,7 @@ public class DatabaseClientConfig {
     private String certFile;
     private String certPassword;
     private String externalName;
-
-	@Deprecated
-	private Authentication authentication;
+    private X509TrustManager trustManager;
 
 	public DatabaseClientConfig() {
     }
@@ -65,16 +59,6 @@ public String getPassword() {
         return password;
     }
 
-    @Deprecated
-    public Authentication getAuthentication() {
-        return authentication;
-    }
-
-    @Deprecated
-    public void setAuthentication(Authentication authentication) {
-        this.authentication = authentication;
-    }
-
     public void setHost(String host) {
         this.host = host;
     }
@@ -146,4 +130,12 @@ public String getExternalName() {
 	public void setExternalName(String externalName) {
 		this.externalName = externalName;
 	}
+
+	public X509TrustManager getTrustManager() {
+		return trustManager;
+	}
+
+	public void setTrustManager(X509TrustManager trustManager) {
+		this.trustManager = trustManager;
+	}
 }
diff --git a/src/main/java/com/marklogic/client/ext/DefaultConfiguredDatabaseClientFactory.java b/src/main/java/com/marklogic/client/ext/DefaultConfiguredDatabaseClientFactory.java
@@ -6,6 +6,7 @@
 import com.marklogic.client.ext.DatabaseClientConfig;
 
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.X509TrustManager;
 
 /**
  * Default implementation for constructing a new instance of DatabaseClient based on the inputs in an instance of
@@ -38,7 +39,7 @@ public DatabaseClient newDatabaseClient(DatabaseClientConfig config) {
 			SSLContext sslContext = config.getSslContext();
 			DatabaseClientFactory.SSLHostnameVerifier verifier = config.getSslHostnameVerifier();
 			if (sslContext != null) {
-				securityContext = securityContext.withSSLContext(sslContext);
+				securityContext = securityContext.withSSLContext(sslContext, config.getTrustManager());
 			}
 			if (verifier != null) {
 				securityContext = securityContext.withSSLHostnameVerifier(verifier);
@@ -61,44 +62,28 @@ public DatabaseClient newDatabaseClient(DatabaseClientConfig config) {
 		return DatabaseClientFactory.newClient(host, port, database, securityContext);
 	}
 
-	/**
-	 * The Authentication shouldn't be set on the DatabaseClientConfig, but if it is, it's used instead of the value
-	 * of securityContextType.
-	 *
-	 * @param config
-	 * @return
-	 */
-	protected SecurityContextType determineSecurityContextType(DatabaseClientConfig config) {
-		DatabaseClientFactory.Authentication auth = config.getAuthentication();
-		if (auth != null) {
-			if (DatabaseClientFactory.Authentication.BASIC.equals(auth)) {
-				return SecurityContextType.BASIC;
-			} else if (DatabaseClientFactory.Authentication.CERTIFICATE.equals(auth)) {
-				return SecurityContextType.CERTIFICATE;
-			} else if (DatabaseClientFactory.Authentication.KERBEROS.equals(auth)) {
-				return SecurityContextType.KERBEROS;
-			}
-			return SecurityContextType.DIGEST;
-		}
-		return config.getSecurityContextType();
-	}
 
 	protected DatabaseClientFactory.SecurityContext buildCertificateAuthContent(DatabaseClientConfig config) {
+		X509TrustManager trustManager = config.getTrustManager();
+
 		String certFile = config.getCertFile();
 		if (certFile != null) {
 			try {
 				if (config.getCertPassword() != null) {
-					return new DatabaseClientFactory.CertificateAuthContext(certFile, config.getCertPassword());
+					return new DatabaseClientFactory.CertificateAuthContext(certFile, config.getCertPassword(), trustManager);
 				}
-				return new DatabaseClientFactory.CertificateAuthContext(certFile);
+				return new DatabaseClientFactory.CertificateAuthContext(certFile, trustManager);
 			} catch (Exception ex) {
 				throw new RuntimeException("Unable to build CertificateAuthContext: " + ex.getMessage(), ex);
 			}
 		}
+
 		DatabaseClientFactory.SSLHostnameVerifier verifier = config.getSslHostnameVerifier();
+
 		if (verifier != null) {
-			return new DatabaseClientFactory.CertificateAuthContext(config.getSslContext(), verifier);
+			return new DatabaseClientFactory.CertificateAuthContext(config.getSslContext(), verifier, trustManager);
 		}
-		return new DatabaseClientFactory.CertificateAuthContext(config.getSslContext());
+
+		return new DatabaseClientFactory.CertificateAuthContext(config.getSslContext(), trustManager);
 	}
 }
