Class ChainingSignatureTrustEngine
- java.lang.Object
-
- org.opensaml.xmlsec.signature.support.impl.ChainingSignatureTrustEngine
-
- All Implemented Interfaces:
TrustEngine<Signature>
,SignatureTrustEngine
public class ChainingSignatureTrustEngine extends Object implements SignatureTrustEngine
Evaluate a signature in sequence using a chain of subordinate trust engines. If the signature may be established as trusted by any of the subordinate engines, the token is considered trusted. Otherwise it is considered untrusted.
-
-
Field Summary
Fields Modifier and Type Field Description private List<SignatureTrustEngine>
engines
The chain of subordinate trust engines.private org.slf4j.Logger
log
Class logger.
-
Constructor Summary
Constructors Constructor Description ChainingSignatureTrustEngine(List<SignatureTrustEngine> chain)
Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description List<SignatureTrustEngine>
getChain()
Get the list of configured trust engines which constitute the trust evaluation chain.KeyInfoCredentialResolver
getKeyInfoResolver()
boolean
validate(byte[] signature, byte[] content, String algorithmURI, CriteriaSet trustBasisCriteria, Credential candidateCredential)
boolean
validate(Signature token, CriteriaSet trustBasisCriteria)
-
-
-
Field Detail
-
log
@Nonnull private final org.slf4j.Logger log
Class logger.
-
engines
@Nonnull @NonnullElements private List<SignatureTrustEngine> engines
The chain of subordinate trust engines.
-
-
Constructor Detail
-
ChainingSignatureTrustEngine
public ChainingSignatureTrustEngine(@Nonnull @NonnullElements @ParameterName(name="chain") List<SignatureTrustEngine> chain)
Constructor.- Parameters:
chain
- the list of trust engines in the chain
-
-
Method Detail
-
getChain
@Nonnull @NonnullElements @Unmodifiable @NotLive public List<SignatureTrustEngine> getChain()
Get the list of configured trust engines which constitute the trust evaluation chain.- Returns:
- the modifiable list of trust engines in the chain
-
getKeyInfoResolver
@Nullable public KeyInfoCredentialResolver getKeyInfoResolver()
- Specified by:
getKeyInfoResolver
in interfaceSignatureTrustEngine
-
validate
public boolean validate(@Nonnull Signature token, @Nullable CriteriaSet trustBasisCriteria) throws SecurityException
- Specified by:
validate
in interfaceTrustEngine<Signature>
- Throws:
SecurityException
-
validate
public boolean validate(@Nonnull byte[] signature, @Nonnull byte[] content, @Nonnull String algorithmURI, @Nullable CriteriaSet trustBasisCriteria, @Nonnull Credential candidateCredential) throws SecurityException
- Specified by:
validate
in interfaceSignatureTrustEngine
- Throws:
SecurityException
-
-