|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.opensaml.xml.security.trust.ExplicitX509CertificateTrustEngine
public class ExplicitX509CertificateTrustEngine
Trust engine that evaluates a credential's X.509 certificate against certificates expressed within a set of trusted credentials obtained from a credential resolver. The credential being tested is valid if its entity certificate matches the entity certificate contained within any of the trusted credentials produced by the given credential resolver.
Field Summary | |
---|---|
private CredentialResolver |
credentialResolver
Resolver used for resolving trusted credentials. |
private Logger |
log
Class logger. |
private ExplicitX509CertificateTrustEvaluator |
trustEvaluator
Trust evaluator. |
Constructor Summary | |
---|---|
ExplicitX509CertificateTrustEngine(CredentialResolver resolver)
Constructor. |
Method Summary | |
---|---|
protected void |
checkParams(X509Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Check the parameters for required values. |
CredentialResolver |
getCredentialResolver()
Gets the credential resolver used to recover trusted credentials that may be used to validate tokens. |
boolean |
validate(X509Credential untrustedCredential,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private final Logger log
private CredentialResolver credentialResolver
private ExplicitX509CertificateTrustEvaluator trustEvaluator
Constructor Detail |
---|
public ExplicitX509CertificateTrustEngine(CredentialResolver resolver)
resolver
- credential resolver which is used to resolve trusted credentialsMethod Detail |
---|
public CredentialResolver getCredentialResolver()
getCredentialResolver
in interface TrustedCredentialTrustEngine<X509Credential>
public boolean validate(X509Credential untrustedCredential, CriteriaSet trustBasisCriteria) throws SecurityException
validate
in interface TrustEngine<X509Credential>
untrustedCredential
- security token to validatetrustBasisCriteria
- criteria used to describe and/or resolve the information
which serves as the basis for trust evaluation
SecurityException
- thrown if there is a problem validating the security tokenprotected void checkParams(X509Credential untrustedCredential, CriteriaSet trustBasisCriteria) throws SecurityException
untrustedCredential
- the signature to be evaluatedtrustBasisCriteria
- the set of trusted credential criteria
SecurityException
- thrown if required values are absent or otherwise invalid
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |