Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.xml.security.x509
Class CertPathPKIXValidationOptions

java.lang.Object
  extended by org.opensaml.xml.security.x509.PKIXValidationOptions
      extended by org.opensaml.xml.security.x509.CertPathPKIXValidationOptions

public class CertPathPKIXValidationOptions
extends PKIXValidationOptions

Specialization of PKIXValidationOptions which specifies options specific to a PKIXTrustEvaluator based on the Java CertPath API.

Field Summary
private  boolean anyPolicyInhibit
          Flag for disallowing the "any" policy OID.
private  boolean forceRevocationEnabled
          Force RevocationEnabled flag.
private  Set<String> initialPolicies
          Acceptable policy OIDs.
private  boolean policyMappingInhibit
          Disable policy mapping flag.
private  boolean revocationEnabled
          Value for RevocationEnabled when forced.
 
Constructor Summary
CertPathPKIXValidationOptions()
          Constructor.
 
Method Summary
 Set<String> getInitialPolicies()
          Returns the set of initial policies (OID strings) of the underlying CertPath Provider.
 boolean isAnyPolicyInhibited()
          Returns the value of the any policy inhibited flag of the underlying CertPath Provider.
 boolean isForceRevocationEnabled()
          If true, the revocation behavior of the underlying CertPath provider will be forced to the value supplied by isRevocationEnabled().
 boolean isPolicyMappingInhibited()
          Returns the value of the policy mapping inhibited flag of the underlying CertPath Provider.
 boolean isRevocationEnabled()
          If isForceRevocationEnabled() is true, the revocation behavior of the underlying CertPath Provider will be forced to this value.
 void setAnyPolicyInhibit(boolean flag)
          Sets the any policy inhibited flag for the underlying CertPath Provider.
 void setForceRevocationEnabled(boolean flag)
          If true, the revocation behavior of the underlying CertPath provider will be forced to the value supplied by isRevocationEnabled().
 void setInitialPolicies(Set<String> newPolicies)
          Sets the initial policy identifiers (OID strings) for the underlying CertPath Provider, i.e.
 void setPolicyMappingInhibit(boolean flag)
          Sets the policy mapping inhibited flag for the underlying CertPath Provider.
 void setRevocationEnabled(boolean flag)
          If isForceRevocationEnabled() is true, the revocation behavior of the underlying CertPath Provider will be forced to this value.
 
Methods inherited from class org.opensaml.xml.security.x509.PKIXValidationOptions
getDefaultVerificationDepth, isProcessCredentialCRLs, isProcessEmptyCRLs, isProcessExpiredCRLs, setDefaultVerificationDepth, setProcessCredentialCRLs, setProcessEmptyCRLs, setProcessExpiredCRLs
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

forceRevocationEnabled

private boolean forceRevocationEnabled
Force RevocationEnabled flag.

revocationEnabled

private boolean revocationEnabled
Value for RevocationEnabled when forced.

policyMappingInhibit

private boolean policyMappingInhibit
Disable policy mapping flag.

anyPolicyInhibit

private boolean anyPolicyInhibit
Flag for disallowing the "any" policy OID.

initialPolicies

private Set<String> initialPolicies
Acceptable policy OIDs.

Constructor Detail

CertPathPKIXValidationOptions

public CertPathPKIXValidationOptions()
Constructor.

Method Detail

isForceRevocationEnabled

public boolean isForceRevocationEnabled()
If true, the revocation behavior of the underlying CertPath provider will be forced to the value supplied by isRevocationEnabled(). If false, the revocation behavior of the underlying provider will be determined by the PKIXTrustEvaluator implementation.

Default is: false

Returns:
Returns the forceRevocationEnabled.

setForceRevocationEnabled

public void setForceRevocationEnabled(boolean flag)
If true, the revocation behavior of the underlying CertPath provider will be forced to the value supplied by isRevocationEnabled(). If false, the revocation behavior of the underlying provider will be determined by the PKIXTrustEvaluator implementation.

Default is: false

Parameters:
flag - The forceRevocationEnabled to set.

isRevocationEnabled

public boolean isRevocationEnabled()
If isForceRevocationEnabled() is true, the revocation behavior of the underlying CertPath Provider will be forced to this value. If the former is false, the revocation behavior of the underlying provider will be determined by the PKIXTrustEvaluator implementation.

Default is: true

Returns:
Returns the revocationEnabled.

setRevocationEnabled

public void setRevocationEnabled(boolean flag)
If isForceRevocationEnabled() is true, the revocation behavior of the underlying CertPath Provider will be forced to this value. If the former is false, the revocation behavior of the underlying provider will be determined by the PKIXTrustEvaluator implementation.

Default is: true

Parameters:
flag - The revocationEnabled to set.

isPolicyMappingInhibited

public boolean isPolicyMappingInhibited()
Returns the value of the policy mapping inhibited flag of the underlying CertPath Provider.

Returns:
Returns the policyMappingInhibit boolean.

setPolicyMappingInhibit

public void setPolicyMappingInhibit(boolean flag)
Sets the policy mapping inhibited flag for the underlying CertPath Provider. See also RFC 5280, section 6.1.1 (e).

Default is: false

Parameters:
flag - the policyMappingInhibit boolean to set.

isAnyPolicyInhibited

public boolean isAnyPolicyInhibited()
Returns the value of the any policy inhibited flag of the underlying CertPath Provider.

Returns:
Returns the anyPolicyInhibit boolean.

setAnyPolicyInhibit

public void setAnyPolicyInhibit(boolean flag)
Sets the any policy inhibited flag for the underlying CertPath Provider. See also RFC 5280, section 6.1.1 (g).

Default is: false

Parameters:
flag - the anyPolicyInhibit boolean to set.

getInitialPolicies

public Set<String> getInitialPolicies()
Returns the set of initial policies (OID strings) of the underlying CertPath Provider. See also RFC 5280, section 6.1.1 (c).

Returns:
Returns the initialPolicies set.

setInitialPolicies

public void setInitialPolicies(Set<String> newPolicies)
Sets the initial policy identifiers (OID strings) for the underlying CertPath Provider, i.e. those policies that are acceptable to the certificate user. See also RFC 5280, section 6.1.1 (c).

Parameters:
newPolicies - the initial set of policy identifiers (OID strings)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999-2013. All Rights Reserved.