org.italiangrid.voms.util
public class CachingCertificateValidator extends Object implements eu.emi.security.authn.x509.X509CertChainValidatorExt
Modifier and Type | Field and Description |
---|---|
protected long |
cacheEntryLifetimeMsec
The cache entry lifetime for this validator
|
protected ConcurrentHashMap<String,org.italiangrid.voms.util.CachedValidationResult> |
validationResultsCache
Simple concurrent cache for validation results
|
protected eu.emi.security.authn.x509.X509CertChainValidatorExt |
validator
The wrapped CANL certificate validator
|
Constructor and Description |
---|
CachingCertificateValidator(eu.emi.security.authn.x509.X509CertChainValidatorExt val,
long maxCacheEntryLifetime)
Builds a caching validator wrapping the validator passed as argument.
|
Modifier and Type | Method and Description |
---|---|
void |
addUpdateListener(eu.emi.security.authn.x509.StoreUpdateListener listener) |
void |
addValidationListener(eu.emi.security.authn.x509.ValidationErrorListener listener) |
boolean |
cachedValidationResultHasExpired(org.italiangrid.voms.util.CachedValidationResult cvr,
long referenceTime)
Checks whether the
CachedValidationResult passed as argument has
expired with respect to the cacheEntryLifetimeMsec defined for
this validator and the reference time passed as argument. |
void |
dispose() |
protected eu.emi.security.authn.x509.ValidationResult |
getCachedResult(String certFingerprint)
Gets a validation result from the memory cache
|
eu.emi.security.authn.x509.ProxySupport |
getProxySupport() |
eu.emi.security.authn.x509.RevocationParameters |
getRevocationCheckingMode() |
X509Certificate[] |
getTrustedIssuers() |
void |
removeUpdateListener(eu.emi.security.authn.x509.StoreUpdateListener listener) |
void |
removeValidationListener(eu.emi.security.authn.x509.ValidationErrorListener listener) |
eu.emi.security.authn.x509.ValidationResult |
validate(CertPath certPath) |
eu.emi.security.authn.x509.ValidationResult |
validate(X509Certificate[] certChain)
Validates a certificate chain using the wrapped validator, caching the
result for future validation calls.
|
protected final ConcurrentHashMap<String,org.italiangrid.voms.util.CachedValidationResult> validationResultsCache
protected final eu.emi.security.authn.x509.X509CertChainValidatorExt validator
protected final long cacheEntryLifetimeMsec
public CachingCertificateValidator(eu.emi.security.authn.x509.X509CertChainValidatorExt val, long maxCacheEntryLifetime)
val
- The CANL validator to be wrapped.maxCacheEntryLifetime
- the maximum cache entry lifetime (in msecs)public boolean cachedValidationResultHasExpired(org.italiangrid.voms.util.CachedValidationResult cvr, long referenceTime)
CachedValidationResult
passed as argument has
expired with respect to the cacheEntryLifetimeMsec
defined for
this validator and the reference time passed as argument.cvr
- a CachedValidationResult
objectreferenceTime
- the reference time (msecs since the epoch)true
when expired, false
otherwiseprotected eu.emi.security.authn.x509.ValidationResult getCachedResult(String certFingerprint)
certFingerprint
- the certificate fingerprint for the certificate at the top of the
chainnull
otherwise.public eu.emi.security.authn.x509.ValidationResult validate(X509Certificate[] certChain)
validate
in interface eu.emi.security.authn.x509.X509CertChainValidator
certChain
- ValidationResult
X509CertChainValidator.validate(java.security.cert.X509Certificate[])
public void dispose()
dispose
in interface eu.emi.security.authn.x509.X509CertChainValidatorExt
X509CertChainValidatorExt.dispose()
public eu.emi.security.authn.x509.ProxySupport getProxySupport()
getProxySupport
in interface eu.emi.security.authn.x509.X509CertChainValidatorExt
X509CertChainValidatorExt.getProxySupport()
public eu.emi.security.authn.x509.ValidationResult validate(CertPath certPath)
validate
in interface eu.emi.security.authn.x509.X509CertChainValidator
certPath
- ValidationResult
X509CertChainValidator.validate(java.security.cert.CertPath)
public eu.emi.security.authn.x509.RevocationParameters getRevocationCheckingMode()
getRevocationCheckingMode
in interface eu.emi.security.authn.x509.X509CertChainValidatorExt
X509CertChainValidatorExt.getRevocationCheckingMode()
public X509Certificate[] getTrustedIssuers()
getTrustedIssuers
in interface eu.emi.security.authn.x509.X509CertChainValidator
X509CertChainValidator.getTrustedIssuers()
public void addValidationListener(eu.emi.security.authn.x509.ValidationErrorListener listener)
addValidationListener
in interface eu.emi.security.authn.x509.X509CertChainValidator
listener
- X509CertChainValidator.addValidationListener(eu.emi.security.authn.x509.ValidationErrorListener)
public void removeValidationListener(eu.emi.security.authn.x509.ValidationErrorListener listener)
removeValidationListener
in interface eu.emi.security.authn.x509.X509CertChainValidator
listener
- X509CertChainValidator.removeValidationListener(eu.emi.security.authn.x509.ValidationErrorListener)
public void addUpdateListener(eu.emi.security.authn.x509.StoreUpdateListener listener)
addUpdateListener
in interface eu.emi.security.authn.x509.X509CertChainValidator
listener
- X509CertChainValidator.addUpdateListener(eu.emi.security.authn.x509.StoreUpdateListener)
public void removeUpdateListener(eu.emi.security.authn.x509.StoreUpdateListener listener)
removeUpdateListener
in interface eu.emi.security.authn.x509.X509CertChainValidator
listener
- X509CertChainValidator.removeUpdateListener(eu.emi.security.authn.x509.StoreUpdateListener)
Copyright © 2014. All rights reserved.