|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objecteu.emi.security.authn.x509.helpers.pkipath.AbstractValidator
public abstract class AbstractValidator
Base implementation of X509CertChainValidator.
It is configured with CertStore providing CRLs and TrustAnchorStore
providing trusted CAs. The implementation validates certificates using
the BCCertPathValidator.
This class is thread safe and its extensions should also guarantee this.
| Field Summary | |
|---|---|
protected boolean |
disposed
|
protected Set<ValidationErrorListener> |
listeners
|
protected ObserversHandler |
observers
|
protected BCCertPathValidator |
validator
|
| Constructor Summary | |
|---|---|
AbstractValidator(Collection<? extends StoreUpdateListener> initialListeners)
Default constructor is available, the subclass must initialize the parent with the init() method. |
|
| Method Summary | |
|---|---|
void |
addUpdateListener(StoreUpdateListener listener)
Registers a listener which can react to errors found during refreshing of the trust material: trusted CAs or CRLs. |
void |
addValidationListener(ValidationErrorListener listener)
Registers a listener which can react to errors found during certificate validation. |
void |
dispose()
Disposes resources used by this Validator, like threads. |
ProxySupport |
getProxySupport()
Returns whether this validator supports proxy certificates. |
RevocationParameters |
getRevocationCheckingMode()
Gets the current revocation checking mode. |
X509Certificate[] |
getTrustedIssuers()
Returns a list of trusted issuers of certificates. |
protected void |
init(TrustAnchorStore caStore,
AbstractCRLStoreSPI crlStore,
ProxySupport proxySupport,
RevocationParameters revocationCheckingMode)
Use this method to initialize the parent from the extension class, if not using the non-default constructor. |
protected boolean |
notifyListeners(ValidationError error)
Notifies all registered listeners. |
protected void |
processErrorList(List<ValidationError> errors)
|
void |
removeUpdateListener(StoreUpdateListener listener)
Unregisters a previously registered CA or CRL update listener. |
void |
removeValidationListener(ValidationErrorListener listener)
Unregisters a previously registered validation listener. |
ValidationResult |
validate(CertPath certPath)
Performs validation of a provided certificate path. |
ValidationResult |
validate(X509Certificate[] certChain)
Performs validation of a provided certificate chain. |
protected ValidationResult |
validate(X509Certificate[] certChain,
Set<TrustAnchor> anchors)
|
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
protected Set<ValidationErrorListener> listeners
protected final ObserversHandler observers
protected BCCertPathValidator validator
protected boolean disposed
| Constructor Detail |
|---|
public AbstractValidator(Collection<? extends StoreUpdateListener> initialListeners)
This is not a cleanest design possible but it is required as arguments to the init() method require some code to be created in subclasses. Therefore we have a trade off: a bit unclean design inside the library and a clean external API without factory methods.
| Method Detail |
|---|
protected void init(TrustAnchorStore caStore,
AbstractCRLStoreSPI crlStore,
ProxySupport proxySupport,
RevocationParameters revocationCheckingMode)
public ValidationResult validate(CertPath certPath)
validate in interface X509CertChainValidatorcertPath - to be validated
public ValidationResult validate(X509Certificate[] certChain)
validate in interface X509CertChainValidatorcertChain - to be validated
protected ValidationResult validate(X509Certificate[] certChain,
Set<TrustAnchor> anchors)
protected void processErrorList(List<ValidationError> errors)
public X509Certificate[] getTrustedIssuers()
getTrustedIssuers in interface X509CertChainValidatorprotected boolean notifyListeners(ValidationError error)
error -
public void addValidationListener(ValidationErrorListener listener)
ValidationError, not the exception.
addValidationListener in interface X509CertChainValidatorlistener - to be registeredpublic void removeValidationListener(ValidationErrorListener listener)
removeValidationListener in interface X509CertChainValidatorlistener - to be unregisteredpublic ProxySupport getProxySupport()
getProxySupport in interface X509CertChainValidatorExtpublic RevocationParameters getRevocationCheckingMode()
getRevocationCheckingMode in interface X509CertChainValidatorExtpublic void dispose()
dispose in interface X509CertChainValidatorExtpublic void addUpdateListener(StoreUpdateListener listener)
addUpdateListener in interface X509CertChainValidatorlistener - to be registeredpublic void removeUpdateListener(StoreUpdateListener listener)
removeUpdateListener in interface X509CertChainValidatorlistener - to be unregistered
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||