public abstract class PlainCRLValidator extends AbstractValidator
An abstract validator which provides a CRL support common for validators
using PlainCRLStoreSpi. Additionally it also defines a timer useful for
CA or CRL updates.
The CRLs (Certificate Revocation Lists, if their handling is turned on) can be obtained from two sources: CA certificate extension defining CRL URL and additional list of URLs manually set by the class user. As an additional feature one may provide a simple paths to a local files, using wildcards. All files matching a wildcard are used.
Important note: this class extends AbstractValidator. Those classes are in fact
unrelated, but as Java deosn't support multi inheritance we still extend it.
Extensions of this class must initialize AbstractValidator with its
AbstractValidator#init(eu.emi.security.authn.x509.helpers.trust.TrustAnchorStore, PlainCRLStoreSpi, eu.emi.security.authn.x509.ProxySupport, eu.emi.security.authn.x509.RevocationParameters)
method.
This class is thread-safe.
X509CertChainValidator,
KeystoreCertChainValidator| Modifier and Type | Field and Description |
|---|---|
protected PlainCRLStoreSpi |
crlStoreImpl |
protected RevocationParametersExt |
revocationParameters |
protected static Timer |
timer |
disposed, listeners, observers, validator| Constructor and Description |
|---|
PlainCRLValidator(RevocationParametersExt revocationParams,
Collection<? extends StoreUpdateListener> listeners)
Constructs a new validator instance.
|
| Modifier and Type | Method and Description |
|---|---|
protected PlainCRLStoreSpi |
createCRLStore(CRLParameters crlParams,
Timer t)
This method can be overridden if a different implementation of the
PlainCRLStoreSpi (its subclass) should be used. |
void |
dispose()
Disposes resources used by this Validator, like threads.
|
List<String> |
getCrls()
Returns the current list of additional CRL locations.
|
long |
getCRLUpdateInterval()
Returns the interval between subsequent reloads of CRLs.
|
RevocationParametersExt |
getRevocationParameters()
Returns a copy (so modifications won't change this validator internal state)
of revocation parameters.
|
void |
setCrls(List<String> crls)
Sets a new list of additional CRL locations.
|
void |
setCRLUpdateInterval(long updateInterval)
Sets a new interval between subsequent of CRLs.
|
addUpdateListener, addValidationListener, getProxySupport, getRevocationCheckingMode, getTrustedIssuers, init, notifyListeners, processErrorList, removeUpdateListener, removeValidationListener, validate, validate, validateprotected PlainCRLStoreSpi crlStoreImpl
protected RevocationParametersExt revocationParameters
protected static final Timer timer
public PlainCRLValidator(RevocationParametersExt revocationParams, Collection<? extends StoreUpdateListener> listeners)
revocationParams - configuration of CRL sourceslisteners - initial listeners to be notified about CRL background updatesprotected PlainCRLStoreSpi createCRLStore(CRLParameters crlParams, Timer t)
PlainCRLStoreSpi (its subclass) should be used.crlParams - source definitiont - timer to be used for scheduling updatespublic RevocationParametersExt getRevocationParameters()
public long getCRLUpdateInterval()
public void setCRLUpdateInterval(long updateInterval)
updateInterval - the new interval to be set in millisecondspublic List<String> getCrls()
public void setCrls(List<String> crls)
crls - the new list.public void dispose()
AbstractValidatordispose in interface X509CertChainValidatorExtdispose in class AbstractValidatorCopyright © 2012-2014 European Middleware Initiative. All Rights Reserved.