public class LazyOpensslTrustAnchorStoreImpl extends AbstractTrustAnchorStore implements OpensslTrustAnchorStore
This class (contrary to the OpensslTrustAnchorStoreImpl) doesn't extend DirectoryTrustAnchorStore
and therefore certificates (and all corresponding files) are not loaded at startup and kept in memory.
The files are loaded on-demand and are only cached in memory for no longer then the updateInterval is.
| Modifier and Type | Field and Description |
|---|---|
protected CachedElement<Set<TrustAnchorExt>> |
cachedAnchors |
protected Map<X500Principal,CachedElement<Set<TrustAnchorExt>>> |
cachedAnchorsPerIssuer |
static String |
CERTS_REGEXP |
observers, updateIntervalCERT_WILDCARD| Constructor and Description |
|---|
LazyOpensslTrustAnchorStoreImpl(String basePath,
long updateInterval,
ObserversHandler observers,
boolean openssl1Mode) |
| Modifier and Type | Method and Description |
|---|---|
void |
dispose() |
NamespacesStore |
getGlobusNsStore() |
NamespacesStore |
getPmaNsStore() |
Set<TrustAnchor> |
getTrustAnchors() |
Set<TrustAnchor> |
getTrustAnchorsFor(X509Certificate[] certChain)
Algorithm is as follows: for each certificate subject in chain, and for the issuer of the last
certificate in chain, it is tried to load a trust anchor defined for such subject.
|
X509Certificate[] |
getTrustedCertificates() |
protected void |
tryLoadCert(File file,
Set<TrustAnchorExt> set) |
protected X509Certificate |
tryLoadCertInternal(File file) |
checkValidity, getUpdateInterval, setUpdateIntervalclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetUpdateInterval, setUpdateIntervalpublic static final String CERTS_REGEXP
protected CachedElement<Set<TrustAnchorExt>> cachedAnchors
protected Map<X500Principal,CachedElement<Set<TrustAnchorExt>>> cachedAnchorsPerIssuer
public LazyOpensslTrustAnchorStoreImpl(String basePath, long updateInterval, ObserversHandler observers, boolean openssl1Mode)
protected X509Certificate tryLoadCertInternal(File file)
protected void tryLoadCert(File file, Set<TrustAnchorExt> set)
public NamespacesStore getPmaNsStore()
getPmaNsStore in interface OpensslTrustAnchorStorepublic NamespacesStore getGlobusNsStore()
getGlobusNsStore in interface OpensslTrustAnchorStorepublic Set<TrustAnchor> getTrustAnchors()
getTrustAnchors in interface TrustAnchorStorepublic X509Certificate[] getTrustedCertificates()
getTrustedCertificates in interface TrustAnchorStorepublic void dispose()
dispose in interface TrustAnchorStorepublic Set<TrustAnchor> getTrustAnchorsFor(X509Certificate[] certChain)
certChain - Copyright © 2012-2014 European Middleware Initiative. All Rights Reserved.