eu.emi.security.authn.x509.helpers.ocsp
Class OCSPCachingClient

java.lang.Object
  extended by eu.emi.security.authn.x509.helpers.ocsp.OCSPCachingClient

public class OCSPCachingClient
extends Object

OCSP client which adds a cache layer on top of OCSPClientImpl. This class is thread safe.

Author:
K. Benedyczak

Constructor Summary
OCSPCachingClient(long maxTtl, File diskPath, String prefix)
           
 
Method Summary
 void clearMemoryCache()
           
 OCSPResult queryForCertificate(URL responder, X509Certificate toCheckCert, X509Certificate issuerCert, X509Credential requester, boolean addNonce, int timeout)
          Returns the checked certificate status.
 OCSPResult queryForCertificate(URL responder, X509Certificate toCheckCert, X509Certificate issuerCert, X509Credential requester, boolean addNonce, int timeout, OCSPClientImpl client)
          Returns the checked certificate status, using a custom client.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

OCSPCachingClient

public OCSPCachingClient(long maxTtl,
                         File diskPath,
                         String prefix)
Parameters:
maxTtl - maximum time after each cached response expires. Negative for no cache at all, 0 for no limit (i.e. caching time will be only controlled by the OCSP response validity period). In ms.
diskPath - if not null, cached responses will be stored on disk.
prefix - used if disk cache is enabled, as a common prefix for all files created in the cache directory.
Method Detail

queryForCertificate

public OCSPResult queryForCertificate(URL responder,
                                      X509Certificate toCheckCert,
                                      X509Certificate issuerCert,
                                      X509Credential requester,
                                      boolean addNonce,
                                      int timeout)
                               throws IOException,
                                      OCSPException
Returns the checked certificate status.

Parameters:
responder - mandatory - URL of the responder. HTTP or HTTPs, however in https mode the
toCheckCert - mandatory certificate to be checked
issuerCert - mandatory certificate of the toCheckCert issuer
requester - if not null, then it is assumed that request must be signed by the requester.
addNonce - if true nonce will be added to the request and required in response
Returns:
raw result of the query
Throws:
OCSPException
IOException

queryForCertificate

public OCSPResult queryForCertificate(URL responder,
                                      X509Certificate toCheckCert,
                                      X509Certificate issuerCert,
                                      X509Credential requester,
                                      boolean addNonce,
                                      int timeout,
                                      OCSPClientImpl client)
                               throws IOException,
                                      OCSPException
Returns the checked certificate status, using a custom client.

Parameters:
responder - mandatory - URL of the responder. HTTP or HTTPs, however in https mode the
toCheckCert - mandatory certificate to be checked
issuerCert - mandatory certificate of the toCheckCert issuer
requester - if not null, then it is assumed that request must be signed by the requester.
addNonce - if true nonce will be added to the request and required in response
client - client to be used for network calls
Returns:
raw result of the query
Throws:
OCSPException
IOException

clearMemoryCache

public void clearMemoryCache()


Copyright © 2012-2013 European Middleware Initiative. All Rights Reserved.