|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objecteu.emi.security.authn.x509.helpers.pkipath.AbstractValidator
public abstract class AbstractValidator
Base implementation of X509CertChainValidator
.
It is configured with CertStore
providing CRLs and TrustAnchorStore
providing trusted CAs. The implementation validates certificates using
the BCCertPathValidator
.
This class is thread safe and its extensions should also guarantee this.
Field Summary | |
---|---|
protected boolean |
disposed
|
protected Set<ValidationErrorListener> |
listeners
|
protected ObserversHandler |
observers
|
protected BCCertPathValidator |
validator
|
Constructor Summary | |
---|---|
AbstractValidator(Collection<? extends StoreUpdateListener> initialListeners)
Default constructor is available, the subclass must initialize the parent with the init() method. |
Method Summary | |
---|---|
void |
addUpdateListener(StoreUpdateListener listener)
Registers a listener which can react to errors found during refreshing of the trust material: trusted CAs or CRLs. |
void |
addValidationListener(ValidationErrorListener listener)
Registers a listener which can react to errors found during certificate validation. |
void |
dispose()
Disposes resources used by this Validator, like threads. |
ProxySupport |
getProxySupport()
Returns whether this validator supports proxy certificates. |
RevocationParameters |
getRevocationCheckingMode()
Gets the current revocation checking mode. |
X509Certificate[] |
getTrustedIssuers()
Returns a list of trusted issuers of certificates. |
protected void |
init(TrustAnchorStore caStore,
PlainCRLStoreSpi crlStore,
ProxySupport proxySupport,
RevocationParameters revocationCheckingMode)
Use this method to initialize the parent from the extension class, if not using the non-default constructor. |
protected boolean |
notifyListeners(ValidationError error)
Notifies all registered listeners. |
protected void |
processErrorList(List<ValidationError> errors)
|
void |
removeUpdateListener(StoreUpdateListener listener)
Unregisters a previously registered CA or CRL update listener. |
void |
removeValidationListener(ValidationErrorListener listener)
Unregisters a previously registered validation listener. |
ValidationResult |
validate(CertPath certPath)
Performs validation of a provided certificate path. |
ValidationResult |
validate(X509Certificate[] certChain)
Performs validation of a provided certificate chain. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected Set<ValidationErrorListener> listeners
protected final ObserversHandler observers
protected BCCertPathValidator validator
protected boolean disposed
Constructor Detail |
---|
public AbstractValidator(Collection<? extends StoreUpdateListener> initialListeners)
This is not a cleanest design possible but it is required as arguments to the init() method require some code to be created in subclasses. Therefore we have a trade off: a bit unclean design inside the library and a clean external API without factory methods.
Method Detail |
---|
protected void init(TrustAnchorStore caStore, PlainCRLStoreSpi crlStore, ProxySupport proxySupport, RevocationParameters revocationCheckingMode)
public ValidationResult validate(CertPath certPath)
validate
in interface X509CertChainValidator
certPath
- to be validated
public ValidationResult validate(X509Certificate[] certChain)
validate
in interface X509CertChainValidator
certChain
- to be validated
protected void processErrorList(List<ValidationError> errors)
public X509Certificate[] getTrustedIssuers()
getTrustedIssuers
in interface X509CertChainValidator
protected boolean notifyListeners(ValidationError error)
error
-
public void addValidationListener(ValidationErrorListener listener)
ValidationError
, not the exception.
addValidationListener
in interface X509CertChainValidator
listener
- to be registeredpublic void removeValidationListener(ValidationErrorListener listener)
removeValidationListener
in interface X509CertChainValidator
listener
- to be unregisteredpublic ProxySupport getProxySupport()
getProxySupport
in interface X509CertChainValidatorExt
public RevocationParameters getRevocationCheckingMode()
getRevocationCheckingMode
in interface X509CertChainValidatorExt
public void dispose()
dispose
in interface X509CertChainValidatorExt
public void addUpdateListener(StoreUpdateListener listener)
addUpdateListener
in interface X509CertChainValidator
listener
- to be registeredpublic void removeUpdateListener(StoreUpdateListener listener)
removeUpdateListener
in interface X509CertChainValidator
listener
- to be unregistered
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |