public class ProxyPathValidator extends Object
Constructor and Description |
---|
ProxyPathValidator() |
Modifier and Type | Method and Description |
---|---|
String |
getIdentity()
Returns the subject name of the identity certificate (in the
Globus format)
|
X509Certificate |
getIdentityCertificate()
Returns the identity certificate.
|
ProxyPolicyHandler |
getProxyPolicyHandler(String id)
Retrieves a restricted proxy policy handler for a given policy id.
|
boolean |
isLimited()
Returns if the validated proxy path is limited.
|
ProxyPolicyHandler |
removeProxyPolicyHandler(String id)
Removes a restricted proxy policy handler.
|
void |
reset()
Resets the internal state.
|
ProxyPolicyHandler |
setProxyPolicyHandler(String id,
ProxyPolicyHandler handler)
Sets a restricted proxy policy handler.
|
void |
setRejectLimitedProxyCheck(boolean rejectLimProxy)
If set, the validate rejects certificate chain if limited proxy if found
|
protected void |
setValidator(X509ProxyCertPathValidator validator) |
protected void |
validate(X509Certificate[] certPath)
Performs certificate path validation.
|
protected void |
validate(X509Certificate[] certPath,
TrustedCertificates trustedCerts)
Performs certificate path validation.
|
protected void |
validate(X509Certificate[] certPath,
TrustedCertificates trustedCerts,
CertificateRevocationLists crlsList) |
protected void |
validate(X509Certificate[] certPath,
TrustedCertificates trustedCerts,
CertificateRevocationLists crlsList,
Boolean enforceSigningPolicy)
Performs certificate path validation.
|
void |
validate(X509Certificate[] certPath,
X509Certificate[] trustedCerts)
Performs all certificate path validation including
checking of the signatures, validity of the certificates,
extension checking, etc.
It uses the PureTLS code to do basic cert signature checking checking and then calls validate for further checks. |
void |
validate(X509Certificate[] certPath,
X509Certificate[] trustedCerts,
CertificateRevocationLists crls) |
void |
validate(X509Certificate[] certPath,
X509Certificate[] trustedCerts,
CertificateRevocationLists crls,
SigningPolicy[] signingPolicies) |
void |
validate(X509Certificate[] certPath,
X509Certificate[] trustedCerts,
CertificateRevocationLists crls,
SigningPolicy[] signingPolicies,
Boolean enforceSigningPolicy) |
public boolean isLimited()
public X509Certificate getIdentityCertificate()
X509Certificate
the identity certificatepublic String getIdentity()
getIdentityCertificate()
public ProxyPolicyHandler removeProxyPolicyHandler(String id)
id
- the Oid of the policy handler to remove.ProxyPolicyHandler
the removed handler, or
null if there is no handler registered under that
id.public ProxyPolicyHandler setProxyPolicyHandler(String id, ProxyPolicyHandler handler)
id
- the Oid of the proxy policy to install the handler for.handler
- the proxy policy handler.ProxyPolicyHandler
the previous handler
installed under the specified id. Usually, will be null.public ProxyPolicyHandler getProxyPolicyHandler(String id)
id
- the Oid of the proxy policy to get the handler for.ProxyPolicyHandler
the policy handler
registered for the given id or null if none is
registered.public void reset()
public void setRejectLimitedProxyCheck(boolean rejectLimProxy)
public void validate(X509Certificate[] certPath, X509Certificate[] trustedCerts) throws ProxyPathValidatorException
validate
for further checks.certPath
- the certificate path to validate.trustedCerts
- the trusted (CA) certificates.ProxyPathValidatorException
- if certificate
path validation fails.public void validate(X509Certificate[] certPath, X509Certificate[] trustedCerts, CertificateRevocationLists crls) throws ProxyPathValidatorException
ProxyPathValidatorException
public void validate(X509Certificate[] certPath, X509Certificate[] trustedCerts, CertificateRevocationLists crls, SigningPolicy[] signingPolicies) throws ProxyPathValidatorException
ProxyPathValidatorException
public void validate(X509Certificate[] certPath, X509Certificate[] trustedCerts, CertificateRevocationLists crls, SigningPolicy[] signingPolicies, Boolean enforceSigningPolicy) throws ProxyPathValidatorException
ProxyPathValidatorException
protected void validate(X509Certificate[] certPath) throws ProxyPathValidatorException
certPath
- the certificate path to validate.ProxyPathValidatorException
- if certificate
path validation fails.protected void validate(X509Certificate[] certPath, TrustedCertificates trustedCerts) throws ProxyPathValidatorException
certPath
- the certificate path to validate.trustedCerts
- the trusted (CA) certificates. If null,
the default trusted certificates will be used.ProxyPathValidatorException
- if certificate
path validation fails.protected void validate(X509Certificate[] certPath, TrustedCertificates trustedCerts, CertificateRevocationLists crlsList) throws ProxyPathValidatorException
ProxyPathValidatorException
protected void validate(X509Certificate[] certPath, TrustedCertificates trustedCerts, CertificateRevocationLists crlsList, Boolean enforceSigningPolicy) throws ProxyPathValidatorException
certPath
- the certificate path to validate.trustedCerts
- the trusted (CA) certificates. If null,
the default trusted certificates will be used.crlsList
- the certificate revocation list. If null,
the default certificate revocation list will be used.ProxyPathValidatorException
- if certificate
path validation fails.protected void setValidator(X509ProxyCertPathValidator validator)
Copyright © 2016. All rights reserved.