public class SignatureTrustValidator extends Object implements Validator
Constructor and Description |
---|
SignatureTrustValidator() |
Modifier and Type | Method and Description |
---|---|
protected Crypto |
getCrypto(RequestData data) |
protected boolean |
isCertificateInKeyStore(Crypto crypto,
X509Certificate cert)
Deprecated.
|
protected boolean |
matches(X509Certificate cert,
Collection<Pattern> subjectDNPatterns) |
Credential |
validate(Credential credential,
RequestData data)
Validate the credential argument.
|
protected void |
validateCertificates(X509Certificate[] certificates)
Validate the certificates by checking the validity of each cert
|
protected boolean |
validatePublicKey(PublicKey publicKey,
Crypto crypto)
Validate a public key
|
protected boolean |
verifyTrustInCert(X509Certificate cert,
Crypto crypto)
Deprecated.
|
protected boolean |
verifyTrustInCert(X509Certificate cert,
Crypto crypto,
boolean enableRevocation)
Deprecated.
|
protected boolean |
verifyTrustInCert(X509Certificate cert,
Crypto crypto,
RequestData data,
boolean enableRevocation)
Evaluate whether a given certificate should be trusted.
|
protected boolean |
verifyTrustInCerts(X509Certificate[] certificates,
Crypto crypto)
Deprecated.
|
protected boolean |
verifyTrustInCerts(X509Certificate[] certificates,
Crypto crypto,
boolean enableRevocation)
Deprecated.
|
protected boolean |
verifyTrustInCerts(X509Certificate[] certificates,
Crypto crypto,
RequestData data,
boolean enableRevocation)
Evaluate whether the given certificate chain should be trusted.
|
public Credential validate(Credential credential, RequestData data) throws WSSecurityException
validate
in interface Validator
credential
- the Credential to be validateddata
- the RequestData associated with the requestWSSecurityException
- on a failed validationprotected Crypto getCrypto(RequestData data)
protected void validateCertificates(X509Certificate[] certificates) throws WSSecurityException
WSSecurityException
@Deprecated protected boolean verifyTrustInCert(X509Certificate cert, Crypto crypto) throws WSSecurityException
WSSecurityException
@Deprecated protected boolean verifyTrustInCert(X509Certificate cert, Crypto crypto, boolean enableRevocation) throws WSSecurityException
WSSecurityException
protected boolean verifyTrustInCert(X509Certificate cert, Crypto crypto, RequestData data, boolean enableRevocation) throws WSSecurityException
cert
- the certificate that should be validated against the keystorecrypto
- A crypto instance to use for trust validationdata
- A RequestData instanceenableRevocation
- Whether revocation is enabled or notWSSecurityException
@Deprecated protected boolean isCertificateInKeyStore(Crypto crypto, X509Certificate cert) throws WSSecurityException
crypto
- A Crypto instance to use for trust validationcert
- The certificate to checkWSSecurityException
@Deprecated protected boolean verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto) throws WSSecurityException
WSSecurityException
@Deprecated protected boolean verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto, boolean enableRevocation) throws WSSecurityException
WSSecurityException
protected boolean verifyTrustInCerts(X509Certificate[] certificates, Crypto crypto, RequestData data, boolean enableRevocation) throws WSSecurityException
certificates
- the certificate chain that should be validated against the keystorecrypto
- A Crypto instancedata
- A RequestData instanceenableRevocation
- Whether revocation is enabled or notWSSecurityException
protected boolean validatePublicKey(PublicKey publicKey, Crypto crypto) throws WSSecurityException
WSSecurityException
protected boolean matches(X509Certificate cert, Collection<Pattern> subjectDNPatterns)
Copyright © 2004–2017 The Apache Software Foundation. All rights reserved.