|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.opensaml.xml.signature.impl.BaseSignatureTrustEngine<java.lang.Iterable<Credential>>
org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine
public class ExplicitKeySignatureTrustEngine
An implementation of SignatureTrustEngine
which evaluates the validity and trustworthiness
of XML and raw signatures.
Processing is first performed as described in BaseSignatureTrustEngine
. If based on this processing,
it is determined that the Signature's KeyInfo is not present or does not contain a resolveable valid (and trusted)
signing key, then all trusted credentials obtained by the trusted credential resolver will be used
to attempt to validate the signature.
Constructor Summary | |
---|---|
ExplicitKeySignatureTrustEngine(CredentialResolver resolver,
KeyInfoCredentialResolver keyInfoResolver)
Constructor. |
Method Summary | |
---|---|
protected boolean |
evaluateTrust(Credential untrustedCredential,
java.lang.Iterable<Credential> trustedCredentials)
Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information. |
CredentialResolver |
getCredentialResolver()
Gets the credential resolver used to recover trusted credentials that may be used to validate tokens. |
boolean |
validate(Signature signature,
CriteriaSet trustBasisCriteria)
Validates the token against trusted information obtained in an implementation-specific manner. |
Methods inherited from class org.opensaml.xml.signature.impl.BaseSignatureTrustEngine |
---|
checkParams, getKeyInfoResolver, validate, validate, verifySignature |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ExplicitKeySignatureTrustEngine(CredentialResolver resolver, KeyInfoCredentialResolver keyInfoResolver)
resolver
- credential resolver used to resolve trusted credentials.keyInfoResolver
- KeyInfo credential resolver used to obtain the (advisory) signing credential
from a Signature's KeyInfo element.Method Detail |
---|
public CredentialResolver getCredentialResolver()
getCredentialResolver
in interface TrustedCredentialTrustEngine<Signature>
public boolean validate(Signature signature, CriteriaSet trustBasisCriteria) throws SecurityException
validate
in interface TrustEngine<Signature>
signature
- security token to validatetrustBasisCriteria
- criteria used to describe and/or resolve the information
which serves as the basis for trust evaluation
SecurityException
- thrown if there is a problem validating the security tokenprotected boolean evaluateTrust(Credential untrustedCredential, java.lang.Iterable<Credential> trustedCredentials) throws SecurityException
evaluateTrust
in class BaseSignatureTrustEngine<java.lang.Iterable<Credential>>
untrustedCredential
- the untrusted credential being evaluatedtrustedCredentials
- the information which serves as the basis for trust evaluation
SecurityException
- if an error occurs during trust processing
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |