Package org.opensaml.security.x509

Interface PKIXTrustEvaluator

All Known Implementing Classes:

CertPathPKIXTrustEvaluator

public interface PKIXTrustEvaluator

An interface for classes which evaluate an X509Credential against a set of trusted PKIXValidationInformation, using PKIX validation rules.

Method Summary

Modifier and Type	Method	Description
PKIXValidationOptions	getPKIXValidationOptions()	Get the PKIXValidationOptions instance that is in use.
boolean	validate(PKIXValidationInformation validationInfo, X509Credential untrustedCredential)	Validate the specified credential against the specified set of trusted validation information.

Method Details

validate

boolean validate(@Nonnull
 PKIXValidationInformation validationInfo,
 @Nonnull
 X509Credential untrustedCredential)
          throws SecurityException

Validate the specified credential against the specified set of trusted validation information.

Parameters:

validationInfo - the set of trusted validation information

untrustedCredential - the credential being evaluated

Returns:

true if the credential can be successfully evaluated, false otherwise

Throws:

SecurityException - thrown if there is an error evaluating the credential

getPKIXValidationOptions

@Nonnull
PKIXValidationOptions getPKIXValidationOptions()

Get the PKIXValidationOptions instance that is in use.

Returns:

the PKIXValidationOptions instance