View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.security.trust;
18  
19  import java.util.ArrayList;
20  import java.util.List;
21  
22  import org.opensaml.xml.security.CriteriaSet;
23  import org.opensaml.xml.security.SecurityException;
24  import org.slf4j.Logger;
25  import org.slf4j.LoggerFactory;
26  
27  /**
28   * Evaluate a token in sequence using a chain of subordinate trust engines. If the token may be established as trusted
29   * by any of the subordinate engines, the token is considered trusted. Otherwise it is considered untrusted.
30   * 
31   * @param <TokenType> the token type this trust engine evaluates
32   */
33  public class ChainingTrustEngine<TokenType> implements TrustEngine<TokenType> {
34  
35      /** Class logger. */
36      private final Logger log = LoggerFactory.getLogger(ChainingTrustEngine.class);
37  
38      /** The chain of subordinate trust engines. */
39      private List<TrustEngine<TokenType>> engines;
40  
41      /** Constructor. */
42      public ChainingTrustEngine() {
43          engines = new ArrayList<TrustEngine<TokenType>>();
44      }
45  
46      /**
47       * Get the list of configured trust engines which constitute the trust evaluation chain.
48       * 
49       * @return the modifiable list of trust engines in the chain
50       */
51      public List<TrustEngine<TokenType>> getChain() {
52          return engines;
53      }
54  
55      /** {@inheritDoc} */
56      public boolean validate(TokenType token, CriteriaSet trustBasisCriteria) throws SecurityException {
57          for (TrustEngine<TokenType> engine : engines) {
58              if (engine.validate(token, trustBasisCriteria)) {
59                  log.debug("Token was trusted by chain member: {}", engine.getClass().getName());
60                  return true;
61              }
62          }
63          return false;
64      }
65  
66  }