1 /* 2 * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.] 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.opensaml.xml.security.x509; 18 19 import java.util.Set; 20 21 import org.opensaml.xml.security.Criteria; 22 import org.opensaml.xml.security.CriteriaSet; 23 import org.opensaml.xml.security.Resolver; 24 import org.opensaml.xml.security.SecurityException; 25 26 /** 27 * A resolver which uses {@link Criteria} to resolve {@link PKIXValidationInformation}, which will typically be used 28 * PKIX-based trust engines. 29 * 30 * Implementations may also optionally implement {@link #resolveTrustedNames(CriteriaSet)}, which will 31 * return a set of trusted names associated with the entity implied by the criteria. These trusted names 32 * may be used to validate (in an application-specific manner) that an entity is trusted to wield a particular 33 * certificate. 34 */ 35 public interface PKIXValidationInformationResolver extends Resolver<PKIXValidationInformation, CriteriaSet> { 36 37 /** 38 * Resolve a set of trusted names associated with the entity indicated by the criteria. This method 39 * is optional to implement. 40 * 41 * @param criteriaSet set of criteria used to determine or resolve the trusted names 42 * @return the set of certificate names trusted for an entity 43 * @throws SecurityException thrown if there is an error resolving the trusted names 44 * @throws UnsupportedOperationException thrown if this optional method is not supported by the implementation 45 */ 46 public Set<String> resolveTrustedNames(CriteriaSet criteriaSet) 47 throws SecurityException, UnsupportedOperationException; 48 49 /** 50 * Check whether resolution of trusted names is supported. 51 * 52 * @return true if the implementation supports resolution of trusted names, otherwise false 53 */ 54 public boolean supportsTrustedNameResolution(); 55 56 }