View Javadoc

1   /*
2    * Copyright 2008 University Corporation for Advanced Internet Development, Inc.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.security.x509;
18  
19  /**
20   * Specialization of {@link PKIXValidationOptions} which specifies options specific to a {@link PKIXTrustEvaluator}
21   * based on the Java CertPath API.
22   */
23  public class CertPathPKIXValidationOptions extends PKIXValidationOptions {
24      
25      /** Force RevocationEnabled flag. */
26      private boolean forceRevocationEnabled;
27     
28      /** Value for RevocationEnabled when forced. */
29      private boolean revocationEnabled;
30  
31      /** Constructor. */
32      public CertPathPKIXValidationOptions() {
33          super();
34          forceRevocationEnabled = false;
35          revocationEnabled = true;
36      }
37      
38      /**
39       * If true, the revocation behavior of the underlying CertPath provider will be forced to the
40       * value supplied by {@link #isRevocationEnabled()}. If false, the revocation behavior
41       * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
42       * 
43       * <p>Default is: <b>false</b></p>
44       * 
45       * @return Returns the forceRevocationEnabled.
46       */
47      public boolean isForceRevocationEnabled() {
48          return forceRevocationEnabled;
49      }
50  
51      /**
52       * If true, the revocation behavior of the underlying CertPath provider will be forced to the
53       * value supplied by {@link #isRevocationEnabled()}. If false, the revocation behavior
54       * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
55       * 
56       * <p>Default is: <b>false</b></p>
57       * 
58       * @param forceRevocationEnabled The forceRevocationEnabled to set.
59       */
60      public void setForceRevocationEnabled(boolean forceRevocationEnabled) {
61          this.forceRevocationEnabled = forceRevocationEnabled;
62      }
63  
64      /**
65       * If {@link #isForceRevocationEnabled()} is true, the revocation behavior of the underlying CertPath Provider
66       * will be forced to this value. If the former is false, the revocation behavior
67       * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
68       * 
69       * <p>Default is: <b>true</b></p>
70       * 
71       * @return Returns the revocationEnabled.
72       */
73      public boolean isRevocationEnabled() {
74          return revocationEnabled;
75      }
76  
77      /**
78       * If {@link #isForceRevocationEnabled()} is true, the revocation behavior of the underlying CertPath Provider
79       * will be forced to this value. If the former is false, the revocation behavior
80       * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
81       * 
82       * <p>Default is: <b>true</b></p>
83       * 
84       * @param revocationEnabled The revocationEnabled to set.
85       */
86      public void setRevocationEnabled(boolean revocationEnabled) {
87          this.revocationEnabled = revocationEnabled;
88      }
89      
90  
91  }