1 /* 2 * Copyright 2008 University Corporation for Advanced Internet Development, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.opensaml.xml.security.x509; 18 19 /** 20 * Specialization of {@link PKIXValidationOptions} which specifies options specific to a {@link PKIXTrustEvaluator} 21 * based on the Java CertPath API. 22 */ 23 public class CertPathPKIXValidationOptions extends PKIXValidationOptions { 24 25 /** Force RevocationEnabled flag. */ 26 private boolean forceRevocationEnabled; 27 28 /** Value for RevocationEnabled when forced. */ 29 private boolean revocationEnabled; 30 31 /** Constructor. */ 32 public CertPathPKIXValidationOptions() { 33 super(); 34 forceRevocationEnabled = false; 35 revocationEnabled = true; 36 } 37 38 /** 39 * If true, the revocation behavior of the underlying CertPath provider will be forced to the 40 * value supplied by {@link #isRevocationEnabled()}. If false, the revocation behavior 41 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation. 42 * 43 * <p>Default is: <b>false</b></p> 44 * 45 * @return Returns the forceRevocationEnabled. 46 */ 47 public boolean isForceRevocationEnabled() { 48 return forceRevocationEnabled; 49 } 50 51 /** 52 * If true, the revocation behavior of the underlying CertPath provider will be forced to the 53 * value supplied by {@link #isRevocationEnabled()}. If false, the revocation behavior 54 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation. 55 * 56 * <p>Default is: <b>false</b></p> 57 * 58 * @param forceRevocationEnabled The forceRevocationEnabled to set. 59 */ 60 public void setForceRevocationEnabled(boolean forceRevocationEnabled) { 61 this.forceRevocationEnabled = forceRevocationEnabled; 62 } 63 64 /** 65 * If {@link #isForceRevocationEnabled()} is true, the revocation behavior of the underlying CertPath Provider 66 * will be forced to this value. If the former is false, the revocation behavior 67 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation. 68 * 69 * <p>Default is: <b>true</b></p> 70 * 71 * @return Returns the revocationEnabled. 72 */ 73 public boolean isRevocationEnabled() { 74 return revocationEnabled; 75 } 76 77 /** 78 * If {@link #isForceRevocationEnabled()} is true, the revocation behavior of the underlying CertPath Provider 79 * will be forced to this value. If the former is false, the revocation behavior 80 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation. 81 * 82 * <p>Default is: <b>true</b></p> 83 * 84 * @param revocationEnabled The revocationEnabled to set. 85 */ 86 public void setRevocationEnabled(boolean revocationEnabled) { 87 this.revocationEnabled = revocationEnabled; 88 } 89 90 91 }