1 /*
2 * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 package org.opensaml.xml.security.trust;
18
19 import java.util.ArrayList;
20 import java.util.List;
21
22 import org.opensaml.xml.security.CriteriaSet;
23 import org.opensaml.xml.security.SecurityException;
24 import org.slf4j.Logger;
25 import org.slf4j.LoggerFactory;
26
27 /**
28 * Evaluate a token in sequence using a chain of subordinate trust engines. If the token may be established as trusted
29 * by any of the subordinate engines, the token is considered trusted. Otherwise it is considered untrusted.
30 *
31 * @param <TokenType> the token type this trust engine evaluates
32 */
33 public class ChainingTrustEngine<TokenType> implements TrustEngine<TokenType> {
34
35 /** Class logger. */
36 private final Logger log = LoggerFactory.getLogger(ChainingTrustEngine.class);
37
38 /** The chain of subordinate trust engines. */
39 private List<TrustEngine<TokenType>> engines;
40
41 /** Constructor. */
42 public ChainingTrustEngine() {
43 engines = new ArrayList<TrustEngine<TokenType>>();
44 }
45
46 /**
47 * Get the list of configured trust engines which constitute the trust evaluation chain.
48 *
49 * @return the modifiable list of trust engines in the chain
50 */
51 public List<TrustEngine<TokenType>> getChain() {
52 return engines;
53 }
54
55 /** {@inheritDoc} */
56 public boolean validate(TokenType token, CriteriaSet trustBasisCriteria) throws SecurityException {
57 for (TrustEngine<TokenType> engine : engines) {
58 if (engine.validate(token, trustBasisCriteria)) {
59 log.debug("Token was trusted by chain member: {}", engine.getClass().getName());
60 return true;
61 }
62 }
63 return false;
64 }
65
66 }