View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.security.x509;
18  
19  import java.util.Set;
20  
21  import org.opensaml.xml.security.Criteria;
22  import org.opensaml.xml.security.CriteriaSet;
23  import org.opensaml.xml.security.Resolver;
24  import org.opensaml.xml.security.SecurityException;
25  
26  /**
27   * A resolver which uses {@link Criteria} to resolve {@link PKIXValidationInformation}, which will typically be used
28   * PKIX-based trust engines.
29   * 
30   * Implementations may also optionally implement {@link #resolveTrustedNames(CriteriaSet)}, which will 
31   * return a set of trusted names associated with the entity implied by the criteria.  These trusted names
32   * may be used to validate (in an application-specific manner) that an entity is trusted to wield a particular
33   * certificate.
34   */
35  public interface PKIXValidationInformationResolver extends Resolver<PKIXValidationInformation, CriteriaSet> {
36      
37      /**
38       * Resolve a set of trusted names associated with the entity indicated by the criteria.  This method
39       * is optional to implement.
40       * 
41       * @param criteriaSet set of criteria used to determine or resolve the trusted names
42       * @return the set of certificate names trusted for an entity
43       * @throws SecurityException thrown if there is an error resolving the trusted names
44       * @throws UnsupportedOperationException thrown if this optional method is not supported by the implementation
45       */
46      public Set<String> resolveTrustedNames(CriteriaSet criteriaSet)
47          throws SecurityException, UnsupportedOperationException;
48      
49      /**
50       * Check whether resolution of trusted names is supported.
51       * 
52       * @return true if the implementation supports resolution of trusted names, otherwise false
53       */
54      public boolean supportsTrustedNameResolution();
55  
56  }