Class NamespaceChecker


  • public class NamespaceChecker
    extends java.lang.Object
    Implements namespace policy checking. The class is populated with a namespace policy store which provides the policies. The implementation gets
    • Field Detail

      • namespaceRequired

        private boolean namespaceRequired
      • checkAll

        private boolean checkAll
    • Method Detail

      • check

        public java.util.List<ValidationError> check​(java.security.cert.X509Certificate[] chain)
        Checks all certificates in the chain whether they are correct w.r.t. namespace policies which are configured. If the parameter contains any proxy certificates those are ignored. Self signed certificates in the chain are ignored, so the root CA certificate may be safely present in the chain.
        Parameters:
        chain - to be checked
        Returns:
        list of validation errors
      • doCheck

        private void doCheck​(javax.security.auth.x500.X500Principal subject,
                             java.util.List<NamespacePolicy> policies,
                             java.util.List<ValidationError> ret,
                             int pos,
                             java.security.cert.X509Certificate[] chain)