Class NamespaceChecker

java.lang.Object
eu.emi.security.authn.x509.helpers.ns.NamespaceChecker

public class NamespaceChecker extends Object
Implements namespace policy checking. The class is populated with a namespace policy store which provides the policies. The implementation gets
  • Field Details

    • namespaceRequired

      private boolean namespaceRequired
    • checkAll

      private boolean checkAll
    • nsStores

      private NamespacesStore[] nsStores
  • Constructor Details

  • Method Details

    • check

      public List<ValidationError> check(X509Certificate[] chain)
      Checks all certificates in the chain whether they are correct w.r.t. namespace policies which are configured. If the parameter contains any proxy certificates those are ignored. Self signed certificates in the chain are ignored, so the root CA certificate may be safely present in the chain.
      Parameters:
      chain - to be checked
      Returns:
      list of validation errors
    • doCheck

      private void doCheck(X500Principal subject, List<NamespacePolicy> policies, List<ValidationError> ret, int pos, X509Certificate[] chain)