org.apache.rampart
Class PolicyBasedResultsValidator
java.lang.Object
org.apache.rampart.PolicyBasedResultsValidator
- public class PolicyBasedResultsValidator
- extends Object
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PolicyBasedResultsValidator
public PolicyBasedResultsValidator()
validate
public void validate(ValidatorData data,
Vector results)
throws RampartException
- Throws:
RampartException
verifyTrust
protected boolean verifyTrust(X509Certificate cert,
RampartMessageData rmd)
throws RampartException
- Evaluate whether a given certificate should be trusted.
Hook to allow subclasses to implement custom validation methods however they see fit.
Policy used in this implementation:
1. Search the keystore for the transmitted certificate
2. Search the keystore for a connection to the transmitted certificate
(that is, search for certificate(s) of the issuer of the transmitted certificate
3. Verify the trust path for those certificates found because the search for the issuer might be fooled by a phony DN (String!)
- Parameters:
cert
- the certificate that should be validated against the keystore
- Returns:
- true if the certificate is trusted, false if not (AxisFault is thrown for exceptions during CertPathValidation)
- Throws:
org.apache.ws.security.WSSecurityException
RampartException