CRLSelector (eduGAIN 1.0)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.geant.edugain.validation.util
Class CRLSelector

java.lang.Object
  net.geant.edugain.validation.util.CRLSelector

public final class CRLSelector
extends java.lang.Object
extends java.lang.Object

Utility class that selects the CRL to use with a given certificate. If net.geant.edugain.validation.crl.url property is defined, then the URL it points to will be used as source for the CRL. Else, the first distribution point found at the given certificate which contains a valid CRL will be used.

Author:: Jaime Perez

Field Summary
`protected Configurator`	`cfg`
`protected java.util.LinkedHashMap<java.lang.String,java.security.cert.X509CRL>`	`crls` This class implements a cache system for all CRLs found.
`protected java.util.LinkedHashMap<java.lang.String,java.util.Calendar>`	`crls_tmstamps`
`protected org.apache.log4j.Logger`	`log`
`protected static CRLSelector`	`ref`

Constructor Summary
`protected`	`CRLSelector()` Create a new CRLSelector, checking if user has forced the use of a CRL or those included in the certificates should be used.

Method Summary
`java.lang.Object`	`clone()` This class is not clonable...
`static CRLSelector`	`getInstance()` Instantiate a new CRLSelector.
`java.security.cert.X509CRL`	`select(java.security.cert.X509Certificate cert)` Select a CRL Distribution Point for a given certificate.

Methods inherited from class java.lang.Object
`equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

crls

protected java.util.LinkedHashMap<java.lang.String,java.security.cert.X509CRL> crls

This class implements a cache system for all CRLs found. When a CRL is requested for the first time, it is fetched, stored in the cache, and the current time is also stored. Later, when the same CRL is requested, we'll see if it is cached. If the CRL is still valid, that means, the difference of time when it was stored and the current time is less than the default time (Configurator.DEFAULT_CRL_TIMEOUT) or the next update time for this CRL, then it is directly selected. Else, the CRL will be fetched again and its timestamp updated.

crls_tmstamps

protected java.util.LinkedHashMap<java.lang.String,java.util.Calendar> crls_tmstamps

ref

protected static CRLSelector ref

cfg

protected Configurator cfg

log

protected org.apache.log4j.Logger log

Constructor Detail

CRLSelector

protected CRLSelector()
               throws ValidationException

Create a new CRLSelector, checking if user has forced the use of a CRL or those included in the certificates should be used.

Throws:: ValidationException

Method Detail

getInstance

public static CRLSelector getInstance()
                               throws ValidationException

Instantiate a new CRLSelector.

Returns:: An new instance of CRLSelector.
Throws:: ValidationException

clone

public java.lang.Object clone()
                       throws java.lang.CloneNotSupportedException

This class is not clonable...

Overrides:: clone in class java.lang.Object

Throws:: java.lang.CloneNotSupportedException

select

public java.security.cert.X509CRL select(java.security.cert.X509Certificate cert)
                                  throws ValidationException

Select a CRL Distribution Point for a given certificate.

Parameters:: cert - The certificate to verify against a CRL.
Returns:: The CRL Distribution Point to use.
Throws:: ValidationException