View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package edu.internet2.middleware.shibboleth.common.config.security;
18  
19  import java.util.Collections;
20  import java.util.List;
21  import java.util.Set;
22  
23  import org.opensaml.xml.security.x509.PKIXValidationInformation;
24  import org.opensaml.xml.security.x509.PKIXX509CredentialTrustEngine;
25  import org.opensaml.xml.security.x509.StaticPKIXValidationInformationResolver;
26  import org.springframework.beans.factory.config.AbstractFactoryBean;
27  
28  /**
29   * Spring factory bean used to create {@link PKIXX509CredentialTrustEngine}s based on a static 
30   * PKIXValidationInformation resolver.
31   */
32  public class StaticPKIXX509CredentialTrustEngineFactoryBean extends AbstractFactoryBean {
33      
34      /** List of PKIX validation info. */
35      private List<PKIXValidationInformation> pkixInfo;
36      
37      /** Set of trusted names. */
38      private Set<String> trustedNames;
39  
40      /**
41       * Gets the list of PKIX validation info.
42       * 
43       * @return the list of PKIX validation info 
44       */
45      public List<PKIXValidationInformation> getPKIXInfo() {
46          return pkixInfo;
47      }
48  
49      /**
50       * Sets the list of PKIX validation info.
51       * 
52       * @param newPKIXInfo the new list of PKIX validation info
53       */
54      public void setPKIXInfo(List<PKIXValidationInformation> newPKIXInfo) {
55          pkixInfo = newPKIXInfo;
56      }
57      
58      /**
59       * Gets the set of trusted names.
60       * 
61       * @return the set of trusted names
62       */
63      public Set<String> getTrustedNames() {
64          return trustedNames;
65      }
66  
67      /**
68       * Sets the set of trusted names.
69       * 
70       * @param newTrustedNames the set of trusted names
71       */
72      public void setTrustedNames(Set<String> newTrustedNames) {
73          trustedNames = newTrustedNames;
74      }
75  
76      /** {@inheritDoc} */
77      public Class getObjectType() {
78          return PKIXX509CredentialTrustEngine.class;
79      }
80      
81      /** {@inheritDoc} */
82      protected Object createInstance() throws Exception {
83          Set<String> names = getTrustedNames();
84          if (names == null) {
85              names = Collections.emptySet();
86          }
87          StaticPKIXValidationInformationResolver pkixResolver = 
88              new StaticPKIXValidationInformationResolver(getPKIXInfo(), names);
89          
90          return new PKIXX509CredentialTrustEngine(pkixResolver);
91      }
92  }