1 /*
2 * Copyright 2008 University Corporation for Advanced Internet Development, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 package org.opensaml.xml.security.x509;
18
19 /**
20 * Specialization of {@link PKIXValidationOptions} which specifies options specific to a {@link PKIXTrustEvaluator}
21 * based on the Java CertPath API.
22 */
23 public class CertPathPKIXValidationOptions extends PKIXValidationOptions {
24
25 /** Force RevocationEnabled flag. */
26 private boolean forceRevocationEnabled;
27
28 /** Value for RevocationEnabled when forced. */
29 private boolean revocationEnabled;
30
31 /** Constructor. */
32 public CertPathPKIXValidationOptions() {
33 super();
34 forceRevocationEnabled = false;
35 revocationEnabled = true;
36 }
37
38 /**
39 * If true, the revocation behavior of the underlying CertPath provider will be forced to the
40 * value supplied by {@link #isRevocationEnabled()}. If false, the revocation behavior
41 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
42 *
43 * <p>Default is: <b>false</b></p>
44 *
45 * @return Returns the forceRevocationEnabled.
46 */
47 public boolean isForceRevocationEnabled() {
48 return forceRevocationEnabled;
49 }
50
51 /**
52 * If true, the revocation behavior of the underlying CertPath provider will be forced to the
53 * value supplied by {@link #isRevocationEnabled()}. If false, the revocation behavior
54 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
55 *
56 * <p>Default is: <b>false</b></p>
57 *
58 * @param forceRevocationEnabled The forceRevocationEnabled to set.
59 */
60 public void setForceRevocationEnabled(boolean forceRevocationEnabled) {
61 this.forceRevocationEnabled = forceRevocationEnabled;
62 }
63
64 /**
65 * If {@link #isForceRevocationEnabled()} is true, the revocation behavior of the underlying CertPath Provider
66 * will be forced to this value. If the former is false, the revocation behavior
67 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
68 *
69 * <p>Default is: <b>true</b></p>
70 *
71 * @return Returns the revocationEnabled.
72 */
73 public boolean isRevocationEnabled() {
74 return revocationEnabled;
75 }
76
77 /**
78 * If {@link #isForceRevocationEnabled()} is true, the revocation behavior of the underlying CertPath Provider
79 * will be forced to this value. If the former is false, the revocation behavior
80 * of the underlying provider will be determined by the PKIXTrustEvaluator implementation.
81 *
82 * <p>Default is: <b>true</b></p>
83 *
84 * @param revocationEnabled The revocationEnabled to set.
85 */
86 public void setRevocationEnabled(boolean revocationEnabled) {
87 this.revocationEnabled = revocationEnabled;
88 }
89
90
91 }