1 /*
2 * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 package org.opensaml.xml.security.x509;
18
19 import java.util.Set;
20
21 import org.opensaml.xml.security.Criteria;
22 import org.opensaml.xml.security.CriteriaSet;
23 import org.opensaml.xml.security.Resolver;
24 import org.opensaml.xml.security.SecurityException;
25
26 /**
27 * A resolver which uses {@link Criteria} to resolve {@link PKIXValidationInformation}, which will typically be used
28 * PKIX-based trust engines.
29 *
30 * Implementations may also optionally implement {@link #resolveTrustedNames(CriteriaSet)}, which will
31 * return a set of trusted names associated with the entity implied by the criteria. These trusted names
32 * may be used to validate (in an application-specific manner) that an entity is trusted to wield a particular
33 * certificate.
34 */
35 public interface PKIXValidationInformationResolver extends Resolver<PKIXValidationInformation, CriteriaSet> {
36
37 /**
38 * Resolve a set of trusted names associated with the entity indicated by the criteria. This method
39 * is optional to implement.
40 *
41 * @param criteriaSet set of criteria used to determine or resolve the trusted names
42 * @return the set of certificate names trusted for an entity
43 * @throws SecurityException thrown if there is an error resolving the trusted names
44 * @throws UnsupportedOperationException thrown if this optional method is not supported by the implementation
45 */
46 public Set<String> resolveTrustedNames(CriteriaSet criteriaSet)
47 throws SecurityException, UnsupportedOperationException;
48
49 /**
50 * Check whether resolution of trusted names is supported.
51 *
52 * @return true if the implementation supports resolution of trusted names, otherwise false
53 */
54 public boolean supportsTrustedNameResolution();
55
56 }