public class SigningPolicyChecker extends java.lang.Object implements CertificateChecker
Modifier and Type | Field and Description |
---|---|
private SigningPolicyStore |
policyStore |
Constructor and Description |
---|
SigningPolicyChecker(SigningPolicyStore policyStore) |
Modifier and Type | Method and Description |
---|---|
void |
invoke(java.security.cert.X509Certificate cert,
GSIConstants.CertificateType certType)
Validate DN against the signing policy
|
private boolean |
requireSigningPolicyCheck(GSIConstants.CertificateType certType)
if a certificate is not a CA or if it is not a proxy, return true.
|
private SigningPolicyStore policyStore
public SigningPolicyChecker(SigningPolicyStore policyStore)
public void invoke(java.security.cert.X509Certificate cert, GSIConstants.CertificateType certType) throws java.security.cert.CertPathValidatorException
invoke
in interface CertificateChecker
cert
- The certificate to check.certType
- The type of certificate to check.java.security.cert.CertPathValidatorException
- if the certificate is invalid according to the signing policy.private boolean requireSigningPolicyCheck(GSIConstants.CertificateType certType)
certType
- The type of Certificate being queried.