AbstractCRLRevocationChecker (cas-server-support-x509 5.0.0.M1 API)

java.lang.Object
- org.apereo.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker

All Implemented Interfaces:

RevocationChecker

Direct Known Subclasses:

CRLDistributionPointRevocationChecker, ResourceCRLRevocationChecker
```
public abstract class AbstractCRLRevocationChecker
extends java.lang.Object
implements RevocationChecker
```
Base class for all CRL-based revocation checkers.

Since:

3.4.6

Field Summary

Fields
Modifier and Type	Field and Description
`protected boolean`	`checkAll` Flag to indicate whether all crls should be checked for the cert resource.
`protected org.slf4j.Logger`	`logger` Logger instance.

Constructor Summary

Constructors
Constructor and Description

AbstractCRLRevocationChecker()

Constructors
Constructor and Description
`AbstractCRLRevocationChecker()`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`protected abstract boolean`	`addCRL(java.lang.Object id, java.security.cert.X509CRL crl)` Records the addition of a new CRL entry.
`void`	`check(java.security.cert.X509Certificate cert)` Checks the revocation status of the given certificate.
`java.security.cert.X509CRL`	`getCRL(java.security.cert.X509Certificate cert)` Gets the first fetched CRL for the given certificate.
`protected abstract java.util.Collection<java.security.cert.X509CRL>`	`getCRLs(java.security.cert.X509Certificate cert)` Gets the collection of CRLs for the given certificate.
`RevocationPolicy<java.security.cert.X509CRL>`	`getExpiredCRLPolicy()`
`RevocationPolicy<java.lang.Void>`	`getUnavailableCRLPolicy()`
`void`	`init()` Init.
`void`	`setCheckAll(boolean checkAll)` Indicates whether all resources should be checked, or revocation should stop at the first resource that produces the cert.
`void`	`setExpiredCRLPolicy(RevocationPolicy<java.security.cert.X509CRL> policy)` Sets the policy to apply when CRL data is expired.
`void`	`setUnavailableCRLPolicy(RevocationPolicy<java.lang.Void> policy)` Sets the policy to apply when CRL data is unavailable.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - logger
```
protected transient org.slf4j.Logger logger
```
    Logger instance.
  - checkAll
```
protected boolean checkAll
```
    Flag to indicate whether all crls should be checked for the cert resource. Defaults to false.
- Constructor Detail
  - AbstractCRLRevocationChecker
```
public AbstractCRLRevocationChecker()
```
- Method Detail
  - init
```
@PostConstruct
public void init()
```
    Init.
  - check
```
public void check(java.security.cert.X509Certificate cert)
           throws java.security.GeneralSecurityException
```
    Description copied from interface: RevocationChecker
    
    Checks the revocation status of the given certificate.
    
    Specified by:
    
    check in interface RevocationChecker
    
    Parameters:
    
    cert - Certificate to examine.
    
    Throws:
    
    java.security.GeneralSecurityException - If certificate has been revoked or the revocation check fails for some reason such as revocation data not available.
  - setUnavailableCRLPolicy
```
public void setUnavailableCRLPolicy(RevocationPolicy<java.lang.Void> policy)
```
    Sets the policy to apply when CRL data is unavailable.
    
    Parameters:
    
    policy - Revocation policy.
  - setExpiredCRLPolicy
```
public void setExpiredCRLPolicy(RevocationPolicy<java.security.cert.X509CRL> policy)
```
    Sets the policy to apply when CRL data is expired.
    
    Parameters:
    
    policy - Revocation policy.
  - getUnavailableCRLPolicy
```
public RevocationPolicy<java.lang.Void> getUnavailableCRLPolicy()
```
  - getExpiredCRLPolicy
```
public RevocationPolicy<java.security.cert.X509CRL> getExpiredCRLPolicy()
```
  - setCheckAll
```
@Autowired
public void setCheckAll(@Value(value="${cas.x509.authn.crl.checkAll:false}")
                                    boolean checkAll)
```
    Indicates whether all resources should be checked, or revocation should stop at the first resource that produces the cert.
    
    Parameters:
    
    checkAll - the check all
  - getCRL
```
public java.security.cert.X509CRL getCRL(java.security.cert.X509Certificate cert)
```
    Gets the first fetched CRL for the given certificate.
    
    Parameters:
    
    cert - Certificate for which the CRL of the issuing CA should be retrieved.
    
    Returns:
    
    CRL for given cert, or null
  - addCRL
```
protected abstract boolean addCRL(java.lang.Object id,
                                  java.security.cert.X509CRL crl)
```
    Records the addition of a new CRL entry.
    
    Parameters:
    
    id - the id of the entry to keep track of
    
    crl - new CRL entry
    
    Returns:
    
    true if the entry was added successfully.
    
    Since:
    
    4.1
  - getCRLs
```
protected abstract java.util.Collection<java.security.cert.X509CRL> getCRLs(java.security.cert.X509Certificate cert)
```
    Gets the collection of CRLs for the given certificate.
    
    Parameters:
    
    cert - Certificate for which the CRL of the issuing CA should be retrieved.
    
    Returns:
    
    CRLs for given cert.

Class AbstractCRLRevocationChecker

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

logger

checkAll

Constructor Detail

AbstractCRLRevocationChecker

Method Detail

init

check

setUnavailableCRLPolicy

setExpiredCRLPolicy

getUnavailableCRLPolicy

getExpiredCRLPolicy

setCheckAll

getCRL

addCRL

getCRLs