ResourceCRLRevocationChecker (cas-server-support-x509 5.0.0.M1 API)

java.lang.Object
- org.apereo.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker
- - org.apereo.cas.adaptors.x509.authentication.handler.support.ResourceCRLRevocationChecker

All Implemented Interfaces:

RevocationChecker
```
@RefreshScope
 @Component(value="resourceCrlRevocationChecker")
public class ResourceCRLRevocationChecker
extends AbstractCRLRevocationChecker
```
CRL-based revocation checker that uses one or more CRL resources to fetch local or remote CRL data periodically. CRL resources should be supplied for the issuers of all certificates (and intervening certificates for certificate chains) that are expected to be presented to X509CredentialsAuthenticationHandler.

Since:

3.4.7

Field Summary

Fields
Modifier and Type Field and Description

static int DEFAULT_REFRESH_INTERVAL
Default refresh interval is 1 hour.
- Fields inherited from class org.apereo.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker
  checkAll, logger

Fields
Modifier and Type	Field and Description
`static int`	`DEFAULT_REFRESH_INTERVAL` Default refresh interval is 1 hour.

Constructor Summary

Constructors
Constructor and Description
`ResourceCRLRevocationChecker(CRLFetcher fetcher, org.springframework.core.io.Resource[] crls)` Instantiates a new Resource cRL revocation checker.
`ResourceCRLRevocationChecker(org.springframework.core.io.Resource crl)` Creates a new instance using the specified resource for CRL data.
`ResourceCRLRevocationChecker(org.springframework.core.io.Resource[] crls)` Creates a new instance using the specified resources for CRL data.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected boolean`	`addCRL(java.lang.Object issuer, java.security.cert.X509CRL crl)` Records the addition of a new CRL entry.
`protected java.util.Collection<java.security.cert.X509CRL>`	`getCRLs(java.security.cert.X509Certificate cert)` Gets the collection of CRLs for the given certificate.
`protected CRLFetcher`	`getFetcher()`
`protected java.util.Set<org.springframework.core.io.Resource>`	`getResources()`
`void`	`init()` Initializes the process that periodically fetches CRL data.
`void`	`setExpiredCRLPolicy(RevocationPolicy policy)` Sets the policy to apply when CRL data is expired.
`void`	`setRefreshInterval(int seconds)` Sets the interval at which CRL data should be reloaded from CRL resources.
`void`	`setUnavailableCRLPolicy(RevocationPolicy policy)` Sets the policy to apply when CRL data is unavailable.
`void`	`shutdown()` Shutdown scheduler.

Methods inherited from class org.apereo.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker
check, getCRL, getExpiredCRLPolicy, getUnavailableCRLPolicy, setCheckAll

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_REFRESH_INTERVAL
```
public static final int DEFAULT_REFRESH_INTERVAL
```
    Default refresh interval is 1 hour.
    
    See Also:
    
    Constant Field Values
- Constructor Detail
  - ResourceCRLRevocationChecker
```
public ResourceCRLRevocationChecker(org.springframework.core.io.Resource crl)
```
    Creates a new instance using the specified resource for CRL data.
    
    Parameters:
    
    crl - Resource containing CRL data. MUST NOT be null.
  - ResourceCRLRevocationChecker
```
public ResourceCRLRevocationChecker(org.springframework.core.io.Resource[] crls)
```
    Creates a new instance using the specified resources for CRL data.
    
    Parameters:
    
    crls - Resources containing CRL data. MUST NOT be null and MUST have at least one non-null element.
  - ResourceCRLRevocationChecker
```
public ResourceCRLRevocationChecker(CRLFetcher fetcher,
                                    org.springframework.core.io.Resource[] crls)
```
    Instantiates a new Resource cRL revocation checker.
    
    Parameters:
    
    fetcher - the fetcher
    
    crls - the crls
    
    Since:
    
    4.1
- Method Detail
  - setRefreshInterval
```
@Autowired
public void setRefreshInterval(@Min(value=1L) @Value(value="${cas.x509.authn.crl.refresh.interval:3600}")
                                           int seconds)
```
    Sets the interval at which CRL data should be reloaded from CRL resources.
    
    Parameters:
    
    seconds - Refresh interval in seconds; MUST be positive integer.
  - init
```
@PostConstruct
public void init()
```
    Initializes the process that periodically fetches CRL data.
    
    Overrides:
    
    init in class AbstractCRLRevocationChecker
  - getFetcher
```
protected CRLFetcher getFetcher()
```
    Returns:
    
    Returns the CRL fetcher component.
  - getResources
```
protected java.util.Set<org.springframework.core.io.Resource> getResources()
```
  - addCRL
```
protected boolean addCRL(java.lang.Object issuer,
                         java.security.cert.X509CRL crl)
```
    Description copied from class: AbstractCRLRevocationChecker
    
    Records the addition of a new CRL entry.
    
    Specified by:
    
    addCRL in class AbstractCRLRevocationChecker
    
    Parameters:
    
    issuer - the id of the entry to keep track of
    
    crl - new CRL entry
    
    Returns:
    
    true if the entry was added successfully.
  - getCRLs
```
protected java.util.Collection<java.security.cert.X509CRL> getCRLs(java.security.cert.X509Certificate cert)
```
    Description copied from class: AbstractCRLRevocationChecker
    
    Gets the collection of CRLs for the given certificate.
    
    Specified by:
    
    getCRLs in class AbstractCRLRevocationChecker
    
    Parameters:
    
    cert - Certificate for which the CRL of the issuing CA should be retrieved.
    
    Returns:
    
    CRLs for given cert.
  - shutdown
```
@PreDestroy
public void shutdown()
```
    Shutdown scheduler.
  - setUnavailableCRLPolicy
```
@Autowired(required=false)
public void setUnavailableCRLPolicy(@Qualifier(value="x509ResourceUnavailableRevocationPolicy")
                                                                RevocationPolicy policy)
```
    Description copied from class: AbstractCRLRevocationChecker
    
    Sets the policy to apply when CRL data is unavailable.
    
    Overrides:
    
    setUnavailableCRLPolicy in class AbstractCRLRevocationChecker
    
    Parameters:
    
    policy - Revocation policy.
  - setExpiredCRLPolicy
```
@Autowired(required=false)
public void setExpiredCRLPolicy(@Qualifier(value="x509ResourceExpiredRevocationPolicy")
                                                            RevocationPolicy policy)
```
    Description copied from class: AbstractCRLRevocationChecker
    
    Sets the policy to apply when CRL data is expired.
    
    Overrides:
    
    setExpiredCRLPolicy in class AbstractCRLRevocationChecker
    
    Parameters:
    
    policy - Revocation policy.

Class ResourceCRLRevocationChecker

Field Summary

Fields inherited from class org.apereo.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker

Constructor Summary

Method Summary

Methods inherited from class org.apereo.cas.adaptors.x509.authentication.handler.support.AbstractCRLRevocationChecker

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_REFRESH_INTERVAL

Constructor Detail

ResourceCRLRevocationChecker

ResourceCRLRevocationChecker

ResourceCRLRevocationChecker

Method Detail

setRefreshInterval

init

getFetcher

getResources

addCRL

getCRLs

shutdown

setUnavailableCRLPolicy

setExpiredCRLPolicy