GlobusChainVerifier (Java Globus API)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.globus.security
Class GlobusChainVerifier

java.lang.Object
  |
  +--iaik.security.ssl.ChainVerifier
        |
        +--org.globus.security.GlobusChainVerifier
public class GlobusChainVerifier
extends iaik.security.ssl.ChainVerifier

Field Summary
 
Fields inherited from class iaik.security.ssl.ChainVerifier
cachedCerts, checkServerName, nullTrusted, trustedCerts
 
Constructor Summary
GlobusChainVerifier()
           
 
Method Summary
 void addTrustedCertificate(java.security.cert.X509Certificate cert)
           
 boolean verifyChain(java.security.cert.X509Certificate[] chain, iaik.security.ssl.SSLTransport transport)
          Here's the hack that OpenSSL does.
 
Methods inherited from class iaik.security.ssl.ChainVerifier
cacheCertificate, cacheCertificates, clearCachedCertificates, clearTrustedCertificates, getCheckServerName, getIssuerCertificate, getTrustedPrincipals, getTrustedPrincipalsArray, isCachedCertificate, isTrustedCertificate, removeTrustedCertificate, setCheckServerName, size, verifyCertificate, verifyClient, verifyServer
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

GlobusChainVerifier

public GlobusChainVerifier()
Method Detail

addTrustedCertificate

public void addTrustedCertificate(java.security.cert.X509Certificate cert)
Overrides:
addTrustedCertificate in class iaik.security.ssl.ChainVerifier

verifyChain

public boolean verifyChain(java.security.cert.X509Certificate[] chain,
                           iaik.security.ssl.SSLTransport transport)
Here's the hack that OpenSSL does. If the chain contains the CA certificate it is replaced with the local copy of the CA certificate. If the chain does not have the CA certificate, the chain is just passed to the parent chain verifier. The parent chain verifier will try to find the CA locally.

Overrides:
verifyChain in class iaik.security.ssl.ChainVerifier
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD