public class CollectionKeyInfoCredentialResolver extends CollectionCredentialResolver implements KeyInfoCredentialResolver
KeyInfoCredentialResolver which uses a Collection as the
underlying credential source.
Like the
CollectionCredentialResolver, credentials returned are filtered based on any
EvaluableCredentialCriterion
which may have been present in the specified criteria set, or which are resolved by lookup in the
EvaluableCredentialCriteriaRegistry.
This implementation may be used to address use cases where use of a
KeyInfoCredentialResolver is required, but a KeyInfo element containing keys or other keying
material is not necessarily supplied or expected in an instance document and keys/credentials
are known in advance (e.g. validation keys belonging to a peer, decryption keys belonging to the caller).
In this use case, credentials are expected to be resolved from other contextual information,
including information possibly supplied as criteria to the resolver. Such credentials would be stored
in and returned from the Collection managed by this resolver.
Note that a KeyInfo element
passed in a KeyInfoCriterion in the criteria set is NOT
directly processed by this implementation in any way as a source for extracting keys or other key-related material.
However, if the evaluable credential criteria registry described above were
for example to contain a mapping from KeyInfoCriterion to some type of EvaluableCredentialCriterion,
where the latter used KeyInfo-derived information as its basis for evaluation of a credential (e.g. based on
contents of a KeyName or
X509SubjectName), then such KeyInfo-derived
evaluable criteria would be used to filter or select the specific credentials that would be returned
from the underlying credential collection of this resolver. Such KeyInfo-derived evaluable criteria
may also be specified directly in the criteria set, per the above.
This implementation might also be used at the end of a chain of KeyInfoCredentialResolvers in order to supply a default, fallback set of credentials, if none could otherwise be resolved.
| Constructor and Description |
|---|
CollectionKeyInfoCredentialResolver()
Constructor.
|
CollectionKeyInfoCredentialResolver(Collection<Credential> credentials)
Constructor.
|
getCollection, resolveFromSourceisSatisfyAllPredicates, resolve, setSatisfyAllPredicatesresolveSingleclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitresolve, resolveSinglepublic CollectionKeyInfoCredentialResolver()
ArrayList is used as the underlying collection implementation.public CollectionKeyInfoCredentialResolver(@Nonnull Collection<Credential> credentials)
credentials - the credential collection which is the backing store for the resolverCopyright © 2016 JBoss by Red Hat. All rights reserved.