Skip navigation links

oracle.security.crypto.ldap
Class LDAPCertificateValidator

java.lang.Object
oracle.security.crypto.ldap.LDAPCertificateValidator

All Implemented Interfaces:

java.io.Serializable, oracle.security.crypto.cert.CertificateValidator

public class LDAPCertificateValidator

extends java.lang.Object

implements oracle.security.crypto.cert.CertificateValidator

Validates a certificate by checking whether it is present in it's subject's LDAP directory entry.

See Also:

Serialized Form

Field Summary

protected javax.naming.directory.DirContext

ctx

Constructor Summary

LDAPCertificateValidator()

LDAPCertificateValidator(javax.naming.directory.DirContext ctx)

Method Summary

javax.naming.directory.DirContext	getDirContext()
void	setDirContext(javax.naming.directory.DirContext ctx)
oracle.security.crypto.cert.CertificateStatus	validateCert(javax.security.auth.x500.X500Principal subject, java.security.cert.X509Certificate c) Same as validateCert(X509), except allows the subject DN for directory access to be different from the name in the certificate.
oracle.security.crypto.cert.CertificateStatus	validateCert(oracle.security.crypto.cert.X509 cert) Returns the validity/revocation status of the given certificate.
oracle.security.crypto.cert.CertificateStatus	validateCert(java.security.cert.X509Certificate c) Validate a certificate using LDAP.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ctx

protected transient javax.naming.directory.DirContext ctx

Constructor Detail

LDAPCertificateValidator

public LDAPCertificateValidator()

LDAPCertificateValidator

public LDAPCertificateValidator(javax.naming.directory.DirContext ctx)

Method Detail

getDirContext

public javax.naming.directory.DirContext getDirContext()

setDirContext

public void setDirContext(javax.naming.directory.DirContext ctx)

validateCert

public oracle.security.crypto.cert.CertificateStatus validateCert(oracle.security.crypto.cert.X509 cert)
                                                           throws oracle.security.crypto.cert.ValidationException

Description copied from interface: oracle.security.crypto.cert.CertificateValidator

Returns the validity/revocation status of the given certificate.

Specified by:

validateCert in interface oracle.security.crypto.cert.CertificateValidator

Throws:

oracle.security.crypto.cert.ValidationException

validateCert

public oracle.security.crypto.cert.CertificateStatus validateCert(java.security.cert.X509Certificate c)
                                                           throws oracle.security.crypto.cert.ValidationException

Validate a certificate using LDAP. The subject's directory entry is checked for presence of user or CA certificates. If a copy of the given certificate is found, the status is returned as VALID. If some certificates were found, but none matched the given one, the status is returned as INVALID. If no certificates were found, or the subject's directory entry was not present, the status is returned as UNKNOWN.

Note the change in the method signature

Previouslypublic CertificateStatus validateCert (X509)

Now public CertificateStatus validateCert (X509Certificate )

Throws:

oracle.security.crypto.cert.ValidationException

validateCert

public oracle.security.crypto.cert.CertificateStatus validateCert(javax.security.auth.x500.X500Principal subject,
                                                                  java.security.cert.X509Certificate c)
                                                           throws oracle.security.crypto.cert.ValidationException

Same as validateCert(X509), except allows the subject DN for directory access to be different from the name in the certificate.

Note the change in the method signature

Previouslypublic CertificateStatus validateCert (X500Name , X509)

Now public CertificateStatus validateCert (X500Principal, X509Certificate )

Throws:

oracle.security.crypto.cert.ValidationException

Skip navigation links