InlineX509DataProvider (Shibboleth Identity Provider 2.3.0 API)

java.lang.Object
- org.opensaml.xml.security.keyinfo.provider.AbstractKeyInfoProvider
- - org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider

すべての実装されたインタフェース:

KeyInfoProvider
```
public class InlineX509DataProvider
extends AbstractKeyInfoProvider
```
Implementation of KeyInfoProvider which provides basic support for extracting a X509Credential from an X509Data child of KeyInfo. This provider supports only inline X509Certificate's and X509CRL's. If only one certificate is present, it is assumed to be the end-entity certificate containing the public key represented by this KeyInfo. If multiple certificates are present, and any instances of X509SubjectName, X509IssuerSerial, or X509SKI are also present, they will be used to identify the end-entity certificate, in accordance with the XML Signature specification. If a public key from a previously resolved KeyValue is available in the resolution context, it will also be used to identify the end-entity certificate. If the end-entity certificate can not otherwise be identified, the cert contained in the first X509Certificate element will be treated as the end-entity certificate.

コンストラクタの概要

コンストラクタ
コンストラクタと説明

InlineX509DataProvider()
Constructor.

コンストラクタ
コンストラクタと説明
`InlineX509DataProvider()` Constructor.

メソッドの概要

メソッド
修飾子とタイプ	メソッドと説明
`protected X509Certificate`	`findCertFromIssuerSerials(List<X509Certificate> certs, List<X509IssuerSerial> serials)` Find the certificate from the chain identified by one of the specified issuer serials.
`protected X509Certificate`	`findCertFromKey(List<X509Certificate> certs, PublicKey key)` Find the certificate from the chain that contains the specified key.
`protected X509Certificate`	`findCertFromSubjectKeyIdentifier(List<X509Certificate> certs, List<X509SKI> skis)` Find the certificate from the chain that contains one of the specified subject key identifiers.
`protected X509Certificate`	`findCertFromSubjectNames(List<X509Certificate> certs, List<X509SubjectName> names)` Find the certificate from the chain that contains one of the specified subject names.
`protected X509Certificate`	`findEntityCert(List<X509Certificate> certs, X509Data x509Data, PublicKey resolvedKey)` Find the end-entity cert in the list of certs contained in the X509Data.
`X500DNHandler`	`getX500DNHandler()` Get the handler which process X.500 distinguished names.
`boolean`	`handles(XMLObject keyInfoChild)` Evaluate whether the given provider should attempt to handle resolving a credential from the specified KeyInfo child.
`Collection<Credential>`	`process(KeyInfoCredentialResolver resolver, XMLObject keyInfoChild, CriteriaSet criteriaSet, KeyInfoResolutionContext kiContext)` Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it.
`void`	`setX500DNHandler(X500DNHandler handler)` Set the handler which process X.500 distinguished names.

クラスから継承されたメソッド org.opensaml.xml.security.keyinfo.provider.AbstractKeyInfoProvider
buildCredentialContext, extractKeyValue

クラスから継承されたメソッド java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- コンストラクタの詳細
  - InlineX509DataProvider
```
public InlineX509DataProvider()
```
    Constructor.
- メソッドの詳細
  - getX500DNHandler
```
public X500DNHandler getX500DNHandler()
```
    Get the handler which process X.500 distinguished names.
    
    戻り値:
    returns the X500DNHandler instance
  - setX500DNHandler
```
public void setX500DNHandler(X500DNHandler handler)
```
    Set the handler which process X.500 distinguished names.
    
    パラメータ:
    handler - the new X500DNHandler instance
  - handles
```
public boolean handles(XMLObject keyInfoChild)
```
    Evaluate whether the given provider should attempt to handle resolving a credential from the specified KeyInfo child. An evaluation of true does not guarantee that a credential can or will be extracted form the particular KeyInfo child, only that processing should be attempted.
    
    パラメータ:
    keyInfoChild - the KeyInfo child object to consider
    
    戻り値:
    true if the provider should attempt to resolve credentials, false otherwise
  - process
```
public Collection<Credential> process(KeyInfoCredentialResolver resolver,
                             XMLObject keyInfoChild,
                             CriteriaSet criteriaSet,
                             KeyInfoResolutionContext kiContext)
                               throws SecurityException
```
    Process a specified KeyInfo child (XMLobject) and attempt to resolve a credential from it.
    
    パラメータ:
    resolver - reference to a resolver which is calling the provider
    keyInfoChild - the KeyInfo child being processed
    criteriaSet - the credential criteria the credential must satisfy
    kiContext - the resolution context, used for sharing state amongst resolvers and providers
    
    戻り値:
    a resolved Credential collection, or null
    
    例外:
    
    SecurityException - if there is an error during credential resolution. Note: failure to resolve a credential is not an error.
  - findEntityCert
```
protected X509Certificate findEntityCert(List<X509Certificate> certs,
                             X509Data x509Data,
                             PublicKey resolvedKey)
```
    Find the end-entity cert in the list of certs contained in the X509Data.
    
    パラメータ:
    certs - list of X509Certificate
    x509Data - X509Data element which might contain other info helping to finding the end-entity cert
    resolvedKey - a key which might have previously been resolved from a KeyValue
    
    戻り値:
    the end-entity certificate, if found
  - findCertFromKey
```
protected X509Certificate findCertFromKey(List<X509Certificate> certs,
                              PublicKey key)
```
    Find the certificate from the chain that contains the specified key.
    
    パラメータ:
    certs - list of certificates to evaluate
    key - key to use as search criteria
    
    戻り値:
    the matching certificate, or null
  - findCertFromSubjectNames
```
protected X509Certificate findCertFromSubjectNames(List<X509Certificate> certs,
                                       List<X509SubjectName> names)
```
    Find the certificate from the chain that contains one of the specified subject names.
    
    パラメータ:
    certs - list of certificates to evaluate
    names - X509 subject names to use as search criteria
    
    戻り値:
    the matching certificate, or null
  - findCertFromIssuerSerials
```
protected X509Certificate findCertFromIssuerSerials(List<X509Certificate> certs,
                                        List<X509IssuerSerial> serials)
```
    Find the certificate from the chain identified by one of the specified issuer serials.
    
    パラメータ:
    certs - list of certificates to evaluate
    serials - X509 issuer serials to use as search criteria
    
    戻り値:
    the matching certificate, or null
  - findCertFromSubjectKeyIdentifier
```
protected X509Certificate findCertFromSubjectKeyIdentifier(List<X509Certificate> certs,
                                               List<X509SKI> skis)
```
    Find the certificate from the chain that contains one of the specified subject key identifiers.
    
    パラメータ:
    certs - list of certificates to evaluate
    skis - X509 subject key identifiers to use as search criteria
    
    戻り値:
    the matching certificate, or null

クラス InlineX509DataProvider

コンストラクタの概要

メソッドの概要

クラスから継承されたメソッド org.opensaml.xml.security.keyinfo.provider.AbstractKeyInfoProvider

クラスから継承されたメソッド java.lang.Object

コンストラクタの詳細

InlineX509DataProvider

メソッドの詳細

getX500DNHandler

setX500DNHandler

handles

process

findEntityCert

findCertFromKey

findCertFromSubjectNames

findCertFromIssuerSerials

findCertFromSubjectKeyIdentifier