All Packages  Class Hierarchy  This Package  Previous  Next  Index

Interface sun.security.TrustDecider

public interface TrustDecider

This interface is supported by "callback" objects used when making trust decisions. All such decisions are for specific purposes, named by strings which for now include:

"channel" ... indicating the purpose is to authenticate a peer through a secured channel, such as one using SSLv3 or SKIP.
"codesigning" ... indicating the purpose is to authenticate a specific code signer.

Subsystems which accept entities that are authenticated by X.509 certificate chains should defer policy decisions to components which are contacted by using this callback interface. Those components will be initialized with knowledge of trusted public keys and their X.500 distinguished names.

Implementations of this interface encapsulate the authentication policies used by an application. So for example some policies might require checking of Certificate Revocation Lists (CRLs), or rejecting certificate chains based on what Certificate Authorities (CAs) are used within the certificate chain. Directory services (such as LDAP) might be used to facilitate centralized policy administration. In some cases, expired certificates might need to be accepted.

Initializing an authentication context usually involves providing it with an object which implements this interface. When no such object is provided, the default decision is to extend trust.

See Also:: AuthContext, SimpleTrustDecider

getAcceptedCAs(String): Returns a list of CAs accepted to authenticate entities for the specified purpose.
isTrustedFor(X509Cert[], String, Date): Returns true iff the entity named by the certificate chain is trusted for the specified purpose.

isTrustedFor

 public abstract boolean isTrustedFor(X509Cert entity[],
                                      String purpose,
                                      Date when)

Returns true iff the entity named by the certificate chain is trusted for the specified purpose. That chain will often be a complete certificate chain: an entity's certificate first, then the certificate for that entity's CA, and so on up to a "root" CA's self-signed certificate. However, it may also be a partial certificate chain; for example, a CA certificate might be assumed to have been securely distributed, and so it wouldn't need to be redistributed.

Signature and validity period checks must be performed by this method, since they will not always have been made by the code which calls it.

Logic of the code implementing this test will normally follow some standard for certificate path validation, such as those that the IETF's PKIX working group has specified (and which relies on X.509v3 support).

Parameters:: chain - certificates which establish an identity.; purpose - activity for which trust is being checked.; date - when the certificate chain must be valid; if null, the current date is assumed
Returns:: true iff the entity is trusted for that purpose.

getAcceptedCAs

 public abstract X509Cert[] getAcceptedCAs(String purpose)

Returns a list of CAs accepted to authenticate entities for the specified purpose. This list is used to help narrow the set of certificates that a peer will use to authenticate itself. The isTrustedFor method is still used to determine whether a given peer identity will be accepted.

Parameters:: purpose - activity for which CAs should be trusted
Returns:: list of CAs accepted for authenticating such tasks

All Packages  Class Hierarchy  This Package  Previous  Next  Index