Package eu.europa.esig.dss.service.crl
Class OnlineCRLSource
java.lang.Object
eu.europa.esig.dss.service.crl.OnlineCRLSource
- All Implemented Interfaces:
CRLSource,RevocationSource<CRL>,RevocationSourceAlternateUrlsSupport<CRL>,Serializable
public class OnlineCRLSource
extends Object
implements CRLSource, RevocationSourceAlternateUrlsSupport<CRL>
Online CRL repository. This CRL repository implementation will download the
CRLs from the given CRL URIs. Note that for the HTTP kind of URLs you can
provide dedicated data loader. If the data loader is not provided the
standard load from URI is provided. For FTP the standard load from URI is
provided. For LDAP kind of URLs an internal implementation using
apache-ldap-api is provided.
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionThe default constructor.OnlineCRLSource(DataLoader dataLoader) This constructor allows to set a specificDataLoader. -
Method Summary
Modifier and TypeMethodDescriptionprotected CRLBinaryexecuteCRLRequest(String crlUrl) Download a CRL from given locationgetCRLAccessURLs(CertificateToken certificateToken, List<String> alternativeUrls) Extracts a list of CRL distribution point URLs to be used in the provided order to retrieve a CRLgetRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) This method retrieves aRevocationTokenfor the certificateTokengetRevocationToken(CertificateToken certificateToken, CertificateToken issuerToken, List<String> alternativeUrls) Gets anRevocationTokenfor the given certificate / issuer's certificate couple.voidsetDataLoader(DataLoader dataLoader) Set the DataLoader to use for querying a revocation server.voidsetPreferredProtocol(Protocol preferredProtocol) This method allows to set the preferred protocol.
-
Constructor Details
-
OnlineCRLSource
public OnlineCRLSource()The default constructor. ACommonsDataLoader is created. -
OnlineCRLSource
This constructor allows to set a specificDataLoader.- Parameters:
dataLoader- the component that allows to retrieve the data using any protocol: HTTP, HTTPS, FTP, LDAP.
-
-
Method Details
-
setPreferredProtocol
This method allows to set the preferred protocol. This parameter is used when retrieving the CRL to choose the canal.
Possible values are: http, ldap, ftp- Parameters:
preferredProtocol-Protocolthat is used first to retrieve the revocation data
-
setDataLoader
Set the DataLoader to use for querying a revocation server.- Parameters:
dataLoader- the component that allows to retrieve a CRL response using HTTP.
-
getRevocationToken
public CRLToken getRevocationToken(CertificateToken certificateToken, CertificateToken issuerCertificateToken) Description copied from interface:RevocationSourceThis method retrieves aRevocationTokenfor the certificateToken- Specified by:
getRevocationTokenin interfaceCRLSource- Specified by:
getRevocationTokenin interfaceRevocationSource<CRL>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerCertificateToken- TheCertificateTokenwhich is the issuer of the certificateToken- Returns:
- an instance of
RevocationToken
-
getRevocationToken
public CRLToken getRevocationToken(CertificateToken certificateToken, CertificateToken issuerToken, List<String> alternativeUrls) Description copied from interface:RevocationSourceAlternateUrlsSupportGets anRevocationTokenfor the given certificate / issuer's certificate couple. The coherence between the response and the request is checked.- Specified by:
getRevocationTokenin interfaceRevocationSourceAlternateUrlsSupport<CRL>- Parameters:
certificateToken- TheCertificateTokenfor which the request is madeissuerToken- TheCertificateTokenwhich is the issuer of the certificateTokenalternativeUrls- The list of alternative urls to call- Returns:
RevocationTokencontaining information about the validity of the cert
-
getCRLAccessURLs
protected List<String> getCRLAccessURLs(CertificateToken certificateToken, List<String> alternativeUrls) Extracts a list of CRL distribution point URLs to be used in the provided order to retrieve a CRL- Parameters:
certificateToken-CertificateTokento retrieve CRL foralternativeUrls- a list ofStringrepresenting alternative URL sources- Returns:
- a list of
Stringurls
-
executeCRLRequest
-