All Known Implementing Classes:: DefaultValidationFailedHandler

public interface ValidationFailedHandler

Handler for handling the case when the core signature validation fails or a XMLSignatureException occurs during calling XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext). This handler can be used to react in a specific way on validation failures. For example, the handler could write logs or may even ignore certain validation failures.

Typically the handler throws an exception when a validation failure occurs. There is a certain order how the methods are called.

First, the method start() is called when a core validation fails.
Then signatureValueValidationFailed(SignatureValue) is called if the signature validation fails.
Then, for each reference in the signed info whose validation fails referenceValidationFailed(Reference) is called.
Then, for each reference in the manifests whose validation fails, the method manifestReferenceValidationFailed(Reference) is called.
Then, the method ignoreCoreValidationFailure() is called where you can finally decide whether the processing should go on or be interrupted.
It is ensured that the method end() is called at the end of the validation, even if the methods called before have thrown an exception. This allows you to hold state between the start and end of the validation handling process.

If you throw an exception then the validation checking is interrupted and after that only the end() method is called in a finally block. Best practice is to interrupt the validation at the first occurrence of a validation error.

Method Summary

Modifier and Type

Method

Description

void

end()

boolean

ignoreCoreValidationFailure()

If true is returned then the verifier will go-on as if there was no validation failure.

void

manifestReferenceValidationFailed(Reference ref)

Exception

onXMLSignatureException(XMLSignatureException e)

Method called when an XMLSignatureException is thrown by the method XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext).

void

referenceValidationFailed(Reference ref)

void

signatureValueValidationFailed(XMLSignature.SignatureValue value)

void

start()

Method Details
- onXMLSignatureException
  
  Exception onXMLSignatureException(XMLSignatureException e)
  
  Method called when an XMLSignatureException is thrown by the method XMLSignature.validate(javax.xml.crypto.dsig.XMLValidateContext).
  You can return more specific exceptions which are useful for your use-case.
  
  Parameters:
  
  e - exception
  
  Returns:
  
  exception exception which is then thrown by XmlSignerProcessor.
- start
  
  void start()
- signatureValueValidationFailed
  
  void signatureValueValidationFailed(XMLSignature.SignatureValue value) throws Exception
  
  Throws:
  
  Exception
- referenceValidationFailed
  
  void referenceValidationFailed(Reference ref) throws Exception
  
  Throws:
  
  Exception
- manifestReferenceValidationFailed
  
  void manifestReferenceValidationFailed(Reference ref) throws Exception
  
  Throws:
  
  Exception
- ignoreCoreValidationFailure
  
  boolean ignoreCoreValidationFailure() throws Exception
  
  If true is returned then the verifier will go-on as if there was no validation failure. If false is returned than the verifier will throw an XmlSignatureInvalidException.
  Best practice is to return false to ensure that after a core validation failure, the verification fails.
  
  Returns:
  
  true or false
  
  Throws:
  
  Exception
- end
  
  void end() throws Exception
  
  Throws:
  
  Exception

Interface ValidationFailedHandler

Method Summary

Method Details

onXMLSignatureException

start

signatureValueValidationFailed

referenceValidationFailed

manifestReferenceValidationFailed

ignoreCoreValidationFailure

end