/** * Retrieves validation information from the provided role descriptor. * * @param roleDescriptor the role descriptor from which to resolve information. * @return collection of resolved validation information, possibly empty * @throws SecurityException thrown if the key, certificate, or CRL information is represented in an unsupported * format * */ protected List<PKIXValidationInformation> resolvePKIXInfo(RoleDescriptor roleDescriptor) throws SecurityException { List<PKIXValidationInformation> pkixInfoSet = new ArrayList<PKIXValidationInformation>(); XMLObject current = roleDescriptor.getParent(); while (current != null) { if (current instanceof EntityDescriptor) { pkixInfoSet.addAll(resolvePKIXInfo(((EntityDescriptor) current).getExtensions())); } else if (current instanceof EntitiesDescriptor) { pkixInfoSet.addAll(resolvePKIXInfo(((EntitiesDescriptor) current).getExtensions())); } current = current.getParent(); } return pkixInfoSet; }