@Override protected void initializeProviderFilters(ExtendedMetadataDelegate provider) throws MetadataProviderException { boolean requireSignature = provider.isMetadataRequireSignature(); SignatureTrustEngine trustEngine = getTrustEngine(provider); SignatureValidationFilter filter = new SignatureValidationFilter(trustEngine); filter.setRequireSignature(requireSignature); log.debug("Created new trust manager for metadata provider {}", provider); // Combine any existing filters with the signature verification MetadataFilter currentFilter = provider.getMetadataFilter(); if (currentFilter != null) { if (currentFilter instanceof MetadataFilterChain) { log.debug("Adding signature filter into existing chain"); MetadataFilterChain chain = (MetadataFilterChain) currentFilter; chain.getFilters().add(filter); } else { log.debug("Combining signature filter with the existing in a new chain"); MetadataFilterChain chain = new MetadataFilterChain(); chain.getFilters().add(currentFilter); chain.getFilters().add(filter); } } else { log.debug("Adding signature filter"); provider.setMetadataFilter(filter); } }
SignatureTrustEngine trustEngine = getTrustEngine(provider); SignatureValidationFilter filter = new SignatureValidationFilter(trustEngine); filter.setRequireSignature(requireSignature);