...
The main trust engine interface method is validate(TokenType token, CriteriaSet trustBasisCriteria). A given trust engine implementation will be parameterized with the type of token it processes, such as a Credential or Signature.
The org.opensaml.xml.security.CriteriaSet parameter specifies the criteria for trust validating the token and establishing trust. This will typically be criteria that will be passed to an underlying resolver of trusted information. This criteria set will contain one or more instances of org.opensaml.xml.security.Criteria. The mandatory and optional types of criteria which can be supplied in the set are specific to a particular trust engine implementation. In turn, these are therefore often typically directly related to (and often in fact wholly defined by) the requirements of an underlying trusted information resolver, such as org.opensaml.xml.security.credential.CredentialResolver and org.opensaml.xml.security.x509.PKIXValidationInformationResolver.
Typical examples of Criteria include:
...