merging with geni-api branch

[sfa.git] / sfa / server / modpythonapi / AuthenticatedApi.py

diff --git a/sfa/server/modpythonapi/AuthenticatedApi.py b/sfa/server/modpythonapi/AuthenticatedApi.py
index c909346..e86781f 100755 (executable)
--- a/sfa/server/modpythonapi/AuthenticatedApi.py
+++ b/sfa/server/modpythonapi/AuthenticatedApi.py
@@ -18,6 +18,7 @@ class AuthenticatedApi(BaseApi):
         BaseApi.__init__(self, encoding)
         if trustedRootsDir:
             self.trusted_cert_list = TrustedRootList(trustedRootsDir).get_list()
+            self.trusted_cert_file_list = TrustedRootList(trustedRootsDir).get_file_list()
         else:
             self.trusted_cert_list = None
 
@@ -40,13 +41,7 @@ class AuthenticatedApi(BaseApi):
 
     def validateCred(self, cred):
         if self.trusted_cert_list:
-            cred.verify_chain(self.trusted_cert_list)
-            caller_gid = cred.get_gid_caller()
-            object_gid = cred.get_gid_object()
-            if caller_gid:
-                caller_gid.verify_chain(self.trusted_cert_list)
-            if object_gid:
-                object_gid.verify_chain(self.trusted_cert_list)
+            cred.verify(self.trusted_cert_file_list)
 
     def authenticateGid(self, gidStr, argList, requestHash):
         gid = GID(string = gidStr)