Validate a certification path

Question

I implement a SAML SP in Java.
In order to to validate the certificate of the SAML response,
I extract the X509Certificate element from the SAML response and validate it against a Java keystore file which I uploaded the IDP certificate to in advance.
I use the following code to validate the certificate:

 X509Certificate certFromResponse = //extract from SAML response 
 KeyStore keyStore = getKS();
 PKIXParameters params = new PKIXParameters(keyStore);
 params.setRevocationEnabled(false);
 CertPath certPath = 
 certificateFactory.generateCertPath(Arrays.asList(certFromResponse));
 CertPathValidator certPathValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType());
 CertPathValidatorResult result = certPathValidator.validate(certPath, params);

This works fine for certificates which are root CA.
When the certificate has a certification path, the validation fails.
A possible way to handle it is to manually upload all the certificates from the path into the JKS file
with different aliases, and then extract them into a list like this:

List<Certificate> certs = new ArrayList<Certificate>();
certs.add(certFromResponse);
if (keyStore.getCertificate("ALIAS_CA_1") != null) {
    certs.add(keyStore.getCertificate("ALIAS_CA_1"));
}
if (keyStore.getCertificate("ALIAS_CA_2") != null) {
    certs.add(keyStore.getCertificate("ALIAS_CA_2");
}
...
CertPath certPath = certificateFactory.generateCertPath(certs);

Is there a more straightforward way to do it?
Is it possible to extract the certification path from the certificate Itself?

Thanks!

Answer 1

It seems that the PKIXParameters extracts the certification path automatically, so no need to do it manually.
All we have to do is uploading all certificates to the keystore.