public class HttpClientSecurityParameters extends Object
Modifier and Type | Field and Description |
---|---|
private X509Credential |
clientTLSCredential
The X509 credential used for client TLS.
|
private org.apache.http.client.CredentialsProvider |
credentialsProvider
HttpClient credentials provider.
|
private org.apache.http.conn.ssl.X509HostnameVerifier |
hostnameVerifier
The hostname verifier.
|
private List<String> |
tlsCipherSuites
TLS cipher suites.
|
private net.shibboleth.utilities.java.support.resolver.CriteriaSet |
tlsCriteriaSet
Optional criteria set used in evaluating server TLS credentials.
|
private List<String> |
tlsProtocols
TLS Protocols.
|
private TrustEngine<? super X509Credential> |
tlsTrustEngine
Optional trust engine used in evaluating server TLS credentials.
|
Constructor and Description |
---|
HttpClientSecurityParameters() |
Modifier and Type | Method and Description |
---|---|
X509Credential |
getClientTLSCredential()
Get the optional client TLS credential.
|
org.apache.http.client.CredentialsProvider |
getCredentialsProvider()
Get an instance of
CredentialsProvider used for authentication by the HttpClient instance. |
org.apache.http.conn.ssl.X509HostnameVerifier |
getHostnameVerifier()
Get the optional hostname verifier.
|
List<String> |
getTLSCipherSuites()
Get the optional list of TLS cipher suites.
|
net.shibboleth.utilities.java.support.resolver.CriteriaSet |
getTLSCriteriaSet()
Get the optional criteria set used in evaluating server TLS credentials.
|
List<String> |
getTLSProtocols()
Get the optional list of TLS protocols.
|
TrustEngine<? super X509Credential> |
getTLSTrustEngine()
Sets the optional trust engine used in evaluating server TLS credentials.
|
void |
setBasicCredentials(org.apache.http.auth.UsernamePasswordCredentials credentials)
A convenience method to set a (single) username and password used for BASIC authentication.
|
void |
setBasicCredentialsWithScope(org.apache.http.auth.UsernamePasswordCredentials credentials,
org.apache.http.auth.AuthScope scope)
A convenience method to set a (single) username and password used for BASIC authentication.
|
void |
setClientTLSCredential(X509Credential credential)
Set the optional client TLS credential.
|
void |
setCredentialsProvider(org.apache.http.client.CredentialsProvider provider)
Set an instance of
CredentialsProvider used for authentication by the HttpClient instance. |
void |
setHostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier verifier)
Set the optional hostname verifier.
|
void |
setTLSCipherSuites(List<String> cipherSuites)
Set the optional list of TLS cipher suites.
|
void |
setTLSCriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)
Set the optional criteria set used in evaluating server TLS credentials.
|
void |
setTLSProtocols(List<String> protocols)
Set the optional list of TLS protocols.
|
void |
setTLSTrustEngine(TrustEngine<? super X509Credential> engine)
Sets the optional trust engine used in evaluating server TLS credentials.
|
private org.apache.http.client.CredentialsProvider credentialsProvider
private TrustEngine<? super X509Credential> tlsTrustEngine
private net.shibboleth.utilities.java.support.resolver.CriteriaSet tlsCriteriaSet
private org.apache.http.conn.ssl.X509HostnameVerifier hostnameVerifier
private X509Credential clientTLSCredential
@Nullable public org.apache.http.client.CredentialsProvider getCredentialsProvider()
CredentialsProvider
used for authentication by the HttpClient instance.public void setCredentialsProvider(@Nullable org.apache.http.client.CredentialsProvider provider)
CredentialsProvider
used for authentication by the HttpClient instance.provider
- the credentials providerpublic void setBasicCredentials(@Nullable org.apache.http.auth.UsernamePasswordCredentials credentials)
An AuthScope
will be generated which specifies any host, port, scheme and realm.
To specify multiple usernames and passwords for multiple host, port, scheme, and realm combinations, instead
provide an instance of CredentialsProvider
via setCredentialsProvider(CredentialsProvider)
.
credentials
- the username and password credentialspublic void setBasicCredentialsWithScope(@Nullable org.apache.http.auth.UsernamePasswordCredentials credentials, @Nullable org.apache.http.auth.AuthScope scope)
If the authScope
is null, an AuthScope
will be generated which specifies
any host, port, scheme and realm.
To specify multiple usernames and passwords for multiple host, port, scheme, and realm combinations, instead
provide an instance of CredentialsProvider
via setCredentialsProvider(CredentialsProvider)
.
credentials
- the username and password credentialsscope
- the HTTP client auth scope with which to scope the credentials, may be null@Nullable public TrustEngine<? super X509Credential> getTLSTrustEngine()
public void setTLSTrustEngine(@Nullable TrustEngine<? super X509Credential> engine)
engine
- the trust engine instance to use@Nullable public net.shibboleth.utilities.java.support.resolver.CriteriaSet getTLSCriteriaSet()
public void setTLSCriteriaSet(@Nullable net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)
criteriaSet
- the new criteria set instance to use@Nullable public List<String> getTLSProtocols()
public void setTLSProtocols(@Nullable List<String> protocols)
protocols
- the TLS protocols or null@Nullable public List<String> getTLSCipherSuites()
public void setTLSCipherSuites(@Nullable List<String> cipherSuites)
cipherSuites
- the TLS cipher suites, or null@Nullable public org.apache.http.conn.ssl.X509HostnameVerifier getHostnameVerifier()
public void setHostnameVerifier(@Nullable org.apache.http.conn.ssl.X509HostnameVerifier verifier)
verifier
- the hostname verifier, or null@Nullable public X509Credential getClientTLSCredential()
public void setClientTLSCredential(@Nullable X509Credential credential)
credential
- the client TLS credential, or nullCopyright © 1999–2020 Shibboleth Consortium. All rights reserved.