Skip navigation links
OpenSAML :: Security Implementation 3.3.0.redhat-1
A B C D E F G H I K L M N O P R S T U V W X 

A

AbstractChainingCredentialResolver<ResolverType extends CredentialResolver> - Class in org.opensaml.security.credential.impl
An abstract implementation of CredentialResolver which chains together one or more underlying credential resolver implementations.
AbstractChainingCredentialResolver(List<ResolverType>) - Constructor for class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver
Constructor.
AbstractChainingCredentialResolver.CredentialIterable - Class in org.opensaml.security.credential.impl
Implementation of Iterable to be returned by ChainingCredentialResolver.
AbstractChainingCredentialResolver.CredentialIterator - Class in org.opensaml.security.credential.impl
Implementation of Iterator to be returned (indirectly) by ChainingCredentialResolver.
AbstractCredentialResolver - Class in org.opensaml.security.credential.impl
Abstract base class for CredentialResolver implementations.
AbstractCredentialResolver() - Constructor for class org.opensaml.security.credential.impl.AbstractCredentialResolver
 
AbstractCriteriaFilteringCredentialResolver - Class in org.opensaml.security.credential.impl
An abstract implementation of CredentialResolver that filters the returned Credentials based on the instances of Predicate which are present in the set of criteria as instances of EvaluableCredentialCriterion, or which are obtained via lookup in the EvaluableCredentialCriteriaRegistry.
AbstractCriteriaFilteringCredentialResolver() - Constructor for class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
Constructor.
addCRLsToStoreMaterial(List<Object>, Collection<X509CRL>, Date) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Add CRLs from the specified collection to the list of certs and CRLs being collected for the CertStore.
algorithm - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
Digest algorithm.
anyPolicyInhibit - Variable in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Flag for disallowing the "any" policy OID.
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
apply(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion

B

BaseClientCertAuthSecurityHandler - Class in org.opensaml.security.messaging.impl
Policy rule that checks if the client cert used to authenticate the request is valid and trusted.
BaseClientCertAuthSecurityHandler() - Constructor for class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
 
BaseTrustEngineSecurityHandler<TokenType> - Class in org.opensaml.security.messaging.impl
Base rule which uses a trust engine to evaluate a token extracted from the request or message.
BaseTrustEngineSecurityHandler() - Constructor for class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
 
BasicClientTLSValidationConfiguration - Class in org.opensaml.security.x509.tls.impl
Basic implementation of ClientTLSValidationConfiguration.
BasicClientTLSValidationConfiguration() - Constructor for class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
 
BasicClientTLSValidationParametersResolver - Class in org.opensaml.security.x509.tls.impl
Basic implementation of ClientTLSValidationParametersResolver.
BasicClientTLSValidationParametersResolver() - Constructor for class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationParametersResolver
 
BasicPKIXValidationInformation - Class in org.opensaml.security.x509.impl
Basic implementation of PKIXValidationInformation.
BasicPKIXValidationInformation(Collection<X509Certificate>, Collection<X509CRL>, Integer) - Constructor for class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
Constructor.
BasicX509CredentialNameEvaluator - Class in org.opensaml.security.x509.impl
A basic implementaion of X509CredentialNameEvaluator which evaluates various identifiers extracted from an X509Credential's entity certificate against a set of trusted names.
BasicX509CredentialNameEvaluator() - Constructor for class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Constructor.
buildCertStore(PKIXValidationInformation, X509Credential) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Creates the certificate store that will be used during validation.
buildCredential(KeyStore.Entry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Build a credential instance from the key store entry.
buildCriteriaSet(String, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.
buildCriteriaSet(String, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.
buildTLSSocketFactory() - Static method in class org.opensaml.security.httpclient.impl.SecurityEnhancedHttpClientSupport
Build an instance of TLS-capable LayeredConnectionSocketFactory wrapped by SecurityEnhancedTLSSocketFactory, configured for server TLS based on a TrustEngine.
buildTLSSocketFactory(boolean, boolean) - Static method in class org.opensaml.security.httpclient.impl.SecurityEnhancedHttpClientSupport
Build an instance of TLS-capable LayeredConnectionSocketFactory.
buildTLSSocketFactoryWithClientTLS() - Static method in class org.opensaml.security.httpclient.impl.SecurityEnhancedHttpClientSupport
Build an instance of TLS-capable LayeredConnectionSocketFactory wrapped by SecurityEnhancedTLSSocketFactory, configured for server TLS based on a TrustEngine and additionally configured for client TLS support via context client TLS credential.
buildTrustAnchor(X509Certificate) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Build a trust anchor from the given X509 certificate.

C

certificateChain - Variable in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
The certificate chain instance.
certificateNameOptions - Variable in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
A CertificateNameOptions instance used to validate a client TLS X509Credential.
certNameOptions - Variable in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Options for deriving client cert presenter entity ID's from an X.509 certificate.
CertPathPKIXTrustEvaluator - Class in org.opensaml.security.x509.impl
An implementation of PKIXTrustEvaluator that is based on the Java CertPath API.
CertPathPKIXTrustEvaluator() - Constructor for class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Constructor.
CertPathPKIXTrustEvaluator(PKIXValidationOptions) - Constructor for class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Constructor.
CertPathPKIXValidationOptions - Class in org.opensaml.security.x509.impl
Specialization of PKIXValidationOptions which specifies options specific to a PKIXTrustEvaluator based on the Java CertPath API.
CertPathPKIXValidationOptions() - Constructor for class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Constructor.
certSelector - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
Base criteria.
ChainingCredentialResolver - Class in org.opensaml.security.credential.impl
A concrete implementation of AbstractChainingCredentialResolver which is scoped to the simple CredentialResolver type.
ChainingCredentialResolver(List<CredentialResolver>) - Constructor for class org.opensaml.security.credential.impl.ChainingCredentialResolver
Constructor.
ChainingTrustEngine<TokenType> - Class in org.opensaml.security.trust.impl
Evaluate a token in sequence using a chain of subordinate trust engines.
ChainingTrustEngine(List<TrustEngine<? super TokenType>>) - Constructor for class org.opensaml.security.trust.impl.ChainingTrustEngine
Constructor.
checkCriteriaRequirements(CriteriaSet) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Check that required credential criteria are available.
checkNames(Set<String>, X509Credential) - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Evaluate the credential against the set of trusted names.
checkSubjectAltNames - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Flag as to whether to perform name checking using credential's subject alt names.
checkSubjectAltNames() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Gets whether to check the credential's entity certificate subject alt names against the trusted key name values.
checkSubjectDN - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Flag as to whether to perform name checking using credential's subject DN.
checkSubjectDN() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Gets whether to check the credential's entity certificate subject DN against the trusted key name values.
checkSubjectDNCommonName - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Flag as to whether to perform name checking using credential's subject DN's common name (CN).
checkSubjectDNCommonName() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Gets whether to check the credential's entity certificate subject DN's common name (CN) against the trusted key name values.
chooseClientAlias(String[], Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
chooseClientAlias(String[], Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
chooseServerAlias(String, Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
chooseServerAlias(String, Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
clearCurrent() - Static method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
Clear the current thread-local credential.
clearRegistry() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Clear all mappings from the registry.
ClientTLSValidationConfiguratonInitializer - Class in org.opensaml.security.config
An initializer which initializes the global configuration instance of ClientTLSValidationConfiguration.
ClientTLSValidationConfiguratonInitializer() - Constructor for class org.opensaml.security.config.ClientTLSValidationConfiguratonInitializer
 
collection - Variable in class org.opensaml.security.credential.impl.CollectionCredentialResolver
The collection of credentials which is the underlying store for the resolver.
CollectionCredentialResolver - Class in org.opensaml.security.credential.impl
An implementation of CredentialResolver that uses a Collection as the underlying credential source.
CollectionCredentialResolver() - Constructor for class org.opensaml.security.credential.impl.CollectionCredentialResolver
Constructor.
CollectionCredentialResolver(Collection<Credential>) - Constructor for class org.opensaml.security.credential.impl.CollectionCredentialResolver
Constructor.
connectSocket(int, Socket, HttpHost, InetSocketAddress, InetSocketAddress, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
connectSocket(int, Socket, HttpHost, InetSocketAddress, InetSocketAddress, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
createLayeredSocket(Socket, String, int, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
createLayeredSocket(Socket, String, int, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
createSocket(HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
createSocket(HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
credentialAlias - Variable in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
Alias to the credential to be exposed.
credentialAlias - Variable in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
Alias used to reference the credential in the key manager.
CredentialIterable(AbstractChainingCredentialResolver<ResolverType>, CriteriaSet) - Constructor for class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable
Constructor.
CredentialIterator(AbstractChainingCredentialResolver<ResolverType>, CriteriaSet) - Constructor for class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
Constructor.
credentialIterator - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
The iterator over Credential instances from the current resolver.
credentialResolver - Variable in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
Resolver used for resolving trusted credentials.
credentialResolver - Variable in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
Resolver used for resolving trusted credentials.
credNameEvaluator - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
The external credential name evaluator used to establish trusted name compliance.
creds - Variable in class org.opensaml.security.credential.impl.StaticCredentialResolver
List of credentials held by this resolver.
critSet - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable
The criteria set on which to base resolution.
critSet - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
The criteria set on which to base resolution.
currentCredential - Static variable in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
ThreadLocal storage for credential.
currentResolver - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
The current resolver which is returning credentials.

D

DEFAULT_MAPPINGS_FILE - Static variable in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Properties file storing default mappings from criteria to evaluable credential criteria.
deregister(Class<? extends Criterion>) - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Deregister a criteria-evaluator mapping.
doEvaluate(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Evaluate the request credential.
doInitialize() - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
doInvoke(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
doPreInvoke(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
doPreInvoke(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler

E

engines - Variable in class org.opensaml.security.trust.impl.ChainingTrustEngine
The chain of subordinate trust engines.
entityID - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
Base criteria.
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
EvaluableCredentialCriteriaRegistry - Class in org.opensaml.security.credential.criteria.impl
A registry which manages mappings from types of Criterion to the class type which can evaluate that criteria's data against a Credential target.
EvaluableCredentialCriteriaRegistry() - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Constructor.
EvaluableCredentialCriterion - Interface in org.opensaml.security.credential.criteria.impl
Marker interface for evaluable credential resolver criteria.
EvaluableEntityIDCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating a credential's entityID.
EvaluableEntityIDCredentialCriterion(EntityIdCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
Constructor.
EvaluableEntityIDCredentialCriterion(String) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
Constructor.
EvaluableKeyAlgorithmCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating the credential key algorithm.
EvaluableKeyAlgorithmCredentialCriterion(KeyAlgorithmCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
Constructor.
EvaluableKeyAlgorithmCredentialCriterion(String) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
Constructor.
EvaluableKeyLengthCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating the credential key length.
EvaluableKeyLengthCredentialCriterion(KeyLengthCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
Constructor.
EvaluableKeyLengthCredentialCriterion(Integer) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
Constructor.
EvaluableKeyNameCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating credential key names.
EvaluableKeyNameCredentialCriterion(KeyNameCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
Constructor.
EvaluableKeyNameCredentialCriterion(String) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
Constructor.
EvaluablePublicKeyCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating whether a credential contains a particular public key.
EvaluablePublicKeyCredentialCriterion(PublicKeyCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
Constructor.
EvaluablePublicKeyCredentialCriterion(PublicKey) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
Constructor.
EvaluableUsageCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating whether a credential contains a particular usage specifier.
EvaluableUsageCredentialCriterion(UsageCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
Constructor.
EvaluableUsageCredentialCriterion(UsageType) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
Constructor.
EvaluableX509CertSelectorCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating whether a credential's certificate meets the criteria specified by an instance of X509CertSelector.
EvaluableX509CertSelectorCredentialCriterion(X509CertSelector) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
Constructor.
EvaluableX509DigestCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
An implementation of Criterion which specifies criteria based on the digest of an X.509 certificate.
EvaluableX509DigestCredentialCriterion(X509DigestCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
Constructor.
EvaluableX509DigestCredentialCriterion(String, byte[]) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
Constructor.
EvaluableX509IssuerSerialCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular issuer name and serial number.
EvaluableX509IssuerSerialCredentialCriterion(X509IssuerSerialCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
Constructor.
EvaluableX509IssuerSerialCredentialCriterion(X500Principal, BigInteger) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
Constructor.
EvaluableX509SubjectKeyIdentifierCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular subject key identifier.
EvaluableX509SubjectKeyIdentifierCredentialCriterion(X509SubjectKeyIdentifierCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
Constructor.
EvaluableX509SubjectKeyIdentifierCredentialCriterion(byte[]) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
Constructor.
EvaluableX509SubjectNameCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular subject name.
EvaluableX509SubjectNameCredentialCriterion(X509SubjectNameCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
Constructor.
EvaluableX509SubjectNameCredentialCriterion(X500Principal) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
Constructor.
evaluate(TokenType, String, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Evaluate the token using the configured trust engine against criteria built using the specified candidate issuer entity ID and message context information.
evaluate(TokenType, CriteriaSet) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Evaluate the token against the specified criteria using the configured trust engine.
evaluate(X509Credential, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Evaluate the specified credential against the specified set of trusted names.
evaluate(X509Credential, Set<String>) - Method in interface org.opensaml.security.x509.impl.X509CredentialNameEvaluator
Evaluate the specified credential against the specified set of trusted names.
evaluateCertificateNameDerivedPresenters(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Evaluate candidate presenter entity ID's which may be derived from the request credential's entity certificate according to the options supplied via CertificateNameOptions.
evaluateDerivedPresenters(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Evaluate any candidate presenter entity ID's which may be derived from the credential or other message context information.
evaluateSubjectAltNames(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Evaluate the presenter entity ID as derived from the cert subject alternative names specified by types enumerated in CertificateNameOptions.getSubjectAltNames().
evaluateSubjectCommonName(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Evaluate the presenter entity ID as derived from the cert subject common name (CN).
evaluateSubjectDN(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Evaluate the presenter entity ID as derived from the cert subject DN.
ExplicitKeyTrustEngine - Class in org.opensaml.security.trust.impl
Trust engine that evaluates a credential's key against key(s) expressed within a set of trusted credentials obtained from a trusted credential resolver.
ExplicitKeyTrustEngine(CredentialResolver) - Constructor for class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
Constructor.
ExplicitKeyTrustEvaluator - Class in org.opensaml.security.trust.impl
Auxillary trust evaluator for evaluating an untrusted key or credential against a trusted key or credential.
ExplicitKeyTrustEvaluator() - Constructor for class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
 
ExplicitX509CertificateTrustEngine - Class in org.opensaml.security.trust.impl
Trust engine that evaluates a credential's X.509 certificate against certificates expressed within a set of trusted credentials obtained from a credential resolver.
ExplicitX509CertificateTrustEngine(CredentialResolver) - Constructor for class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
Constructor.
ExplicitX509CertificateTrustEvaluator - Class in org.opensaml.security.trust.impl
Auxillary trust evaluator for evaluating an untrusted X509 certificate or credential against a trusted certificate or credential.
ExplicitX509CertificateTrustEvaluator() - Constructor for class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
 
extractCredential(SSLSocket) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Extract the server TLS X509Credential from the supplied SSLSocket.
extractCredential(SSLSocket) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
Extract the server TLS X509Credential from the supplied SSLSocket.

F

FilesystemCredentialResolver - Class in org.opensaml.security.credential.impl
NOTE: this class is not yet implemented A CredentialResolver that pulls credential information from the file system.
FilesystemCredentialResolver(String, Map<String, String>) - Constructor for class org.opensaml.security.credential.impl.FilesystemCredentialResolver
Constructor.
forceRevocationEnabled - Variable in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Force RevocationEnabled flag.

G

getAltNames(X509Certificate, Integer) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Get the list of subject alt name values from the certificate which are of the specified alt name type.
getCertificateChain(String) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
getCertificateChain(String) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
getCertificateNameOptions() - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Get the certificate name options in use.
getCertificateNameOptions() - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
getCertificatePresenterEntityID(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Get the entity ID of the presenter of the client TLS certificate, as will be used for trust evaluation purposes.
getCertificates() - Method in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
getChain() - Method in class org.opensaml.security.trust.impl.ChainingTrustEngine
Get the list of configured trust engines which constitute the trust evaluation chain.
getClientAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
getClientAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
getCollection() - Method in class org.opensaml.security.credential.impl.CollectionCredentialResolver
Get the (modifiable) credential collection which is the backing store for the resolver.
getCommonName(X509Certificate) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Get the first common name (CN) value from the subject DN of the specified certificate.
getCredential() - Static method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
Return the current thread-local X509Credential.
getCredentialResolver() - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
getCredentialResolver() - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
getCredentialType() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
getCredentialType() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
getCRLs() - Method in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
getCRLs() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
getCRLs() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
getEffectiveVerificationDepth(PKIXValidationInformation) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Get the effective maximum path depth to use when constructing PKIX cert path builder parameters.
getEntityCertificate() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
getEntityCertificate() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
getEntityCertificateChain() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
getEntityCertificateChain() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
getEvaluator(Criterion) - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Get an instance of EvaluableCredentialCriterion which can evaluate the supplied criteria's requirements against a Credential target.
getHttpServletRequest() - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Get the HTTP servlet request being processed.
getInitialPolicies() - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Returns the set of initial policies (OID strings) of the underlying CertPath Provider.
getKey(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
Get the key contained within the credential.
getKey(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
Get the key contained within the credential.
getLogger() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Get an SLF4J Logger.
getNextCredential() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
Get the next credential that will be returned by this iterator.
getNextCredentialIterator() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
Get the iterator from the next resolver in the chain.
getPKIXBuilderParameters(PKIXValidationInformation, X509Credential) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Creates the set of PKIX builder parameters to use when building the cert path builder.
getPKIXResolver() - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
getPKIXTrustEvaluator() - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Get the PKIXTrustEvaluator instance used to evaluate trust.
getPKIXValidationOptions() - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
getPredicates(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
Construct a set of credential predicates based on the criteria set.
getPrivateKey() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
getPrivateKey() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
getPrivateKey(String) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
getPrivateKey(String) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
getPublicKey() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
getPublicKey() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
getResolverChain() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver
Get the unmodifiable list of credential resolvers which comprise the resolver chain.
getServerAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
getServerAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
getSubjectAltNameTypes() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Get the set of types of subject alternative names to process.
getSubjectName(X509Certificate) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Get subject name from a certificate, using the currently configured X500DNHandler and subject DN output format.
getTrustAnchors(PKIXValidationInformation) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Creates the collection of trust anchors to use during validation.
getTrustEngine() - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Gets the trust engine used to validate the untrusted token.
getVerificationDepth() - Method in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
getX500DNHandler() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Get the handler which process X.500 distinguished names.
getX500DNHandler() - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Get the handler which process X.500 distinguished names.
getX509CredentialNameEvaluator() - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Get the X509CredentialNameEvaluator instance used to evaluate a credential against trusted names.
getX509TrustEngine() - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration

H

hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
hashCode() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
hasNext() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
haveCurrent() - Static method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
Get whether the current thread-local is populated with a non-null value.
hostnameVerifier - Variable in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
The hostname verifier evaluated by this implementation.
hostnameVerifier - Variable in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
The hostname verifier evaluated by this implementation.
httpServletRequest - Variable in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
The HttpServletRequest being processed.

I

init() - Method in class org.opensaml.security.config.ClientTLSValidationConfiguratonInitializer
init() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Initialize the registry.
initialized - Static variable in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Flag to track whether registry is initialized.
initialPolicies - Variable in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Acceptable policy OIDs.
internalAlias - Variable in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
The alias representing the supplied static credential.
internalAlias - Variable in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
The alias representing the supplied static credential.
isAnyPolicyInhibited() - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Returns the value of the any policy inhibited flag of the underlying CertPath Provider.
isForceRevocationEnabled() - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
If true, the revocation behavior of the underlying CertPath provider will be forced to the value supplied by CertPathPKIXValidationOptions.isRevocationEnabled().
isInitialized() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Check whether the registry has been initialized.
isNameCheckingActive() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Gets whether any of the supported name type checking is currently enabled.
isPolicyMappingInhibited() - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Returns the value of the policy mapping inhibited flag of the underlying CertPath Provider.
isRevocationEnabled() - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
If CertPathPKIXValidationOptions.isForceRevocationEnabled() is true, the revocation behavior of the underlying CertPath Provider will be forced to this value.
isSatisfyAllPredicates() - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
Get the flag indicating whether resolved credentials must satisfy all predicates (i.e.
issuer - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
Base criteria.
iterator() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable

K

keyAlgorithm - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
Base criteria.
keyLength - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
Base criteria.
keyManager - Variable in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
Wrapped key manager.
keyName - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
Base criteria.
keyPassword - Variable in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
Password for the key to be exposed.
keyPasswords - Variable in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Passwords for keys.
keyStore - Variable in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Key store credentials are retrieved from.
keyStore - Variable in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
Keystore that contains the credential to be exposed.
KeyStoreCredentialResolver - Class in org.opensaml.security.credential.impl
A CredentialResolver that extracts Credential's from a key store.
KeyStoreCredentialResolver(KeyStore, Map<String, String>) - Constructor for class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Constructor.
KeyStoreCredentialResolver(KeyStore, Map<String, String>, UsageType) - Constructor for class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Constructor.
keystoreUsage - Variable in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Usage type of all keys in the store.
KeyStoreX509CredentialAdapter - Class in org.opensaml.security.x509.impl
A wrapper that changes a KeyStore in to a X509Credential.
KeyStoreX509CredentialAdapter(KeyStore, String, char[]) - Constructor for class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
Constructor.

L

loadCurrent(X509Credential) - Static method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
Load the thread-local storage with the current credential.
loadDefaultMappings() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Load the default set of criteria-evaluator mappings from the default mappings properties file.
loadMappings(Properties) - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Load a set of criteria-evaluator mappings from the supplied properties set.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
Logger.
log - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
Logger.
log - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver
Logger.
log - Variable in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Class logger.
log - Variable in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Logger.
log - Variable in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
Logger.
log - Variable in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Logger.
log - Variable in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Logger.
log - Variable in class org.opensaml.security.trust.impl.ChainingTrustEngine
Class logger.
log - Variable in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
Class logger.
log - Variable in class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
Class logger.
log - Variable in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
Class logger.
log - Variable in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
Class logger.
log - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Class logger.
log - Variable in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Class logger.
log - Variable in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
Class logger.
log - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Class logger.
log - Variable in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
Logger.
log - Variable in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
Logger.
logCertPathDebug(PKIXCertPathBuilderResult, X509Certificate) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Log information from the constructed cert path at level debug.
lookup(Class<? extends Criterion>) - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Lookup the class subtype of EvaluableCredentialCriterion which is registered for the specified Criterion class.

M

matchUsage(UsageType, UsageType) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
Match usage enum type values from credential and criteria.
matchUsage(UsageType, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Match usage enum type values from keystore configured usage and from credential criteria.

N

next() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
nextCredential - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
The next credential that is safe to return.

O

options - Variable in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Options influencing processing behavior.
org.opensaml.security.config - package org.opensaml.security.config
Security configuration implementation classes.
org.opensaml.security.credential.criteria.impl - package org.opensaml.security.credential.criteria.impl
Implementations of Criterion where the parameterized evaluation target type is Credential.
org.opensaml.security.credential.impl - package org.opensaml.security.credential.impl
CredentialResolver implementation classes.
org.opensaml.security.httpclient.impl - package org.opensaml.security.httpclient.impl
Security implementation support for Apache HttpClient.
org.opensaml.security.messaging.impl - package org.opensaml.security.messaging.impl
Message handler implementations.
org.opensaml.security.trust.impl - package org.opensaml.security.trust.impl
TrustEngine implementation classes.
org.opensaml.security.x509.impl - package org.opensaml.security.x509.impl
TrustEngine implementation classes related to PKIX.
org.opensaml.security.x509.tls.impl - package org.opensaml.security.x509.tls.impl
Implementation classes for client TLS security.

P

parent - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable
The chaining credential resolver which owns this instance.
parent - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
The chaining credential resolver which owns this instance.
performHostnameVerification(Socket, String, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Perform hostname verification on the connection represented by the supplied socket.
performHostnameVerification(Socket, String, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
Perform hostname verification on the connection represented by the supplied socket.
performTrustEval(Socket, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
performTrustEval(Socket, String, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Perform trust evaluation by extracting the server TLS X509Credential from the SSLSession and evaluating it via a TrustEngine and CriteriaSet supplied by the caller via the HttpContext.
performTrustEval(Socket, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
Perform trust evaluation by extracting the server TLS X509Credential from the SSLSession and evaluating it via a TrustEngine and CriteriaSet supplied by the caller via the HttpContext.
pkixInfo - Variable in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
The PKIX validation information to return.
pkixResolver - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Resolver used for resolving trusted credentials.
pkixTrustEvaluator - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
The external PKIX trust evaluator used to establish trust.
PKIXX509CredentialTrustEngine - Class in org.opensaml.security.x509.impl
Trust engine implementation which evaluates an X509Credential token based on PKIX validation processing using validation information from a trusted source.
PKIXX509CredentialTrustEngine(PKIXValidationInformationResolver) - Constructor for class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Constructor.
PKIXX509CredentialTrustEngine(PKIXValidationInformationResolver, PKIXTrustEvaluator, X509CredentialNameEvaluator) - Constructor for class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Constructor.
policyMappingInhibit - Variable in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Disable policy mapping flag.
privateKey - Variable in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
The private key instance.
processNameChecks(X509Credential, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Process any name checks that are enabled.
processPrivateKeyEntry(KeyStore.PrivateKeyEntry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Build an X509Credential from a keystore private key entry.
processSecretKeyEntry(KeyStore.SecretKeyEntry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Build a Credential from a keystore secret key entry.
processSubjectAltNames(X509Certificate, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Process name checking for the subject alt names within the certificate.
processSubjectDN(X509Certificate, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Process name checking for the certificate subject DN.
processSubjectDNCommonName(X509Certificate, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Process name checking for a certificate subject DN's common name.
processTrustedCertificateEntry(KeyStore.TrustedCertificateEntry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Build an X509Credential from a keystore trusted certificate entry.
publicKey - Variable in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
Base criteria.

R

register(Class<? extends Criterion>, Class<? extends EvaluableCredentialCriterion>) - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Register a credential evaluator class for a criteria class.
registry - Static variable in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
Storage for the registry mappings.
remove() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
resolve(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver
resolve(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractCredentialResolver
resolve(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
resolve(CriteriaSet) - Method in class org.opensaml.security.credential.impl.StaticCredentialResolver
resolve(CriteriaSet) - Method in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
resolve(CriteriaSet) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationParametersResolver
resolveFromSource(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source.
resolveFromSource(CriteriaSet) - Method in class org.opensaml.security.credential.impl.CollectionCredentialResolver
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source.
resolveFromSource(CriteriaSet) - Method in class org.opensaml.security.credential.impl.FilesystemCredentialResolver
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source.
resolveFromSource(CriteriaSet) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source.
resolveNameOptions(CriteriaSet) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationParametersResolver
Resolve and return the effective CertificateNameOptions.
resolverIterator - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
The iterator over resolvers in the chain.
resolvers - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver
List of credential resolvers in the chain.
resolveSingle(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractCredentialResolver
resolveSingle(CriteriaSet) - Method in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
resolveSingle(CriteriaSet) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationParametersResolver
resolveTrustedNames(CriteriaSet) - Method in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
resolveTrustEngine(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Resolve a TrustEngine instance of the appropriate type from the message context.
resolveTrustEngine(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Resolve a TrustEngine instance of the appropriate type from the message context.
resolveTrustEngine(CriteriaSet) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationParametersResolver
Resolve and return the effective super X509Credential>.
revocationEnabled - Variable in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Value for RevocationEnabled when forced.

S

satisfyAllPredicates - Variable in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
Flag which determines whether predicates used in filtering are connected by a logical 'AND' or by logical 'OR'.
SecurityEnhancedHttpClientSupport - Class in org.opensaml.security.httpclient.impl
Support class for working with security-enhanced components related to use of HttpClient.
SecurityEnhancedHttpClientSupport() - Constructor for class org.opensaml.security.httpclient.impl.SecurityEnhancedHttpClientSupport
Constructor.
SecurityEnhancedTLSSocketFactory - Class in org.opensaml.security.httpclient.impl
An security-enhanced implementation of HttpClient's TLS-capable LayeredConnectionSocketFactory.
SecurityEnhancedTLSSocketFactory(LayeredConnectionSocketFactory) - Constructor for class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Constructor.
SecurityEnhancedTLSSocketFactory(LayeredConnectionSocketFactory, X509HostnameVerifier) - Constructor for class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Constructor.
serialNumber - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
Base criteria.
setAnyPolicyInhibit(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Sets the any policy inhibited flag for the underlying CertPath Provider.
setAuthenticatedCertificatePresenterEntityID(MessageContext, String) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Store the successfully authenticated derived entity ID of the certificate presenter in the message context.
setAuthenticatedState(MessageContext, boolean) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Store the indicated message authentication state in the message context.
setCertificateNameOptions(CertificateNameOptions) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
Set a CertificateNameOptions instance to use when evaluating a client TLS X509Credential.
setCheckSubjectAltNames(boolean) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Sets whether to check the credential's entity certificate subject alt names against the trusted key name values.
setCheckSubjectDN(boolean) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Sets whether to check the credential's entity certificate subject DN against the trusted key name values.
setCheckSubjectDNCommonName(boolean) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Sets whether to check the credential's entity certificate subject DN's common name (CN) against the trusted key name values.
setEntityId(String) - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
setEntityId(String) - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
setForceRevocationEnabled(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
If true, the revocation behavior of the underlying CertPath provider will be forced to the value supplied by CertPathPKIXValidationOptions.isRevocationEnabled().
setHttpServletRequest(HttpServletRequest) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
Set the HTTP servlet request being processed.
setInitialPolicies(Set<String>) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Sets the initial policy identifiers (OID strings) for the underlying CertPath Provider, i.e.
setPKIXValidationOptions(PKIXValidationOptions) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Set the desired PKIX validation options set.
setPolicyMappingInhibit(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
Sets the policy mapping inhibited flag for the underlying CertPath Provider.
setRevocationEnabled(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
If CertPathPKIXValidationOptions.isForceRevocationEnabled() is true, the revocation behavior of the underlying CertPath Provider will be forced to this value.
setSatisfyAllPredicates(boolean) - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
Set the flag indicating whether resolved credentials must satisfy all predicates (i.e.
setSubjectAltNameTypes(Set<Integer>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Set the set of types of subject alternative names to process.
setup(HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Load the ThreadLocalX509CredentialContext with the client TLS credential obtained from the HttpContext.
setUsageType(UsageType) - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
setUsageType(UsageType) - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
setX500DNHandler(X500DNHandler) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Set the handler which process X.500 distinguished names.
setX500DNHandler(X500DNHandler) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Set the handler which process X.500 distinguished names.
setX509TrustEngine(TrustEngine<? super X509Credential>) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
Set a TrustEngine instance used to validate a client TLS X509Credential.
ski - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
Base criteria.
StaticCredentialResolver - Class in org.opensaml.security.credential.impl
Simple implementation of CredentialResolver which just stores and returns a static set of credentials.
StaticCredentialResolver(List<Credential>) - Constructor for class org.opensaml.security.credential.impl.StaticCredentialResolver
Constructor.
StaticCredentialResolver(Credential) - Constructor for class org.opensaml.security.credential.impl.StaticCredentialResolver
Constructor.
StaticPKIXValidationInformationResolver - Class in org.opensaml.security.x509.impl
An implementation of PKIXValidationInformationResolver which always returns a static, fixed set of information.
StaticPKIXValidationInformationResolver(List<PKIXValidationInformation>, Set<String>) - Constructor for class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
Constructor.
StaticPKIXValidationInformationResolver(List<PKIXValidationInformation>, Set<String>, boolean) - Constructor for class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
Constructor.
StaticX509CredentialKeyManager - Class in org.opensaml.security.x509.tls.impl
An implementation of X509KeyManager based on a single statically configured private key and certificate chain, supplied either directly or via an instance of X509Credential.
StaticX509CredentialKeyManager(X509Credential) - Constructor for class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
Constructor.
StaticX509CredentialKeyManager(PrivateKey, Collection<X509Certificate>) - Constructor for class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
Constructor.
storeContainsCRLs(CertStore) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Determine whether there are any CRL's in the CertStore that is to be used.
subjectAltNameTypes - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
The set of types of subject alternative names to process.
subjectName - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
Base criteria.
supportDynamicTrustedNames - Variable in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
Flag indicating whether dynamic trusted names should be extracted from criteria set.
supportsTrustedNameResolution() - Method in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver

T

teardown(HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
Clear the ThreadLocalX509CredentialContext of the client TLS credential obtained from the HttpContext.
ThreadLocalX509CredentialContext - Class in org.opensaml.security.x509.tls.impl
Class which holds and makes available an instance of X509Credential via ThreadLocal storage, typically used for client TLS authentication via ThreadLocalX509CredentialKeyManager.
ThreadLocalX509CredentialContext() - Constructor for class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
Constructor.
ThreadLocalX509CredentialKeyManager - Class in org.opensaml.security.x509.tls.impl
An implementation of X509KeyManager which returns data based on the thread-local credential instance obtained via ThreadLocalX509CredentialContext.
ThreadLocalX509CredentialKeyManager() - Constructor for class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
 
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
toString() - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
trustAnchors - Variable in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
Certs used as the trust anchors.
trustedCRLs - Variable in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
CRLs used during validation.
trustedNames - Variable in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
The set of trusted names to return.
trustEngine - Variable in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
Trust engine used to verify the particular token type.
TrustEngineTLSSocketFactory - Class in org.opensaml.security.httpclient.impl
Deprecated.
TrustEngineTLSSocketFactory(LayeredConnectionSocketFactory, X509HostnameVerifier) - Constructor for class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
Constructor.
trustEvaluator - Variable in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
Trust evaluator.
trustEvaluator - Variable in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
Trust evaluator.

U

usage - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
Base criteria.

V

validate(TokenType, CriteriaSet) - Method in class org.opensaml.security.trust.impl.ChainingTrustEngine
validate(Credential, CriteriaSet) - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
validate(Key, Key) - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
Evaluate trust.
validate(Key, Iterable<Key>) - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
Evaluate trust.
validate(Credential, Credential) - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
Evaluate trust.
validate(Credential, Iterable<Credential>) - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
Evaluate trust.
validate(X509Credential, CriteriaSet) - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
validate(X509Certificate, X509Certificate) - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
Evaluate trust.
validate(X509Certificate, Iterable<X509Certificate>) - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
Evaluate trust.
validate(X509Credential, X509Credential) - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
Evaluate trust.
validate(X509Credential, Iterable<Credential>) - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
Evaluate trust.
validate(PKIXValidationInformation, X509Credential) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
validate(X509Credential, CriteriaSet) - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
validate(X509Credential, Set<String>, Iterable<PKIXValidationInformation>) - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
Perform PKIX validation on the untrusted credential, using PKIX validation information based on the supplied set of trusted credentials.
verificationDepth - Variable in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
Max verification depth during PKIX validation.

W

wrappedFactory - Variable in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
The HttpClient socket factory instance wrapped by this implementation.
wrappedFactory - Variable in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
Deprecated.
The HttpClient socket factory instance wrapped by this implementation.

X

x500DNHandler - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
Responsible for parsing and serializing X.500 names to/from X500Principal instances.
x500DNHandler - Variable in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
Responsible for parsing and serializing X.500 names to/from X500Principal instances.
X509CredentialNameEvaluator - Interface in org.opensaml.security.x509.impl
Interface for classes which evaluate an X509Credential against a supplied set of trusted names.
x509digest - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
X.509 certificate digest.
X509KeyManagerX509CredentialAdapter - Class in org.opensaml.security.x509.impl
A class that wraps a X509KeyManager and exposes it as an X509Credential.
X509KeyManagerX509CredentialAdapter(X509KeyManager, String) - Constructor for class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
Constructor.
x509TrustEngine - Variable in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
A TrustEngine instance used to validate a client TLS X509Credential.
A B C D E F G H I K L M N O P R S T U V W X 
Skip navigation links
OpenSAML :: Security Implementation 3.3.0.redhat-1

Copyright © 1999–2018 Shibboleth Consortium. All rights reserved.