- certificateChain - Variable in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
-
The certificate chain instance.
- certificateNameOptions - Variable in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
-
- certNameOptions - Variable in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Options for deriving client cert presenter entity ID's from an X.509 certificate.
- CertPathPKIXTrustEvaluator - Class in org.opensaml.security.x509.impl
-
- CertPathPKIXTrustEvaluator() - Constructor for class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Constructor.
- CertPathPKIXTrustEvaluator(PKIXValidationOptions) - Constructor for class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Constructor.
- CertPathPKIXValidationOptions - Class in org.opensaml.security.x509.impl
-
- CertPathPKIXValidationOptions() - Constructor for class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
Constructor.
- certSelector - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
-
Base criteria.
- ChainingCredentialResolver - Class in org.opensaml.security.credential.impl
-
- ChainingCredentialResolver(List<CredentialResolver>) - Constructor for class org.opensaml.security.credential.impl.ChainingCredentialResolver
-
Constructor.
- ChainingTrustEngine<TokenType> - Class in org.opensaml.security.trust.impl
-
Evaluate a token in sequence using a chain of subordinate trust engines.
- ChainingTrustEngine(List<TrustEngine<? super TokenType>>) - Constructor for class org.opensaml.security.trust.impl.ChainingTrustEngine
-
Constructor.
- checkCriteriaRequirements(CriteriaSet) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
-
Check that required credential criteria are available.
- checkNames(Set<String>, X509Credential) - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
Evaluate the credential against the set of trusted names.
- checkSubjectAltNames - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Flag as to whether to perform name checking using credential's subject alt names.
- checkSubjectAltNames() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Gets whether to check the credential's entity certificate subject alt names against the trusted key
name values.
- checkSubjectDN - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Flag as to whether to perform name checking using credential's subject DN.
- checkSubjectDN() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Gets whether to check the credential's entity certificate subject DN against the trusted key name
values.
- checkSubjectDNCommonName - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Flag as to whether to perform name checking using credential's subject DN's common name (CN).
- checkSubjectDNCommonName() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Gets whether to check the credential's entity certificate subject DN's common name (CN) against the
trusted key name values.
- chooseClientAlias(String[], Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
- chooseClientAlias(String[], Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
- chooseServerAlias(String, Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
- chooseServerAlias(String, Principal[], Socket) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
- clearCurrent() - Static method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
-
Clear the current thread-local credential.
- clearRegistry() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
-
Clear all mappings from the registry.
- ClientTLSValidationConfiguratonInitializer - Class in org.opensaml.security.config
-
- ClientTLSValidationConfiguratonInitializer() - Constructor for class org.opensaml.security.config.ClientTLSValidationConfiguratonInitializer
-
- collection - Variable in class org.opensaml.security.credential.impl.CollectionCredentialResolver
-
The collection of credentials which is the underlying store for the resolver.
- CollectionCredentialResolver - Class in org.opensaml.security.credential.impl
-
- CollectionCredentialResolver() - Constructor for class org.opensaml.security.credential.impl.CollectionCredentialResolver
-
Constructor.
- CollectionCredentialResolver(Collection<Credential>) - Constructor for class org.opensaml.security.credential.impl.CollectionCredentialResolver
-
Constructor.
- connectSocket(int, Socket, HttpHost, InetSocketAddress, InetSocketAddress, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
- connectSocket(int, Socket, HttpHost, InetSocketAddress, InetSocketAddress, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
-
Deprecated.
- createLayeredSocket(Socket, String, int, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
- createLayeredSocket(Socket, String, int, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
-
Deprecated.
- createSocket(HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
- createSocket(HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
-
Deprecated.
- credentialAlias - Variable in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
-
Alias to the credential to be exposed.
- credentialAlias - Variable in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
-
Alias used to reference the credential in the key manager.
- CredentialIterable(AbstractChainingCredentialResolver<ResolverType>, CriteriaSet) - Constructor for class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable
-
Constructor.
- CredentialIterator(AbstractChainingCredentialResolver<ResolverType>, CriteriaSet) - Constructor for class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
Constructor.
- credentialIterator - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
The iterator over Credential instances from the current resolver.
- credentialResolver - Variable in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
-
Resolver used for resolving trusted credentials.
- credentialResolver - Variable in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
-
Resolver used for resolving trusted credentials.
- credNameEvaluator - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
The external credential name evaluator used to establish trusted name compliance.
- creds - Variable in class org.opensaml.security.credential.impl.StaticCredentialResolver
-
List of credentials held by this resolver.
- critSet - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable
-
The criteria set on which to base resolution.
- critSet - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
The criteria set on which to base resolution.
- currentCredential - Static variable in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
-
ThreadLocal storage for credential.
- currentResolver - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
The current resolver which is returning credentials.
- engines - Variable in class org.opensaml.security.trust.impl.ChainingTrustEngine
-
The chain of subordinate trust engines.
- entityID - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
-
Base criteria.
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
- equals(Object) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
- EvaluableCredentialCriteriaRegistry - Class in org.opensaml.security.credential.criteria.impl
-
A registry which manages mappings from types of
Criterion
to the class type which can evaluate that
criteria's data against a Credential target.
- EvaluableCredentialCriteriaRegistry() - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
-
Constructor.
- EvaluableCredentialCriterion - Interface in org.opensaml.security.credential.criteria.impl
-
Marker interface for evaluable credential resolver criteria.
- EvaluableEntityIDCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating a credential's entityID.
- EvaluableEntityIDCredentialCriterion(EntityIdCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
-
Constructor.
- EvaluableEntityIDCredentialCriterion(String) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableEntityIDCredentialCriterion
-
Constructor.
- EvaluableKeyAlgorithmCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating the credential key algorithm.
- EvaluableKeyAlgorithmCredentialCriterion(KeyAlgorithmCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
-
Constructor.
- EvaluableKeyAlgorithmCredentialCriterion(String) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
-
Constructor.
- EvaluableKeyLengthCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating the credential key length.
- EvaluableKeyLengthCredentialCriterion(KeyLengthCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
-
Constructor.
- EvaluableKeyLengthCredentialCriterion(Integer) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
-
Constructor.
- EvaluableKeyNameCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating credential key names.
- EvaluableKeyNameCredentialCriterion(KeyNameCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
-
Constructor.
- EvaluableKeyNameCredentialCriterion(String) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableKeyNameCredentialCriterion
-
Constructor.
- EvaluablePublicKeyCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating whether a credential contains a particular
public key.
- EvaluablePublicKeyCredentialCriterion(PublicKeyCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
-
Constructor.
- EvaluablePublicKeyCredentialCriterion(PublicKey) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
-
Constructor.
- EvaluableUsageCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating whether a credential contains a particular usage specifier.
- EvaluableUsageCredentialCriterion(UsageCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
-
Constructor.
- EvaluableUsageCredentialCriterion(UsageType) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableUsageCredentialCriterion
-
Constructor.
- EvaluableX509CertSelectorCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating whether a credential's certificate meets the criteria
specified by an instance of
X509CertSelector
.
- EvaluableX509CertSelectorCredentialCriterion(X509CertSelector) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509CertSelectorCredentialCriterion
-
Constructor.
- EvaluableX509DigestCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
An implementation of
Criterion
which specifies
criteria based on the digest of an X.509 certificate.
- EvaluableX509DigestCredentialCriterion(X509DigestCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
-
Constructor.
- EvaluableX509DigestCredentialCriterion(String, byte[]) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509DigestCredentialCriterion
-
Constructor.
- EvaluableX509IssuerSerialCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular
issuer name and serial number.
- EvaluableX509IssuerSerialCredentialCriterion(X509IssuerSerialCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
-
Constructor.
- EvaluableX509IssuerSerialCredentialCriterion(X500Principal, BigInteger) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
-
Constructor.
- EvaluableX509SubjectKeyIdentifierCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular
subject key identifier.
- EvaluableX509SubjectKeyIdentifierCredentialCriterion(X509SubjectKeyIdentifierCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
-
Constructor.
- EvaluableX509SubjectKeyIdentifierCredentialCriterion(byte[]) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
-
Constructor.
- EvaluableX509SubjectNameCredentialCriterion - Class in org.opensaml.security.credential.criteria.impl
-
Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular
subject name.
- EvaluableX509SubjectNameCredentialCriterion(X509SubjectNameCriterion) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
-
Constructor.
- EvaluableX509SubjectNameCredentialCriterion(X500Principal) - Constructor for class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
-
Constructor.
- evaluate(TokenType, String, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
-
Evaluate the token using the configured trust engine against criteria built using
the specified candidate issuer entity ID and message context information.
- evaluate(TokenType, CriteriaSet) - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
-
Evaluate the token against the specified criteria using the configured trust engine.
- evaluate(X509Credential, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Evaluate the specified credential against the specified set of trusted names.
- evaluate(X509Credential, Set<String>) - Method in interface org.opensaml.security.x509.impl.X509CredentialNameEvaluator
-
Evaluate the specified credential against the specified set of trusted names.
- evaluateCertificateNameDerivedPresenters(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Evaluate candidate presenter entity ID's which may be derived from the request credential's entity certificate
according to the options supplied via
CertificateNameOptions
.
- evaluateDerivedPresenters(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Evaluate any candidate presenter entity ID's which may be derived from the credential or other message context
information.
- evaluateSubjectAltNames(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
- evaluateSubjectCommonName(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Evaluate the presenter entity ID as derived from the cert subject common name (CN).
- evaluateSubjectDN(X509Credential, MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Evaluate the presenter entity ID as derived from the cert subject DN.
- ExplicitKeyTrustEngine - Class in org.opensaml.security.trust.impl
-
Trust engine that evaluates a credential's key against key(s) expressed within a set of trusted credentials obtained
from a trusted credential resolver.
- ExplicitKeyTrustEngine(CredentialResolver) - Constructor for class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
-
Constructor.
- ExplicitKeyTrustEvaluator - Class in org.opensaml.security.trust.impl
-
Auxillary trust evaluator for evaluating an untrusted key or credential against a trusted key or credential.
- ExplicitKeyTrustEvaluator() - Constructor for class org.opensaml.security.trust.impl.ExplicitKeyTrustEvaluator
-
- ExplicitX509CertificateTrustEngine - Class in org.opensaml.security.trust.impl
-
Trust engine that evaluates a credential's X.509 certificate against certificates expressed within a set of trusted
credentials obtained from a credential resolver.
- ExplicitX509CertificateTrustEngine(CredentialResolver) - Constructor for class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
-
Constructor.
- ExplicitX509CertificateTrustEvaluator - Class in org.opensaml.security.trust.impl
-
Auxillary trust evaluator for evaluating an untrusted X509 certificate or credential against a trusted certificate or
credential.
- ExplicitX509CertificateTrustEvaluator() - Constructor for class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEvaluator
-
- extractCredential(SSLSocket) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
- extractCredential(SSLSocket) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
-
Deprecated.
- getAltNames(X509Certificate, Integer) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Get the list of subject alt name values from the certificate which are of the specified alt name type.
- getCertificateChain(String) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
- getCertificateChain(String) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
- getCertificateNameOptions() - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Get the certificate name options in use.
- getCertificateNameOptions() - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
- getCertificatePresenterEntityID(MessageContext) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Get the entity ID of the presenter of the client TLS certificate, as will be used for trust evaluation purposes.
- getCertificates() - Method in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
- getChain() - Method in class org.opensaml.security.trust.impl.ChainingTrustEngine
-
Get the list of configured trust engines which constitute the trust evaluation chain.
- getClientAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
- getClientAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
- getCollection() - Method in class org.opensaml.security.credential.impl.CollectionCredentialResolver
-
Get the (modifiable) credential collection which is the backing store for the resolver.
- getCommonName(X509Certificate) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Get the first common name (CN) value from the subject DN of the specified certificate.
- getCredential() - Static method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialContext
-
- getCredentialResolver() - Method in class org.opensaml.security.trust.impl.ExplicitKeyTrustEngine
- getCredentialResolver() - Method in class org.opensaml.security.trust.impl.ExplicitX509CertificateTrustEngine
- getCredentialType() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- getCredentialType() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- getCRLs() - Method in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
- getCRLs() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- getCRLs() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- getEffectiveVerificationDepth(PKIXValidationInformation) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Get the effective maximum path depth to use when constructing PKIX cert path builder parameters.
- getEntityCertificate() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- getEntityCertificate() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- getEntityCertificateChain() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- getEntityCertificateChain() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- getEvaluator(Criterion) - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
-
- getHttpServletRequest() - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Get the HTTP servlet request being processed.
- getInitialPolicies() - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
Returns the set of initial policies (OID strings) of the underlying CertPath Provider.
- getKey(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyAlgorithmCredentialCriterion
-
Get the key contained within the credential.
- getKey(Credential) - Method in class org.opensaml.security.credential.criteria.impl.EvaluableKeyLengthCredentialCriterion
-
Get the key contained within the credential.
- getLogger() - Static method in class org.opensaml.security.credential.criteria.impl.EvaluableCredentialCriteriaRegistry
-
Get an SLF4J Logger.
- getNextCredential() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
Get the next credential that will be returned by this iterator.
- getNextCredentialIterator() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
Get the iterator from the next resolver in the chain.
- getPKIXBuilderParameters(PKIXValidationInformation, X509Credential) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Creates the set of PKIX builder parameters to use when building the cert path builder.
- getPKIXResolver() - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
- getPKIXTrustEvaluator() - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
- getPKIXValidationOptions() - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
- getPredicates(CriteriaSet) - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
-
Construct a set of credential predicates based on the criteria set.
- getPrivateKey() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- getPrivateKey() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- getPrivateKey(String) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
- getPrivateKey(String) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
- getPublicKey() - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- getPublicKey() - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- getResolverChain() - Method in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver
-
Get the unmodifiable list of credential resolvers which comprise the resolver chain.
- getServerAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
- getServerAliases(String, Principal[]) - Method in class org.opensaml.security.x509.tls.impl.ThreadLocalX509CredentialKeyManager
- getSubjectAltNameTypes() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Get the set of types of subject alternative names to process.
- getSubjectName(X509Certificate) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Get subject name from a certificate, using the currently configured X500DNHandler and subject DN output format.
- getTrustAnchors(PKIXValidationInformation) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Creates the collection of trust anchors to use during validation.
- getTrustEngine() - Method in class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
-
Gets the trust engine used to validate the untrusted token.
- getVerificationDepth() - Method in class org.opensaml.security.x509.impl.BasicPKIXValidationInformation
- getX500DNHandler() - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Get the handler which process X.500 distinguished names.
- getX500DNHandler() - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Get the handler which process X.500 distinguished names.
- getX509CredentialNameEvaluator() - Method in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
- getX509TrustEngine() - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
- parent - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterable
-
The chaining credential resolver which owns this instance.
- parent - Variable in class org.opensaml.security.credential.impl.AbstractChainingCredentialResolver.CredentialIterator
-
The chaining credential resolver which owns this instance.
- performHostnameVerification(Socket, String, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
Perform hostname verification on the connection represented by the supplied socket.
- performHostnameVerification(Socket, String, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
-
Deprecated.
Perform hostname verification on the connection represented by the supplied socket.
- performTrustEval(Socket, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
- performTrustEval(Socket, String, HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
Perform trust evaluation by extracting the server TLS
X509Credential
from the
SSLSession
and evaluating it via a
TrustEngine
and
CriteriaSet
supplied by the caller via the
HttpContext
.
- performTrustEval(Socket, HttpContext) - Method in class org.opensaml.security.httpclient.impl.TrustEngineTLSSocketFactory
-
Deprecated.
Perform trust evaluation by extracting the server TLS
X509Credential
from the
SSLSession
and evaluating it via a
TrustEngine
and
CriteriaSet
supplied by the caller via the
HttpContext
.
- pkixInfo - Variable in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
-
The PKIX validation information to return.
- pkixResolver - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
Resolver used for resolving trusted credentials.
- pkixTrustEvaluator - Variable in class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
The external PKIX trust evaluator used to establish trust.
- PKIXX509CredentialTrustEngine - Class in org.opensaml.security.x509.impl
-
Trust engine implementation which evaluates an
X509Credential
token based on PKIX validation processing using
validation information from a trusted source.
- PKIXX509CredentialTrustEngine(PKIXValidationInformationResolver) - Constructor for class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
Constructor.
- PKIXX509CredentialTrustEngine(PKIXValidationInformationResolver, PKIXTrustEvaluator, X509CredentialNameEvaluator) - Constructor for class org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine
-
Constructor.
- policyMappingInhibit - Variable in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
Disable policy mapping flag.
- privateKey - Variable in class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
-
The private key instance.
- processNameChecks(X509Credential, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Process any name checks that are enabled.
- processPrivateKeyEntry(KeyStore.PrivateKeyEntry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
-
Build an X509Credential from a keystore private key entry.
- processSecretKeyEntry(KeyStore.SecretKeyEntry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
-
Build a Credential from a keystore secret key entry.
- processSubjectAltNames(X509Certificate, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Process name checking for the subject alt names within the certificate.
- processSubjectDN(X509Certificate, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Process name checking for the certificate subject DN.
- processSubjectDNCommonName(X509Certificate, Set<String>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Process name checking for a certificate subject DN's common name.
- processTrustedCertificateEntry(KeyStore.TrustedCertificateEntry, String, UsageType) - Method in class org.opensaml.security.credential.impl.KeyStoreCredentialResolver
-
Build an X509Credential from a keystore trusted certificate entry.
- publicKey - Variable in class org.opensaml.security.credential.criteria.impl.EvaluablePublicKeyCredentialCriterion
-
Base criteria.
- satisfyAllPredicates - Variable in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
-
Flag which determines whether predicates used in filtering are connected by
a logical 'AND' or by logical 'OR'.
- SecurityEnhancedHttpClientSupport - Class in org.opensaml.security.httpclient.impl
-
Support class for working with security-enhanced components related to use of
HttpClient
.
- SecurityEnhancedHttpClientSupport() - Constructor for class org.opensaml.security.httpclient.impl.SecurityEnhancedHttpClientSupport
-
Constructor.
- SecurityEnhancedTLSSocketFactory - Class in org.opensaml.security.httpclient.impl
-
- SecurityEnhancedTLSSocketFactory(LayeredConnectionSocketFactory) - Constructor for class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
Constructor.
- SecurityEnhancedTLSSocketFactory(LayeredConnectionSocketFactory, X509HostnameVerifier) - Constructor for class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
Constructor.
- serialNumber - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509IssuerSerialCredentialCriterion
-
Base criteria.
- setAnyPolicyInhibit(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
Sets the any policy inhibited flag for the underlying CertPath Provider.
- setAuthenticatedCertificatePresenterEntityID(MessageContext, String) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Store the successfully authenticated derived entity ID of the certificate presenter in the message context.
- setAuthenticatedState(MessageContext, boolean) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Store the indicated message authentication state in the message context.
- setCertificateNameOptions(CertificateNameOptions) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
-
- setCheckSubjectAltNames(boolean) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Sets whether to check the credential's entity certificate subject alt names against the trusted key
name values.
- setCheckSubjectDN(boolean) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Sets whether to check the credential's entity certificate subject DN against the trusted key name
values.
- setCheckSubjectDNCommonName(boolean) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Sets whether to check the credential's entity certificate subject DN's common name (CN) against the
trusted key name values.
- setEntityId(String) - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- setEntityId(String) - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- setForceRevocationEnabled(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
- setHttpServletRequest(HttpServletRequest) - Method in class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
-
Set the HTTP servlet request being processed.
- setInitialPolicies(Set<String>) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
Sets the initial policy identifiers (OID strings) for the underlying CertPath Provider,
i.e.
- setPKIXValidationOptions(PKIXValidationOptions) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Set the desired PKIX validation options set.
- setPolicyMappingInhibit(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
Sets the policy mapping inhibited flag for the underlying CertPath Provider.
- setRevocationEnabled(boolean) - Method in class org.opensaml.security.x509.impl.CertPathPKIXValidationOptions
-
- setSatisfyAllPredicates(boolean) - Method in class org.opensaml.security.credential.impl.AbstractCriteriaFilteringCredentialResolver
-
Set the flag indicating whether resolved credentials must satisfy all predicates
(i.e.
- setSubjectAltNameTypes(Set<Integer>) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Set the set of types of subject alternative names to process.
- setup(HttpContext) - Method in class org.opensaml.security.httpclient.impl.SecurityEnhancedTLSSocketFactory
-
- setUsageType(UsageType) - Method in class org.opensaml.security.x509.impl.KeyStoreX509CredentialAdapter
- setUsageType(UsageType) - Method in class org.opensaml.security.x509.impl.X509KeyManagerX509CredentialAdapter
- setX500DNHandler(X500DNHandler) - Method in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
Set the handler which process X.500 distinguished names.
- setX500DNHandler(X500DNHandler) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Set the handler which process X.500 distinguished names.
- setX509TrustEngine(TrustEngine<? super X509Credential>) - Method in class org.opensaml.security.x509.tls.impl.BasicClientTLSValidationConfiguration
-
- ski - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectKeyIdentifierCredentialCriterion
-
Base criteria.
- StaticCredentialResolver - Class in org.opensaml.security.credential.impl
-
Simple implementation of
CredentialResolver
which just stores
and returns a static set of credentials.
- StaticCredentialResolver(List<Credential>) - Constructor for class org.opensaml.security.credential.impl.StaticCredentialResolver
-
Constructor.
- StaticCredentialResolver(Credential) - Constructor for class org.opensaml.security.credential.impl.StaticCredentialResolver
-
Constructor.
- StaticPKIXValidationInformationResolver - Class in org.opensaml.security.x509.impl
-
- StaticPKIXValidationInformationResolver(List<PKIXValidationInformation>, Set<String>) - Constructor for class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
-
Constructor.
- StaticPKIXValidationInformationResolver(List<PKIXValidationInformation>, Set<String>, boolean) - Constructor for class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
-
Constructor.
- StaticX509CredentialKeyManager - Class in org.opensaml.security.x509.tls.impl
-
An implementation of
X509KeyManager
based on a single statically configured
private key and certificate chain, supplied either directly or via an instance of
X509Credential
.
- StaticX509CredentialKeyManager(X509Credential) - Constructor for class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
-
Constructor.
- StaticX509CredentialKeyManager(PrivateKey, Collection<X509Certificate>) - Constructor for class org.opensaml.security.x509.tls.impl.StaticX509CredentialKeyManager
-
Constructor.
- storeContainsCRLs(CertStore) - Method in class org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator
-
Determine whether there are any CRL's in the
CertStore
that is to be used.
- subjectAltNameTypes - Variable in class org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator
-
The set of types of subject alternative names to process.
- subjectName - Variable in class org.opensaml.security.credential.criteria.impl.EvaluableX509SubjectNameCredentialCriterion
-
Base criteria.
- supportDynamicTrustedNames - Variable in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver
-
Flag indicating whether dynamic trusted names should be extracted from criteria set.
- supportsTrustedNameResolution() - Method in class org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver