public final class SecurityEnhancedHttpClientSupport extends Object
HttpClient.| Modifier | Constructor and Description |
|---|---|
private |
SecurityEnhancedHttpClientSupport()
Constructor.
|
| Modifier and Type | Method and Description |
|---|---|
static LayeredConnectionSocketFactory |
buildTLSSocketFactory()
Build an instance of TLS-capable
LayeredConnectionSocketFactory
wrapped by SecurityEnhancedTLSSocketFactory, configured for
server TLS based on a mandatory TrustEngine supplied at runtime. |
static LayeredConnectionSocketFactory |
buildTLSSocketFactory(boolean supportTrustEngine,
boolean supportClientTLS)
Build an instance of TLS-capable
LayeredConnectionSocketFactory. |
static LayeredConnectionSocketFactory |
buildTLSSocketFactoryWithClientTLS()
Build an instance of TLS-capable
LayeredConnectionSocketFactory
wrapped by SecurityEnhancedTLSSocketFactory, configured for
server TLS based on a mandatory TrustEngine supplied at runtime,
and additionally configured for optional client TLS support via context client TLS credential. |
static LayeredConnectionSocketFactory |
buildTLSSocketFactoryWithClientTLSOnly()
Build an instance of TLS-capable
LayeredConnectionSocketFactory
wrapped by SecurityEnhancedTLSSocketFactory,
configured for optional client TLS support via context client TLS credential. |
private SecurityEnhancedHttpClientSupport()
@Nonnull public static LayeredConnectionSocketFactory buildTLSSocketFactory()
LayeredConnectionSocketFactory
wrapped by SecurityEnhancedTLSSocketFactory, configured for
server TLS based on a mandatory TrustEngine supplied at runtime.
Equivalent to buildTLSSocketFactory(boolean, boolean) called with true, false.
@Nonnull public static LayeredConnectionSocketFactory buildTLSSocketFactoryWithClientTLS()
LayeredConnectionSocketFactory
wrapped by SecurityEnhancedTLSSocketFactory, configured for
server TLS based on a mandatory TrustEngine supplied at runtime,
and additionally configured for optional client TLS support via context client TLS credential.
Equivalent to buildTLSSocketFactory(boolean, boolean) called with true, true.
@Nonnull public static LayeredConnectionSocketFactory buildTLSSocketFactoryWithClientTLSOnly()
LayeredConnectionSocketFactory
wrapped by SecurityEnhancedTLSSocketFactory,
configured for optional client TLS support via context client TLS credential.
Server TLS will be based on the default JSSE trust mechanism.
Equivalent to buildTLSSocketFactory(boolean, boolean) called with false, true.
@Nonnull public static LayeredConnectionSocketFactory buildTLSSocketFactory(boolean supportTrustEngine, boolean supportClientTLS)
LayeredConnectionSocketFactory.
If either supportTrustEngine or supportClientTLS are true,
the returned factory will be a instance of SecurityEnhancedTLSSocketFactory
wrapping an instance of LayeredConnectionSocketFactory.
If supportTrustEngine is true, then the wrapped factory will be configured
with a "no trust" X509TrustManager, to allow the actual server TLS trust evaluation
to be performed by a mandatory TrustEngine supplied at runtime,
as documented in SecurityEnhancedTLSSocketFactory.
If supportClientTLS is true, then the wrapped factory will be configured
with a X509KeyManager that supports per-request specification of a client TLS
credential, as documented in SecurityEnhancedTLSSocketFactory.
supportTrustEngine - whether to support server TLS via a context trust enginesupportClientTLS - whether to support client TLS via a context client credentialCopyright © 1999–2019 Shibboleth Consortium. All rights reserved.