Package org.opensaml.security.httpclient.impl

Class BasicHttpClientSecurityConfiguration

java.lang.Object
org.opensaml.security.httpclient.impl.BasicHttpClientSecurityConfiguration
All Implemented Interfaces:
HttpClientSecurityConfiguration
public class BasicHttpClientSecurityConfiguration extends Object implements HttpClientSecurityConfiguration
Basic implementation of HttpClientSecurityConfiguration.

  • Field Details

    • credentialsProvider

      @Nullable private org.apache.http.client.CredentialsProvider credentialsProvider
      HttpClient credentials provider.

    • tlsTrustEngine

      @Nullable private TrustEngine<? super X509Credential> tlsTrustEngine
      Optional trust engine used in evaluating server TLS credentials.

    • tlsProtocols

      @Nullable private List<String> tlsProtocols
      TLS Protocols.

    • tlsCipherSuites

      @Nullable private List<String> tlsCipherSuites
      TLS cipher suites.

    • hostnameVerifier

      @Nullable private HostnameVerifier hostnameVerifier
      The hostname verifier.

    • clientTLSCredential

      @Nullable private X509Credential clientTLSCredential
      The X509 credential used for client TLS.

    • serverTLSFailureFatal

      @Nullable private Boolean serverTLSFailureFatal
      Flag indicating whether failure of server TLS trust engine evaluation should be treated as a fatal error.

  • Constructor Details

    • BasicHttpClientSecurityConfiguration

      public BasicHttpClientSecurityConfiguration()

  • Method Details

    • getCredentialsProvider

      @Nullable public org.apache.http.client.CredentialsProvider getCredentialsProvider()
      Get an instance of CredentialsProvider used for authentication by the HttpClient instance.
      Specified by:
      getCredentialsProvider in interface HttpClientSecurityConfiguration
      Returns:
      the credentials provider, or null

    • setCredentialsProvider

      public void setCredentialsProvider(@Nullable org.apache.http.client.CredentialsProvider provider)
      Set an instance of CredentialsProvider used for authentication by the HttpClient instance.
      Parameters:
      provider - the credentials provider

    • setBasicCredentials

      public void setBasicCredentials(@Nullable org.apache.http.auth.UsernamePasswordCredentials credentials)
      A convenience method to set a (single) username and password used for BASIC authentication. To disable BASIC authentication pass null for the credentials instance.

      An AuthScope will be generated which specifies any host, port, scheme and realm.

      To specify multiple usernames and passwords for multiple host, port, scheme, and realm combinations, instead provide an instance of CredentialsProvider via setCredentialsProvider(CredentialsProvider).

      Parameters:
      credentials - the username and password credentials

    • setBasicCredentialsWithScope

      public void setBasicCredentialsWithScope(@Nullable org.apache.http.auth.UsernamePasswordCredentials credentials, @Nullable org.apache.http.auth.AuthScope scope)
      A convenience method to set a (single) username and password used for BASIC authentication. To disable BASIC authentication pass null for the credentials instance.

      If the authScope is null, an AuthScope will be generated which specifies any host, port, scheme and realm.

      To specify multiple usernames and passwords for multiple host, port, scheme, and realm combinations, instead provide an instance of CredentialsProvider via setCredentialsProvider(CredentialsProvider).

      Parameters:
      credentials - the username and password credentials
      scope - the HTTP client auth scope with which to scope the credentials, may be null

    • getTLSTrustEngine

      @Nullable public TrustEngine<? super X509Credential> getTLSTrustEngine()
      Sets the optional trust engine used in evaluating server TLS credentials.
      Specified by:
      getTLSTrustEngine in interface HttpClientSecurityConfiguration
      Returns:
      the trust engine instance to use, or null

    • setTLSTrustEngine

      public void setTLSTrustEngine(@Nullable TrustEngine<? super X509Credential> engine)
      Sets the optional trust engine used in evaluating server TLS credentials.
      Parameters:
      engine - the trust engine instance to use

    • getTLSProtocols

      @Nullable public List<String> getTLSProtocols()
      Get the optional list of TLS protocols.
      Specified by:
      getTLSProtocols in interface HttpClientSecurityConfiguration
      Returns:
      the TLS protocols, or null

    • setTLSProtocols

      public void setTLSProtocols(@Nullable Collection<String> protocols)
      Set the optional list of TLS protocols.
      Parameters:
      protocols - the TLS protocols or null

    • getTLSCipherSuites

      @Nullable public List<String> getTLSCipherSuites()
      Get the optional list of TLS cipher suites.
      Specified by:
      getTLSCipherSuites in interface HttpClientSecurityConfiguration
      Returns:
      the list of TLS cipher suites, or null

    • setTLSCipherSuites

      public void setTLSCipherSuites(@Nullable Collection<String> cipherSuites)
      Set the optional list of TLS cipher suites.
      Parameters:
      cipherSuites - the TLS cipher suites, or null

    • getHostnameVerifier

      @Nullable public HostnameVerifier getHostnameVerifier()
      Get the optional hostname verifier.
      Specified by:
      getHostnameVerifier in interface HttpClientSecurityConfiguration
      Returns:
      the hostname verifier, or null

    • setHostnameVerifier

      public void setHostnameVerifier(@Nullable HostnameVerifier verifier)
      Set the optional hostname verifier.
      Parameters:
      verifier - the hostname verifier, or null

    • getClientTLSCredential

      @Nullable public X509Credential getClientTLSCredential()
      Get the optional client TLS credential.
      Specified by:
      getClientTLSCredential in interface HttpClientSecurityConfiguration
      Returns:
      the client TLS credential, or null

    • setClientTLSCredential

      public void setClientTLSCredential(@Nullable X509Credential credential)
      Set the optional client TLS credential.
      Parameters:
      credential - the client TLS credential, or null

    • isServerTLSFailureFatal

      @Nullable public Boolean isServerTLSFailureFatal()
      Get the flag indicating whether failure of server TLS trust engine evaluation should be treated as a fatal error.

      Note: a Boolean is used here rather than boolean to explicitly allow a non-configured value, allowing consuming components to implement their own internal defaults.

      Specified by:
      isServerTLSFailureFatal in interface HttpClientSecurityConfiguration
      Returns:
      true if fatal, false if non-fatal, null if not explicitly configured

    • setServerTLSFailureFatal

      public void setServerTLSFailureFatal(@Nullable Boolean flag)
      Set the flag indicating whether failure of server TLS trust engine evaluation should be treated as a fatal error.

      Note: a Boolean is used here rather than boolean to explicitly allow a non-configured value, allowing consuming components to implement their own internal defaults.

      Parameters:
      flag - true if fatal, false if non-fatal, null if not explicitly configured