org.opensaml.security.httpclient.impl

Class SecurityEnhancedHttpClientSupport

java.lang.Object

org.opensaml.security.httpclient.impl.SecurityEnhancedHttpClientSupport

public final class SecurityEnhancedHttpClientSupport
extends Object

Support class for working with security-enhanced components related to use of HttpClient.

Constructor Summary

Constructors

Modifier	Constructor and Description
private	SecurityEnhancedHttpClientSupport() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
static LayeredConnectionSocketFactory	buildTLSSocketFactory() Build an instance of TLS-capable LayeredConnectionSocketFactory wrapped by SecurityEnhancedTLSSocketFactory, configured for server TLS based on a TrustEngine.
static LayeredConnectionSocketFactory	buildTLSSocketFactory(boolean supportTrustEngine, boolean supportClientTLS) Build an instance of TLS-capable LayeredConnectionSocketFactory.
static LayeredConnectionSocketFactory	buildTLSSocketFactoryWithClientTLS() Build an instance of TLS-capable LayeredConnectionSocketFactory wrapped by SecurityEnhancedTLSSocketFactory, configured for server TLS based on a TrustEngine and additionally configured for client TLS support via context client TLS credential.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityEnhancedHttpClientSupport

private SecurityEnhancedHttpClientSupport()

Constructor.

Method Detail

buildTLSSocketFactory

@Nonnull
public static LayeredConnectionSocketFactory buildTLSSocketFactory()

Build an instance of TLS-capable LayeredConnectionSocketFactory wrapped by SecurityEnhancedTLSSocketFactory, configured for server TLS based on a TrustEngine.

Equivalent to #buildTLSSocketFactory(true, false).

Returns:

a new instance of security-enhanced TLS socket factory

buildTLSSocketFactoryWithClientTLS

@Nonnull
public static LayeredConnectionSocketFactory buildTLSSocketFactoryWithClientTLS()

Build an instance of TLS-capable LayeredConnectionSocketFactory wrapped by SecurityEnhancedTLSSocketFactory, configured for server TLS based on a TrustEngine and additionally configured for client TLS support via context client TLS credential.

Equivalent to #buildTLSSocketFactory(true, true).

Returns:

a new instance of security-enhanced TLS socket factory

buildTLSSocketFactory

@Nonnull
public static LayeredConnectionSocketFactory buildTLSSocketFactory(boolean supportTrustEngine,
                                                           boolean supportClientTLS)

Build an instance of TLS-capable LayeredConnectionSocketFactory.

If either supportTrustEngine or supportClientTLS are true, the returned factory will be a instance of SecurityEnhancedTLSSocketFactory wrapping an instance of LayeredConnectionSocketFactory.

If supportTrustEngine is true, then the wrapped factory will be configured with a "no trust" X509TrustManager, to allow the actual server TLS trust evaluation to be performed by a TrustEngine, as documented in SecurityEnhancedTLSSocketFactory.

If supportClientTLS is true, then the wrapped factory will be configured with a X509KeyManager that supports per-request specification of a client TLS credential, as documented in SecurityEnhancedTLSSocketFactory.

Parameters:

supportTrustEngine - whether to support server TLS via a context trust engine

supportClientTLS - whether to support client TLS via a context client credential

Returns:

a TLS socket factory