Package net.shibboleth.idp.authn.impl

Class X509AuthServlet

java.lang.Object

jakarta.servlet.GenericServlet

jakarta.servlet.http.HttpServlet

net.shibboleth.idp.authn.impl.X509AuthServlet

All Implemented Interfaces:

Servlet, ServletConfig, Serializable

public class X509AuthServlet
extends HttpServlet

Servlet compatible with the ExternalAuthentication interface that extracts and validates an X.509 client certificate for user authentication.

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
private final org.slf4j.Logger	log	Class logger.
private static final String	PASSTHROUGH_PARAM	Parameter/cookie for bypassing prompt page.
private static final String	SAVECERT_PARAM	Init parameter controlling certificate preservation.
private boolean	saveCertificateToCredentialSet	Whether to save the certificate to the Java Subject's public credentials.
private static final long	serialVersionUID	Serial UUID.
private static final String	TRUST_ENGINE_PARAM	Init parameter identifying optional TrustEngine bean name.
private TrustEngine<? super X509Credential>	trustEngine	Trust engine.

Fields inherited from class jakarta.servlet.http.HttpServlet

LEGACY_DO_HEAD

Constructor Summary

Constructors

Constructor	Description
X509AuthServlet()	Constructor.

Method Summary

Modifier and Type	Method	Description
void	init(ServletConfig config)
protected void	service(HttpServletRequest httpRequest, HttpServletResponse httpResponse)
void	setSaveCertificateToCredentialSet(boolean flag)	Set whether to save the certificate in the Java Subject's public credentials.
void	setTrustEngine(TrustEngine<? super X509Credential> tm)	Set the TrustEngine to use.

Methods inherited from class jakarta.servlet.http.HttpServlet

doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service

Methods inherited from class jakarta.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

serialVersionUID

private static final long serialVersionUID

Serial UUID.

See Also:

• Constant Field Values

TRUST_ENGINE_PARAM

@Nonnull
@NotEmpty
private static final String TRUST_ENGINE_PARAM

Init parameter identifying optional TrustEngine bean name.

See Also:

• Constant Field Values

SAVECERT_PARAM

@Nonnull
@NotEmpty
private static final String SAVECERT_PARAM

Init parameter controlling certificate preservation.

See Also:

• Constant Field Values

PASSTHROUGH_PARAM

@Nonnull
@NotEmpty
private static final String PASSTHROUGH_PARAM

Parameter/cookie for bypassing prompt page.

See Also:

• Constant Field Values

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

trustEngine

@Nullable
private TrustEngine<? super X509Credential> trustEngine

Trust engine.

saveCertificateToCredentialSet

private boolean saveCertificateToCredentialSet

Whether to save the certificate to the Java Subject's public credentials.

Constructor Details

X509AuthServlet

public X509AuthServlet()

Constructor.

Method Details

setTrustEngine

public void setTrustEngine(@Nullable
 TrustEngine<? super X509Credential> tm)

Set the TrustEngine to use.

Parameters:

tm - trust engine to use

setSaveCertificateToCredentialSet

public void setSaveCertificateToCredentialSet(boolean flag)

Set whether to save the certificate in the Java Subject's public credentials.

Defaults to true

Parameters:

flag - flag to set

Since:

4.1.0

init

public void init(ServletConfig config)
          throws ServletException

Specified by:

init in interface Servlet

Overrides:

init in class HttpServlet

Throws:

ServletException

service

protected void service(HttpServletRequest httpRequest,
 HttpServletResponse httpResponse)
                throws ServletException,
IOException

Overrides:

service in class HttpServlet

Throws:

ServletException

IOException