public class SecurityConfiguration extends Object
| Modifier and Type | Field and Description |
|---|---|
private ClientTLSValidationConfiguration |
clientTLSConfig
Configuration used when validating client TLS X509Credentials.
|
private long |
clockSkew
Acceptable clock skew expressed in milliseconds.
|
private DecryptionConfiguration |
decryptConfig
Configuration used when decrypting protocol message information.
|
private EncryptionConfiguration |
encryptConfig
Configuration used when encrypting protocol message information.
|
private HttpClientSecurityConfiguration |
httpClientConfig
Configuration used when executing HttpClient requests.
|
private IdentifierGenerationStrategy |
idGenerator
Generator used to generate various secure IDs (e.g., message identifiers).
|
private SignatureSigningConfiguration |
sigSigningConfig
Configuration used when generating protocol message signatures.
|
private SignatureValidationConfiguration |
sigValidateConfig
Configuration used when validating protocol message signatures.
|
| Constructor and Description |
|---|
SecurityConfiguration()
Constructor.
|
SecurityConfiguration(long skew,
IdentifierGenerationStrategy generator)
Constructor.
|
| Modifier and Type | Method and Description |
|---|---|
ClientTLSValidationConfiguration |
getClientTLSValidationConfiguration()
Get the configuration used when validating client TLS X509Credentials.
|
long |
getClockSkew()
Get the acceptable clock skew expressed in milliseconds.
|
DecryptionConfiguration |
getDecryptionConfiguration()
Get the configuration used when decrypting protocol message information.
|
EncryptionConfiguration |
getEncryptionConfiguration()
Get the configuration used when encrypting protocol message information.
|
HttpClientSecurityConfiguration |
getHttpClientSecurityConfiguration()
Get the configuration used when executing HttpClient requests.
|
IdentifierGenerationStrategy |
getIdGenerator()
Get the generator used to generate secure identifiers.
|
SignatureSigningConfiguration |
getSignatureSigningConfiguration()
Get the configuration used when generating protocol message signatures.
|
SignatureValidationConfiguration |
getSignatureValidationConfiguration()
Get the configuration used when validating protocol message signatures.
|
void |
setClientTLSValidationConfiguration(ClientTLSValidationConfiguration config)
Set the configuration used when validating client TLS X509Credentials.
|
void |
setDecryptionConfiguration(DecryptionConfiguration config)
Set the configuration used when decrypting protocol message information.
|
void |
setEncryptionConfiguration(EncryptionConfiguration config)
Set the configuration used when encrypting protocol message information.
|
void |
setHttpClientSecurityConfiguration(HttpClientSecurityConfiguration config)
Set the configuration used when executing HttpClient requests.
|
void |
setSignatureSigningConfiguration(SignatureSigningConfiguration config)
Set the configuration used when generating protocol message signatures.
|
void |
setSignatureValidationConfiguration(SignatureValidationConfiguration config)
Set the configuration used when validating protocol message signatures.
|
@Duration @Positive private final long clockSkew
@Nonnull private final IdentifierGenerationStrategy idGenerator
@Nullable private SignatureValidationConfiguration sigValidateConfig
@Nullable private SignatureSigningConfiguration sigSigningConfig
@Nullable private DecryptionConfiguration decryptConfig
@Nullable private EncryptionConfiguration encryptConfig
@Nullable private ClientTLSValidationConfiguration clientTLSConfig
@Nullable private HttpClientSecurityConfiguration httpClientConfig
public SecurityConfiguration()
SecureRandomIdentifierGenerationStrategy using the SHA1PRNG algorithm.public SecurityConfiguration(@Duration@Positive long skew, @Nonnull IdentifierGenerationStrategy generator)
skew - the clock skew, must be greater than 0generator - the identifier generator, must not be null@Positive public long getClockSkew()
@Nonnull public IdentifierGenerationStrategy getIdGenerator()
@Nullable public SignatureValidationConfiguration getSignatureValidationConfiguration()
public void setSignatureValidationConfiguration(@Nullable SignatureValidationConfiguration config)
config - configuration used when validating protocol message signatures, or null@Nullable public SignatureSigningConfiguration getSignatureSigningConfiguration()
public void setSignatureSigningConfiguration(@Nullable SignatureSigningConfiguration config)
config - configuration used when generating protocol message signatures, or null@Nullable public DecryptionConfiguration getDecryptionConfiguration()
public void setDecryptionConfiguration(@Nullable DecryptionConfiguration config)
config - configuration used when decrypting protocol message information, or null@Nullable public EncryptionConfiguration getEncryptionConfiguration()
public void setEncryptionConfiguration(@Nullable EncryptionConfiguration config)
config - configuration used when encrypting protocol message information, or nullpublic ClientTLSValidationConfiguration getClientTLSValidationConfiguration()
public void setClientTLSValidationConfiguration(ClientTLSValidationConfiguration config)
config - configuration used when validating client TLS X509Credentials, or nullpublic HttpClientSecurityConfiguration getHttpClientSecurityConfiguration()
public void setHttpClientSecurityConfiguration(HttpClientSecurityConfiguration config)
config - configuration used when executing HttpClient requests, or nullCopyright © 1999–2020 Shibboleth Consortium. All rights reserved.