Package org.opensaml.security.httpclient

Interface HttpClientSecurityConfiguration

All Known Implementing Classes:

BasicHttpClientSecurityConfiguration

public interface HttpClientSecurityConfiguration

The security configuration information to use when performing HTTP client requests.

Method Summary

Modifier and Type	Method	Description
X509Credential	getClientTLSCredential()	Get the optional client TLS credential.
org.apache.hc.client5.http.auth.CredentialsProvider	getCredentialsProvider()	Get an instance of CredentialsProvider used for authentication by the HttpClient instance.
HostnameVerifier	getHostnameVerifier()	Get the optional hostname verifier.
Map<org.apache.hc.core5.http.HttpHost,org.apache.hc.client5.http.auth.UsernamePasswordCredentials>	getPreemptiveBasicAuthMap()	Get the map of rules for preemptive basic authentication using the supplied hosts and credentials.
List<String>	getTLSCipherSuites()	Get the optional list of TLS cipher suites.
List<String>	getTLSProtocols()	Get the optional list of TLS protocols.
TrustEngine<? super X509Credential>	getTLSTrustEngine()	Sets the optional trust engine used in evaluating server TLS credentials.
Boolean	isServerTLSFailureFatal()	Get the flag indicating whether failure of server TLS trust engine evaluation should be treated as a fatal error.

Method Details

getCredentialsProvider

@Nullable
org.apache.hc.client5.http.auth.CredentialsProvider getCredentialsProvider()

Get an instance of CredentialsProvider used for authentication by the HttpClient instance.

Returns:

the credentials provider, or null

getPreemptiveBasicAuthMap

@Nullable
@Unmodifiable
@NotLive
Map<org.apache.hc.core5.http.HttpHost,org.apache.hc.client5.http.auth.UsernamePasswordCredentials> getPreemptiveBasicAuthMap()

Get the map of rules for preemptive basic authentication using the supplied hosts and credentials.

Returns:

basic-auth rule map or null

Since:

5.0.0

getTLSTrustEngine

@Nullable
TrustEngine<? super X509Credential> getTLSTrustEngine()

Sets the optional trust engine used in evaluating server TLS credentials.

Returns:

the trust engine instance to use, or null

getTLSProtocols

@Nullable
List<String> getTLSProtocols()

Get the optional list of TLS protocols.

Returns:

the TLS protocols, or null

getTLSCipherSuites

@Nullable
List<String> getTLSCipherSuites()

Get the optional list of TLS cipher suites.

Returns:

the list of TLS cipher suites, or null

getHostnameVerifier

@Nullable
HostnameVerifier getHostnameVerifier()

Get the optional hostname verifier.

Returns:

the hostname verifier, or null

getClientTLSCredential

@Nullable
X509Credential getClientTLSCredential()

Get the optional client TLS credential.

Returns:

the client TLS credential, or null

isServerTLSFailureFatal

@Nullable
Boolean isServerTLSFailureFatal()

Get the flag indicating whether failure of server TLS trust engine evaluation should be treated as a fatal error.

Note: a Boolean is used here rather than boolean to explicitly allow a non-configured value, allowing consuming components to implement their own internal defaults.

Returns:

true if fatal, false if non-fatal, null if not explicitly configured