All Classes and Interfaces (OpenSAML :: Security Implementation 5.0.0 API)

Class

Description

AbstractChainingCredentialResolver<ResolverType extends CredentialResolver>

An abstract implementation of CredentialResolver which chains together one or more underlying credential resolver implementations.

AbstractCredentialResolver

Abstract base class for CredentialResolver implementations.

AbstractCriteriaFilteringCredentialResolver

An abstract implementation of CredentialResolver that filters the returned Credentials based on the instances of Predicate which are present in the set of criteria as instances of EvaluableCredentialCriterion, or which are obtained via lookup in the EvaluableCredentialCriteriaRegistry.

BaseClientCertAuthSecurityHandler

Policy rule that checks if the client cert used to authenticate the request is valid and trusted.

BaseTrustEngineSecurityHandler<TokenType>

Base rule which uses a trust engine to evaluate a token extracted from the request or message.

BasicClientTLSValidationConfiguration

Basic implementation of ClientTLSValidationConfiguration.

BasicClientTLSValidationParametersResolver

Basic implementation of ClientTLSValidationParametersResolver.

BasicHttpClientSecurityConfiguration

Basic implementation of HttpClientSecurityConfiguration.

BasicHttpClientSecurityParametersResolver

Basic implementation of HttpClientSecurityParametersResolver.

BasicPKIXValidationInformation

Basic implementation of PKIXValidationInformation.

BasicX509CredentialNameEvaluator

A basic implementaion of X509CredentialNameEvaluator which evaluates various identifiers extracted from an X509Credential's entity certificate against a set of trusted names.

CertPathPKIXTrustEvaluator

An implementation of PKIXTrustEvaluator that is based on the Java CertPath API.

CertPathPKIXValidationOptions

Specialization of PKIXValidationOptions which specifies options specific to a PKIXTrustEvaluator based on the Java CertPath API.

ChainingCredentialResolver

A concrete implementation of AbstractChainingCredentialResolver which is scoped to the simple CredentialResolver type.

ChainingTrustEngine<TokenType>

Evaluate a token in sequence using a chain of subordinate trust engines.

ClientTLSValidationConfiguratonInitializer

An initializer which initializes the global configuration instance of ClientTLSValidationConfiguration.

CollectionCredentialResolver

An implementation of CredentialResolver that uses a Collection as the underlying credential source.

DummyX509CredentialNameEvaluator

A dummy implementation of X509CredentialNameEvaluator which always returns true.

EvaluableCredentialCriteriaRegistry

A registry which manages mappings from types of Criterion to the class type which can evaluate that criteria's data against a Credential target.

EvaluableCredentialCriterion

Marker interface for evaluable credential resolver criteria.

EvaluableEntityIDCredentialCriterion

Instance of evaluable credential criteria for evaluating a credential's entityID.

EvaluableKeyAlgorithmCredentialCriterion

Instance of evaluable credential criteria for evaluating the credential key algorithm.

EvaluableKeyLengthCredentialCriterion

Instance of evaluable credential criteria for evaluating the credential key length.

EvaluableKeyNameCredentialCriterion

Instance of evaluable credential criteria for evaluating credential key names.

EvaluablePublicKeyCredentialCriterion

Instance of evaluable credential criteria for evaluating whether a credential contains a particular public key.

EvaluableUsageCredentialCriterion

Instance of evaluable credential criteria for evaluating whether a credential contains a particular usage specifier.

EvaluableX509CertSelectorCredentialCriterion

Instance of evaluable credential criteria for evaluating whether a credential's certificate meets the criteria specified by an instance of X509CertSelector.

EvaluableX509DigestCredentialCriterion

An implementation of Criterion which specifies criteria based on the digest of an X.509 certificate.

EvaluableX509IssuerSerialCredentialCriterion

Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular issuer name and serial number.

EvaluableX509SubjectKeyIdentifierCredentialCriterion

Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular subject key identifier.

EvaluableX509SubjectNameCredentialCriterion

Instance of evaluable credential criteria for evaluating whether a credential's certificate contains a particular subject name.

ExplicitKeyTrustEngine

Trust engine that evaluates a credential's key against key(s) expressed within a set of trusted credentials obtained from a trusted credential resolver.

ExplicitKeyTrustEvaluator

Auxillary trust evaluator for evaluating an untrusted key or credential against a trusted key or credential.

ExplicitX509CertificateTrustEngine

Trust engine that evaluates a credential's X.509 certificate against certificates expressed within a set of trusted credentials obtained from a credential resolver.

ExplicitX509CertificateTrustEvaluator

Auxillary trust evaluator for evaluating an untrusted X509 certificate or credential against a trusted certificate or credential.

FilesystemCredentialResolver

NOTE: this class is not yet implemented A CredentialResolver that pulls credential information from the file system.

HttpClientSecurityConfigurationInitalizer

An initializer which initializes the global HttpClientSecurityConfiguration.

KeyStoreCredentialResolver

A CredentialResolver that extracts Credential's from a key store.

KeyStoreX509CredentialAdapter

A wrapper that changes a KeyStore in to a X509Credential.

PKIXX509CredentialTrustEngine

Trust engine implementation which evaluates an X509Credential token based on PKIX validation processing using validation information from a trusted source.

PopulateHttpClientSecurityParametersHandler

Handler that resolves and populates HttpClientSecurityParameters on a HttpClientSecurityContext created/accessed via a lookup function, by default as an immediate child context of the target MessageContext.

SecurityEnhancedHttpClientSupport

Support class for working with security-enhanced components related to use of HttpClient.

SecurityEnhancedTLSSocketFactory

An security-enhanced implementation of HttpClient's TLS-capable LayeredConnectionSocketFactory.

StaticCredentialResolver

Simple implementation of CredentialResolver which just stores and returns a static set of credentials.

StaticPKIXValidationInformationResolver

An implementation of PKIXValidationInformationResolver which always returns a static, fixed set of information.

StaticX509CredentialKeyManager

An implementation of X509KeyManager based on a single statically configured private key and certificate chain, supplied either directly or via an instance of X509Credential.

ThreadLocalClientTLSCredentialHandler

An implementation of HttpClientContextHandler which clears the thread local client TLS credential held by ThreadLocalX509CredentialContext.

ThreadLocalServerTLSHandler

An implementation of HttpClientContextHandler which handles cleanup and transfer of data used for server TLS held by ThreadLocalX509TrustEngineContext.

ThreadLocalX509CredentialContext

Class which holds and makes available an instance of X509Credential via ThreadLocal storage, typically used for client TLS authentication via ThreadLocalX509CredentialKeyManager.

ThreadLocalX509CredentialKeyManager

An implementation of X509KeyManager which returns data based on the thread-local credential instance obtained via ThreadLocalX509CredentialContext.

ThreadLocalX509TrustEngineContext

Class which holds and makes available instances of TrustEngine<? super X509Credential> and CriteriaSet via ThreadLocal storage, typically used for server TLS authentication via ThreadLocalX509TrustManager.

ThreadLocalX509TrustEngineContext.Data

Unified class representing the data that will be managed by the thread local storage.

ThreadLocalX509TrustEngineSupport

Support class for centralizing evaluation of a certificate chain using trust engine and criteria from ThreadLocalX509TrustEngineContext.

ThreadLocalX509TrustManager

An implementation of X509TrustManager which performs its evaluation using trust engine and criteria instances available from ThreadLocalX509TrustEngineContext.

TrustEngineX509TrustManager

X509TrustManager implementation that relies on a TrustEngine.

X509CredentialNameEvaluator

Interface for classes which evaluate an X509Credential against a supplied set of trusted names.

X509KeyManagerX509CredentialAdapter

A class that wraps a X509KeyManager and exposes it as an X509Credential.