Package org.forgerock.openig.tools
Class ServerTlsOptions
java.lang.Object
org.forgerock.openig.tools.TlsOptions
org.forgerock.openig.tools.ServerTlsOptions
Extension to
TlsOptions supporting client authentication configuration used to drive the authentication
negotiation between the client and IG.-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumEnum representing the client authentication configuration options driving authentication negotiations between IG and the client.static final recordA SNI (Server Name Indication) configuration holder. -
Constructor Summary
ConstructorsConstructorDescriptionServerTlsOptions(String algorithm, KeyManager[] managers, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake) Constructs TLS options with provided values.ServerTlsOptions(String algorithm, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake, ServerTlsOptions.SniConfiguration sniConfiguration) Constructs TLS options with provided values. -
Method Summary
Modifier and TypeMethodDescriptionReturn the configuredServerTlsOptions.ClientAuthenticationrequired.Get the SNI Configuration if any.Methods inherited from class org.forgerock.openig.tools.TlsOptions
getAlgorithm, getCipherSuitesList, getEnabledProtocolsList, getKeyManagers, getTrustManagers, isAlpnEnabled, offloadHandshake
-
Constructor Details
-
ServerTlsOptions
public ServerTlsOptions(String algorithm, KeyManager[] managers, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake) Constructs TLS options with provided values. TheKeyManageris used for server authentication.- Parameters:
algorithm- SSL algorithm (notnull)managers- array ofKeyManager(notnull)trustManagers- array ofTrustManager(may benull)ciphers- list of cipher suites to be enabled (may be empty for JVM default)protocols- list of protocols to be enabled (may be empty for JVM default)enableAlpn- enable the ALPN TLS extensionclientAuth- required level of client authentication (notnull)offloadHandshake- whether to use a worker thread when processing the handshake
-
ServerTlsOptions
public ServerTlsOptions(String algorithm, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake, ServerTlsOptions.SniConfiguration sniConfiguration) Constructs TLS options with provided values. TheServerTlsOptions.SniConfigurationis used for server authentication.- Parameters:
algorithm- SSL algorithm (notnull)trustManagers- array ofTrustManager(may benull)ciphers- list of cipher suites to be enabled (may be empty for JVM default)protocols- list of protocols to be enabled (may be empty for JVM default)enableAlpn- enable the ALPN TLS extensionclientAuth- required level of client authentication (notnull)offloadHandshake- enable handshaking to be offloaded to a worker threadsniConfiguration- The SNI configuration (notnull)
-
-
Method Details
-
sniConfiguration
Get the SNI Configuration if any.- Returns:
- the SNI Configuration if any
-
getClientAuthentication
Return the configuredServerTlsOptions.ClientAuthenticationrequired.- Returns:
- the client authentication
-