Package org.forgerock.openig.tools
Class ServerTlsOptions
- java.lang.Object
-
- org.forgerock.openig.tools.TlsOptions
-
- org.forgerock.openig.tools.ServerTlsOptions
-
public class ServerTlsOptions extends TlsOptions
Extension toTlsOptionssupporting client authentication configuration used to drive the authentication negotiation between the client and IG.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classServerTlsOptions.ClientAuthenticationEnum representing the client authentication configuration options driving authentication negotiations between IG and the client.static classServerTlsOptions.SniConfigurationA SNI (Server Name Indication) configuration holder.
-
Constructor Summary
Constructors Constructor Description ServerTlsOptions(String algorithm, KeyManager[] managers, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake)Constructs TLS options with provided values.ServerTlsOptions(String algorithm, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake, ServerTlsOptions.SniConfiguration sniConfiguration)Constructs TLS options with provided values.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ServerTlsOptions.ClientAuthenticationgetClientAuthentication()Return the configuredServerTlsOptions.ClientAuthenticationrequired.Optional<ServerTlsOptions.SniConfiguration>sniConfiguration()Get the SNI Configuration if any.-
Methods inherited from class org.forgerock.openig.tools.TlsOptions
getAlgorithm, getCipherSuitesArray, getCipherSuitesList, getEnabledProtocolsArray, getEnabledProtocolsList, getKeyManagers, getTrustManagers, isAlpnEnabled, offloadHandshake
-
-
-
-
Constructor Detail
-
ServerTlsOptions
public ServerTlsOptions(String algorithm, KeyManager[] managers, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake)
Constructs TLS options with provided values. TheKeyManageris used for server authentication.- Parameters:
algorithm- SSL algorithm (notnull)managers- array ofKeyManager(notnull)trustManagers- array ofTrustManager(may benull)ciphers- list of cipher suites to be enabled (may be empty for JVM default)protocols- list of protocols to be enabled (may be empty for JVM default)enableAlpn- enable the ALPN TLS extensionclientAuth- required level of client authentication (notnull)offloadHandshake- whether to use a worker thread when processing the handshake
-
ServerTlsOptions
public ServerTlsOptions(String algorithm, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, boolean offloadHandshake, ServerTlsOptions.SniConfiguration sniConfiguration)
Constructs TLS options with provided values. TheServerTlsOptions.SniConfigurationis used for server authentication.- Parameters:
algorithm- SSL algorithm (notnull)trustManagers- array ofTrustManager(may benull)ciphers- list of cipher suites to be enabled (may be empty for JVM default)protocols- list of protocols to be enabled (may be empty for JVM default)enableAlpn- enable the ALPN TLS extensionclientAuth- required level of client authentication (notnull)offloadHandshake- enable handshaking to be offloaded to a worker threadsniConfiguration- The SNI configuration (notnull)
-
-
Method Detail
-
sniConfiguration
public Optional<ServerTlsOptions.SniConfiguration> sniConfiguration()
Get the SNI Configuration if any.- Returns:
- the SNI Configuration if any
-
getClientAuthentication
public ServerTlsOptions.ClientAuthentication getClientAuthentication()
Return the configuredServerTlsOptions.ClientAuthenticationrequired.- Returns:
- the client authentication
-
-