Package org.forgerock.openig.tools
Class ServerTlsOptions
- java.lang.Object
-
- org.forgerock.openig.tools.TlsOptions
-
- org.forgerock.openig.tools.ServerTlsOptions
-
public class ServerTlsOptions extends TlsOptions
Extension toTlsOptions
supporting client authentication configuration used to drive the authentication negotiation between the client and IG.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
ServerTlsOptions.ClientAuthentication
Enum representing the client authentication configuration options driving authentication negotiations between IG and the client.static class
ServerTlsOptions.SniConfiguration
A SNI (Server Name Indication) configuration holder.
-
Constructor Summary
Constructors Constructor Description ServerTlsOptions(String algorithm, KeyManager[] managers, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth)
Constructs TLS options with provided values.ServerTlsOptions(String algorithm, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, ServerTlsOptions.SniConfiguration sniConfiguration)
Constructs TLS options with provided values.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ServerTlsOptions.ClientAuthentication
getClientAuthentication()
Return the configuredServerTlsOptions.ClientAuthentication
required.Optional<ServerTlsOptions.SniConfiguration>
sniConfiguration()
Get the SNI Configuration if any.-
Methods inherited from class org.forgerock.openig.tools.TlsOptions
getAlgorithm, getCipherSuitesArray, getCipherSuitesList, getEnabledProtocolsArray, getEnabledProtocolsList, getKeyManagers, getTrustManagers, isAlpnEnabled
-
-
-
-
Constructor Detail
-
ServerTlsOptions
public ServerTlsOptions(String algorithm, KeyManager[] managers, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth)
Constructs TLS options with provided values. TheKeyManager
is used for server authentication.- Parameters:
algorithm
- SSL algorithm (notnull
)managers
- array ofKeyManager
(notnull
)trustManagers
- array ofTrustManager
(may benull
)ciphers
- list of cipher suites to be enabled (may be empty for JVM default)protocols
- list of protocols to be enabled (may be empty for JVM default)enableAlpn
- enable the ALPN TLS extensionclientAuth
- required level of client authentication (notnull
)
-
ServerTlsOptions
public ServerTlsOptions(String algorithm, TrustManager[] trustManagers, List<String> ciphers, List<String> protocols, boolean enableAlpn, ServerTlsOptions.ClientAuthentication clientAuth, ServerTlsOptions.SniConfiguration sniConfiguration)
Constructs TLS options with provided values. TheServerTlsOptions.SniConfiguration
is used for server authentication.- Parameters:
algorithm
- SSL algorithm (notnull
)trustManagers
- array ofTrustManager
(may benull
)ciphers
- list of cipher suites to be enabled (may be empty for JVM default)protocols
- list of protocols to be enabled (may be empty for JVM default)enableAlpn
- enable the ALPN TLS extensionclientAuth
- required level of client authentication (notnull
)sniConfiguration
- The SNI configuration (notnull
)
-
-
Method Detail
-
sniConfiguration
public Optional<ServerTlsOptions.SniConfiguration> sniConfiguration()
Get the SNI Configuration if any.- Returns:
- the SNI Configuration if any
-
getClientAuthentication
public ServerTlsOptions.ClientAuthentication getClientAuthentication()
Return the configuredServerTlsOptions.ClientAuthentication
required.- Returns:
- the client authentication
-
-