Package | Description |
---|---|
org.opensaml.saml.common.binding.security.impl |
Classes responsible for performing transport-related and basic message
validation of decoded SAML messages.
|
org.opensaml.saml.metadata.resolver.impl |
Class for retrieving, filtering, and querying metadata.
|
org.opensaml.security.messaging.impl |
Message handler implementations.
|
org.opensaml.security.trust |
Interfaces and classes used to evaluate the trustworthiness and validity of
Credential s. |
org.opensaml.security.trust.impl |
TrustEngine implementation classes. |
org.opensaml.security.x509 |
X.509-based credential and trust classes.
|
org.opensaml.security.x509.impl |
TrustEngine implementation classes related to PKIX. |
org.opensaml.security.x509.tls |
TLS security functionality.
|
org.opensaml.security.x509.tls.impl |
Implementation classes for client TLS security.
|
org.opensaml.xmlsec.signature.support |
Functional support for XML Signature.
|
org.opensaml.xmlsec.signature.support.impl |
Implementations of signature evaluation functions.
|
Modifier and Type | Method and Description |
---|---|
protected TrustEngine<Signature> |
BaseSAMLXMLSignatureSecurityHandler.resolveTrustEngine(MessageContext messageContext)
Resolve a TrustEngine instance of the appropriate type from the message context.
|
Modifier and Type | Method and Description |
---|---|
void |
AbstractDynamicHTTPMetadataResolver.setTLSTrustEngine(TrustEngine<? super X509Credential> engine)
Sets the optional trust engine used in evaluating server TLS credentials.
|
void |
HTTPMetadataResolver.setTLSTrustEngine(TrustEngine<? super X509Credential> engine)
Sets the optional trust engine used in evaluating server TLS credentials.
|
Modifier and Type | Method and Description |
---|---|
protected TrustEngine<? super TokenType> |
BaseTrustEngineSecurityHandler.getTrustEngine()
Gets the trust engine used to validate the untrusted token.
|
protected TrustEngine<? super X509Credential> |
BaseClientCertAuthSecurityHandler.resolveTrustEngine(MessageContext messageContext)
Resolve a TrustEngine instance of the appropriate type from the message context.
|
protected abstract TrustEngine<? super TokenType> |
BaseTrustEngineSecurityHandler.resolveTrustEngine(MessageContext messageContext)
Resolve a TrustEngine instance of the appropriate type from the message context.
|
Modifier and Type | Interface and Description |
---|---|
interface |
TrustedCredentialTrustEngine<TokenType>
Evaluates the trustworthiness and validity of a token against
implementation-specific requirements based on trusted credentials
obtained via a credential resolver.
|
Modifier and Type | Class and Description |
---|---|
class |
ChainingTrustEngine<TokenType>
Evaluate a token in sequence using a chain of subordinate trust engines.
|
class |
ExplicitKeyTrustEngine
Trust engine that evaluates a credential's key against key(s) expressed within a set of trusted credentials obtained
from a trusted credential resolver.
|
class |
ExplicitX509CertificateTrustEngine
Trust engine that evaluates a credential's X.509 certificate against certificates expressed within a set of trusted
credentials obtained from a credential resolver.
|
Modifier and Type | Method and Description |
---|---|
List<TrustEngine<? super TokenType>> |
ChainingTrustEngine.getChain()
Get the list of configured trust engines which constitute the trust evaluation chain.
|
Constructor and Description |
---|
ChainingTrustEngine(List<TrustEngine<? super TokenType>> chain)
Constructor.
|
Modifier and Type | Interface and Description |
---|---|
interface |
PKIXTrustEngine<TokenType>
Trust engine that validates tokens using PKIX validation.
|
Modifier and Type | Class and Description |
---|---|
class |
PKIXX509CredentialTrustEngine
Trust engine implementation which evaluates an
X509Credential token based on PKIX validation processing using
validation information from a trusted source. |
Modifier and Type | Method and Description |
---|---|
TrustEngine<? super X509Credential> |
ClientTLSValidationConfiguration.getX509TrustEngine()
Get a
TrustEngine instance used to validate a client TLS X509Credential . |
TrustEngine<? super X509Credential> |
ClientTLSValidationParameters.getX509TrustEngine()
Get a
TrustEngine instance used to validate a client TLS X509Credential . |
Modifier and Type | Method and Description |
---|---|
void |
ClientTLSValidationParameters.setX509TrustEngine(TrustEngine<? super X509Credential> engine)
Set a
TrustEngine instance used to validate a client TLS X509Credential . |
Modifier and Type | Method and Description |
---|---|
TrustEngine<? super X509Credential> |
BasicClientTLSValidationConfiguration.getX509TrustEngine()
Get a
TrustEngine instance used to validate a client TLS X509Credential . |
protected TrustEngine<? super X509Credential> |
BasicClientTLSValidationParametersResolver.resolveTrustEngine(net.shibboleth.utilities.java.support.resolver.CriteriaSet criteria)
Resolve and return the effective
super X509Credential> . |
Modifier and Type | Method and Description |
---|---|
void |
BasicClientTLSValidationConfiguration.setX509TrustEngine(TrustEngine<? super X509Credential> engine)
Set a
TrustEngine instance used to validate a client TLS X509Credential . |
Modifier and Type | Interface and Description |
---|---|
interface |
SignatureTrustEngine
Evaluates the trustworthiness and validity of XML or raw Signatures against implementation-specific requirements.
|
Modifier and Type | Class and Description |
---|---|
class |
BaseSignatureTrustEngine<TrustBasisType>
A base implementation of
SignatureTrustEngine which evaluates the validity and trustworthiness of XML and raw
signatures. |
class |
ChainingSignatureTrustEngine
Evaluate a signature in sequence using a chain of subordinate trust engines.
|
class |
ExplicitKeySignatureTrustEngine
An implementation of
SignatureTrustEngine which evaluates the validity
and trustworthiness of XML and raw signatures. |
class |
PKIXSignatureTrustEngine
An implementation of
SignatureTrustEngine which evaluates the validity
and trustworthiness of XML and raw signatures. |
Copyright © 2019. All rights reserved.