public interface HttpServerSecurityConfigurator extends ServerSecurityConfigurator
ServerSecurityConfigurator.ClientAuth
SecurityConfigurator.SslProvider
Modifier and Type | Method and Description |
---|---|
HttpServerSecurityConfigurator |
ciphers(java.lang.Iterable<java.lang.String> ciphers)
The cipher suites to enable, in the order of preference.
|
HttpServerSecurityConfigurator |
clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)
Sets the client authentication mode.
|
HttpServerBuilder |
commit(javax.net.ssl.KeyManagerFactory keyManagerFactory)
Commit configuring server security.
|
HttpServerBuilder |
commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier)
Commit configuring server security.
|
HttpServerBuilder |
commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
java.util.function.Supplier<java.io.InputStream> keySupplier,
java.lang.String keyPassword)
Commit configuring server security.
|
HttpServerSecurityConfigurator |
protocols(java.lang.String... protocols)
The SSL protocols to enable, in the order of preference.
|
HttpServerSecurityConfigurator |
provider(SecurityConfigurator.SslProvider provider)
Sets the
SecurityConfigurator.SslProvider to use. |
HttpServerSecurityConfigurator |
sessionCacheSize(long sessionCacheSize)
Set the size of the cache used for storing SSL session objects.
|
HttpServerSecurityConfigurator |
sessionTimeout(long sessionTimeout)
Set the timeout for the cached SSL session objects, in seconds.
|
HttpServerSecurityConfigurator |
trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
Trusted certificates for verifying the remote endpoint's certificate.
|
HttpServerSecurityConfigurator |
trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
Trust manager for verifying the remote endpoint's certificate.
|
HttpServerSecurityConfigurator trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)
SecurityConfigurator
X.509
certificate chain in PEM
format.trustManager
in interface SecurityConfigurator
trustManager
in interface ServerSecurityConfigurator
trustCertChainSupplier
- a supplier for the certificate chain input stream.
The responsibility to call InputStream.close()
is transferred to callers of the returned
Supplier
. If this is not the desired behavior then wrap the InputStream
and override
InputStream.close()
.
this
.HttpServerSecurityConfigurator trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)
SecurityConfigurator
TrustManagerFactory
which take preference over any configured Supplier
.trustManager
in interface SecurityConfigurator
trustManager
in interface ServerSecurityConfigurator
trustManagerFactory
- the TrustManagerFactory
to use.this
.HttpServerSecurityConfigurator protocols(java.lang.String... protocols)
SecurityConfigurator
protocols
in interface SecurityConfigurator
protocols
in interface ServerSecurityConfigurator
protocols
- the protocols to use.this
.SSLEngine.setEnabledProtocols(String[])
HttpServerSecurityConfigurator ciphers(java.lang.Iterable<java.lang.String> ciphers)
SecurityConfigurator
ciphers
in interface SecurityConfigurator
ciphers
in interface ServerSecurityConfigurator
ciphers
- the ciphers to use.this
.HttpServerSecurityConfigurator sessionCacheSize(long sessionCacheSize)
SecurityConfigurator
sessionCacheSize
in interface SecurityConfigurator
sessionCacheSize
in interface ServerSecurityConfigurator
sessionCacheSize
- the cache size.this
.HttpServerSecurityConfigurator sessionTimeout(long sessionTimeout)
SecurityConfigurator
sessionTimeout
in interface SecurityConfigurator
sessionTimeout
in interface ServerSecurityConfigurator
sessionTimeout
- the session timeout.this
.HttpServerSecurityConfigurator provider(SecurityConfigurator.SslProvider provider)
SecurityConfigurator
SecurityConfigurator.SslProvider
to use.provider
in interface SecurityConfigurator
provider
in interface ServerSecurityConfigurator
provider
- the provider.this
.HttpServerSecurityConfigurator clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)
ServerSecurityConfigurator
clientAuth
in interface ServerSecurityConfigurator
clientAuth
- the auth configuration to use.this
.HttpServerBuilder commit(javax.net.ssl.KeyManagerFactory keyManagerFactory)
keyManagerFactory
- an KeyManagerFactory
.HttpServerBuilder
that initiated the security configuration process.HttpServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier)
keyCertChainSupplier
- an Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keySupplier
- an Supplier
that will provide an input stream for a KCS#8
private key in
PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
HttpServerBuilder
that initiated the security configuration process.HttpServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword)
keyCertChainSupplier
- an Supplier
that will provide an input stream for a X.509
certificate
chain in PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keySupplier
- an Supplier
that will provide an input stream for a KCS#8
private key in
PEM
format.
The responsibility to call InputStream.close()
is transferred to callers of the Supplier
.
If this is not the desired behavior then wrap the InputStream
and override InputStream.close()
.
keyPassword
- the password of the keyFile
.HttpServerBuilder
that initiated the security configuration process.