io.servicetalk.http.api

Interface HttpServerSecurityConfigurator

All Superinterfaces:

SecurityConfigurator, ServerSecurityConfigurator

public interface HttpServerSecurityConfigurator
extends ServerSecurityConfigurator

A ServerSecurityConfigurator for HttpServerBuilder.

Nested Class Summary

Nested classes/interfaces inherited from interface io.servicetalk.transport.api.ServerSecurityConfigurator

ServerSecurityConfigurator.ClientAuth

Nested classes/interfaces inherited from interface io.servicetalk.transport.api.SecurityConfigurator

SecurityConfigurator.SslProvider

Method Summary

Modifier and Type	Method and Description
HttpServerSecurityConfigurator	ciphers(java.lang.Iterable<java.lang.String> ciphers) The cipher suites to enable, in the order of preference.
HttpServerSecurityConfigurator	clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth) Sets the client authentication mode.
HttpServerBuilder	commit(javax.net.ssl.KeyManagerFactory keyManagerFactory) Commit configuring server security.
HttpServerBuilder	commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier) Commit configuring server security.
HttpServerBuilder	commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier, java.util.function.Supplier<java.io.InputStream> keySupplier, java.lang.String keyPassword) Commit configuring server security.
HttpServerSecurityConfigurator	protocols(java.lang.String... protocols) The SSL protocols to enable, in the order of preference.
HttpServerSecurityConfigurator	provider(SecurityConfigurator.SslProvider provider) Sets the SecurityConfigurator.SslProvider to use.
HttpServerSecurityConfigurator	sessionCacheSize(long sessionCacheSize) Set the size of the cache used for storing SSL session objects.
HttpServerSecurityConfigurator	sessionTimeout(long sessionTimeout) Set the timeout for the cached SSL session objects, in seconds.
HttpServerSecurityConfigurator	trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier) Trusted certificates for verifying the remote endpoint's certificate.
HttpServerSecurityConfigurator	trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory) Trust manager for verifying the remote endpoint's certificate.

Method Detail

trustManager

HttpServerSecurityConfigurator trustManager(java.util.function.Supplier<java.io.InputStream> trustCertChainSupplier)

Description copied from interface: SecurityConfigurator

Trusted certificates for verifying the remote endpoint's certificate. The input stream should contain an X.509 certificate chain in PEM format.

Specified by:

trustManager in interface SecurityConfigurator

Specified by:

trustManager in interface ServerSecurityConfigurator

Parameters:

trustCertChainSupplier - a supplier for the certificate chain input stream.

The responsibility to call InputStream.close() is transferred to callers of the returned Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

Returns:

this.

trustManager

HttpServerSecurityConfigurator trustManager(javax.net.ssl.TrustManagerFactory trustManagerFactory)

Description copied from interface: SecurityConfigurator

Trust manager for verifying the remote endpoint's certificate. The TrustManagerFactory which take preference over any configured Supplier.

Specified by:

trustManager in interface SecurityConfigurator

Specified by:

trustManager in interface ServerSecurityConfigurator

Parameters:

trustManagerFactory - the TrustManagerFactory to use.

Returns:

this.

protocols

HttpServerSecurityConfigurator protocols(java.lang.String... protocols)

Description copied from interface: SecurityConfigurator

The SSL protocols to enable, in the order of preference.

Specified by:

protocols in interface SecurityConfigurator

Specified by:

protocols in interface ServerSecurityConfigurator

Parameters:

protocols - the protocols to use.

Returns:

this.

See Also:

SSLEngine.setEnabledProtocols(String[])

ciphers

HttpServerSecurityConfigurator ciphers(java.lang.Iterable<java.lang.String> ciphers)

Description copied from interface: SecurityConfigurator

The cipher suites to enable, in the order of preference.

Specified by:

ciphers in interface SecurityConfigurator

Specified by:

ciphers in interface ServerSecurityConfigurator

Parameters:

ciphers - the ciphers to use.

Returns:

this.

sessionCacheSize

HttpServerSecurityConfigurator sessionCacheSize(long sessionCacheSize)

Description copied from interface: SecurityConfigurator

Set the size of the cache used for storing SSL session objects.

Specified by:

sessionCacheSize in interface SecurityConfigurator

Specified by:

sessionCacheSize in interface ServerSecurityConfigurator

Parameters:

sessionCacheSize - the cache size.

Returns:

this.

sessionTimeout

HttpServerSecurityConfigurator sessionTimeout(long sessionTimeout)

Description copied from interface: SecurityConfigurator

Set the timeout for the cached SSL session objects, in seconds.

Specified by:

sessionTimeout in interface SecurityConfigurator

Specified by:

sessionTimeout in interface ServerSecurityConfigurator

Parameters:

sessionTimeout - the session timeout.

Returns:

this.

provider

HttpServerSecurityConfigurator provider(SecurityConfigurator.SslProvider provider)

Description copied from interface: SecurityConfigurator

Sets the SecurityConfigurator.SslProvider to use.

Specified by:

provider in interface SecurityConfigurator

Specified by:

provider in interface ServerSecurityConfigurator

Parameters:

provider - the provider.

Returns:

this.

clientAuth

HttpServerSecurityConfigurator clientAuth(ServerSecurityConfigurator.ClientAuth clientAuth)

Description copied from interface: ServerSecurityConfigurator

Sets the client authentication mode.

Specified by:

clientAuth in interface ServerSecurityConfigurator

Parameters:

clientAuth - the auth configuration to use.

Returns:

this.

commit

HttpServerBuilder commit(javax.net.ssl.KeyManagerFactory keyManagerFactory)

Commit configuring server security.

Parameters:

keyManagerFactory - an KeyManagerFactory.

Returns:

Original HttpServerBuilder that initiated the security configuration process.

commit

HttpServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
                         java.util.function.Supplier<java.io.InputStream> keySupplier)

Commit configuring server security.

Parameters:

keyCertChainSupplier - an Supplier that will provide an input stream for a X.509 certificate chain in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

keySupplier - an Supplier that will provide an input stream for a KCS#8 private key in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

Returns:

Original HttpServerBuilder that initiated the security configuration process.

commit

HttpServerBuilder commit(java.util.function.Supplier<java.io.InputStream> keyCertChainSupplier,
                         java.util.function.Supplier<java.io.InputStream> keySupplier,
                         java.lang.String keyPassword)

Commit configuring server security.

Parameters:

keyCertChainSupplier - an Supplier that will provide an input stream for a X.509 certificate chain in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

keySupplier - an Supplier that will provide an input stream for a KCS#8 private key in PEM format.

The responsibility to call InputStream.close() is transferred to callers of the Supplier. If this is not the desired behavior then wrap the InputStream and override InputStream.close().

keyPassword - the password of the keyFile.

Returns:

Original HttpServerBuilder that initiated the security configuration process.