@Immutable public class PKITLSClientAuthentication extends TLSClientAuthentication
self_signed_tls_client_auth
which
relies on a self-signed certificate. Implements
ClientAuthenticationMethod.TLS_CLIENT_AUTH
.
Related specifications:
Constructor | Description |
---|---|
PKITLSClientAuthentication(ClientID clientID,
String certSubjectDN) |
Creates a new PKI mutual TLS client authentication.
|
PKITLSClientAuthentication(ClientID clientID,
SSLSocketFactory sslSocketFactory) |
Creates a new PKI mutual TLS client authentication.
|
Modifier and Type | Method | Description |
---|---|---|
String |
getClientX509CertificateSubjectDN() |
Gets the subject DN of the received validated client X.509
certificate.
|
static PKITLSClientAuthentication |
parse(HTTPRequest httpRequest) |
Parses a PKI mutual TLS client authentication from the specified
HTTP request.
|
getClientID, getMethod
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
applyTo, getSSLSocketFactory
public PKITLSClientAuthentication(ClientID clientID, SSLSocketFactory sslSocketFactory)
clientID
- The client identifier. Must not be
null
.sslSocketFactory
- The SSL socket factory to use for the
outgoing HTTPS request and to present the
client certificate(s), null
to use
the default one.public PKITLSClientAuthentication(ClientID clientID, String certSubjectDN)
clientID
- The client identifier. Must not be
null
.certSubjectDN
- The subject DN of the received validated client
X.509 certificate. Must not be null
.public String getClientX509CertificateSubjectDN()
public static PKITLSClientAuthentication parse(HTTPRequest httpRequest) throws ParseException
httpRequest
- The HTTP request to parse. Must not be
null
and must include a validated client
X.509 certificate.ParseException
- If the client_id
or client X.509
certificate is missing.Copyright © 2019 Connect2id Ltd.. All rights reserved.