java.io.Serializable
, CredentialProvider
public class ClientBSTCredentialProvider extends BST11CredentialProvider implements java.io.Serializable
Constructor | Description |
---|---|
ClientBSTCredentialProvider(java.lang.String clientCertPath,
java.lang.String clientPrivateKeyPath) |
Creates client BST credential provider for the indicated certificate file and
PKCS8 private key file.
|
ClientBSTCredentialProvider(java.lang.String clientCertPath,
java.lang.String clientPrivateKeyPath,
java.lang.String serverCertPath) |
Creates client BST credential provider for the indicated certificate file,
PKCS8 private key file and server certificate.
|
ClientBSTCredentialProvider(java.lang.String keyStoreFileName,
java.lang.String keyStorePasswd,
java.lang.String certAlias,
java.lang.String keyPasswd) |
Creates client BST credential provider for the indicated keystore and
certificate alias.
|
ClientBSTCredentialProvider(java.lang.String keyStoreFileName,
java.lang.String keyStorePasswd,
java.lang.String certAlias,
java.lang.String keyPasswd,
java.lang.String keyStoreType) |
Creates client BST credential provider for the indicated keystore and
certificate alias.
|
ClientBSTCredentialProvider(java.lang.String keyStoreFileName,
java.lang.String keyStorePasswd,
java.lang.String certAlias,
java.lang.String keyPasswd,
java.lang.String keyStoreType,
java.security.cert.X509Certificate serverCert) |
Creates client BST credential provider for the indicated keystore,
certificate alias and server certificate.
|
ClientBSTCredentialProvider(java.security.cert.CertPath certPath,
java.security.PrivateKey pk) |
Creates client BST credential provider for the indicated certificate file and
private key.
|
ClientBSTCredentialProvider(java.security.cert.X509Certificate serverCert,
java.security.cert.CertPath certPath,
java.security.PrivateKey pk) |
Creates client BST credential provider for the indicated certificate file and
private key.
|
ClientBSTCredentialProvider(java.security.cert.X509Certificate clientCert,
java.security.PrivateKey clientPrivateKey,
java.security.cert.X509Certificate serverCert) |
Creates client BST credential provider for the indicated certificate file,
PKCS8 private key file and server certificate.
|
Modifier and Type | Method | Description |
---|---|---|
ClientBSTCredentialProvider |
cloneAndReplaceServerCert(java.security.cert.X509Certificate serverCert) |
|
java.lang.Object |
getCredential(java.lang.String tokenType,
java.lang.String issuerName,
ContextHandler ctxHandler,
Purpose p) |
|
void |
setServerCertificate(java.security.cert.X509Certificate serverCert) |
set Server's public X509 certificate
|
java.lang.String |
toString() |
isForDecryption, isForEncryption, isForIdentity, isForResponseEncryption, isForSigning, isForVerification
public ClientBSTCredentialProvider(java.lang.String keyStoreFileName, java.lang.String keyStorePasswd, java.lang.String certAlias, java.lang.String keyPasswd) throws java.lang.Exception
keyStoreFileName
- Keystore file namekeyStorePasswd
- Keystore passwordcertAlias
- Certificate aliaskeyPasswd
- Certificate entry passwordjava.lang.Exception
- thrown if keystore or certificate entry is missing or corrupt
or if passwords are incorrectpublic ClientBSTCredentialProvider(java.lang.String keyStoreFileName, java.lang.String keyStorePasswd, java.lang.String certAlias, java.lang.String keyPasswd, java.lang.String keyStoreType) throws java.lang.Exception
keyStoreFileName
- Keystore file namekeyStorePasswd
- Keystore passwordcertAlias
- Certificate aliaskeyPasswd
- Certificate entry passwordkeyStoreType
- Keystore type, e.g. "JKS"java.lang.Exception
- thrown if keystore or certificate entry is missing or corrupt
or if passwords are incorrectpublic ClientBSTCredentialProvider(java.lang.String keyStoreFileName, java.lang.String keyStorePasswd, java.lang.String certAlias, java.lang.String keyPasswd, java.lang.String keyStoreType, java.security.cert.X509Certificate serverCert) throws java.lang.Exception
serverCert
will be used to encrypt the message body contents.
If security policy requires message-level integrity (signature) for the server's
response, the certificate passed for the parameter serverCert
will be used to verify the received signature. Any KeyInfo received as part of the
in-bound signature (e.g. certificate thumbprint) must correctly identify the same
server certificate.keyStoreFileName
- Keystore file namekeyStorePasswd
- Keystore passwordcertAlias
- Certificate aliaskeyPasswd
- Certificate entry passwordkeyStoreType
- Keystore type, e.g. "JKS"serverCert
- Server's public X509 certificatejava.lang.Exception
- thrown if keystore or certificate entry is missing or corrupt
or if passwords are incorrectpublic ClientBSTCredentialProvider(java.lang.String clientCertPath, java.lang.String clientPrivateKeyPath) throws java.lang.Exception
clientCertPath
- File name contiaining client's X509 public certificateclientPrivateKeyPath
- PKCS8 file name continaing client's private keyjava.lang.Exception
- thrown if certificate or key file are missing or corruptpublic ClientBSTCredentialProvider(java.lang.String clientCertPath, java.lang.String clientPrivateKeyPath, java.lang.String serverCertPath) throws java.lang.Exception
serverCertPath
will be used to encrypt the message
body contents. If security policy requires message-level integrity (signature)
for the server's response, the certificate read from the file
serverCertPath
will be used to verify the received signature.
Any KeyInfo received as part of the in-bound signature (e.g. certificate thumbprint)
must correctly identify the same server certificate.clientCertPath
- File name contiaining client's X509 public certificateclientPrivateKeyPath
- PKCS8 file name continaing client's private keyserverCertPath
- File name containging server's X509 public certificatejava.lang.Exception
- thrown if the client certificate, key, or server certificate files
are missing or corruptpublic ClientBSTCredentialProvider(java.security.cert.X509Certificate clientCert, java.security.PrivateKey clientPrivateKey, java.security.cert.X509Certificate serverCert)
serverCert
will be used to encrypt the message body
contents. If security policy requires message-level integrity (signature) for
the server's response, the certificate passed for the parameter
serverCert
will be used to verify the received signature.
Any KeyInfo received as part of the in-bound signature (e.g. certificate
thumbprint) must correctly identify the same server certificate.clientCert
- client's X509 public certificateclientPrivateKey
- client's private keyserverCert
- Server's public X509 certificatepublic ClientBSTCredentialProvider(java.security.cert.CertPath certPath, java.security.PrivateKey pk)
certPath
- Certpath object for client's X509 public certificatepk
- Client's private keypublic ClientBSTCredentialProvider(java.security.cert.X509Certificate serverCert, java.security.cert.CertPath certPath, java.security.PrivateKey pk)
serverCert
- Server's public X509 certificatecertPath
- Certpath object for client's X509 public certificatepk
- Client's private keypublic void setServerCertificate(java.security.cert.X509Certificate serverCert)
serverCert
- Server's public X509 certificatepublic java.lang.Object getCredential(java.lang.String tokenType, java.lang.String issuerName, ContextHandler ctxHandler, Purpose p)
getCredential
in interface CredentialProvider
public ClientBSTCredentialProvider cloneAndReplaceServerCert(java.security.cert.X509Certificate serverCert)
public java.lang.String toString()
toString
in class java.lang.Object