Package org.opensaml.security.x509.tls

Class CertificateNameOptions

  • All Implemented Interfaces:
    Cloneable
    public class CertificateNameOptions
extends Object
implements Cloneable
    Options for deriving message context issuer names from an client TLS X.509 certificate.

    • Field Detail

      • evaluateSubjectDN

        private boolean evaluateSubjectDN
        Evaluate the certificate subject DN as a derived issuer entity ID.

      • evaluateSubjectCommonName

        private boolean evaluateSubjectCommonName
        Evaluate the certificate subject DN's common name (CN) as a derived issuer entity ID.

      • subjectAltNames

        private Set<Integer> subjectAltNames
        The set of types of subject alternative names evaluate as derived issuer entity ID names.

      • x500DNHandler

        private X500DNHandler x500DNHandler
        Responsible for serializing X.500 names to strings from certificate-derived X500Principal instances.

      • x500SubjectDNFormat

        private String x500SubjectDNFormat
        The format specifier for serializing X.500 subject names to strings.

    • Constructor Detail

      • CertificateNameOptions

        public CertificateNameOptions()
        Constructor.

    • Method Detail

      • evaluateSubjectCommonName

        public boolean evaluateSubjectCommonName()
        Get whether to evaluate the certificate subject DN's common name (CN) as a derived issuer entity ID.
        Returns:
        Returns the evaluateSubjectCommonName.

      • setEvaluateSubjectCommonName

        public void setEvaluateSubjectCommonName​(boolean flag)
        Set whether to evaluate the certificate subject DN's common name (CN) as a derived issuer entity ID.
        Parameters:
        flag - new new evaluateSubjectCommonName value.

      • evaluateSubjectDN

        public boolean evaluateSubjectDN()
        Get whether to evaluate the certificate subject DN as a derived issuer entity ID.
        Returns:
        Returns the evaluateSubjectDN.

      • setEvaluateSubjectDN

        public void setEvaluateSubjectDN​(boolean flag)
        Set whether to evaluate the certificate subject DN as a derived issuer entity ID.
        Parameters:
        flag - the new evaluateSubjectDN value.

      • getSubjectAltNames

        @Nonnull
@NonnullElements
@NotLive
@Unmodifiable
public Set<Integer> getSubjectAltNames()
        Get the set of types of subject alternative names evaluate as derived issuer entity ID names, using integer constants defined in X509Support.
        Returns:
        Returns the subjectAltNames.

      • setSubjectAltNames

        public void setSubjectAltNames​(@Nullable @NonnullElements
                               Set<Integer> names)
        Set the set of types of subject alternative names evaluate as derived issuer entity ID names, using integer constants defined in X509Support.
        Parameters:
        names - the set of types of subject alternative names

      • getX500DNHandler

        public X500DNHandler getX500DNHandler()
        Get the handler responsible for serializing X.500 names to strings from certificate-derived X500Principal instances.
        Returns:
        Returns the x500DNHandler.

      • setX500DNHandler

        public void setX500DNHandler​(X500DNHandler handler)
        Set the handler responsible for serializing X.500 names to strings from certificate-derived X500Principal instances.
        Parameters:
        handler - the new x500DNHandler value.

      • getX500SubjectDNFormat

        public String getX500SubjectDNFormat()
        Get the format specifier for serializing X.500 subject names to strings.
        Returns:
        Returns the x500SubjectDNFormat.

      • setX500SubjectDNFormat

        public void setX500SubjectDNFormat​(String format)
        Set the format specifier for serializing X.500 subject names to strings.
        Parameters:
        format - the new x500SubjectDNFormat value.