TLSProtocolSocketFactory (Spring Security SAML 1.0.10.RELEASE API)

java.lang.Object
- org.springframework.security.saml.trust.httpclient.TLSProtocolSocketFactory

All Implemented Interfaces:

org.apache.commons.httpclient.protocol.ProtocolSocketFactory, org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
```
public class TLSProtocolSocketFactory
extends Object
implements org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
```
Socket factory can be used with HTTP Client for creation of SSL/TLS sockets. Implementation uses internal KeyManager for loading of all public keys. Trust is verified using PKIX algorithm based on trust anchors defined as trusted with property trustedKeys (all all keys on KeyManager when trustKeys are null). Implementation uses hostname verification algorithm.

Constructor Summary

Constructors
Constructor and Description
`TLSProtocolSocketFactory(KeyManager keyManager, Set<String> trustedKeys, String sslHostnameVerification)` Default constructor, which initializes socket factory to trust all keys with alias from the trusted keys as found in the keyManager.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Socket`	`createSocket(Socket socket, String host, int port, boolean autoClose)`
`Socket`	`createSocket(String host, int port)`
`Socket`	`createSocket(String host, int port, InetAddress localHost, int clientPort)`
`Socket`	`createSocket(String host, int port, InetAddress localHost, int localPort, org.apache.commons.httpclient.params.HttpConnectionParams connParams)`
`protected org.opensaml.xml.security.x509.PKIXValidationInformationResolver`	`getPKIXResolver()` Method is expected to construct information resolver with all trusted data available for the given provider.
`protected org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory`	`initializeDelegate()` Initializes internal SocketFactory used to create all sockets.
`protected boolean`	`isHostnameVerificationSupported()` Check for the latest OpenSAML library.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - TLSProtocolSocketFactory
```
public TLSProtocolSocketFactory(KeyManager keyManager,
                                Set<String> trustedKeys,
                                String sslHostnameVerification)
```
    Default constructor, which initializes socket factory to trust all keys with alias from the trusted keys as found in the keyManager.
    
    Parameters:
    
    keyManager - key manager includes all cryptography material for the SAML instance
    
    trustedKeys - when not set all certificates included in the keystore will be used as trusted certificate authorities. When specified, only keys with the defined aliases will be used for trust evaluation.
    
    sslHostnameVerification - type of hostname verification
- Method Detail
  - createSocket
```
public Socket createSocket(String host,
                           int port)
                    throws IOException
```
    Specified by:
    
    createSocket in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    
    Throws:
    
    IOException
  - createSocket
```
public Socket createSocket(String host,
                           int port,
                           InetAddress localHost,
                           int clientPort)
                    throws IOException
```
    Specified by:
    
    createSocket in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    
    Throws:
    
    IOException
  - createSocket
```
public Socket createSocket(Socket socket,
                           String host,
                           int port,
                           boolean autoClose)
                    throws IOException
```
    Specified by:
    
    createSocket in interface org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
    
    Throws:
    
    IOException
  - createSocket
```
public Socket createSocket(String host,
                           int port,
                           InetAddress localHost,
                           int localPort,
                           org.apache.commons.httpclient.params.HttpConnectionParams connParams)
                    throws IOException
```
    Specified by:
    
    createSocket in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    
    Throws:
    
    IOException
  - initializeDelegate
```
protected org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory initializeDelegate()
```
    Initializes internal SocketFactory used to create all sockets. By default uses PKIX algorithm with configured trusted keys as trust anchors.
    
    Returns:
    
    socket factory
  - getPKIXResolver
```
protected org.opensaml.xml.security.x509.PKIXValidationInformationResolver getPKIXResolver()
```
    Method is expected to construct information resolver with all trusted data available for the given provider.
    
    Returns:
    
    information resolver
  - isHostnameVerificationSupported
```
protected boolean isHostnameVerificationSupported()
```
    Check for the latest OpenSAML library. Support for HostnameVerification was added in openws-1.5.1 and customers might use previous versions of OpenSAML.
    
    Returns:
    
    true when OpenSAML library support hostname verification

Class TLSProtocolSocketFactory

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

TLSProtocolSocketFactory

Method Detail

createSocket

createSocket

createSocket

createSocket

initializeDelegate

getPKIXResolver

isHostnameVerificationSupported