Package org.springframework.security.config.annotation.web.configurers

Class HeadersConfigurer.HpkpConfig

java.lang.Object
org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.HpkpConfig
Enclosing class:
HeadersConfigurer<H extends HttpSecurityBuilder<H>>
@Deprecated public final class HeadersConfigurer.HpkpConfig extends Object
Deprecated.
see Certificate and Public Key Pinning for more context

  • Method Details

    • withPins

      public HeadersConfigurer<H>.HpkpConfig withPins(Map<String,String> pins)
      Deprecated.

      Sets the value for the pin- directive of the Public-Key-Pins header.

      The pin directive specifies a way for web host operators to indicate a cryptographic identity that should be bound to a given web host. See Section 2.1.1 for additional details.

      Parameters:
      pins - the map of base64-encoded SPKI fingerprint & cryptographic hash algorithm pairs.
      Throws:
      IllegalArgumentException - if pins is null

    • addSha256Pins

      public HeadersConfigurer<H>.HpkpConfig addSha256Pins(String... pins)
      Deprecated.

      Adds a list of SHA256 hashed pins for the pin- directive of the Public-Key-Pins header.

      The pin directive specifies a way for web host operators to indicate a cryptographic identity that should be bound to a given web host. See Section 2.1.1 for additional details.

      Parameters:
      pins - a list of base64-encoded SPKI fingerprints.
      Throws:
      IllegalArgumentException - if a pin is null

    • maxAgeInSeconds

      public HeadersConfigurer<H>.HpkpConfig maxAgeInSeconds(long maxAgeInSeconds)
      Deprecated.

      Sets the value (in seconds) for the max-age directive of the Public-Key-Pins header. The default is 60 days.

      This instructs browsers how long they should regard the host (from whom the message was received) as a known pinned host. See Section 2.1.2 for additional details.

      Parameters:
      maxAgeInSeconds - the maximum amount of time (in seconds) to regard the host as a known pinned host.
      Throws:
      IllegalArgumentException - if maxAgeInSeconds is negative

    • includeSubDomains

      public HeadersConfigurer<H>.HpkpConfig includeSubDomains(boolean includeSubDomains)
      Deprecated.

      If true, the pinning policy applies to this pinned host as well as any subdomains of the host's domain name. The default is false.

      See Section 2.1.3 for additional details.

      Parameters:
      includeSubDomains - true to include subdomains, else false

    • reportOnly

      public HeadersConfigurer<H>.HpkpConfig reportOnly(boolean reportOnly)
      Deprecated.

      If true, the browser should not terminate the connection with the server. The default is true.

      See Section 2.1 for additional details.

      Parameters:
      reportOnly - true to report only, else false

    • reportUri

      public HeadersConfigurer<H>.HpkpConfig reportUri(URI reportUri)
      Deprecated.

      Sets the URI to which the browser should report pin validation failures.

      See Section 2.1.4 for additional details.

      Parameters:
      reportUri - the URI where the browser should send the report to.

    • reportUri

      public HeadersConfigurer<H>.HpkpConfig reportUri(String reportUri)
      Deprecated.

      Sets the URI to which the browser should report pin validation failures.

      See Section 2.1.4 for additional details.

      Parameters:
      reportUri - the URI where the browser should send the report to.
      Throws:
      IllegalArgumentException - if the reportUri is not a valid URI

    • disable

      public HeadersConfigurer<H> disable()
      Deprecated.
      Prevents the header from being added to the response.
      Returns:
      the HeadersConfigurer for additional configuration.

    • and

      public HeadersConfigurer<H> and()
      Deprecated.
      Allows completing configuration of Public Key Pinning and continuing configuration of headers.
      Returns:
      the HeadersConfigurer for additional configuration