SecureJettyConfiguration (org.qi4j.library.http 2.1 API)

All Superinterfaces:

org.qi4j.api.composite.Composite, org.qi4j.api.configuration.ConfigurationComposite, org.qi4j.api.entity.Identity, JettyConfiguration
```
public interface SecureJettyConfiguration
extends JettyConfiguration
```
Configuration for SecureJettyMixin. Only the three keystore related properties are mandatory, all the other ones have sensible defaults.

Nested Class Summary
- Nested classes/interfaces inherited from interface org.qi4j.api.entity.Identity
  org.qi4j.api.entity.Identity.IdentityMixin

Method Summary

Methods
Modifier and Type	Method and Description
`org.qi4j.api.property.Property<Boolean>`	`allowRenegotiation()` If SSL/TLS renegotiation is allowed.
`org.qi4j.api.property.Property<Boolean>`	`cacheSslSessions()` If SSL Session caching is enabled.
`org.qi4j.api.property.Property<String>`	`certAlias()` Alias of the `SecureJettyService` certificate.
`org.qi4j.api.property.Property<String>`	`crlFilePath()`
`org.qi4j.api.property.Property<Boolean>`	`enableCRLDP()`
`org.qi4j.api.property.Property<Boolean>`	`enableOCSP()`
`org.qi4j.api.property.Property<String>`	`excludeCipherSuites()`
`org.qi4j.api.property.Property<String>`	`includeCipherSuites()`
`org.qi4j.api.property.Property<String>`	`keystorePassword()`
`org.qi4j.api.property.Property<String>`	`keystorePath()`
`org.qi4j.api.property.Property<String>`	`keystoreType()`
`org.qi4j.api.property.Property<Integer>`	`maxCertPathLength()` Maximum number of intermediate certificates in the PKIX path.
`org.qi4j.api.property.Property<Boolean>`	`needClientAuth()` If the `SecureJettyService` needs client authentication.
`org.qi4j.api.property.Property<String>`	`ocspResponderURL()`
`org.qi4j.api.property.Property<String>`	`secureRandomAlgorithm()` The algorithm used by `SecureRandom` for SSL operations.
`org.qi4j.api.property.Property<String>`	`truststorePassword()`
`org.qi4j.api.property.Property<String>`	`truststorePath()`
`org.qi4j.api.property.Property<String>`	`truststoreType()`
`org.qi4j.api.property.Property<Boolean>`	`validatePeerCerts()` If client certificates PKIX validation MUST use either CRL or OCSP.
`org.qi4j.api.property.Property<Boolean>`	`validateServerCert()` If the `SecureJettyService` certificate MUST be PKIX validated.
`org.qi4j.api.property.Property<Boolean>`	`wantClientAuth()` If the `SecureJettyService` wants client authentication.

Methods inherited from interface org.qi4j.library.http.JettyConfiguration
contextPath, gracefullShutdownTimeout, hostName, lowResourceMaxIdleTime, maxFormContentSize, maxIdleTime, port, requestHeaderSize, resourcePath, responseBufferSize, responseHeaderSize, sendDateHeader, sendServerVersion, statistics, virtualHosts, welcomeFiles

Methods inherited from interface org.qi4j.api.entity.Identity
identity

- Method Detail
  - keystoreType
```
org.qi4j.api.property.Property<String> keystoreType()
```
    Returns:
    Type of the keystore that contains the SecureJettyService certificate.
  - keystorePath
```
org.qi4j.api.property.Property<String> keystorePath()
```
    Returns:
    Path of the keystore that contains the SecureJettyService certificate.
  - keystorePassword
```
@UseDefaults
org.qi4j.api.property.Property<String> keystorePassword()
```
    Returns:
    Password of the keystore that contains the SecureJettyService certificate.
  - certAlias
```
@Optional
org.qi4j.api.property.Property<String> certAlias()
```
    Alias of the SecureJettyService certificate. If not set, the first certificate found in the keystore is used.
    
    Returns:
    Alias of the SecureJettyService certificate.
  - truststoreType
```
@Optional
org.qi4j.api.property.Property<String> truststoreType()
```
    Returns:
    Type of the keystore that contains the certificates trusted by the SecureJettyService.
  - truststorePath
```
@Optional
org.qi4j.api.property.Property<String> truststorePath()
```
    Returns:
    Path of the keystore that contains the certificates trusted by the SecureJettyService.
  - truststorePassword
```
@UseDefaults
org.qi4j.api.property.Property<String> truststorePassword()
```
    Returns:
    Password of the keystore that contains the certificates trusted by the SecureJettyService.
  - wantClientAuth
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> wantClientAuth()
```
    If the SecureJettyService wants client authentication. Defaults to false. If set to true, the SecureJettyService will expose the fact that it can handle client certificate based authentication.
    
    Returns:
    If the SecureJettyService wants client authentication.
  - needClientAuth
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> needClientAuth()
```
    If the SecureJettyService needs client authentication. Defaults to false. If set to true, only mutually authentified connections will be accepted.
    
    Returns:
    If the SecureJettyService needs client authentication.
  - secureRandomAlgorithm
```
@Optional
org.qi4j.api.property.Property<String> secureRandomAlgorithm()
```
    The algorithm used by SecureRandom for SSL operations. Default JVM algorithm is used if omitted.
    
    Returns:
    The algorithm used by SecureRandom for SSL operations.
  - includeCipherSuites
```
@Optional
org.qi4j.api.property.Property<String> includeCipherSuites()
```
    Returns:
    Coma separated list of included cipher suites.
  - excludeCipherSuites
```
@Optional
org.qi4j.api.property.Property<String> excludeCipherSuites()
```
    Returns:
    Coma separated list of excluded cipher suites.
  - cacheSslSessions
```
@Optional
org.qi4j.api.property.Property<Boolean> cacheSslSessions()
```
    If SSL Session caching is enabled. SSL Session caching is enabled by default.
    
    Returns:
    If SSL Session caching is enabled.
  - allowRenegotiation
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> allowRenegotiation()
```
    If SSL/TLS renegotiation is allowed. Defaults to false. Setting this to true can open vulnerabilities, be sure of what you are doing.
    
    Returns:
    If SSL/TLS renegotiation is allowed.
  - maxCertPathLength
```
@Optional
org.qi4j.api.property.Property<Integer> maxCertPathLength()
```
    Maximum number of intermediate certificates in the PKIX path. Set to -1 for unlimited. Defaulted to -1.
    
    Returns:
    Maximum number of intermediate certificates in the PKIX path
  - validateServerCert
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> validateServerCert()
```
    If the SecureJettyService certificate MUST be PKIX validated.
    IMPORTANT:
    - Server certificate validation do not use the configured truststore but the one of the JVM.
    - Server certificates validation behavior depends on CRL and OCSP related configuration properties.
    Defaults to false.
    Returns:
    If the SecureJettyService certificate MUST be PKIX validated.
  - validatePeerCerts
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> validatePeerCerts()
```
    If client certificates PKIX validation MUST use either CRL or OCSP.
    IMPORTANT:
    - Peer certificates validation use the configured truststore if present, the one of the JVM if not.
    - Peer certificates validation behavior depends on CRL and OCSP related configuration properties.
    Defaults to false.
    Returns:
    If client certificates PKIX validation MUST use either CRL or OCSP.
  - crlFilePath
```
@Optional
org.qi4j.api.property.Property<String> crlFilePath()
```
    Returns:
    The path of a local CRL file in PEM or DER format used during PKIX validations.
  - enableCRLDP
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> enableCRLDP()
```
    Returns:
    If PKIX validations use the CRL Distribution Points declared in CA certificates.
  - enableOCSP
```
@UseDefaults
org.qi4j.api.property.Property<Boolean> enableOCSP()
```
    Returns:
    If PKIX validations use the OCSP protocol against responders declared in CA certificates.
  - ocspResponderURL
```
@Optional
org.qi4j.api.property.Property<String> ocspResponderURL()
```
    Returns:
    The URL of an OCSP responder to use during PKIX validations.

Interface SecureJettyConfiguration

Nested Class Summary

Nested classes/interfaces inherited from interface org.qi4j.api.entity.Identity

Method Summary

Methods inherited from interface org.qi4j.library.http.JettyConfiguration

Methods inherited from interface org.qi4j.api.entity.Identity

Method Detail

keystoreType

keystorePath

keystorePassword

certAlias

truststoreType

truststorePath

truststorePassword

wantClientAuth

needClientAuth

secureRandomAlgorithm

includeCipherSuites

excludeCipherSuites

cacheSslSessions

allowRenegotiation

maxCertPathLength

validateServerCert

validatePeerCerts

crlFilePath

enableCRLDP

enableOCSP

ocspResponderURL