Class SecureRequestCustomizer

java.lang.Object
org.eclipse.jetty.server.SecureRequestCustomizer
All Implemented Interfaces:
HttpConfiguration.Customizer

public class SecureRequestCustomizer extends Object implements HttpConfiguration.Customizer

Customizer that extracts the attribute of an SSLContext and makes them available via Attributes.getAttribute(String) using the names:

See Also:
  • Field Details

  • Constructor Details

    • SecureRequestCustomizer

      public SecureRequestCustomizer()
    • SecureRequestCustomizer

      public SecureRequestCustomizer(@Name("sniHostCheck") boolean sniHostCheck)
    • SecureRequestCustomizer

      public SecureRequestCustomizer(@Name("sniHostCheck") boolean sniHostCheck, @Name("stsMaxAgeSeconds") long stsMaxAgeSeconds, @Name("stsIncludeSubdomains") boolean stsIncludeSubdomains)
      Parameters:
      sniHostCheck - True if the SNI Host name must match.
      stsMaxAgeSeconds - The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.
      stsIncludeSubdomains - If true, an include subdomain property is sent with any Strict-Transport-Security header
    • SecureRequestCustomizer

      public SecureRequestCustomizer(@Name("sniRequired") boolean sniRequired, @Name("sniHostCheck") boolean sniHostCheck, @Name("stsMaxAgeSeconds") long stsMaxAgeSeconds, @Name("stsIncludeSubdomains") boolean stsIncludeSubdomains)
      Parameters:
      sniRequired - True if a SNI certificate is required.
      sniHostCheck - True if the SNI Host name must match.
      stsMaxAgeSeconds - The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.
      stsIncludeSubdomains - If true, an include subdomain property is sent with any Strict-Transport-Security header
  • Method Details

    • isSniHostCheck

      public boolean isSniHostCheck()
      Returns:
      True if the SNI Host name must match when there is an SNI certificate.
    • setSniHostCheck

      public void setSniHostCheck(boolean sniHostCheck)
      Parameters:
      sniHostCheck - True if the SNI Host name must match when there is an SNI certificate.
    • isSniRequired

      public boolean isSniRequired()
      Returns:
      True if SNI is required, else requests will be rejected with 400 response.
      See Also:
    • setSniRequired

      public void setSniRequired(boolean sniRequired)
      Parameters:
      sniRequired - True if SNI is required, else requests will be rejected with 400 response.
      See Also:
    • getStsMaxAge

      public long getStsMaxAge()
      Returns:
      The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.
    • setStsMaxAge

      public void setStsMaxAge(long stsMaxAgeSeconds)
      Sets the Strict-Transport-Security max age in seconds.
      Parameters:
      stsMaxAgeSeconds - the max age in seconds for the Strict-Transport-Security response header. If less than zero then no Strict-Transport-Security response header is set.
    • setStsMaxAge

      public void setStsMaxAge(long period, TimeUnit units)
      Sets the Strict-Transport-Security max age in the given time unit.
      Parameters:
      period - The max age value
      units - The TimeUnit of the max age
    • isStsIncludeSubDomains

      public boolean isStsIncludeSubDomains()
      Returns:
      whether the includeSubdomains attribute is sent with the Strict-Transport-Security response header
    • setStsIncludeSubDomains

      public void setStsIncludeSubDomains(boolean stsIncludeSubDomains)
      Set whether the includeSubdomains attribute is sent with the Strict-Transport-Security response header.
      Parameters:
      stsIncludeSubDomains - whether the includeSubdomains attribute is sent with the Strict-Transport-Security response header
    • customize

      public Request customize(Request request, HttpFields.Mutable responseHeaders)
      Specified by:
      customize in interface HttpConfiguration.Customizer
    • newSecureRequest

      protected Request newSecureRequest(Request request, EndPoint.SslSessionData sslSessionData)
    • checkSni

      protected void checkSni(Request request, SSLSession session)
    • toString

      public String toString()
      Overrides:
      toString in class Object