Package org.keycloak.services.x509

Class HaProxySslClientCertificateLookup

java.lang.Object

org.keycloak.services.x509.AbstractClientCertificateFromHttpHeadersLookup

org.keycloak.services.x509.HaProxySslClientCertificateLookup

All Implemented Interfaces:

Provider, X509ClientCertificateLookup

public class HaProxySslClientCertificateLookup
extends AbstractClientCertificateFromHttpHeadersLookup

The provider allows to extract X.509 client certificate forwarded to the keycloak middleware configured behind the haproxy reverse proxy.

Since:

3/27/2017

Version:

$Revision: 1 $

Author:

Peter Nalyvayko

Field Summary

Fields inherited from class org.keycloak.services.x509.AbstractClientCertificateFromHttpHeadersLookup

certificateChainLength, sslCertChainHttpHeaderPrefix, sslClientCertHttpHeader

Constructor Summary

Constructors

Constructor	Description
HaProxySslClientCertificateLookup(String sslCientCertHttpHeader, String sslCertChainHttpHeaderPrefix, int certificateChainLength)

Method Summary

Modifier and Type	Method	Description
protected X509Certificate	decodeCertificateFromPem(String pem)

Methods inherited from class org.keycloak.services.x509.AbstractClientCertificateFromHttpHeadersLookup

close, getCertificateChain, getCertificateFromHttpHeader

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

HaProxySslClientCertificateLookup

public HaProxySslClientCertificateLookup(String sslCientCertHttpHeader,
                                         String sslCertChainHttpHeaderPrefix,
                                         int certificateChainLength)

Method Detail

decodeCertificateFromPem

protected X509Certificate decodeCertificateFromPem(String pem)
                                            throws PemException

Specified by:

decodeCertificateFromPem in class AbstractClientCertificateFromHttpHeadersLookup

Throws:

PemException