public interface ClientX509CertificateBindingVerifier<T>
tls_client_auth
) match the registered tls_client_auth_subject_dn
and tls_client_auth_root_dn
values for the submitted client ID.
Implementations must be tread-safe.
Modifier and Type | Method and Description |
---|---|
void |
verifyCertificateBinding(ClientID clientID,
String subjectDN,
String rootDN,
Context<T> context)
Verifies that the specified X.509 certificate issuer DN and subject
DN bind to the claimed client ID.
|
void verifyCertificateBinding(ClientID clientID, String subjectDN, String rootDN, Context<T> context) throws InvalidClientException
clientID
- The claimed client ID. Not null
.subjectDN
- The X.509 certificate subject DN. Not null
.rootDN
- The X.509 certificate root DN, null
if not
available.context
- Additional context. May be null
.InvalidClientException
- If client ID and issuer / subject DN
tuple don't bind or are invalid.Copyright © 2017 Connect2id Ltd.. All rights reserved.