This structure holds parameters that may govern authentication that use a User Password strategy. User Name for server BASIC authentication login (some servers require users to authenticate with the server -- see also Password, AuthorizationType, and Authorization) Password for server BASIC authentication login (some servers require users to authenticate with the server -- see also UserName, AuthorizationType, and Authorization) Type of authentication to use with server, if not using username and password based "BASIC" authentication. If username and password are used, this does not need to be set. (some servers require users to authenticate with the server -- see also UserName, Password, and Authorization) Actual authentication data for server, if not using username and password based "BASIC" authentication If username and password are used, this does not need to be set. (some servers require users to authenticate with the server -- see also UserName, Password, and AuthorizationType) This attribute specifies if client authentication should be requested. This attribute specifies if client authentication should be required. A KeyStoreType represents the information needed to load a collection of key and certificate material from a desired location. The "url", "file", and "resource" attributes are intended to be mutually exclusive, though this assumption is not encoded in schema. The precedence order observed by the runtime is 1) "file", 2) "resource", and 3) "url". This attribute specifies the type of the keystore. It is highly correlated to the provider. Most common examples are "jks" "pkcs12". This attribute specifes the integrity password for the keystore. This is not the password that unlock keys within the keystore. This attribute specifies the keystore implementation provider. Most common examples are "SUN". This attribute specifies the URL location of the keystore. This element should be a properly accessible URL, such as "http://..." "file:///...", etc. Only one attribute of "url", "file", or "resource" is allowed. This attribute specifies the File location of the keystore. This element should be a properly accessible file from the working directory. Only one attribute of "url", "file", or "resource" is allowed. This attribute specifies the Resource location of the keystore. This element should be a properly accessible on the classpath. Only one attribute of "url", "file", or "resource" is allowed. A CertStoreType represents a catenated sequence of X.509 certificates, in PEM or DER format. The "url", "file", and "resource" attributes are intended to be mutually exclusive, though this assumption is not encoded in schema. The precedence order observed by the runtime is 1) "file", 2) "resource", and 3) "url". This attribute specifies the type of the certstore. It is highly correlated to the provider. Most common examples are "jks" "pkcs12". This attribute specifies the File location of the certificate store. This element should be a properly accessible file from the working directory. Only one attribute of "url", "file", or "resource" is allowed. This attribute specifies the Resource location of the certificate store. This element should be a properly accessible on the classpath. Only one attribute of "url", "file", or "resource" is allowed. This attribute specifies the URL location of the certificate store. This element should be a properly accessible URL, such as "http://..." "file:///...", etc. Only one attribute of "url", "file", or "resource" is allowed. This structure specifies the JSSE based KeyManagers for a single Keystore. This element specified the Keystore for these JSSE KeyManagers. This attribute contains the password that unlocks the keys within the keystore. This attribute contains the name of the class implementing password callback handler to unlock the keys withing the keystore. Alternative to keyPassword attribute. This attribute contains the KeyManagers provider name. This attribute contains the algorithm the KeyManagers Factory will use in creating the KeyManagers from the KeyStore. Most common examples are "PKIX". This attribute contains the reference to the KeyManagers bean. This attribute allows the KeyManagers instance to be constructed by other means and referenced from this object. This structure contains the specification of JSSE TrustManagers for a single Keystore used for trusted certificates. This element contains the KeyStore used as a trust store. This element contains the CertStore used as a trust store. This attribute contains the KeyManagers provider name. This attribute contains the algorithm the KeyManagers Factory will use in creating the KeyManagers from the KeyStore. Most common examples are "PKIX". This attribute contains the reference to the TrustManagers bean. This attribute allows the TrustManagers instance to be constructed by other means and referenced from this object. This structure holds a list of ciphersuite names that are to be supported. Note: that does not mean that they will be available. That depends on the JSSE and Crypto providers. This structure holds a list of protocols that are to be excluded. If this structure is not defined then SSLv3 is excluded by default This structure holds a list of protocols that are to be included. Sometimes we want to include more protocols than the secure socket protocol, for example "SSLv2Hello". This structure holds the parameters for the Secure Random Number generator used in the JSSE. This structure holds a list of regular expressions that corresponds to a sequence of Certificate Constraints on either the Subject or Issuer DN. This structure holds a list of regular expressions that corresponds to a sequence of Certificate Constraints. The optional combinator attribute refers to whether ALL or ANY of these regular expressions must be satisfied. This type refers to whether ALL or ANY of the DNConstraintsType regular expressions must be satisfied. This element contains the KeyManagers specification. This element contains the TrustManagers specification. This element contains the the CipherSuites that will be supported. This element contains the filters of the supported CipherSuites that will be supported and used if available. This element contains SecureRandom specification. This element contains the Certificate Constraints specification. This element contains the Certificate Alias. This attribute specifies if HttpsURLConnection.defaultSslSocketFactory should be used to create https connections. If 'true', 'jsseProvider', 'secureSocketProtocol', 'trustManagers', 'keyManagers', 'secureRandom', 'cipherSuites' and 'cipherSuitesFilter' are ignored. Since 2.2.7. This attribute specifies if HttpsURLConnection.defaultHostnameVerifier should be used to create https connections. If 'true', 'disableCNCheck' is ignored. Since 2.2.7. This attribute specifies if JSSE should omit checking if the host name specified in the URL matches that of the Common Name (CN) on the server's certificate. Default is false; this attribute should not be set to true during production use. This attribute specifies whether to enable revocation when checking the server certificate. The default is false. This attribute contains the JSSE provider name. This attribute contains the Protocol Name. Most common example is "SSL", "TLS" or "TLSv1". This attribute contains the JDK SSL session cache timeout This element contains the KeyManagers specification. This element contains the TrustManagers specification. This element contains the the CipherSuites that will be supported. This element contains the filters of the supported CipherSuites that will be supported and used if available. This element contains the the Protocols that will be excluded This element contains the the Protocols that will be included This element contains SecureRandom specification. This element contains Client Authentication specification. This element contains the Certificate Constraints specification. This element contains the Certificate Alias. This attribute contains the JSSE provider name. This attribute contains the Protocol Name. Most common example is "SSL", "TLS" or "TLSv1". This attribute specifies whether to enable revocation when checking the client certificate, if client authentication is enabled. The default is false.