spiffe
/
java-spiffe
mirror of https://github.com/spiffe/java-spiffe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #43 from maxlambrecht/docs-improvements 

Minor improvements in READMEs and javadocs.
This commit is contained in:
Max Lambrecht 2020-10-27 18:23:07 -03:00 committed by GitHub
parent ebb933557c dbd44a4db4
commit 2f295c86ab
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
java-spiffe-core/src/main/java/io/spiffe/spiffeid/SpiffeId.java
View File

@ -10,7 +10,7 @@ import java.util.Arrays;
import java.util.stream.Collectors;
/**
* Represents a SPIFFE ID as defined in SPIFFE standard.
* Represents a SPIFFE ID as defined in the SPIFFE standard.
* <p>
* @see <a href="https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md">https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md</a>
*/

2
java-spiffe-core/src/main/java/io/spiffe/spiffeid/TrustDomain.java
View File

@ -10,7 +10,7 @@ import java.net.URI;
import java.net.URISyntaxException;
/**
* Represents a normalized SPIFFE trust domain (e.g. 'domain.test').
* Represents the name of a SPIFFE trust domain (e.g. 'domain.test').
*/
@Value
public class TrustDomain {

17
java-spiffe-provider/README.md
View File

@ -1,14 +1,12 @@
# Java SPIFFE Provider
This module provides a Java Security Provider implementation supporting X.509-SVIDs and methods for
creating SSLContexts that are backed by the Workload API.
creating `SSLContext` that are backed by the Workload API.
## Create an SSL Context backed by the Workload API
To create an SSL Context that uses a `X509Source` backed by the Workload API, having the environment variable
` SPIFFE_ENDPOINT_SOCKET` defined with the Workload API endpoint address.
The `SSLContext` is configured with a set of SPIFFE IDs that the current workload
will trust for TLS connections:
To create an `javax.net.ssl.SSLContext` that is backed by the Workload API through a `X509Source`, having the environment variable
` SPIFFE_ENDPOINT_SOCKET` defined with the Workload API endpoint address:
```
X509Source source = DefaultX509Source.newSource();
@ -20,9 +18,12 @@ will trust for TLS connections:
.build();
SSLContext sslContext = SpiffeSslContextFactory.getSslContext(options);
```
```
The `SSLContext` is configured with a set of SPIFFE IDs that will be trusted for TLS connections.
Alternatively, a different Workload API address can be used by passing it to the X509Source creation method.
Alternatively, a different Workload API address can be used by passing it to the `X509Source` creation method.
```
X509SourceOptions sourceOptions = X509SourceOptions
@ -154,7 +155,7 @@ A Tomcat TLS connector that uses the `Spiffe` KeyStore can be configured as foll
### Create mTLS GRPC server and client
Prerequisite: Having the SPIFFE Provided configured through the `java.security`.
Prerequisite: Having the SPIFFE Provider configured through the `java.security`.
A `GRPC Server` using an SSL context backed by the Workload API: