public abstract class AbstractSPFormAuthenticator extends BaseFormAuthenticator
Abstract class to be extended by Service Provider valves to handle SAML requests and responses.
| Modifier and Type | Field and Description |
|---|---|
protected boolean |
jbossEnv |
auditHelper, canonicalizationMethod, chain, chainConfigOptions, chainLock, configFile, configProvider, enableAudit, identityURL, idpAddress, idpCertificate, issuerID, keyManager, logger, picketLinkConfiguration, samlHandlerChainClass, saveRestoreRequest, serviceURL, spConfiguration, timer, timerIntervalcharacterEncoding, infoalgorithm, cache, context, DEFAULT_ALGORITHM, digest, disableProxyCaching, entropy, lifecycle, random, randomClass, securePagesWithPragma, SESSION_ID_BYTES, sm, sso, started| Constructor and Description |
|---|
AbstractSPFormAuthenticator() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
authenticate(org.apache.catalina.connector.Request request,
javax.servlet.http.HttpServletResponse response,
org.apache.catalina.deploy.LoginConfig config)
Authenticate the request
|
boolean |
authenticate(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.LoginConfig loginConfig) |
protected String |
getBinding()
Return the SAML Binding that this authenticator supports
|
protected org.apache.catalina.Context |
getContext() |
protected abstract String |
getContextPath()
Subclasses need to return the context path
based on the capability of their servlet api
|
protected Principal |
getGenericPrincipal(org.apache.catalina.connector.Request request,
String username,
List<String> roles) |
protected void |
initKeyProvider(org.apache.catalina.Context context)
Initialize the KeyProvider configurations.
|
protected boolean |
isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
|
protected boolean |
isPOSTBindingResponse() |
protected void |
sendHttpPostBindingRequest(String destination,
Document samlDocument,
String relayState,
org.apache.catalina.connector.Response response,
boolean willSendRequest)
Sends a HTTP POST request to the IDP.
|
protected void |
sendHttpRedirectRequest(String destination,
Document samlDocument,
String relayState,
org.apache.catalina.connector.Response response,
boolean willSendRequest,
String destinationQueryStringWithSignature)
Sends a HTTP Redirect request to the IDP.
|
protected void |
sendRequestToIDP(String destination,
Document samlDocument,
String relayState,
org.apache.catalina.connector.Response response,
boolean willSendRequest,
String destinationQueryStringWithSignature)
Send the request to the IDP.
|
protected void |
startPicketLink() |
doSupportSignature, getConfigFile, getConfiguration, getIdentityURL, getIdpCertificate, getIDPSSODescriptor, handleMetadata, handleMetadata, initializeHandlerChain, localAuthentication, populateChainConfig, processConfiguration, processIDPMetadataFile, register, sendToLogoutPage, setAuditHelper, setConfigFile, setConfigProvider, setConfigProvider, setIdpAddress, setIssuerID, setLogOutPage, setSamlHandlerChainClass, setSaveRestoreRequest, setServiceURL, setTimerInterval, testStart, validateforwardToErrorPage, forwardToLoginPage, getCharacterEncoding, getInfo, matchRequest, restoreRequest, savedRequestURL, saveRequest, setCharacterEncodingaddLifecycleListener, associate, findLifecycleListeners, generateSessionId, getAlgorithm, getCache, getContainer, getDigest, getDisableProxyCaching, getEntropy, getRandom, getRandomClass, getSecurePagesWithPragma, invoke, reauthenticateFromSSO, removeLifecycleListener, setAlgorithm, setCache, setContainer, setDisableProxyCaching, setEntropy, setRandomClass, setSecurePagesWithPragma, start, stopprotected void startPicketLink()
throws org.apache.catalina.LifecycleException
startPicketLink in class BaseFormAuthenticatororg.apache.catalina.LifecycleExceptionprotected void sendRequestToIDP(String destination, Document samlDocument, String relayState, org.apache.catalina.connector.Response response, boolean willSendRequest, String destinationQueryStringWithSignature) throws org.picketlink.common.exceptions.ProcessingException, org.picketlink.common.exceptions.ConfigurationException, IOException
Send the request to the IDP. Subclasses should override this method to implement how requests must be sent to the IDP.
destination - idp urlsamlDocument - request or response documentrelayState - response - willSendRequest - are we sending Request or Response to IDPdestinationQueryStringWithSignature - used only with Redirect binding and with signature enabled.org.picketlink.common.exceptions.ProcessingExceptionorg.picketlink.common.exceptions.ConfigurationExceptionIOExceptionprotected void sendHttpRedirectRequest(String destination, Document samlDocument, String relayState, org.apache.catalina.connector.Response response, boolean willSendRequest, String destinationQueryStringWithSignature) throws IOException, org.picketlink.common.exceptions.ProcessingException, org.picketlink.common.exceptions.ConfigurationException
Sends a HTTP Redirect request to the IDP.
destination - relayState - response - willSendRequest - destinationQueryStringWithSignature - IOExceptionUnsupportedEncodingExceptionorg.picketlink.common.exceptions.ConfigurationExceptionorg.picketlink.common.exceptions.ProcessingExceptionprotected void sendHttpPostBindingRequest(String destination, Document samlDocument, String relayState, org.apache.catalina.connector.Response response, boolean willSendRequest) throws org.picketlink.common.exceptions.ProcessingException, IOException, org.picketlink.common.exceptions.ConfigurationException
Sends a HTTP POST request to the IDP.
destination - samlDocument - relayState - response - willSendRequest - org.picketlink.common.exceptions.TrustKeyProcessingExceptionorg.picketlink.common.exceptions.ProcessingExceptionIOExceptionorg.picketlink.common.exceptions.ConfigurationExceptionprotected void initKeyProvider(org.apache.catalina.Context context)
throws org.apache.catalina.LifecycleException
Initialize the KeyProvider configurations. This configurations are to be used during signing and validation of SAML assertions.
initKeyProvider in class BaseFormAuthenticatorcontext - org.apache.catalina.LifecycleExceptionpublic boolean authenticate(org.apache.catalina.connector.Request request,
javax.servlet.http.HttpServletResponse response,
org.apache.catalina.deploy.LoginConfig config)
throws IOException
request - response - config - IOException{@link - RuntimeException} when the response is not of type catalina response objectpublic boolean authenticate(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.LoginConfig loginConfig)
throws IOException
authenticate in class org.apache.catalina.authenticator.FormAuthenticatorIOExceptionprotected boolean isPOSTBindingResponse()
protected String getBinding()
BaseFormAuthenticatorgetBinding in class BaseFormAuthenticatorJBossSAMLURIConstants#SAML_HTTP_POST_BINDING},
JBossSAMLURIConstants#SAML_HTTP_REDIRECT_BINDING}protected boolean isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
protected org.apache.catalina.Context getContext()
protected abstract String getContextPath()
Copyright © 2013. All Rights Reserved.