Package net.shibboleth.idp.saml.saml2.profile.config.impl

Class AbstractSAML2ProfileConfiguration

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

net.shibboleth.profile.config.AbstractProfileConfiguration

net.shibboleth.profile.config.AbstractConditionalProfileConfiguration

net.shibboleth.idp.profile.config.AbstractInterceptorAwareProfileConfiguration

net.shibboleth.idp.saml.profile.config.impl.AbstractSAMLProfileConfiguration

net.shibboleth.idp.saml.saml2.profile.config.impl.AbstractSAML2ProfileConfiguration

All Implemented Interfaces:

InterceptorAwareProfileConfiguration, SAMLProfileConfiguration, ConditionalProfileConfiguration, ProfileConfiguration, SAMLProfileConfiguration, SAML2ProfileConfiguration, Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent

Direct Known Subclasses:

AbstractSAML2ArtifactAwareProfileConfiguration, ArtifactResolutionProfileConfiguration

public abstract class AbstractSAML2ProfileConfiguration
extends AbstractSAMLProfileConfiguration
implements SAML2ProfileConfiguration

Base class for SAML 2 profile configurations.

Field Summary

Fields

Modifier and Type	Field	Description
private Predicate<ProfileRequestContext>	encryptionOptionalPredicate	Whether encryption is optional in the face of no key, etc.
private Predicate<ProfileRequestContext>	encryptNameIDsPredicate	Predicate used to determine if name identifiers should be encrypted.
private Predicate<ProfileRequestContext>	ignoreRequestSignaturesPredicate	Whether to ignore signatures in requests.

Fields inherited from interface net.shibboleth.profile.config.ProfileConfiguration

DEFAULT_DISALLOWED_FEATURES

Constructor Summary

Constructors

Constructor	Description
AbstractSAML2ProfileConfiguration(String profileId)	Constructor.

Method Summary

Modifier and Type	Method	Description
boolean	isEncryptionOptional(ProfileRequestContext profileRequestContext)
boolean	isEncryptNameIDs(ProfileRequestContext profileRequestContext)
boolean	isIgnoreRequestSignatures(ProfileRequestContext profileRequestContext)
void	setEncryptionOptional(boolean flag)	Set whether encryption is optional in the face of a missing key, etc.
void	setEncryptionOptionalPredicate(Predicate<ProfileRequestContext> condition)	Set a condition to determine whether encryption is optional in the face of a missing key, etc.
void	setEncryptNameIDs(boolean flag)	Set whether name identifiers should be encrypted.
void	setEncryptNameIDsPredicate(Predicate<ProfileRequestContext> predicate)	Set the predicate used to determine if name identifiers should be encrypted.
void	setIgnoreRequestSignatures(boolean flag)	Sets whether to bypass verification of request signatures.
void	setIgnoreRequestSignaturesPredicate(Predicate<ProfileRequestContext> condition)	Sets a condition to determine whether to bypass verification of request signatures.

Methods inherited from class net.shibboleth.idp.saml.profile.config.impl.AbstractSAMLProfileConfiguration

getMessageHandler, isSignRequests, isSignResponses, setMessageDecorator, setMessageHandler, setMessageHandlerLookupStrategy, setSignRequests, setSignRequestsPredicate, setSignResponses, setSignResponsesPredicate

Methods inherited from class net.shibboleth.idp.profile.config.AbstractInterceptorAwareProfileConfiguration

getInboundInterceptorFlows, getOutboundInterceptorFlows, setInboundInterceptorFlows, setInboundInterceptorFlowsLookupStrategy, setOutboundInterceptorFlows, setOutboundInterceptorFlowsLookupStrategy

Methods inherited from class net.shibboleth.profile.config.AbstractConditionalProfileConfiguration

getActivationCondition, setActivationCondition

Methods inherited from class net.shibboleth.profile.config.AbstractProfileConfiguration

equals, getDisallowedFeatures, getSecurityConfiguration, hashCode, isFeatureDisallowed, setDisallowedFeatures, setDisallowedFeaturesLookupStrategy, setSecurityConfiguration, setSecurityConfigurationLookupStrategy

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

doInitialize, ensureId, getId, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.IdentifiedComponent

getId

Methods inherited from interface net.shibboleth.idp.profile.config.InterceptorAwareProfileConfiguration

getInboundInterceptorFlows, getOutboundInterceptorFlows

Methods inherited from interface net.shibboleth.profile.config.ProfileConfiguration

getDisallowedFeatures, getSecurityConfiguration, isFeatureDisallowed

Methods inherited from interface net.shibboleth.saml.profile.config.SAMLProfileConfiguration

getMessageHandler, isSignRequests, isSignResponses

Field Details

ignoreRequestSignaturesPredicate

@Nonnull
private Predicate<ProfileRequestContext> ignoreRequestSignaturesPredicate

Whether to ignore signatures in requests.

encryptionOptionalPredicate

@Nonnull
private Predicate<ProfileRequestContext> encryptionOptionalPredicate

Whether encryption is optional in the face of no key, etc.

encryptNameIDsPredicate

@Nonnull
private Predicate<ProfileRequestContext> encryptNameIDsPredicate

Predicate used to determine if name identifiers should be encrypted.

Constructor Details

AbstractSAML2ProfileConfiguration

public AbstractSAML2ProfileConfiguration(@Nonnull @NotEmpty
 String profileId)

Constructor.

Parameters:

profileId - ID of the communication profile, never null or empty

Method Details

isIgnoreRequestSignatures

public boolean isIgnoreRequestSignatures(@Nullable
 ProfileRequestContext profileRequestContext)

Specified by:

isIgnoreRequestSignatures in interface SAML2ProfileConfiguration

setIgnoreRequestSignatures

public void setIgnoreRequestSignatures(boolean flag)

Sets whether to bypass verification of request signatures.

Parameters:

flag - flag to set

Since:

4.0.0

setIgnoreRequestSignaturesPredicate

public void setIgnoreRequestSignaturesPredicate(@Nonnull
 Predicate<ProfileRequestContext> condition)

Sets a condition to determine whether to bypass verification of request signatures.

Parameters:

condition - condition to set

Since:

4.0.0

isEncryptionOptional

public boolean isEncryptionOptional(@Nullable
 ProfileRequestContext profileRequestContext)

Specified by:

isEncryptionOptional in interface SAML2ProfileConfiguration

setEncryptionOptional

public void setEncryptionOptional(boolean flag)

Set whether encryption is optional in the face of a missing key, etc.

Parameters:

flag - flag to set

setEncryptionOptionalPredicate

public void setEncryptionOptionalPredicate(@Nonnull
 Predicate<ProfileRequestContext> condition)

Set a condition to determine whether encryption is optional in the face of a missing key, etc.

Parameters:

condition - condition to set

Since:

3.3.0

isEncryptNameIDs

public boolean isEncryptNameIDs(@Nullable
 ProfileRequestContext profileRequestContext)

Specified by:

isEncryptNameIDs in interface SAML2ProfileConfiguration

setEncryptNameIDs

public void setEncryptNameIDs(boolean flag)

Set whether name identifiers should be encrypted.

Parameters:

flag - flag to set

setEncryptNameIDsPredicate

public void setEncryptNameIDsPredicate(@Nonnull
 Predicate<ProfileRequestContext> predicate)

Set the predicate used to determine if name identifiers should be encrypted.

Parameters:

predicate - predicate used to determine if name identifiers should be encrypted

Since:

4.0.0