Class URLEvaluatingMessageChannelSecurity
java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.messaging.handler.AbstractMessageHandler
org.opensaml.messaging.handler.impl.AbstractMessageChannelSecurity
org.opensaml.messaging.handler.impl.URLEvaluatingMessageChannelSecurity
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,MessageHandler
Message handler which populates a
MessageChannelSecurityContext based on evaluating a
target URL resolved via a configured strategy function.-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate booleanFlag controlling whether traffic on the default TLS port is "secure".private org.slf4j.LoggerLogger.private StringThe target resolved URL.private URLBuilderTarget resolved and parsed URL.private Function<MessageContext,String> Function which looks up the URL to evaluate. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidprotected voiddoInvoke(MessageContext messageContext) protected booleandoPreInvoke(MessageContext messageContext) voidsetDefaultPortInsecure(boolean flag) Set whether traffic on the default TLS port is "secure" for the purposes of this action.voidsetURLLookup(Function<MessageContext, String> function) Set the function which looks up the destination URL to evaluate.Methods inherited from class org.opensaml.messaging.handler.impl.AbstractMessageChannelSecurity
ensureParentContext, getParentContext, setParentContextLookupStrategyMethods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler
doPostInvoke, doPostInvoke, getActivationCondition, getLogPrefix, invoke, isPreInvokeCalled, setActivationConditionMethods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent
checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.shared.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private org.slf4j.Logger logLogger. -
defaultPortInsecure
private boolean defaultPortInsecureFlag controlling whether traffic on the default TLS port is "secure". -
urlLookup
Function which looks up the URL to evaluate. -
url
The target resolved URL. -
urlBuilder
Target resolved and parsed URL.
-
-
Constructor Details
-
URLEvaluatingMessageChannelSecurity
public URLEvaluatingMessageChannelSecurity()Constructor.
-
-
Method Details
-
setDefaultPortInsecure
public void setDefaultPortInsecure(boolean flag) Set whether traffic on the default TLS port is "secure" for the purposes of this action.Defaults to "true"
Ordinarily TLS is considered a "secure" channel, but traffic to a default port meant for browser access tends to rely on server certificates that are unsuited to secure messaging use cases. This flag allows software layers to recognize traffic on this port as "insecure" and needing additional security measures.
- Parameters:
flag- flag to set
-
setURLLookup
Set the function which looks up the destination URL to evaluate.- Parameters:
function- the lookup function
-
doInitialize
- Overrides:
doInitializein classAbstractInitializableComponent- Throws:
ComponentInitializationException
-
doPreInvoke
protected boolean doPreInvoke(@Nonnull MessageContext messageContext) throws MessageHandlerException - Overrides:
doPreInvokein classAbstractMessageChannelSecurity- Throws:
MessageHandlerException
-
doInvoke
- Specified by:
doInvokein classAbstractMessageHandler
-