Package org.opensaml.profile.action.impl

Class HttpServletRequestMessageChannelSecurity

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.profile.action.impl.AbstractMessageChannelSecurity

org.opensaml.profile.action.impl.HttpServletRequestMessageChannelSecurity

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction

public class HttpServletRequestMessageChannelSecurity
extends AbstractMessageChannelSecurity

Profile action which populates a MessageChannelSecurityContext based on a HttpServletRequest.

Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_PROFILE_CTX

Field Summary

Fields

Modifier and Type	Field	Description
private boolean	defaultPortInsecure	Flag controlling whether traffic on the default TLS port is "secure".

Constructor Summary

Constructors

Constructor	Description
HttpServletRequestMessageChannelSecurity()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext)	Performs this action.
protected void	doInitialize()
void	setDefaultPortInsecure(boolean flag)	Set whether traffic on the default TLS port is "secure" for the purposes of this action.

Methods inherited from class org.opensaml.profile.action.impl.AbstractMessageChannelSecurity

doPreExecute, ensureParentContext, getParentContext, setParentContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, ensureHttpServletRequest, ensureHttpServletResponse, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, isPreExecuteCalled, setHttpServletRequestSupplier, setHttpServletResponseSupplier

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

initialize, isInitialized

Field Details

defaultPortInsecure

private boolean defaultPortInsecure

Flag controlling whether traffic on the default TLS port is "secure".

Constructor Details

HttpServletRequestMessageChannelSecurity

public HttpServletRequestMessageChannelSecurity()

Constructor.

Method Details

setDefaultPortInsecure

public void setDefaultPortInsecure(boolean flag)

Set whether traffic on the default TLS port is "secure" for the purposes of this action.

Defaults to "true"

Ordinarily TLS is considered a "secure" channel, but traffic to a default port meant for browser access tends to rely on server certificates that are unsuited to secure messaging use cases. This flag allows software layers to recognize traffic on this port as "insecure" and needing additional security measures.

Parameters:

flag - flag to set

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doExecute

protected void doExecute(@Nonnull
 ProfileRequestContext profileRequestContext)

Performs this action. Actions must override this method to perform their work.

Overrides:

doExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context