Package org.opensaml.saml.common.profile.impl

Class SignAssertions

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.saml.common.profile.impl.SignAssertions

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction

public class SignAssertions
extends AbstractProfileAction

Action that signs assertions in a SAML 1/2 Response returned by a lookup strategy, by default the message returned by InOutOperationContext.getOutboundMessageContext().

The SecurityParametersContext governing the signing process is located by a lookup strategy, by default a child of the profile request context.

Event:

EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX

Field Summary

Fields

Modifier and Type	Field	Description
private final org.slf4j.Logger	log	Class logger.
private SAMLObject	response	The response containing the assertions to be signed.
private Function<ProfileRequestContext,SAMLObject>	responseLookupStrategy	Strategy used to locate the response to operate on.
private Function<ProfileRequestContext,SecurityParametersContext>	securityParametersLookupStrategy	Strategy used to locate the SecurityParametersContext to use for signing.
private SignatureSigningParameters	signatureSigningParameters	The signature signing parameters.

Constructor Summary

Constructors

Constructor	Description
SignAssertions()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext)	Performs this action.
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext)	Called prior to execution, actions may override this method to perform pre-processing for a request.
private void	logResponse(String message)	Log the Response with the given message at trace level.
void	setResponseLookupStrategy(Function<ProfileRequestContext,SAMLObject> strategy)	Set the strategy used to locate the response to operate on.
void	setSecurityParametersLookupStrategy(Function<ProfileRequestContext,SecurityParametersContext> strategy)	Set the strategy used to locate the SecurityParametersContext to use.

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, ensureHttpServletRequest, ensureHttpServletResponse, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, isPreExecuteCalled, setHttpServletRequestSupplier, setHttpServletResponseSupplier

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, doInitialize, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

initialize, isInitialized

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

responseLookupStrategy

@Nonnull
private Function<ProfileRequestContext,SAMLObject> responseLookupStrategy

Strategy used to locate the response to operate on.

securityParametersLookupStrategy

@Nonnull
private Function<ProfileRequestContext,SecurityParametersContext> securityParametersLookupStrategy

Strategy used to locate the SecurityParametersContext to use for signing.

signatureSigningParameters

@NonnullBeforeExec
private SignatureSigningParameters signatureSigningParameters

The signature signing parameters.

response

@NonnullBeforeExec
private SAMLObject response

The response containing the assertions to be signed.

Constructor Details

SignAssertions

public SignAssertions()

Constructor.

Method Details

setResponseLookupStrategy

public void setResponseLookupStrategy(@Nonnull
 Function<ProfileRequestContext,SAMLObject> strategy)

Set the strategy used to locate the response to operate on.

Parameters:

strategy - lookup strategy

setSecurityParametersLookupStrategy

public void setSecurityParametersLookupStrategy(@Nonnull
 Function<ProfileRequestContext,SecurityParametersContext> strategy)

Set the strategy used to locate the SecurityParametersContext to use.

Parameters:

strategy - lookup strategy

doPreExecute

protected boolean doPreExecute(@Nonnull
 ProfileRequestContext profileRequestContext)

Called prior to execution, actions may override this method to perform pre-processing for a request.

If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.

If returning successfully, the last step should be to return the result of the superclass version of this method.

Overrides:

doPreExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

Returns:

true iff execution should proceed

doExecute

protected void doExecute(@Nonnull
 ProfileRequestContext profileRequestContext)

Performs this action. Actions must override this method to perform their work.

Overrides:

doExecute in class AbstractProfileAction

Parameters:

profileRequestContext - the current IdP profile request context

logResponse

private void logResponse(@Nonnull
 String message)

Log the Response with the given message at trace level.

Parameters:

message - the log message