Class VerifyChannelBindings
java.lang.Object
net.shibboleth.shared.component.AbstractInitializableComponent
org.opensaml.profile.action.AbstractProfileAction
org.opensaml.saml.common.profile.impl.VerifyChannelBindings
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,ProfileAction
Action that verifies two sets of
ChannelBindings from two different ChannelBindingsContext
objects obtained via lookup functions, by default from below the inbound message context and from below
a SOAP11Context below the inbound message context.
If neither function supplies a non-empty ChannelBindingsContext, then there is no verification
required, but if either one supplies a non-empty context, then a match must be achieved or an error event
is signaled.
If verification is successful, then the resulting match is stored in a new ChannelBindingsContext
object created from a lookup/creation function, by default below the outbound message context.
- Event:
EventIds.PROCEED_EVENT_ID,SAMLEventIds.CHANNEL_BINDINGS_ERROR- Precondition:
ChannelBindingsContextobjects to be returned from lookup functions must be populated.- Postcondition:
- Upon successful verification, a
ChannelBindingsContextobject will be created as described.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate ChannelBindingsContextThe first set of bindings.private ChannelBindingsContextThe second set of bindings.Strategy used to locate or create the context to save the verified result in.Strategy used to locate the first set of bindings to operate on.Strategy used to locate the second set of bindings to operate on.private final org.slf4j.LoggerClass logger. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoExecute(ProfileRequestContext profileRequestContext) Performs this action.protected booleandoPreExecute(ProfileRequestContext profileRequestContext) Called prior to execution, actions may override this method to perform pre-processing for a request.voidSet the strategy used to create or locate theChannelBindingsContextto save verified results in.voidSet the strategy used to locate the firstChannelBindingsContextto operate on.voidSet the strategy used to locate the secondChannelBindingsContextto operate on.Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, ensureHttpServletRequest, ensureHttpServletResponse, execute, getHttpServletRequest, getHttpServletRequestSupplier, getHttpServletResponse, getHttpServletResponseSupplier, getLogPrefix, isPreExecuteCalled, setHttpServletRequestSupplier, setHttpServletResponseSupplierMethods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent
checkComponentActive, checkSetterPreconditions, destroy, doDestroy, doInitialize, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.shared.component.InitializableComponent
initialize, isInitialized
-
Field Details
-
log
@Nonnull private final org.slf4j.Logger logClass logger. -
channelBindingsLookupStrategy1
@Nonnull private Function<ProfileRequestContext,ChannelBindingsContext> channelBindingsLookupStrategy1Strategy used to locate the first set of bindings to operate on. -
channelBindingsLookupStrategy2
@Nonnull private Function<ProfileRequestContext,ChannelBindingsContext> channelBindingsLookupStrategy2Strategy used to locate the second set of bindings to operate on. -
channelBindingsCreationStrategy
@Nonnull private Function<ProfileRequestContext,ChannelBindingsContext> channelBindingsCreationStrategyStrategy used to locate or create the context to save the verified result in. -
channelBindingsContext1
The first set of bindings. -
channelBindingsContext2
The second set of bindings.
-
-
Constructor Details
-
VerifyChannelBindings
public VerifyChannelBindings()Constructor.
-
-
Method Details
-
setChannelBindingsLookupStrategy1
public void setChannelBindingsLookupStrategy1(@Nonnull Function<ProfileRequestContext, ChannelBindingsContext> strategy) Set the strategy used to locate the firstChannelBindingsContextto operate on.- Parameters:
strategy- lookup strategy
-
setChannelBindingsLookupStrategy2
public void setChannelBindingsLookupStrategy2(@Nonnull Function<ProfileRequestContext, ChannelBindingsContext> strategy) Set the strategy used to locate the secondChannelBindingsContextto operate on.- Parameters:
strategy- lookup strategy
-
setChannelBindingsCreationStrategy
public void setChannelBindingsCreationStrategy(@Nonnull Function<ProfileRequestContext, ChannelBindingsContext> strategy) Set the strategy used to create or locate theChannelBindingsContextto save verified results in.- Parameters:
strategy- lookup/creation strategy
-
doPreExecute
Called prior to execution, actions may override this method to perform pre-processing for a request.If false is returned, execution will not proceed, and the action should attach an
EventContextto the context tree to signal how to continue with overall workflow processing.If returning successfully, the last step should be to return the result of the superclass version of this method.
- Overrides:
doPreExecutein classAbstractProfileAction- Parameters:
profileRequestContext- the current IdP profile request context- Returns:
- true iff execution should proceed
-
doExecute
Performs this action. Actions must override this method to perform their work.- Overrides:
doExecutein classAbstractProfileAction- Parameters:
profileRequestContext- the current IdP profile request context
-