Package org.opensaml.saml.config

Class SAMLConfiguration

java.lang.Object
org.opensaml.saml.config.SAMLConfiguration
public class SAMLConfiguration extends Object
SAML-related configuration information.

The configuration instance to use would typically be retrieved from the ConfigurationService.

  • Field Details

    • saml1ArtifactBuilderFactory

      @Nullable private SAML1ArtifactBuilderFactory saml1ArtifactBuilderFactory
      SAML 1 Artifact factory.

    • saml2ArtifactBuilderFactory

      @Nullable private SAML2ArtifactBuilderFactory saml2ArtifactBuilderFactory
      SAML 2 Artifact factory.

    • allowedBindingURLSchemes

      @Nonnull @Unmodifiable @NotLive private List<String> allowedBindingURLSchemes
      The list of schemes allowed to appear in binding URLs when encoding a message. Defaults to 'http' and 'https'.

  • Constructor Details

    • SAMLConfiguration

      public SAMLConfiguration()
      Constructor.

  • Method Details

    • getSAML1ArtifactBuilderFactory

      @Nullable public SAML1ArtifactBuilderFactory getSAML1ArtifactBuilderFactory()
      Gets the artifact factory for the library.
      Returns:
      artifact factory for the library

    • setSAML1ArtifactBuilderFactory

      public void setSAML1ArtifactBuilderFactory(@Nullable SAML1ArtifactBuilderFactory factory)
      Sets the artifact factory for the library.
      Parameters:
      factory - artifact factory for the library

    • getSAML2ArtifactBuilderFactory

      @Nullable public SAML2ArtifactBuilderFactory getSAML2ArtifactBuilderFactory()
      Gets the artifact factory for the library.
      Returns:
      artifact factory for the library

    • setSAML2ArtifactBuilderFactory

      public void setSAML2ArtifactBuilderFactory(@Nullable SAML2ArtifactBuilderFactory factory)
      Sets the artifact factory for the library.
      Parameters:
      factory - artifact factory for the library

    • getAllowedBindingURLSchemes

      @Nonnull @Unmodifiable @NotLive public List<String> getAllowedBindingURLSchemes()
      Gets the unmodifiable list of schemes allowed to appear in binding URLs when encoding a message.

      All scheme values returned will be lowercased.

      Defaults to 'http' and 'https'.

      Returns:
      list of URL schemes allowed to appear in a message

    • setAllowedBindingURLSchemes

      public void setAllowedBindingURLSchemes(@Nullable List<String> schemes)
      Sets the list of schemes allowed to appear in binding URLs when encoding a message.

      The supplied list will be copied. Values will be normalized: 1) strings will be trimmed, 2) nulls will be removed, and 3) all values will be lowercased.

      Note, the appearance of schemes such as 'javascript' may open the system up to attacks (e.g. cross-site scripting attacks).

      Parameters:
      schemes - URL schemes allowed to appear in a message