Class SAML2AssertionValidationParameters
java.lang.Object
org.opensaml.saml.saml2.assertion.SAML2AssertionValidationParameters
Parameter keys used to store and retrieve static and dynamic parameters within a
ValidationContext.-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringCarries aDurationspecifying a clock skew value.static final StringThe standard infix for parameters concerned with conditions evaluation.static final StringCarries aDurationrepresenting the per-invocation value for the Assertion replay cache expiration.static final Stringstatic final StringCarries aSet<String>whose values are the acceptableAudienceRestrictionAudiencevalues for evaluating the Assertion.static final StringCarries theSubjectConfirmationthat confirmed the subject.static final StringCarries aDurationspecifying a lifetime from 'now' for IssueInstant.static final StringCarries aBooleanflag which indicates whether theSubjectConfirmationDataAddress is required.static final StringCarries aBooleanflag which indicates whether theSubjectConfirmationDataaddress should be checked.static final StringCarries theKeyInfothat successfully confirmed the subject via holder-of-key subject confirmation.static final StringCarries theX509Certificateused by the presenter.static final StringCarries thePublicKeyused by the presenter.static final StringCarries aBooleanflag which indicates whetherSubjectConfirmationDataInResponseTo is required.static final StringThe standard infix for parameters concerned with subject confirmation.static final StringCarries aBooleanflag which indicates whetherSubjectConfirmationDataNotBefore is required.static final StringCarries aBooleanflag which indicates whetherSubjectConfirmationDataNotOnOrAfter is required.static final StringCarries aBooleanflag which indicates whetherSubjectConfirmationDataRecipient is required.static final Stringstatic final StringCarries aStringwhose value is the acceptableSubjectConfirmationDataInResponseTo.static final Stringstatic final StringCarries aBooleanflag which indicates whether the Assertion is required to be signed.static final StringCarries aCriteriaSetwhich will be used as the input to aSignatureTrustEngine.static final StringCarries aSignaturePrevalidatorwhich will be used to pre-validate the Assertion signature.static final StringCarries aSignatureTrustEnginewhich will be used to validate the Assertion signature.static final StringThe standard prefix for all SAML 2 parameters defined in this set.static final StringCarries aBooleanflag which indicates whether the Address attribute of theSubjectLocalityof anAuthnStatementshould be checked.static final StringCarries aDurationused to evaluate the allowed value of an AuthnInstant attribute of anAuthnStatement.static final StringCarries aSet<InetAddress>whose values are the acceptable values for the Address attribute of theSubjectLocalityof anAuthnStatement.static final StringThe standard infix for parameters concerned with statement evaluation.static final String -
Constructor Summary
Constructors -
Method Summary
-
Field Details
-
STD_PREFIX
The standard prefix for all SAML 2 parameters defined in this set.- See Also:
-
SC_INFIX
The standard infix for parameters concerned with subject confirmation.- See Also:
-
COND_INFIX
The standard infix for parameters concerned with conditions evaluation.- See Also:
-
STMT_INFIX
The standard infix for parameters concerned with statement evaluation.- See Also:
-
CLOCK_SKEW
Carries aDurationspecifying a clock skew value.- See Also:
-
LIFETIME
Carries aDurationspecifying a lifetime from 'now' for IssueInstant.- See Also:
-
CONFIRMED_SUBJECT_CONFIRMATION
Carries theSubjectConfirmationthat confirmed the subject.- See Also:
-
VALID_ISSUERS
- See Also:
-
SIGNATURE_REQUIRED
Carries aBooleanflag which indicates whether the Assertion is required to be signed.- See Also:
-
SIGNATURE_VALIDATION_CRITERIA_SET
Carries aCriteriaSetwhich will be used as the input to aSignatureTrustEngine.- See Also:
-
SIGNATURE_VALIDATION_TRUST_ENGINE
Carries aSignatureTrustEnginewhich will be used to validate the Assertion signature.- See Also:
-
SIGNATURE_VALIDATION_PREVALIDATOR
Carries aSignaturePrevalidatorwhich will be used to pre-validate the Assertion signature.- See Also:
-
SC_NOT_BEFORE_REQUIRED
Carries aBooleanflag which indicates whetherSubjectConfirmationDataNotBefore is required.- See Also:
-
SC_NOT_ON_OR_AFTER_REQUIRED
Carries aBooleanflag which indicates whetherSubjectConfirmationDataNotOnOrAfter is required.- See Also:
-
SC_RECIPIENT_REQUIRED
Carries aBooleanflag which indicates whetherSubjectConfirmationDataRecipient is required.- See Also:
-
SC_VALID_RECIPIENTS
- See Also:
-
SC_ADDRESS_REQUIRED
Carries aBooleanflag which indicates whether theSubjectConfirmationDataAddress is required.- See Also:
-
SC_CHECK_ADDRESS
Carries aBooleanflag which indicates whether theSubjectConfirmationDataaddress should be checked.- See Also:
-
SC_VALID_ADDRESSES
- See Also:
-
SC_IN_RESPONSE_TO_REQUIRED
Carries aBooleanflag which indicates whetherSubjectConfirmationDataInResponseTo is required.- See Also:
-
SC_VALID_IN_RESPONSE_TO
Carries aStringwhose value is the acceptableSubjectConfirmationDataInResponseTo.- See Also:
-
SC_HOK_PRESENTER_KEY
Carries thePublicKeyused by the presenter.- See Also:
-
SC_HOK_PRESENTER_CERT
Carries theX509Certificateused by the presenter.- See Also:
-
SC_HOK_CONFIRMED_KEYINFO
Carries theKeyInfothat successfully confirmed the subject via holder-of-key subject confirmation.- See Also:
-
COND_REQUIRED_CONDITIONS
- See Also:
-
COND_VALID_AUDIENCES
Carries aSet<String>whose values are the acceptableAudienceRestrictionAudiencevalues for evaluating the Assertion.- See Also:
-
COND_ONE_TIME_USE_EXPIRES
Carries aDurationrepresenting the per-invocation value for the Assertion replay cache expiration.- See Also:
-
STMT_AUTHN_CHECK_ADDRESS
Carries aBooleanflag which indicates whether the Address attribute of theSubjectLocalityof anAuthnStatementshould be checked.- See Also:
-
STMT_AUTHN_VALID_ADDRESSES
Carries aSet<InetAddress>whose values are the acceptable values for the Address attribute of theSubjectLocalityof anAuthnStatement.- See Also:
-
STMT_AUTHN_MAX_TIME
Carries aDurationused to evaluate the allowed value of an AuthnInstant attribute of anAuthnStatement.- See Also:
-
-
Constructor Details
-
SAML2AssertionValidationParameters
private SAML2AssertionValidationParameters()Constructor.
-