java.lang.Object
- org.opensaml.saml.saml2.assertion.impl.AbstractSubjectConfirmationValidator

All Implemented Interfaces:

org.opensaml.saml.saml2.assertion.SubjectConfirmationValidator

Direct Known Subclasses:

BearerSubjectConfirmationValidator, HolderOfKeySubjectConfirmationValidator, SenderVouchersSubjectConfirmationValidator
```
@ThreadSafe
public abstract class AbstractSubjectConfirmationValidator
extends Object
implements org.opensaml.saml.saml2.assertion.SubjectConfirmationValidator
```
A base class for SubjectConfirmationValidator implementations.
This class takes care of processing the NotBefore, NotOnOrAfter, Recipient, and Address checks.

Supports the following ValidationContext static parameters:
- SAML2AssertionValidationParameters.SC_ADDRESS_REQUIRED: Optional.
- SAML2AssertionValidationParameters.SC_CHECK_ADDRESS: Optional.
- SAML2AssertionValidationParameters.SC_VALID_ADDRESSES: Required if SAML2AssertionValidationParameters.SC_CHECK_ADDRESS is true or omitted, otherwise optional.
- SAML2AssertionValidationParameters.SC_RECIPIENT_REQUIRED: Optional.
- SAML2AssertionValidationParameters.SC_VALID_RECIPIENTS: Required.
- SAML2AssertionValidationParameters.SC_IN_RESPONSE_TO_REQUIRED: Optional.
- SAML2AssertionValidationParameters.SC_VALID_IN_RESPONSE_TO: Required.
- SAML2AssertionValidationParameters.SC_NOT_BEFORE_REQUIRED: Optional.
- SAML2AssertionValidationParameters.SC_NOT_ON_OR_AFTER_REQUIRED: Optional.
Supports the following ValidationContext dynamic parameters:
- None.

Field Summary

Fields
Modifier and Type Field Description

private Logger log
Class logger.

Constructor Summary

Constructors
Constructor Description

AbstractSubjectConfirmationValidator()
Constructor.

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method	Description
`protected abstract org.opensaml.saml.common.assertion.ValidationResult`	`doValidate(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)`	Performs any further validation required for the specific confirmation method implementation.
`protected boolean`	`isAddressRequired(org.opensaml.saml.common.assertion.ValidationContext context)`	Determine whether Address is required.
`protected boolean`	`isInResponseToRequired(org.opensaml.saml.common.assertion.ValidationContext context)`	Determine whether InResponseTo is required.
`protected boolean`	`isNotBeforeRequired(org.opensaml.saml.common.assertion.ValidationContext context)`	Determine whether NotBefore is required.
`protected boolean`	`isNotOnOrAfterRequired(org.opensaml.saml.common.assertion.ValidationContext context)`	Determine whether NotOnOrAfter is required.
`protected boolean`	`isRecipientRequired(org.opensaml.saml.common.assertion.ValidationContext context)`	Determine whether Recipient is required.
`org.opensaml.saml.common.assertion.ValidationResult`	`validate(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context)`
`protected org.opensaml.saml.common.assertion.ValidationResult`	`validateAddress(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context, boolean required)`	Validates the `Address` condition of the `SubjectConfirmationData`, if any is present.
`protected org.opensaml.saml.common.assertion.ValidationResult`	`validateInResponseTo(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context, boolean required)`	Validates the `InResponseTo` condition of the `SubjectConfirmationData`, if any is present.
`protected org.opensaml.saml.common.assertion.ValidationResult`	`validateNotBefore(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context, boolean required)`	Validates the `NotBefore` condition of the `SubjectConfirmationData`, if any is present.
`protected org.opensaml.saml.common.assertion.ValidationResult`	`validateNotOnOrAfter(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context, boolean required)`	Validates the `NotOnOrAfter` condition of the `SubjectConfirmationData`, if any is present.
`protected org.opensaml.saml.common.assertion.ValidationResult`	`validateRecipient(org.opensaml.saml.saml2.core.SubjectConfirmation confirmation, org.opensaml.saml.saml2.core.Assertion assertion, org.opensaml.saml.common.assertion.ValidationContext context, boolean required)`	Validates the `Recipient` condition of the `SubjectConfirmationData`, if any is present.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.opensaml.saml.saml2.assertion.SubjectConfirmationValidator
getServicedMethod

Field Detail
- log
```
private Logger log
```
  Class logger.

Constructor Detail
- AbstractSubjectConfirmationValidator
```
public AbstractSubjectConfirmationValidator()
```
  Constructor.

Method Detail

validate

@Nonnull
public org.opensaml.saml.common.assertion.ValidationResult validate(@Nonnull
                                                                    org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                    @Nonnull
                                                                    org.opensaml.saml.saml2.core.Assertion assertion,
                                                                    @Nonnull
                                                                    org.opensaml.saml.common.assertion.ValidationContext context)
                                                             throws org.opensaml.saml.common.assertion.AssertionValidationException

Specified by:: validate in interface org.opensaml.saml.saml2.assertion.SubjectConfirmationValidator
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException

isAddressRequired
```
protected boolean isAddressRequired(org.opensaml.saml.common.assertion.ValidationContext context)
```
Determine whether Address is required.

Parameters:

context - current validation context

Returns:

true if required, false if not

isRecipientRequired
```
protected boolean isRecipientRequired(org.opensaml.saml.common.assertion.ValidationContext context)
```
Determine whether Recipient is required.

Parameters:

context - current validation context

Returns:

true if required, false if not

isNotBeforeRequired
```
protected boolean isNotBeforeRequired(org.opensaml.saml.common.assertion.ValidationContext context)
```
Determine whether NotBefore is required.

Parameters:

context - current validation context

Returns:

true if required, false if not

isNotOnOrAfterRequired
```
protected boolean isNotOnOrAfterRequired(org.opensaml.saml.common.assertion.ValidationContext context)
```
Determine whether NotOnOrAfter is required.

Parameters:

context - current validation context

Returns:

true if required, false if not

isInResponseToRequired
```
protected boolean isInResponseToRequired(org.opensaml.saml.common.assertion.ValidationContext context)
```
Determine whether InResponseTo is required.

Parameters:

context - current validation context

Returns:

true if required, false if not

validateInResponseTo

protected org.opensaml.saml.common.assertion.ValidationResult validateInResponseTo(@Nonnull
                                                                                   org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                                   @Nonnull
                                                                                   org.opensaml.saml.saml2.core.Assertion assertion,
                                                                                   @Nonnull
                                                                                   org.opensaml.saml.common.assertion.ValidationContext context,
                                                                                   boolean required)
                                                                            throws org.opensaml.saml.common.assertion.AssertionValidationException

Validates the InResponseTo condition of the SubjectConfirmationData, if any is present.

Parameters:: confirmation - confirmation method, with SubjectConfirmationData, being validated; assertion - assertion bearing the confirmation method; context - current validation context; required - whether the InResponseTo value is required
Returns:: the result of the validation evaluation
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException - thrown if there is a problem determining the validity of the NotBefore

validateNotBefore

@Nonnull
protected org.opensaml.saml.common.assertion.ValidationResult validateNotBefore(@Nonnull
                                                                                org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                                @Nonnull
                                                                                org.opensaml.saml.saml2.core.Assertion assertion,
                                                                                @Nonnull
                                                                                org.opensaml.saml.common.assertion.ValidationContext context,
                                                                                boolean required)
                                                                         throws org.opensaml.saml.common.assertion.AssertionValidationException

Validates the NotBefore condition of the SubjectConfirmationData, if any is present.

Parameters:: confirmation - confirmation method, with SubjectConfirmationData, being validated; assertion - assertion bearing the confirmation method; context - current validation context; required -
Returns:: the result of the validation evaluation
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException - thrown if there is a problem determining the validity of the NotBefore

validateNotOnOrAfter

@Nonnull
protected org.opensaml.saml.common.assertion.ValidationResult validateNotOnOrAfter(@Nonnull
                                                                                   org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                                   @Nonnull
                                                                                   org.opensaml.saml.saml2.core.Assertion assertion,
                                                                                   @Nonnull
                                                                                   org.opensaml.saml.common.assertion.ValidationContext context,
                                                                                   boolean required)
                                                                            throws org.opensaml.saml.common.assertion.AssertionValidationException

Validates the NotOnOrAfter condition of the SubjectConfirmationData, if any is present.

Parameters:: confirmation - confirmation method, with SubjectConfirmationData, being validated; assertion - assertion bearing the confirmation method; context - current validation context; required - whether the NotOnOrAfter value is required
Returns:: the result of the validation evaluation
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException - thrown if there is a problem determining the validity of the NotOnOrAFter

validateRecipient

@Nonnull
protected org.opensaml.saml.common.assertion.ValidationResult validateRecipient(@Nonnull
                                                                                org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                                @Nonnull
                                                                                org.opensaml.saml.saml2.core.Assertion assertion,
                                                                                @Nonnull
                                                                                org.opensaml.saml.common.assertion.ValidationContext context,
                                                                                boolean required)
                                                                         throws org.opensaml.saml.common.assertion.AssertionValidationException

Validates the Recipient condition of the SubjectConfirmationData, if any is present.

Parameters:: confirmation - confirmation method being validated; assertion - assertion bearing the confirmation method; context - current validation context; required - whether the Recipient value is required
Returns:: the result of the validation evaluation
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException - thrown if there is a problem determining the validity of the recipient

validateAddress

@Nonnull
protected org.opensaml.saml.common.assertion.ValidationResult validateAddress(@Nonnull
                                                                              org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                              @Nonnull
                                                                              org.opensaml.saml.saml2.core.Assertion assertion,
                                                                              @Nonnull
                                                                              org.opensaml.saml.common.assertion.ValidationContext context,
                                                                              boolean required)
                                                                       throws org.opensaml.saml.common.assertion.AssertionValidationException

Validates the Address condition of the SubjectConfirmationData, if any is present.

Parameters:: confirmation - confirmation method being validated; assertion - assertion bearing the confirmation method; context - current validation context; required - whether the Address value is required
Returns:: the result of the validation evaluation
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException - thrown if there is a problem determining the validity of the address

doValidate

@Nonnull
protected abstract org.opensaml.saml.common.assertion.ValidationResult doValidate(@Nonnull
                                                                                  org.opensaml.saml.saml2.core.SubjectConfirmation confirmation,
                                                                                  @Nonnull
                                                                                  org.opensaml.saml.saml2.core.Assertion assertion,
                                                                                  @Nonnull
                                                                                  org.opensaml.saml.common.assertion.ValidationContext context)
                                                                           throws org.opensaml.saml.common.assertion.AssertionValidationException

Performs any further validation required for the specific confirmation method implementation.

Parameters:: confirmation - confirmation method being validated; assertion - assertion bearing the confirmation method; context - current validation context
Returns:: the result of the validation evaluation
Throws:: org.opensaml.saml.common.assertion.AssertionValidationException - thrown if further validation finds the confirmation method to be invalid

Class AbstractSubjectConfirmationValidator

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.opensaml.saml.saml2.assertion.SubjectConfirmationValidator

Field Detail

log

Constructor Detail

AbstractSubjectConfirmationValidator

Method Detail

validate

isAddressRequired

isRecipientRequired

isNotBeforeRequired