org.opensaml.saml.common.binding.security.impl.SAMLMDClientCertAuthSecurityHandler

All Implemented Interfaces:: Component, DestructableComponent, InitializableComponent, MessageHandler

public class SAMLMDClientCertAuthSecurityHandler extends BaseClientCertAuthSecurityHandler

SAML specialization of BaseClientCertAuthSecurityHandler which provides support for X509Credential trust engine validation based on SAML metadata.

The authenticatable entity data is read from and stored to the subcontext identified by getEntityContextClass(), which defaults to SAMLPeerEntityContext.

Field Summary

Fields

Modifier and Type

Field

Description

private Class<? extends AbstractAuthenticatableSAMLEntityContext>

entityContextClass

The actual context class holding the authenticatable SAML entity.

private org.slf4j.Logger

log

Logger.
Constructor Summary

Constructors

Constructor

Description

SAMLMDClientCertAuthSecurityHandler()

Constructor.
Method Summary

Modifier and Type

Method

Description

protected CriteriaSet

buildCriteriaSet(String entityID, MessageContext messageContext)

protected String

getCertificatePresenterEntityID(MessageContext messageContext)

Class<? extends AbstractAuthenticatableSAMLEntityContext>

getEntityContextClass()

Get the class type holding the authenticatable SAML entity data.

protected void

setAuthenticatedCertificatePresenterEntityID(MessageContext messageContext, String entityID)

protected void

setAuthenticatedState(MessageContext messageContext, boolean authenticated)

void

setEntityContextClass(Class<? extends AbstractAuthenticatableSAMLEntityContext> clazz)

Set the class type holding the authenticatable SAML entity data.

Methods inherited from class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler
doEvaluate, doInitialize, doInvoke, doPreInvoke, evaluateCertificateNameDerivedPresenters, evaluateDerivedPresenters, evaluateSubjectAltNames, evaluateSubjectCommonName, evaluateSubjectDN, getAltNames, getCertificateNameOptions, getCommonName, getHttpServletRequest, getHttpServletRequestSupplier, getSubjectName, resolveTrustEngine, setHttpServletRequestSupplier

Methods inherited from class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler
evaluate, evaluate, getTrustEngine

Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler
doPostInvoke, doPostInvoke, getActivationCondition, getLogPrefix, invoke, isPreInvokeCalled, setActivationCondition

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent
checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent
initialize, isInitialized

Field Details
- log
  
  @Nonnull private org.slf4j.Logger log
  
  Logger.
- entityContextClass
  
  @Nonnull private Class<? extends AbstractAuthenticatableSAMLEntityContext> entityContextClass
  
  The actual context class holding the authenticatable SAML entity.
Constructor Details
- SAMLMDClientCertAuthSecurityHandler
  
  public SAMLMDClientCertAuthSecurityHandler()
  
  Constructor.
Method Details
- getEntityContextClass
  
  @Nonnull public Class<? extends AbstractAuthenticatableSAMLEntityContext> getEntityContextClass()
  
  Get the class type holding the authenticatable SAML entity data.
  Defaults to: SAMLPeerEntityContext.
  
  Returns:
  
  the entity context class type
- setEntityContextClass
  
  public void setEntityContextClass(@Nonnull Class<? extends AbstractAuthenticatableSAMLEntityContext> clazz)
  
  Set the class type holding the authenticatable SAML entity data.
  Defaults to: SAMLPeerEntityContext.
  
  Parameters:
  
  clazz - the entity context class type
- buildCriteriaSet
  
  @Nonnull protected CriteriaSet buildCriteriaSet(@Nullable String entityID, @Nonnull MessageContext messageContext) throws MessageHandlerException
  
  Overrides:
  
  buildCriteriaSet in class BaseClientCertAuthSecurityHandler
  
  Throws:
  
  MessageHandlerException
- getCertificatePresenterEntityID
  
  @Nullable protected String getCertificatePresenterEntityID(@Nonnull MessageContext messageContext)
  
  Specified by:
  
  getCertificatePresenterEntityID in class BaseClientCertAuthSecurityHandler
- setAuthenticatedCertificatePresenterEntityID
  
  protected void setAuthenticatedCertificatePresenterEntityID(@Nonnull MessageContext messageContext, @Nullable String entityID)
  
  Specified by:
  
  setAuthenticatedCertificatePresenterEntityID in class BaseClientCertAuthSecurityHandler
- setAuthenticatedState
  
  protected void setAuthenticatedState(@Nonnull MessageContext messageContext, boolean authenticated)
  
  Specified by:
  
  setAuthenticatedState in class BaseClientCertAuthSecurityHandler

Class SAMLMDClientCertAuthSecurityHandler

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler

Methods inherited from class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler

Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

Field Details

log

entityContextClass

Constructor Details

SAMLMDClientCertAuthSecurityHandler

Method Details

getEntityContextClass

setEntityContextClass

buildCriteriaSet

getCertificatePresenterEntityID

setAuthenticatedCertificatePresenterEntityID

setAuthenticatedState