BaseTrustEngineSecurityHandler (OpenSAML :: Security Implementation 3.0.0-alpha1 API)

java.lang.Object
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
- - org.opensaml.messaging.handler.AbstractMessageHandler<MessageType>
  - - org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler<TokenType,MessageType>

Type Parameters:
TokenType - type of token which is being evaluated by the underlying trust engine
MessageType - type of message contained in the message context being evaluated

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, MessageHandler<MessageType>

Direct Known Subclasses:

BaseClientCertAuthSecurityHandler
```
public abstract class BaseTrustEngineSecurityHandler<TokenType,MessageType>
extends AbstractMessageHandler<MessageType>
```
Base rule which uses a trust engine to evaluate a token extracted from the request or message.

Field Summary

Fields
Modifier and Type Field and Description

private Logger log
Logger.

private TrustEngine<TokenType> trustEngine
Trust engine used to verify the particular token type.

Fields
Modifier and Type	Field and Description
`private Logger`	`log` Logger.
`private TrustEngine<TokenType>`	`trustEngine` Trust engine used to verify the particular token type.

Constructor Summary

Constructors
Constructor and Description

BaseTrustEngineSecurityHandler()

Constructors
Constructor and Description
`BaseTrustEngineSecurityHandler()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected abstract net.shibboleth.utilities.java.support.resolver.CriteriaSet`	`buildCriteriaSet(String entityID, MessageContext<MessageType> messageContext)` Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.
`protected void`	`doInitialize()`
`protected boolean`	`evaluate(TokenType token, net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)` Evaluate the token against the specified criteria using the configured trust engine.
`protected boolean`	`evaluate(TokenType token, String entityID, MessageContext<MessageType> messageContext)` Evaluate the token using the configured trust engine against criteria built using the specified candidate issuer entity ID and message context information.
`TrustEngine<TokenType>`	`getTrustEngine()` Gets the engine used to validate the untrusted token.
`void`	`setTrustEngine(TrustEngine<TokenType> engine)` Sets the engine used to validate the untrusted token.

Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler
doInvoke, doPostInvoke, doPostInvoke, doPreInvoke, getLogPrefix, invoke

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

- Field Detail
  - log
```
private final Logger log
```
    Logger.
  - trustEngine
```
private TrustEngine<TokenType> trustEngine
```
    Trust engine used to verify the particular token type.
- Constructor Detail
  - BaseTrustEngineSecurityHandler
```
public BaseTrustEngineSecurityHandler()
```
- Method Detail
  - getTrustEngine
```
public TrustEngine<TokenType> getTrustEngine()
```
    Gets the engine used to validate the untrusted token.
    
    Returns:
    engine engine used to validate the untrusted token
  - setTrustEngine
```
public void setTrustEngine(TrustEngine<TokenType> engine)
```
    Sets the engine used to validate the untrusted token.
    
    Parameters:
    engine - engine used to validate the untrusted token
  - doInitialize
```
protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
```
    Overrides:
    
    doInitialize in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
    
    Throws:
    
    net.shibboleth.utilities.java.support.component.ComponentInitializationException
  - buildCriteriaSet
```
protected abstract net.shibboleth.utilities.java.support.resolver.CriteriaSet buildCriteriaSet(String entityID,
                                                                          MessageContext<MessageType> messageContext)
                                                                                        throws MessageHandlerException
```
    Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.
    
    Parameters:
    entityID - the candidate issuer entity ID which is being evaluated
    messageContext - the message context which is being evaluated
    
    Returns:
    a newly constructly set of criteria suitable for the configured trust engine
    
    Throws:
    
    MessageHandlerException - thrown if criteria set can not be constructed
  - evaluate
```
protected boolean evaluate(TokenType token,
               String entityID,
               MessageContext<MessageType> messageContext)
                    throws MessageHandlerException
```
    Evaluate the token using the configured trust engine against criteria built using the specified candidate issuer entity ID and message context information.
    
    Parameters:
    token - the token to be evaluated
    entityID - the candidate issuer entity ID which is being evaluated
    messageContext - the message context which is being evaluated
    
    Returns:
    true if the token satisfies the criteria as determined by the trust engine, otherwise false
    
    Throws:
    
    MessageHandlerException - thrown if there is a fatal error during trust engine evaluation
  - evaluate
```
protected boolean evaluate(TokenType token,
               net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)
                    throws MessageHandlerException
```
    Evaluate the token against the specified criteria using the configured trust engine.
    
    Parameters:
    token - the token to be evaluated
    criteriaSet - the set of criteria against which to evaluate the token
    
    Returns:
    true if the token satisfies the criteria as determined by the trust engine, otherwise false
    
    Throws:
    
    MessageHandlerException - thrown if there is a fatal error during trust engine evaluation

Class BaseTrustEngineSecurityHandler<TokenType,MessageType>

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

Field Detail

log

trustEngine

Constructor Detail

BaseTrustEngineSecurityHandler

Method Detail

getTrustEngine

setTrustEngine

doInitialize

buildCriteriaSet

evaluate

evaluate