org.picketlink.identity.federation.bindings.jboss.auth

Class SAML2STSLoginModule

java.lang.Object

org.jboss.security.auth.spi.AbstractServerLoginModule

org.picketlink.identity.federation.bindings.jboss.auth.SAMLTokenFromHttpRequestAbstractLoginModule

org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule

org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule

All Implemented Interfaces:

LoginModule

public class SAML2STSLoginModule
extends org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule

This LoginModule implements the local validation of SAML assertions on AS7. The specified localValidationSecurityDomain property must correspond to a AS7 JSSE domain that configures a truststore and a server-alias that identifies the certificate used to validate the assertions.

Author:

Stefan Guilhen

Field Summary

Fields inherited from class org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule

assertion, credential, enableCacheInvalidation, ENDPOINT_ADDRESS, localTestingOnly, localValidation, localValidationSecurityDomain, options, PASSWORD_KEY, PORT_NAME, principal, rawOptions, roleKey, securityDomain, SERVICE_NAME, STS_CONFIG_FILE, stsConfigurationFile, USERNAME_KEY

Fields inherited from class org.picketlink.identity.federation.bindings.jboss.auth.SAMLTokenFromHttpRequestAbstractLoginModule

BASE64_TOKEN_ENCODING, GZIP_TOKEN_ENCODING, logger, NONE_TOKEN_ENCODING, REG_EX_GROUP_KEY, REG_EX_PATTERN_KEY, SAML_TOKEN_HTTP_HEADER_KEY, TOKEN_ENCODING_TYPE_KEY, tokenEncoding, WEB_REQUEST_KEY

Fields inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

callbackHandler, log, loginOk, principalClassName, sharedState, subject, trace, unauthenticatedIdentity, useFirstPass

Constructor Summary

Constructors

Constructor and Description
SAML2STSLoginModule()

Method Summary

Methods

Modifier and Type	Method and Description
protected org.picketlink.identity.federation.core.factories.JBossAuthCacheInvalidationFactory.TimeCacheExpiry	getCacheExpiry()
protected boolean	localValidation(Element assertionElement)

Methods inherited from class org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule

abort, commit, getIdentity, getRoleSets, getSTSClient, initialize, login, logout

Methods inherited from class org.picketlink.identity.federation.bindings.jboss.auth.SAMLTokenFromHttpRequestAbstractLoginModule

getCredentialFromHttpRequest, getSamlTokenHttpHeader, getSamlTokenHttpHeaderRegEx, getSamlTokenHttpHeaderRegExGroup, getTokenEncoding

Methods inherited from class org.jboss.security.auth.spi.AbstractServerLoginModule

createGroup, createIdentity, getCallerPrincipalGroup, getUnauthenticatedIdentity, getUseFirstPass

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SAML2STSLoginModule

public SAML2STSLoginModule()

Method Detail

localValidation

protected boolean localValidation(Element assertionElement)
                           throws Exception

Specified by:

localValidation in class org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule

Throws:

Exception

getCacheExpiry

protected org.picketlink.identity.federation.core.factories.JBossAuthCacheInvalidationFactory.TimeCacheExpiry getCacheExpiry()
                                                                                                                      throws Exception

Specified by:

getCacheExpiry in class org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule

Throws:

Exception