Package org.opensaml.saml.common.binding.security.impl

Class SAMLMDClientCertAuthSecurityHandler

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.messaging.handler.AbstractMessageHandler

org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler<X509Credential>

org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler

org.opensaml.saml.common.binding.security.impl.SAMLMDClientCertAuthSecurityHandler

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, MessageHandler

public class SAMLMDClientCertAuthSecurityHandler
extends BaseClientCertAuthSecurityHandler

SAML specialization of BaseClientCertAuthSecurityHandler which provides support for X509Credential trust engine validation based on SAML metadata.

The authenticatable entity data is read from and stored to the subcontext identified by getEntityContextClass(), which defaults to SAMLPeerEntityContext.

Field Summary

Fields

Modifier and Type	Field	Description
private Class<? extends AbstractAuthenticatableSAMLEntityContext>	entityContextClass	The actual context class holding the authenticatable SAML entity.
private org.slf4j.Logger	log	Logger.

Constructor Summary

Constructors

Constructor	Description
SAMLMDClientCertAuthSecurityHandler()	Constructor.

Method Summary

Modifier and Type	Method	Description
protected CriteriaSet	buildCriteriaSet(String entityID, MessageContext messageContext)
protected String	getCertificatePresenterEntityID(MessageContext messageContext)
Class<? extends AbstractAuthenticatableSAMLEntityContext>	getEntityContextClass()	Get the class type holding the authenticatable SAML entity data.
protected void	setAuthenticatedCertificatePresenterEntityID(MessageContext messageContext, String entityID)
protected void	setAuthenticatedState(MessageContext messageContext, boolean authenticated)
void	setEntityContextClass(Class<? extends AbstractAuthenticatableSAMLEntityContext> clazz)	Set the class type holding the authenticatable SAML entity data.

Methods inherited from class org.opensaml.security.messaging.impl.BaseClientCertAuthSecurityHandler

doEvaluate, doInitialize, doInvoke, doPreInvoke, evaluateCertificateNameDerivedPresenters, evaluateDerivedPresenters, evaluateSubjectAltNames, evaluateSubjectCommonName, evaluateSubjectDN, getAltNames, getCertificateNameOptions, getCommonName, getHttpServletRequest, getSubjectName, resolveTrustEngine, setHttpServletRequest

Methods inherited from class org.opensaml.security.messaging.impl.BaseTrustEngineSecurityHandler

evaluate, evaluate, getTrustEngine

Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler

doPostInvoke, doPostInvoke, getActivationCondition, getLogPrefix, invoke, setActivationCondition

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

private org.slf4j.Logger log

Logger.

entityContextClass

private Class<? extends AbstractAuthenticatableSAMLEntityContext> entityContextClass

The actual context class holding the authenticatable SAML entity.

Constructor Detail

SAMLMDClientCertAuthSecurityHandler

public SAMLMDClientCertAuthSecurityHandler()

Constructor.

Method Detail

getEntityContextClass

@Nonnull
public Class<? extends AbstractAuthenticatableSAMLEntityContext> getEntityContextClass()

Get the class type holding the authenticatable SAML entity data.

Defaults to: SAMLPeerEntityContext.

Returns:

the entity context class type

setEntityContextClass

public void setEntityContextClass(@Nonnull
                                  Class<? extends AbstractAuthenticatableSAMLEntityContext> clazz)

Set the class type holding the authenticatable SAML entity data.

Defaults to: SAMLPeerEntityContext.

Parameters:

clazz - the entity context class type

buildCriteriaSet

@Nonnull
protected CriteriaSet buildCriteriaSet(@Nullable
                                       String entityID,
                                       @Nonnull
                                       MessageContext messageContext)
                                throws MessageHandlerException

Overrides:

buildCriteriaSet in class BaseClientCertAuthSecurityHandler

Throws:

MessageHandlerException

getCertificatePresenterEntityID

@Nullable
protected String getCertificatePresenterEntityID(@Nonnull
                                                 MessageContext messageContext)

Specified by:

getCertificatePresenterEntityID in class BaseClientCertAuthSecurityHandler

setAuthenticatedCertificatePresenterEntityID

protected void setAuthenticatedCertificatePresenterEntityID(@Nonnull
                                                            MessageContext messageContext,
                                                            @Nullable
                                                            String entityID)

Specified by:

setAuthenticatedCertificatePresenterEntityID in class BaseClientCertAuthSecurityHandler

setAuthenticatedState

protected void setAuthenticatedState(@Nonnull
                                     MessageContext messageContext,
                                     boolean authenticated)

Specified by:

setAuthenticatedState in class BaseClientCertAuthSecurityHandler