Package org.opensaml.saml.saml2.profile.impl

Class DecryptAssertions

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction

org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

org.opensaml.saml.saml2.profile.impl.DecryptAssertions

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction

public class DecryptAssertions
extends AbstractDecryptAction

Action to decrypt an EncryptedAssertion element and replace it with the decrypted Assertion in situ.

All of the built-in SAML message types that may include an EncryptedAssertion are potentially handled, but the actual message to handle is obtained via strategy function, by default the inbound message.

Event:

EventIds.PROCEED_EVENT_ID, SAMLEventIds.DECRYPT_ASSERTION_FAILED

Field Summary

Fields

Modifier and Type	Field	Description
private org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
DecryptAssertions()

Method Summary

Modifier and Type	Method	Description
protected void	doExecute(ProfileRequestContext profileRequestContext)
private Assertion	processEncryptedAssertion(ProfileRequestContext profileRequestContext, EncryptedAssertion encAssert)	Decrypt an EncryptedAssertion and return the result.
private void	processResponse(ProfileRequestContext profileRequestContext, Response response)	Decrypt any EncryptedAssertion found in a response and replace it with the result.

Methods inherited from class org.opensaml.saml.saml2.profile.impl.AbstractDecryptAction

doPreExecute, getDecrypter, getDecryptionPredicate, getSAMLObject, isErrorFatal, setDecryptionPredicate, setErrorFatal, setMessageLookupStrategy, setSecurityParametersContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Detail

DecryptAssertions

public DecryptAssertions()

Method Detail

doExecute

protected void doExecute(@Nonnull
                         ProfileRequestContext profileRequestContext)

Overrides:

doExecute in class AbstractProfileAction

processEncryptedAssertion

@Nullable
private Assertion processEncryptedAssertion(@Nonnull
                                            ProfileRequestContext profileRequestContext,
                                            @Nonnull
                                            EncryptedAssertion encAssert)
                                     throws DecryptionException

Decrypt an EncryptedAssertion and return the result.

Parameters:

profileRequestContext - current profile request context

encAssert - the encrypted object

Returns:

the decrypted assertion, or null if the object did not need decryption

Throws:

DecryptionException - if an error occurs during decryption

processResponse

private void processResponse(@Nonnull
                             ProfileRequestContext profileRequestContext,
                             @Nonnull
                             Response response)
                      throws DecryptionException

Decrypt any EncryptedAssertion found in a response and replace it with the result.

Parameters:

profileRequestContext - current profile request context

response - response to operate on

Throws:

DecryptionException - if an error occurs