Spring Security SAML

org.springframework.security.saml
Class SAMLCredential

java.lang.Object
  extended by org.springframework.security.saml.SAMLCredential
All Implemented Interfaces:
Serializable

public class SAMLCredential
extends Object
implements Serializable

Object is a storage for entities parsed from SAML2 response during it's authentication. The object is stored as credential object inside the Authentication returned after the authentication success.

The SAML entities (NameID, Assertion) are internally stored in SAMLObject to permit their serialization.

Author:
Vladimir Schafer
See Also:
Serialized Form

Constructor Summary
SAMLCredential(org.opensaml.saml2.core.NameID nameID, org.opensaml.saml2.core.Assertion authenticationAssertion, String remoteEntityID, List<org.opensaml.saml2.core.Attribute> attributes, String localEntityID)
          Created unmodifiable SAML credential object.
SAMLCredential(org.opensaml.saml2.core.NameID nameID, org.opensaml.saml2.core.Assertion authenticationAssertion, String remoteEntityID, String localEntityID)
          Created unmodifiable SAML credential object.
SAMLCredential(org.opensaml.saml2.core.NameID nameID, org.opensaml.saml2.core.Assertion authenticationAssertion, String remoteEntityID, String relayState, List<org.opensaml.saml2.core.Attribute> attributes, String localEntityID)
          Created unmodifiable SAML credential object.
SAMLCredential(org.opensaml.saml2.core.NameID nameID, org.opensaml.saml2.core.Assertion authenticationAssertion, String remoteEntityID, String relayState, List<org.opensaml.saml2.core.Attribute> attributes, String localEntityID, Serializable additionalData)
          Created unmodifiable SAML credential object which contains additional customer specified data.
 
Method Summary
 org.opensaml.saml2.core.Attribute getAttributeByName(String name)
          Method searches for the first occurrence of the attribute with given name and returns it.
 List<org.opensaml.saml2.core.Attribute> getAttributes()
          Unmodifiable list of all attributes loaded from the assertions received during SSO.
 org.opensaml.saml2.core.Assertion getAuthenticationAssertion()
          Assertion issued by IDP as part of the authentication process.
 String getLocalEntityID()
          Entity ID of the local actor.
 org.opensaml.saml2.core.NameID getNameID()
          NameID returned from IDP as part of the authentication process.
 String getRelayState()
           
 String getRemoteEntityID()
          Entity ID of the IDP which issued the assertion.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SAMLCredential

public SAMLCredential(org.opensaml.saml2.core.NameID nameID,
                      org.opensaml.saml2.core.Assertion authenticationAssertion,
                      String remoteEntityID,
                      String localEntityID)
Created unmodifiable SAML credential object.

Parameters:
nameID - name ID of the authenticated entity
authenticationAssertion - assertion used to validate the entity
remoteEntityID - identifier of IDP where the assertion came from
localEntityID - local entity ID

SAMLCredential

public SAMLCredential(org.opensaml.saml2.core.NameID nameID,
                      org.opensaml.saml2.core.Assertion authenticationAssertion,
                      String remoteEntityID,
                      List<org.opensaml.saml2.core.Attribute> attributes,
                      String localEntityID)
Created unmodifiable SAML credential object.

Parameters:
nameID - name ID of the authenticated entity
authenticationAssertion - assertion used to validate the entity
remoteEntityID - identifier of IDP where the assertion came from
attributes - attributes collected from received assertions
localEntityID - local entity ID

SAMLCredential

public SAMLCredential(org.opensaml.saml2.core.NameID nameID,
                      org.opensaml.saml2.core.Assertion authenticationAssertion,
                      String remoteEntityID,
                      String relayState,
                      List<org.opensaml.saml2.core.Attribute> attributes,
                      String localEntityID)
Created unmodifiable SAML credential object.

Parameters:
nameID - name ID of the authenticated entity, may be null
authenticationAssertion - assertion used to validate the entity
remoteEntityID - identifier of IDP where the assertion came from
relayState - relay state received from IDP in case of unsolicited response
attributes - attributes collected from received assertions
localEntityID - local entity ID

SAMLCredential

public SAMLCredential(org.opensaml.saml2.core.NameID nameID,
                      org.opensaml.saml2.core.Assertion authenticationAssertion,
                      String remoteEntityID,
                      String relayState,
                      List<org.opensaml.saml2.core.Attribute> attributes,
                      String localEntityID,
                      Serializable additionalData)
Created unmodifiable SAML credential object which contains additional customer specified data.

Parameters:
nameID - name ID of the authenticated entity, may be null
authenticationAssertion - assertion used to validate the entity
remoteEntityID - identifier of IDP where the assertion came from
relayState - relay state received from IDP in case of unsolicited response
attributes - attributes collected from received assertions
localEntityID - local entity ID
additionalData - custom data created by profile customization
Method Detail

getNameID

public org.opensaml.saml2.core.NameID getNameID()
NameID returned from IDP as part of the authentication process.

Returns:
name id or null if there was no nameID in the assertion used to create the SAMLCredential

getAuthenticationAssertion

public org.opensaml.saml2.core.Assertion getAuthenticationAssertion()
Assertion issued by IDP as part of the authentication process.

Returns:
assertion

getRemoteEntityID

public String getRemoteEntityID()
Entity ID of the IDP which issued the assertion.

Returns:
IDP entity ID

getAttributeByName

public org.opensaml.saml2.core.Attribute getAttributeByName(String name)
Method searches for the first occurrence of the attribute with given name and returns it. Name comparing is only done by "name" attribute, disregarding "friendly-name" and "name-format". Attributes are searched in order as received in SAML message.

Parameters:
name - name of attribute to find
Returns:
the first occurrence of the attribute with the given name or null if not found

getAttributes

public List<org.opensaml.saml2.core.Attribute> getAttributes()
Unmodifiable list of all attributes loaded from the assertions received during SSO. Attributes with the same name might be contained multiple times if received from different assertions. Order of attributes is the same as declared in the received SAML message.

Returns:
unmodifiable list of users attributes

getRelayState

public String getRelayState()
Returns:
null if not set, relayState received from IDP otherwise

getLocalEntityID

public String getLocalEntityID()
Entity ID of the local actor.

Returns:
entity ID

Spring Security SAML