Spring Security SAML

org.springframework.security.saml.context
Class SAMLMessageContext

java.lang.Object
  extended by org.opensaml.ws.message.BaseMessageContext
      extended by org.opensaml.common.binding.BasicSAMLMessageContext
          extended by org.springframework.security.saml.context.SAMLMessageContext
All Implemented Interfaces:
org.opensaml.common.binding.SAMLMessageContext, org.opensaml.ws.message.MessageContext

public class SAMLMessageContext
extends org.opensaml.common.binding.BasicSAMLMessageContext

Message context with Spring Extension SAML module specific values.

Author:
Vladimir Schaefer

Constructor Summary
SAMLMessageContext()
           
 
Method Summary
 String getInboundSAMLBinding()
          Binding used to deliver the current message.
 org.opensaml.saml2.encryption.Decrypter getLocalDecrypter()
          Object capable of decrypting data signed for this entity.
 org.opensaml.saml2.metadata.Endpoint getLocalEntityEndpoint()
          Endpoint the incoming message (if any) was received at.
 ExtendedMetadata getLocalExtendedMetadata()
          Extended metadata of the local entity
 org.opensaml.xml.security.credential.Credential getLocalSigningCredential()
          Credential used to sign messages sent from this entity.
 org.opensaml.xml.security.x509.X509Credential getLocalSSLCredential()
          Credential used to authenticate this instance against peers using SSL/TLS .
 org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> getLocalSSLTrustEngine()
          Trust engine used to verify server certificate in SSL/TLS connections.
 org.opensaml.xml.signature.SignatureTrustEngine getLocalTrustEngine()
          Mechanism able to determine whether incoming message signature should be trusted.
 SAMLMessageStorage getMessageStorage()
          Storage messages sent during processing of this context.
 ExtendedMetadata getPeerExtendedMetadata()
          Extended metadata of the peer entity.
 org.opensaml.xml.security.x509.X509Credential getPeerSSLCredential()
          Certificate used the peer entity used to authenticate against our server as part of the SSL/TLS connection.
 boolean isPeerUserSelected()
          Determines whether the peer entity was determined automatically (e.g.
 void setInboundSAMLBinding(String inboundSAMLBinding)
          Binding used to deliver the current message.
 void setLocalDecrypter(org.opensaml.saml2.encryption.Decrypter localDecrypter)
           
 void setLocalEntityEndpoint(org.opensaml.saml2.metadata.Endpoint localEntityEndpoint)
           
 void setLocalExtendedMetadata(ExtendedMetadata localExtendedMetadata)
           
 void setLocalSigningCredential(org.opensaml.xml.security.credential.Credential localSigningCredential)
           
 void setLocalSSLCredential(org.opensaml.xml.security.x509.X509Credential localSSLCredential)
           
 void setLocalSSLTrustEngine(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> localSSLTrustEngine)
           
 void setLocalTrustEngine(org.opensaml.xml.signature.SignatureTrustEngine localTrustEngine)
           
 void setMessageStorage(SAMLMessageStorage messageStorage)
          Sets message storage for this context.
 void setPeerExtendedMetadata(ExtendedMetadata peerExtendedMetadata)
           
 void setPeerSSLCredential(org.opensaml.xml.security.x509.X509Credential peerSSLCredential)
           
 void setPeerUserSelected(boolean peerUserSelected)
           
 
Methods inherited from class org.opensaml.common.binding.BasicSAMLMessageContext
getInboundSAMLMessage, getInboundSAMLMessageId, getInboundSAMLMessageIssueInstant, getInboundSAMLProtocol, getLocalEntityId, getLocalEntityMetadata, getLocalEntityRole, getLocalEntityRoleMetadata, getMetadataProvider, getOuboundSAMLMessageSigningCredential, getOutboundMessageArtifactType, getOutboundSAMLMessage, getOutboundSAMLMessageId, getOutboundSAMLMessageIssueInstant, getOutboundSAMLProtocol, getPeerEntityEndpoint, getPeerEntityId, getPeerEntityMetadata, getPeerEntityRole, getPeerEntityRoleMetadata, getRelayState, getSubjectNameIdentifier, isInboundSAMLMessageAuthenticated, isIssuerAuthenticated, setInboundSAMLMessage, setInboundSAMLMessageAuthenticated, setInboundSAMLMessageId, setInboundSAMLMessageIssueInstant, setInboundSAMLProtocol, setLocalEntityId, setLocalEntityMetadata, setLocalEntityRole, setLocalEntityRoleMetadata, setMetadataProvider, setOutboundMessageArtifactType, setOutboundSAMLMessage, setOutboundSAMLMessageId, setOutboundSAMLMessageIssueInstant, setOutboundSAMLMessageSigningCredential, setOutboundSAMLProtocol, setPeerEntityEndpoint, setPeerEntityId, setPeerEntityMetadata, setPeerEntityRole, setPeerEntityRoleMetadata, setRelayState, setSubjectNameIdentifier
 
Methods inherited from class org.opensaml.ws.message.BaseMessageContext
getCommunicationProfileId, getInboundMessage, getInboundMessageIssuer, getInboundMessageTransport, getOutboundHandlerChainResolver, getOutboundMessage, getOutboundMessageIssuer, getOutboundMessageTransport, getPostSecurityInboundHandlerChainResolver, getPreSecurityInboundHandlerChainResolver, getSecurityPolicyResolver, setCommunicationProfileId, setInboundMessage, setInboundMessageIssuer, setInboundMessageTransport, setOutboundHandlerChainResolver, setOutboundMessage, setOutboundMessageIssuer, setOutboundMessageTransport, setPostSecurityInboundHandlerChainResolver, setPreSecurityInboundHandlerChainResolver, setSecurityPolicyResolver
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.opensaml.ws.message.MessageContext
getCommunicationProfileId, getInboundMessage, getInboundMessageIssuer, getInboundMessageTransport, getOutboundHandlerChainResolver, getOutboundMessage, getOutboundMessageIssuer, getOutboundMessageTransport, getPostSecurityInboundHandlerChainResolver, getPreSecurityInboundHandlerChainResolver, getSecurityPolicyResolver, setCommunicationProfileId, setInboundMessage, setInboundMessageIssuer, setInboundMessageTransport, setOutboundHandlerChainResolver, setOutboundMessage, setOutboundMessageIssuer, setOutboundMessageTransport, setPostSecurityInboundHandlerChainResolver, setPreSecurityInboundHandlerChainResolver, setSecurityPolicyResolver
 

Constructor Detail

SAMLMessageContext

public SAMLMessageContext()
Method Detail

getLocalExtendedMetadata

public ExtendedMetadata getLocalExtendedMetadata()
Extended metadata of the local entity

Returns:
local extended metadata

setLocalExtendedMetadata

public void setLocalExtendedMetadata(ExtendedMetadata localExtendedMetadata)

getPeerExtendedMetadata

public ExtendedMetadata getPeerExtendedMetadata()
Extended metadata of the peer entity.

Returns:
metadata

setPeerExtendedMetadata

public void setPeerExtendedMetadata(ExtendedMetadata peerExtendedMetadata)

getLocalDecrypter

public org.opensaml.saml2.encryption.Decrypter getLocalDecrypter()
Object capable of decrypting data signed for this entity.

Returns:
decrypter

setLocalDecrypter

public void setLocalDecrypter(org.opensaml.saml2.encryption.Decrypter localDecrypter)

getLocalTrustEngine

public org.opensaml.xml.signature.SignatureTrustEngine getLocalTrustEngine()
Mechanism able to determine whether incoming message signature should be trusted.

Returns:
trust engine used for verification of signatures coming from peers

setLocalTrustEngine

public void setLocalTrustEngine(org.opensaml.xml.signature.SignatureTrustEngine localTrustEngine)

getLocalSigningCredential

public org.opensaml.xml.security.credential.Credential getLocalSigningCredential()
Credential used to sign messages sent from this entity.

Returns:
credential

setLocalSigningCredential

public void setLocalSigningCredential(org.opensaml.xml.security.credential.Credential localSigningCredential)

getLocalSSLTrustEngine

public org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> getLocalSSLTrustEngine()
Trust engine used to verify server certificate in SSL/TLS connections.

Returns:
engine

setLocalSSLTrustEngine

public void setLocalSSLTrustEngine(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> localSSLTrustEngine)

getLocalSSLCredential

public org.opensaml.xml.security.x509.X509Credential getLocalSSLCredential()
Credential used to authenticate this instance against peers using SSL/TLS .

Returns:
credential

setLocalSSLCredential

public void setLocalSSLCredential(org.opensaml.xml.security.x509.X509Credential localSSLCredential)

getPeerSSLCredential

public org.opensaml.xml.security.x509.X509Credential getPeerSSLCredential()
Certificate used the peer entity used to authenticate against our server as part of the SSL/TLS connection. Only used for peer initiated communication.

Returns:
peer credential, when available

setPeerSSLCredential

public void setPeerSSLCredential(org.opensaml.xml.security.x509.X509Credential peerSSLCredential)

getInboundSAMLBinding

public String getInboundSAMLBinding()
Binding used to deliver the current message.

Returns:
incoming binding

setInboundSAMLBinding

public void setInboundSAMLBinding(String inboundSAMLBinding)
Binding used to deliver the current message.

Parameters:
inboundSAMLBinding - binding

getLocalEntityEndpoint

public org.opensaml.saml2.metadata.Endpoint getLocalEntityEndpoint()
Endpoint the incoming message (if any) was received at.

Returns:
endpoint for incoming messages, null otherwise

setLocalEntityEndpoint

public void setLocalEntityEndpoint(org.opensaml.saml2.metadata.Endpoint localEntityEndpoint)

isPeerUserSelected

public boolean isPeerUserSelected()
Determines whether the peer entity was determined automatically (e.g. using defaults) or whether it's a result of explicit user selection.

Returns:
true if peer (IDP) was chosen by user

setPeerUserSelected

public void setPeerUserSelected(boolean peerUserSelected)

getMessageStorage

public SAMLMessageStorage getMessageStorage()
Storage messages sent during processing of this context.

Returns:
message storage, null if sent messages cannot be stored

setMessageStorage

public void setMessageStorage(SAMLMessageStorage messageStorage)
Sets message storage for this context.

Parameters:
messageStorage - message storage or null if storing of messages isn't supported

Spring Security SAML