Spring Security SAML

org.springframework.security.saml.trust
Class MetadataCredentialResolver

java.lang.Object
  extended by org.opensaml.xml.security.credential.AbstractCredentialResolver
      extended by org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver
          extended by org.opensaml.security.MetadataCredentialResolver
              extended by org.springframework.security.saml.trust.MetadataCredentialResolver
All Implemented Interfaces:
org.opensaml.xml.security.credential.CredentialResolver, org.opensaml.xml.security.Resolver<org.opensaml.xml.security.credential.Credential,org.opensaml.xml.security.CriteriaSet>

public class MetadataCredentialResolver
extends org.opensaml.security.MetadataCredentialResolver

Class customizes resolving from metadata by first using values present in the ExtenedeMetadata of an entity.

Author:
Vladimir Schafer

Nested Class Summary
 
Nested classes/interfaces inherited from class org.opensaml.security.MetadataCredentialResolver
org.opensaml.security.MetadataCredentialResolver.MetadataCacheKey, org.opensaml.security.MetadataCredentialResolver.MetadataProviderObserver
 
Field Summary
protected  KeyManager keyManager
          Key manager.
protected  MetadataManager manager
          Metadata manager.
 
Constructor Summary
MetadataCredentialResolver(MetadataManager metadataProvider, KeyManager keyManager)
          Creates new resolver.
 
Method Summary
protected  Collection<org.opensaml.xml.security.credential.Credential> retrieveFromMetadata(String entityID, QName role, String protocol, org.opensaml.xml.security.credential.UsageType usage)
          Method tries to resolve all credentials for the given entityID.
 
Methods inherited from class org.opensaml.security.MetadataCredentialResolver
cacheCredentials, checkCriteriaRequirements, getKeyInfoCredentialResolver, getReadWriteLock, getRoleDescriptors, matchUsage, resolveFromSource, retrieveFromCache, setKeyInfoCredentialResolver
 
Methods inherited from class org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver
isMeetAllCriteria, isUnevaluableSatisfies, resolve, setMeetAllCriteria, setUnevaluableSatisfies
 
Methods inherited from class org.opensaml.xml.security.credential.AbstractCredentialResolver
resolveSingle
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

manager

protected MetadataManager manager
Metadata manager.


keyManager

protected KeyManager keyManager
Key manager.

Constructor Detail

MetadataCredentialResolver

public MetadataCredentialResolver(MetadataManager metadataProvider,
                                  KeyManager keyManager)
Creates new resolver.

Parameters:
metadataProvider - metadata resolver
keyManager - key manger
Method Detail

retrieveFromMetadata

protected Collection<org.opensaml.xml.security.credential.Credential> retrieveFromMetadata(String entityID,
                                                                                           QName role,
                                                                                           String protocol,
                                                                                           org.opensaml.xml.security.credential.UsageType usage)
                                                                                    throws org.opensaml.xml.security.SecurityException
Method tries to resolve all credentials for the given entityID. At first extendedMetadata for the entity is checked, in case any matching credentials are found there they are returned. Otherwise data stored in metadata is used.

Overrides:
retrieveFromMetadata in class org.opensaml.security.MetadataCredentialResolver
Parameters:
entityID - entity ID
role - role
protocol - protocol
usage - usage
Returns:
credentials usable for trust verification or decryption
Throws:
org.opensaml.xml.security.SecurityException - error

Spring Security SAML