Spring Security SAML

org.springframework.security.saml.websso
Class WebSSOProfileECPImpl

java.lang.Object
  extended by org.springframework.security.saml.websso.AbstractProfileBase
      extended by org.springframework.security.saml.websso.WebSSOProfileImpl
          extended by org.springframework.security.saml.websso.WebSSOProfileECPImpl
All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean, WebSSOProfile

public class WebSSOProfileECPImpl
extends WebSSOProfileImpl

Class implementing the SAML ECP Profile and offers capabilities for SP initialized SSO and process Response coming from IDP or IDP initialized SSO. PAOS Binding is supported

Author:
Jonathan Tellier, Vladimir Schaefer

Field Summary
 
Fields inherited from class org.springframework.security.saml.websso.AbstractProfileBase
artifactMap, builderFactory, log, metadata, processor
 
Constructor Summary
WebSSOProfileECPImpl()
           
 
Method Summary
protected  org.opensaml.saml2.ecp.Request getECPRequest(SAMLMessageContext context, WebSSOProfileOptions options)
           
protected  org.opensaml.ws.soap.soap11.Envelope getEnvelope()
           
protected  Request getPAOSRequest(org.opensaml.saml2.metadata.AssertionConsumerService assertionConsumer)
           
 String getProfileIdentifier()
          Implementation are expected to provide an unique identifier for the profile this class implements.
protected  boolean isEndpointSupported(org.opensaml.saml2.metadata.AssertionConsumerService endpoint)
          Determines whether given AssertionConsumerService can be used to deliver messages consumable by this profile.
protected  boolean isEndpointSupported(org.opensaml.saml2.metadata.SingleSignOnService endpoint)
          Determines whether given SingleSignOn service can be used together with this profile.
 void sendAuthenticationRequest(SAMLMessageContext context, WebSSOProfileOptions options)
          Initializes SSO by creating AuthnRequest assertion and sending it to the IDP using the default binding.
 
Methods inherited from class org.springframework.security.saml.websso.WebSSOProfileImpl
buildAuthnContext, buildIDPList, buildReturnAddress, buildScoping, builNameIDPolicy, getAssertionConsumerService, getAuthnRequest, getSingleSignOnService, getSPNameQualifier
 
Methods inherited from class org.springframework.security.saml.websso.AbstractProfileBase
afterPropertiesSet, buildCommonAttributes, generateID, getEndpointBinding, getIssuer, getMaxAssertionTime, getResponseSkew, getStatus, isEndpointMatching, sendMessage, sendMessage, setArtifactMap, setMaxAssertionTime, setMetadata, setProcessor, setResponseSkew, verifyEndpoint, verifyIssuer, verifySignature
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

WebSSOProfileECPImpl

public WebSSOProfileECPImpl()
Method Detail

getProfileIdentifier

public String getProfileIdentifier()
Description copied from class: AbstractProfileBase
Implementation are expected to provide an unique identifier for the profile this class implements.

Overrides:
getProfileIdentifier in class WebSSOProfileImpl
Returns:
profile name

sendAuthenticationRequest

public void sendAuthenticationRequest(SAMLMessageContext context,
                                      WebSSOProfileOptions options)
                               throws org.opensaml.common.SAMLException,
                                      org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                      org.opensaml.ws.message.encoder.MessageEncodingException
Description copied from class: WebSSOProfileImpl
Initializes SSO by creating AuthnRequest assertion and sending it to the IDP using the default binding. Default IDP is used to send the request.

Specified by:
sendAuthenticationRequest in interface WebSSOProfile
Overrides:
sendAuthenticationRequest in class WebSSOProfileImpl
options - values specified by caller to customize format of sent request
Throws:
org.opensaml.common.SAMLException - error initializing SSO
org.opensaml.saml2.metadata.provider.MetadataProviderException - error retrieving needed metadata
org.opensaml.ws.message.encoder.MessageEncodingException - error forming SAML message

isEndpointSupported

protected boolean isEndpointSupported(org.opensaml.saml2.metadata.AssertionConsumerService endpoint)
Description copied from class: WebSSOProfileImpl
Determines whether given AssertionConsumerService can be used to deliver messages consumable by this profile. Bindings POST and Artifact are supported for WebSSO.

Overrides:
isEndpointSupported in class WebSSOProfileImpl
Parameters:
endpoint - endpoint
Returns:
true if endpoint is supported

isEndpointSupported

protected boolean isEndpointSupported(org.opensaml.saml2.metadata.SingleSignOnService endpoint)
Description copied from class: WebSSOProfileImpl
Determines whether given SingleSignOn service can be used together with this profile. Bindings POST, Artifact and Redirect are supported for WebSSO.

Overrides:
isEndpointSupported in class WebSSOProfileImpl
Parameters:
endpoint - endpoint
Returns:
true if endpoint is supported

getPAOSRequest

protected Request getPAOSRequest(org.opensaml.saml2.metadata.AssertionConsumerService assertionConsumer)

getECPRequest

protected org.opensaml.saml2.ecp.Request getECPRequest(SAMLMessageContext context,
                                                       WebSSOProfileOptions options)

getEnvelope

protected org.opensaml.ws.soap.soap11.Envelope getEnvelope()

Spring Security SAML