SAMLProcessorImpl (Spring Security SAML 1.0.0.RC2 API)

Overview

Package

Class

Tree

Deprecated

Index

Help

Spring Security SAML

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.saml.processor
Class SAMLProcessorImpl

java.lang.Object
  org.springframework.security.saml.processor.SAMLProcessorImpl

All Implemented Interfaces:: SAMLProcessor

public class SAMLProcessorImpl
extends Object
implements SAMLProcessor
extends Object
implements SAMLProcessor

Processor is capable of parsing SAML message from HttpServletRequest and populate the SAMLMessageContext for further validations.

Author:: Vladimir Schäfer

Field Summary
`protected Collection<SAMLBinding>`	`bindings` Bindings supported by this processor.

Constructor Summary
`SAMLProcessorImpl(Collection<SAMLBinding> bindings)` Creates a processor supporting multiple bindings.
`SAMLProcessorImpl(SAMLBinding binding)` Creates a processor supporting a single binding.

Method Summary
`protected SAMLBinding`	`getBinding(org.opensaml.saml2.metadata.Endpoint endpoint)` Determines binding to be used for the given endpoint.
`protected SAMLBinding`	`getBinding(org.opensaml.ws.transport.InTransport transport)` Analyzes the transport object and returns the first binding capable of sending/extracting a SAML message from to/from it.
`protected SAMLBinding`	`getBinding(String bindingName)` Finds binding with the given name.
`protected void`	`populateSecurityPolicy(SAMLMessageContext samlContext, SAMLBinding binding)` Populates security policy to use for the incoming message and sets it in the samlContext as securityPolicyResolver.
`SAMLMessageContext`	`retrieveMessage(SAMLMessageContext samlContext)` Loads incoming SAML message using one of the configured bindings and populates the SAMLMessageContext object with it.
`SAMLMessageContext`	`retrieveMessage(SAMLMessageContext samlContext, SAMLBinding binding)` Loads incoming SAML message using one of the configured bindings and populates the SAMLMessageContext object with it.
`SAMLMessageContext`	`retrieveMessage(SAMLMessageContext samlContext, String binding)` Loads incoming SAML message using one of the configured bindings and populates the SAMLMessageContext object with it.
`SAMLMessageContext`	`sendMessage(SAMLMessageContext samlContext, boolean sign)` Method sends SAML message contained in the context to the specified peerEntityEnpoint.
`protected SAMLMessageContext`	`sendMessage(SAMLMessageContext samlContext, boolean sign, SAMLBinding binding)` Sends SAML message using the given binding.
`SAMLMessageContext`	`sendMessage(SAMLMessageContext samlContext, boolean sign, String bindingName)`
`protected void`	`verifyContext(SAMLMessageContext samlContext)` Verifies that context contains all the required information related to the local entity.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

bindings

protected Collection<SAMLBinding> bindings

Bindings supported by this processor.

Constructor Detail

SAMLProcessorImpl

public SAMLProcessorImpl(SAMLBinding binding)

Creates a processor supporting a single binding.

Parameters:: binding - binding

SAMLProcessorImpl

public SAMLProcessorImpl(Collection<SAMLBinding> bindings)

Creates a processor supporting multiple bindings.

Parameters:: bindings - bindings

Method Detail

retrieveMessage

public SAMLMessageContext retrieveMessage(SAMLMessageContext samlContext,
                                          SAMLBinding binding)
                                   throws org.opensaml.common.SAMLException,
                                          org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                          org.opensaml.ws.message.decoder.MessageDecodingException,
                                          org.opensaml.xml.security.SecurityException

Loads incoming SAML message using one of the configured bindings and populates the SAMLMessageContext object with it. The context is expected to contain inboundMessageTransport and outboundMessageTransport. In case localEntityId, localEntityRole or peerEntityRole is set it will be used, otherwise default SP is loaded as a local entity and IDP presumed as a peer.

Parameters:: samlContext - context; binding - to use for message extraction
Returns:: SAML message context with filled information about the message
Throws:: org.opensaml.common.SAMLException - error retrieving the message from the request; org.opensaml.saml2.metadata.provider.MetadataProviderException - error retrieving metadata; org.opensaml.ws.message.decoder.MessageDecodingException - error decoding the message; org.opensaml.xml.security.SecurityException - error verifying message

populateSecurityPolicy

protected void populateSecurityPolicy(SAMLMessageContext samlContext,
                                      SAMLBinding binding)

Populates security policy to use for the incoming message and sets it in the samlContext as securityPolicyResolver. SecurityPolicy is populated using getSecurityPolicy method of the used binding.

Parameters:: samlContext - saml context to set the policy to; binding - binding used to retrieve the message

retrieveMessage

public SAMLMessageContext retrieveMessage(SAMLMessageContext samlContext,
                                          String binding)
                                   throws org.opensaml.common.SAMLException,
                                          org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                          org.opensaml.ws.message.decoder.MessageDecodingException,
                                          org.opensaml.xml.security.SecurityException

Loads incoming SAML message using one of the configured bindings and populates the SAMLMessageContext object with it.

Specified by:: retrieveMessage in interface SAMLProcessor

Parameters:: samlContext - saml context; binding - to use for message extraction
Returns:: SAML message context with filled information about the message
Throws:: org.opensaml.common.SAMLException - error retrieving the message from the request; org.opensaml.saml2.metadata.provider.MetadataProviderException - error retrieving metadat; org.opensaml.ws.message.decoder.MessageDecodingException - error decoding the message; org.opensaml.xml.security.SecurityException - error verifying message

retrieveMessage

public SAMLMessageContext retrieveMessage(SAMLMessageContext samlContext)
                                   throws org.opensaml.common.SAMLException,
                                          org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                          org.opensaml.ws.message.decoder.MessageDecodingException,
                                          org.opensaml.xml.security.SecurityException

Loads incoming SAML message using one of the configured bindings and populates the SAMLMessageContext object with it.

Specified by:: retrieveMessage in interface SAMLProcessor

Parameters:: samlContext - saml context
Returns:: SAML message context with filled information about the message
Throws:: org.opensaml.common.SAMLException - error retrieving the message from the request; org.opensaml.saml2.metadata.provider.MetadataProviderException - error retrieving metadat; org.opensaml.ws.message.decoder.MessageDecodingException - error decoding the message; org.opensaml.xml.security.SecurityException - error verifying message

sendMessage

public SAMLMessageContext sendMessage(SAMLMessageContext samlContext,
                                      boolean sign)
                               throws org.opensaml.common.SAMLException,
                                      org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                      org.opensaml.ws.message.encoder.MessageEncodingException

Method sends SAML message contained in the context to the specified peerEntityEnpoint. Binding is automatically determined based on the selected endpoint.

Specified by:: sendMessage in interface SAMLProcessor

Parameters:: samlContext - context; sign - true when sent message should be signed
Returns:: resulting context, might be a copy
Throws:: org.opensaml.common.SAMLException; org.opensaml.saml2.metadata.provider.MetadataProviderException; org.opensaml.ws.message.encoder.MessageEncodingException

sendMessage

public SAMLMessageContext sendMessage(SAMLMessageContext samlContext,
                                      boolean sign,
                                      String bindingName)
                               throws org.opensaml.common.SAMLException,
                                      org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                      org.opensaml.ws.message.encoder.MessageEncodingException

Specified by:: sendMessage in interface SAMLProcessor

Throws:: org.opensaml.common.SAMLException; org.opensaml.saml2.metadata.provider.MetadataProviderException; org.opensaml.ws.message.encoder.MessageEncodingException

sendMessage

protected SAMLMessageContext sendMessage(SAMLMessageContext samlContext,
                                         boolean sign,
                                         SAMLBinding binding)
                                  throws org.opensaml.common.SAMLException,
                                         org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                         org.opensaml.ws.message.encoder.MessageEncodingException

Sends SAML message using the given binding. Context is expected to contain outboundMessageTransport. In case localEntityId or localEntityRole is set, it is used, default SP is used otherwise.

Parameters:: samlContext - context; sign - if true sent message is signed; binding - binding to use
Returns:: context
Throws:: org.opensaml.common.SAMLException - in case message can't be sent; org.opensaml.ws.message.encoder.MessageEncodingException - in case message encoding fails; org.opensaml.saml2.metadata.provider.MetadataProviderException - in case metadata for required entities is not found

verifyContext

protected void verifyContext(SAMLMessageContext samlContext)
                      throws org.opensaml.saml2.metadata.provider.MetadataProviderException

Verifies that context contains all the required information related to the local entity.

Parameters:: samlContext - context to populate
Throws:: org.opensaml.saml2.metadata.provider.MetadataProviderException - in case metadata do not contain expected entities

getBinding

protected SAMLBinding getBinding(org.opensaml.ws.transport.InTransport transport)
                          throws org.opensaml.common.SAMLException

Analyzes the transport object and returns the first binding capable of sending/extracting a SAML message from to/from it. In case no binding is found SAMLException is thrown.

Parameters:: transport - transport type to get binding for
Returns:: decoder
Throws:: org.opensaml.common.SAMLException - in case no suitable decoder is found for given request

getBinding

protected SAMLBinding getBinding(org.opensaml.saml2.metadata.Endpoint endpoint)
                          throws org.opensaml.common.SAMLException,
                                 org.opensaml.saml2.metadata.provider.MetadataProviderException

Determines binding to be used for the given endpoint. By default binding returned from getBinding call on the endpoint is used. Speciall handling is used for Holder of Key WebSSO profile endpoints where real binding is stored under hoksso:ProtocolBinding attribute.

Parameters:: endpoint - endpoint t
Returns:: binding
Throws:: org.opensaml.common.SAMLException - in case binding can't be found; org.opensaml.saml2.metadata.provider.MetadataProviderException - in case binding of the endpoint can't be determined
See Also:: SAMLUtil.getBindingForEndpoint(org.opensaml.saml2.metadata.Endpoint)

getBinding

protected SAMLBinding getBinding(String bindingName)
                          throws org.opensaml.common.SAMLException

Finds binding with the given name.

Parameters:: bindingName - name
Returns:: binding
Throws:: org.opensaml.common.SAMLException - in case binding can't be found

Overview

Package

Class

Tree

Deprecated

Index

Help

Spring Security SAML

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.saml.processor Class SAMLProcessorImpl

bindings

SAMLProcessorImpl

SAMLProcessorImpl

retrieveMessage

populateSecurityPolicy

retrieveMessage

retrieveMessage

sendMessage

sendMessage

sendMessage

verifyContext

getBinding

getBinding

getBinding

org.springframework.security.saml.processor
Class SAMLProcessorImpl