MetadataCredentialResolver (Spring Security SAML 1.0.10.RELEASE API)

java.lang.Object
- org.opensaml.xml.security.credential.AbstractCredentialResolver
- - org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver
  - - org.opensaml.security.MetadataCredentialResolver
    - - org.springframework.security.saml.trust.MetadataCredentialResolver

All Implemented Interfaces:

org.opensaml.xml.security.credential.CredentialResolver, org.opensaml.xml.security.Resolver<org.opensaml.xml.security.credential.Credential,org.opensaml.xml.security.CriteriaSet>
```
public class MetadataCredentialResolver
extends org.opensaml.security.MetadataCredentialResolver
```
Class customizes resolving from metadata by first using values present in the ExtenedeMetadata of an entity.

Author:

Vladimir Schafer

Nested Class Summary
- Nested classes/interfaces inherited from class org.opensaml.security.MetadataCredentialResolver
  org.opensaml.security.MetadataCredentialResolver.MetadataCacheKey, org.opensaml.security.MetadataCredentialResolver.MetadataProviderObserver

Field Summary

Fields
Modifier and Type Field and Description

protected KeyManager keyManager
Key manager.

protected MetadataManager manager
Metadata manager.

Fields
Modifier and Type	Field and Description
`protected KeyManager`	`keyManager` Key manager.
`protected MetadataManager`	`manager` Metadata manager.

Constructor Summary

Constructors
Constructor and Description

MetadataCredentialResolver(MetadataManager metadataProvider, KeyManager keyManager)
Creates new resolver.

Constructors
Constructor and Description
`MetadataCredentialResolver(MetadataManager metadataProvider, KeyManager keyManager)` Creates new resolver.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected Collection<org.opensaml.xml.security.credential.Credential>`	`retrieveFromMetadata(String entityID, QName role, String protocol, org.opensaml.xml.security.credential.UsageType usage)` Method tries to resolve all credentials for the given entityID.
`void`	`setUseExtendedMetadata(boolean useExtendedMetadata)` Flag indicating that certificates should be populated from fields signingKey, encryptionKey and tlsKey in the ExtendedMetadata for the entity.
`void`	`setUseXmlMetadata(boolean useXmlMetadata)` Flag indicating that certificates should be populated from the XML metadata.

Methods inherited from class org.opensaml.security.MetadataCredentialResolver
cacheCredentials, checkCriteriaRequirements, getKeyInfoCredentialResolver, getMetadataProvider, getReadWriteLock, getRoleDescriptors, matchUsage, resolveFromSource, retrieveFromCache, setKeyInfoCredentialResolver

Methods inherited from class org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver
isMeetAllCriteria, isUnevaluableSatisfies, resolve, setMeetAllCriteria, setUnevaluableSatisfies

Methods inherited from class org.opensaml.xml.security.credential.AbstractCredentialResolver
resolveSingle

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - manager
```
protected MetadataManager manager
```
    Metadata manager.
  - keyManager
```
protected KeyManager keyManager
```
    Key manager.
- Constructor Detail
  - MetadataCredentialResolver
```
public MetadataCredentialResolver(MetadataManager metadataProvider,
                                  KeyManager keyManager)
```
    Creates new resolver.
    
    Parameters:
    
    metadataProvider - metadata resolver
    
    keyManager - key manger
- Method Detail
  - retrieveFromMetadata
```
protected Collection<org.opensaml.xml.security.credential.Credential> retrieveFromMetadata(String entityID,
                                                                                           QName role,
                                                                                           String protocol,
                                                                                           org.opensaml.xml.security.credential.UsageType usage)
                                                                                    throws org.opensaml.xml.security.SecurityException
```
    Method tries to resolve all credentials for the given entityID. At first extendedMetadata for the entity is checked, in case any matching credentials are found there they are returned. Otherwise data stored in metadata is used.
    
    Overrides:
    
    retrieveFromMetadata in class org.opensaml.security.MetadataCredentialResolver
    
    Parameters:
    
    entityID - entity ID
    
    role - role
    
    protocol - protocol
    
    usage - usage
    
    Returns:
    
    credentials usable for trust verification or decryption
    
    Throws:
    
    org.opensaml.xml.security.SecurityException - error
  - setUseXmlMetadata
```
public void setUseXmlMetadata(boolean useXmlMetadata)
```
    Flag indicating that certificates should be populated from the XML metadata. Value is true by default.
    
    Parameters:
    
    useXmlMetadata - flag indicating we should use XML metadata
  - setUseExtendedMetadata
```
public void setUseExtendedMetadata(boolean useExtendedMetadata)
```
    Flag indicating that certificates should be populated from fields signingKey, encryptionKey and tlsKey in the ExtendedMetadata for the entity. Value is true by default.
    
    Parameters:
    
    useExtendedMetadata - flag indicating we should use extended metadata
    
    See Also:
    
    ExtendedMetadata

Class MetadataCredentialResolver

Nested Class Summary

Nested classes/interfaces inherited from class org.opensaml.security.MetadataCredentialResolver

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.security.MetadataCredentialResolver

Methods inherited from class org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver

Methods inherited from class org.opensaml.xml.security.credential.AbstractCredentialResolver

Methods inherited from class java.lang.Object

Field Detail

manager

keyManager

Constructor Detail

MetadataCredentialResolver

Method Detail

retrieveFromMetadata

setUseXmlMetadata

setUseExtendedMetadata