ExtendedMetadataDelegate (Spring Security SAML 1.0.10.RELEASE API)

java.lang.Object
- org.springframework.security.saml.metadata.AbstractMetadataDelegate
- - org.springframework.security.saml.metadata.ExtendedMetadataDelegate

All Implemented Interfaces:

org.opensaml.saml2.metadata.provider.MetadataProvider, org.opensaml.saml2.metadata.provider.ObservableMetadataProvider, ExtendedMetadataProvider
```
public class ExtendedMetadataDelegate
extends AbstractMetadataDelegate
implements ExtendedMetadataProvider
```
Class enables delegation of normal entity metadata loading to the selected provider while enhancing data with extended metadata.

Nested Class Summary
- Nested classes/interfaces inherited from interface org.opensaml.saml2.metadata.provider.ObservableMetadataProvider
  org.opensaml.saml2.metadata.provider.ObservableMetadataProvider.Observer

Field Summary

Fields
Modifier and Type Field and Description

protected org.slf4j.Logger log

Fields
Modifier and Type	Field and Description
`protected org.slf4j.Logger`	`log`

Constructor Summary

Constructors
Constructor and Description
`ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate)` Uses provider for normal entity data, for each entity available in the delegate returns given defaults.
`ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate, ExtendedMetadata defaultMetadata)` Uses provider for normal entity data, for each entity available in the delegate returns given defaults.
`ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate, ExtendedMetadata defaultMetadata, Map<String,ExtendedMetadata> extendedMetadataMap)` Uses provider for normal entity data, tries to locate extended metadata by search in the map, in case it's not found uses the default.
`ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate, Map<String,ExtendedMetadata> extendedMetadataMap)` Uses provider for normal entity data, tries to locate extended metadata by search in the map.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`destroy()` Method destroys the metadata delegate.
`ExtendedMetadata`	`getExtendedMetadata(String entityID)` Tries to load extended metadata for the given entity.
`Set<String>`	`getMetadataTrustedKeys()` If set returns set of keys which can be used to verify whether signature of the metadata is trusted.
`void`	`initialize()` Method performs initialization of the provider it delegates to.
`boolean`	`isForceMetadataRevocationCheck()`
`boolean`	`isMetadataRequireSignature()` Flag indicating whether metadata must be signed.
`boolean`	`isMetadataTrustCheck()`
`protected boolean`	`isTrustFiltersInitialized()`
`void`	`setForceMetadataRevocationCheck(boolean forceMetadataRevocationCheck)` Determines whether check for certificate revocation should always be done as part of the PKIX validation.
`void`	`setMetadataRequireSignature(boolean metadataRequireSignature)` When set to true metadata from this provider should only be accepted when correctly signed and verified.
`void`	`setMetadataTrustCheck(boolean metadataTrustCheck)`
`void`	`setMetadataTrustedKeys(Set<String> metadataTrustedKeys)` Set of aliases of keys present in the KeyManager which can be used to verify whether signature on metadata entity is trusted.
`protected void`	`setTrustFiltersInitialized(boolean trustFiltersInitialized)`
`String`	`toString()`

Methods inherited from class org.springframework.security.saml.metadata.AbstractMetadataDelegate
equals, getDelegate, getEntitiesDescriptor, getEntityDescriptor, getMetadata, getMetadataFilter, getObservers, getRole, getRole, hashCode, requireValidMetadata, setMetadataFilter, setRequireValidMetadata

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Field Detail
  - log
```
protected final org.slf4j.Logger log
```
- Constructor Detail
  - ExtendedMetadataDelegate
```
public ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate)
```
    Uses provider for normal entity data, for each entity available in the delegate returns given defaults.
    
    Parameters:
    
    delegate - delegate with available entities
  - ExtendedMetadataDelegate
```
public ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate,
                                ExtendedMetadata defaultMetadata)
```
    Uses provider for normal entity data, for each entity available in the delegate returns given defaults.
    
    Parameters:
    
    delegate - delegate with available entities
    
    defaultMetadata - default extended metadata, can be null
  - ExtendedMetadataDelegate
```
public ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate,
                                Map<String,ExtendedMetadata> extendedMetadataMap)
```
    Uses provider for normal entity data, tries to locate extended metadata by search in the map.
    
    Parameters:
    
    delegate - delegate with available entities
    
    extendedMetadataMap - map, can be null
  - ExtendedMetadataDelegate
```
public ExtendedMetadataDelegate(org.opensaml.saml2.metadata.provider.MetadataProvider delegate,
                                ExtendedMetadata defaultMetadata,
                                Map<String,ExtendedMetadata> extendedMetadataMap)
```
    Uses provider for normal entity data, tries to locate extended metadata by search in the map, in case it's not found uses the default.
    
    Parameters:
    
    delegate - delegate with available entities
    
    defaultMetadata - default extended metadata, can be null
    
    extendedMetadataMap - map, can be null
- Method Detail
  - getExtendedMetadata
```
public ExtendedMetadata getExtendedMetadata(String entityID)
                                     throws org.opensaml.saml2.metadata.provider.MetadataProviderException
```
    Tries to load extended metadata for the given entity. The following algorithm is used:
    1. Verifies that entityId can be located using the delegate (in other words makes sure we don't return extended metdata for entities we don't have the basic ones for
    2. In case extended metadata is available and contains value for the entityId it is returned
    3. Returns default metadata otherwise
    Specified by:
    
    getExtendedMetadata in interface ExtendedMetadataProvider
    
    Parameters:
    
    entityID - entity to load metadata for
    
    Returns:
    
    extended metadata or null in case no default is given and entity can be located or is not present in the delegate
    
    Throws:
    
    org.opensaml.saml2.metadata.provider.MetadataProviderException - error
  - initialize
```
public void initialize()
                throws org.opensaml.saml2.metadata.provider.MetadataProviderException
```
    Method performs initialization of the provider it delegates to.
    
    Throws:
    
    org.opensaml.saml2.metadata.provider.MetadataProviderException - in case initialization fails
  - destroy
```
public void destroy()
```
    Method destroys the metadata delegate.
  - getMetadataTrustedKeys
```
public Set<String> getMetadataTrustedKeys()
```
    If set returns set of keys which can be used to verify whether signature of the metadata is trusted. When not set any of the keys in the configured KeyManager can be used to verify trust.
    By default the value is null.
    
    Returns:
    
    trusted keys or null
  - setMetadataTrustedKeys
```
public void setMetadataTrustedKeys(Set<String> metadataTrustedKeys)
```
    Set of aliases of keys present in the KeyManager which can be used to verify whether signature on metadata entity is trusted. When set to null any key of KeyManager can be used to verify trust.
    
    Parameters:
    
    metadataTrustedKeys - keys or null
  - isMetadataRequireSignature
```
public boolean isMetadataRequireSignature()
```
    Flag indicating whether metadata must be signed.
    By default signature is not required.
    
    Returns:
    
    signature flag
  - setMetadataRequireSignature
```
public void setMetadataRequireSignature(boolean metadataRequireSignature)
```
    When set to true metadata from this provider should only be accepted when correctly signed and verified. Metadata with an invalid signature or signed by a not-trusted credential will be ignored.
    
    Parameters:
    
    metadataRequireSignature - flag to set
  - isMetadataTrustCheck
```
public boolean isMetadataTrustCheck()
```
  - setMetadataTrustCheck
```
public void setMetadataTrustCheck(boolean metadataTrustCheck)
```
  - isForceMetadataRevocationCheck
```
public boolean isForceMetadataRevocationCheck()
```
  - setForceMetadataRevocationCheck
```
public void setForceMetadataRevocationCheck(boolean forceMetadataRevocationCheck)
```
    Determines whether check for certificate revocation should always be done as part of the PKIX validation. Revocation is evaluated by the underlaying JCE implementation and depending on configuration may include CRL and OCSP verification of the certificate in question.
    When set to false revocation is only performed when MetadataManager includes CRLs
    
    Parameters:
    
    forceMetadataRevocationCheck - revocation flag
  - isTrustFiltersInitialized
```
protected boolean isTrustFiltersInitialized()
```
  - setTrustFiltersInitialized
```
protected void setTrustFiltersInitialized(boolean trustFiltersInitialized)
```
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class Object

Class ExtendedMetadataDelegate

Nested Class Summary

Nested classes/interfaces inherited from interface org.opensaml.saml2.metadata.provider.ObservableMetadataProvider

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.saml.metadata.AbstractMetadataDelegate

Methods inherited from class java.lang.Object

Field Detail

log

Constructor Detail

ExtendedMetadataDelegate

ExtendedMetadataDelegate

ExtendedMetadataDelegate

ExtendedMetadataDelegate

Method Detail

getExtendedMetadata

initialize

destroy

getMetadataTrustedKeys

setMetadataTrustedKeys

isMetadataRequireSignature

setMetadataRequireSignature

isMetadataTrustCheck

setMetadataTrustCheck

isForceMetadataRevocationCheck

setForceMetadataRevocationCheck

isTrustFiltersInitialized

setTrustFiltersInitialized

toString