ArtifactResolutionProfileImpl (Spring Security SAML 1.0.10.RELEASE API)

java.lang.Object
- org.springframework.security.saml.websso.AbstractProfileBase
- - org.springframework.security.saml.websso.ArtifactResolutionProfileBase
  - - org.springframework.security.saml.websso.ArtifactResolutionProfileImpl

All Implemented Interfaces:

org.springframework.beans.factory.InitializingBean, ArtifactResolutionProfile
```
public class ArtifactResolutionProfileImpl
extends ArtifactResolutionProfileBase
```
Implementation of the artifact resolution protocol which uses Apache HTTPClient for SOAP binding transport.

Field Summary
- Fields inherited from class org.springframework.security.saml.websso.AbstractProfileBase
  artifactMap, builderFactory, log, metadata, processor, uriComparator

Constructor Summary

Constructors
Constructor and Description

ArtifactResolutionProfileImpl(org.apache.commons.httpclient.HttpClient httpClient)

Constructors
Constructor and Description
`ArtifactResolutionProfileImpl(org.apache.commons.httpclient.HttpClient httpClient)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`getArtifactResponse(String endpointURI, SAMLMessageContext context)` Uses HTTPClient to send and retrieve ArtifactMessages.
`protected org.apache.commons.httpclient.HostConfiguration`	`getHostConfiguration(org.apache.commons.httpclient.URI uri, SAMLMessageContext context)` Method is expected to determine hostConfiguration used to send request to the server by back-channel.
`protected org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory`	`getSSLSocketFactory(SAMLMessageContext context, X509KeyManager manager, X509TrustManager trustManager, HostnameVerifier hostnameVerifier)` Method returns SecureProtocolSocketFactory used to connect to create SSL connections for artifact resolution.
`protected boolean`	`isHostnameVerificationSupported()` Check for the latest OpenSAML library.

Methods inherited from class org.springframework.security.saml.websso.ArtifactResolutionProfileBase
createArtifactResolve, getProfileIdentifier, resolveArtifact

Methods inherited from class org.springframework.security.saml.websso.AbstractProfileBase
afterPropertiesSet, buildCommonAttributes, generateID, getEndpointBinding, getIssuer, getMaxAssertionTime, getResponseSkew, getStatus, isEndpointMatching, sendMessage, sendMessage, setArtifactMap, setMaxAssertionTime, setMetadata, setProcessor, setResponseSkew, verifyEndpoint, verifyIssuer, verifySignature

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ArtifactResolutionProfileImpl
```
public ArtifactResolutionProfileImpl(org.apache.commons.httpclient.HttpClient httpClient)
```
    Parameters:
    
    httpClient - client used to send SOAP messages
- Method Detail
  - getArtifactResponse
```
protected void getArtifactResponse(String endpointURI,
                                   SAMLMessageContext context)
                            throws org.opensaml.common.SAMLException,
                                   org.opensaml.ws.message.encoder.MessageEncodingException,
                                   org.opensaml.ws.message.decoder.MessageDecodingException,
                                   org.opensaml.saml2.metadata.provider.MetadataProviderException,
                                   org.opensaml.xml.security.SecurityException
```
    Uses HTTPClient to send and retrieve ArtifactMessages.
    
    Specified by:
    
    getArtifactResponse in class ArtifactResolutionProfileBase
    
    Parameters:
    
    endpointURI - URI incoming artifactMessage is addressed to
    
    context - context with filled communicationProfileId, outboundMessage, outboundSAMLMessage, peerEntityEndpoint, peerEntityId, peerEntityMetadata, peerEntityRole, peerEntityRoleMetadata
    
    Throws:
    
    org.opensaml.common.SAMLException - error processing artifact messages
    
    org.opensaml.ws.message.encoder.MessageEncodingException - error sending artifactRequest
    
    org.opensaml.ws.message.decoder.MessageDecodingException - error retrieving artifactResponse
    
    org.opensaml.saml2.metadata.provider.MetadataProviderException - error resolving metadata
    
    org.opensaml.xml.security.SecurityException - invalid message signature
  - getHostConfiguration
```
protected org.apache.commons.httpclient.HostConfiguration getHostConfiguration(org.apache.commons.httpclient.URI uri,
                                                                               SAMLMessageContext context)
                                                                        throws org.opensaml.ws.message.encoder.MessageEncodingException
```
    Method is expected to determine hostConfiguration used to send request to the server by back-channel. Configuration should contain URI of the host and used protocol including all security settings.
    Default implementation uses either default http protocol for non-SSL requests or constructs a separate TrustManager using trust engine specified in the SAMLMessageContext - based either on MetaIOP (certificates obtained from Metadata and ExtendedMetadata are trusted) or PKIX (certificates from metadata and ExtendedMetadata including specified trust anchors are trusted and verified using PKIX).
    Used trust engine can be customized as part of the SAMLContextProvider used to process this request.
    Default values for the HostConfiguration are cloned from the HTTPClient set in this instance, when there are no defaults available a new object is created.
    
    Parameters:
    
    uri - uri the request should be sent to
    
    context - context including the peer address
    
    Returns:
    
    host configuration
    
    Throws:
    
    org.opensaml.ws.message.encoder.MessageEncodingException - in case peer URI can't be parsed
  - getSSLSocketFactory
```
protected org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory getSSLSocketFactory(SAMLMessageContext context,
                                                                                                 X509KeyManager manager,
                                                                                                 X509TrustManager trustManager,
                                                                                                 HostnameVerifier hostnameVerifier)
```
    Method returns SecureProtocolSocketFactory used to connect to create SSL connections for artifact resolution. By default we create instance of org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.
    
    Parameters:
    
    context - current SAML context
    
    manager - keys used for client authentication
    
    trustManager - trust manager for server verification
    
    hostnameVerifier - verifier for server hostname, or null
    
    Returns:
    
    socket factory
  - isHostnameVerificationSupported
```
protected boolean isHostnameVerificationSupported()
```
    Check for the latest OpenSAML library. Support for HostnameVerification was added in openws-1.5.1 and customers might use previous versions of OpenSAML.
    
    Returns:
    
    true when OpenSAML library support hostname verification

Class ArtifactResolutionProfileImpl

Field Summary

Fields inherited from class org.springframework.security.saml.websso.AbstractProfileBase

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.saml.websso.ArtifactResolutionProfileBase

Methods inherited from class org.springframework.security.saml.websso.AbstractProfileBase

Methods inherited from class java.lang.Object

Constructor Detail

ArtifactResolutionProfileImpl

Method Detail

getArtifactResponse

getHostConfiguration

getSSLSocketFactory

isHostnameVerificationSupported