Class Saml2X509Credential
- java.lang.Object
-
- org.springframework.security.saml2.credentials.Saml2X509Credential
-
public class Saml2X509Credential extends java.lang.Object
Saml2X509Credential is meant to hold an X509 certificate, or an X509 certificate and a private key. Per: https://www.oasis-open.org/committees/download.php/8958/sstc-saml-implementation-guidelines-draft-01.pdf Line: 584, Section 4.3 Credentials Used for both signing, signature verification and encryption/decryption- Since:
- 5.2
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
Saml2X509Credential.Saml2X509CredentialType
-
Constructor Summary
Constructors Constructor Description Saml2X509Credential(java.security.cert.X509Certificate certificate, Saml2X509Credential.Saml2X509CredentialType... types)
Creates a Saml2X509Credentials representing Identity Provider credentials for verification, encryption or both.Saml2X509Credential(java.security.PrivateKey privateKey, java.security.cert.X509Certificate certificate, Saml2X509Credential.Saml2X509CredentialType... types)
Creates a Saml2X509Credentials representing Service Provider credentials for signing, decryption or both.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.security.cert.X509Certificate
getCertificate()
Returns the X509 certificate for ths credential.protected java.util.Set<Saml2X509Credential.Saml2X509CredentialType>
getCredentialTypes()
Returns the credential types for this credential.java.security.PrivateKey
getPrivateKey()
Returns the private key, or null if this credential type doesn't require one.boolean
isDecryptionCredential()
Returns true if the credential has a private key and can be used for decryption, the types will containSaml2X509Credential.Saml2X509CredentialType.DECRYPTION
.boolean
isEncryptionCredential()
Returns true if the credential has a certificate and can be used for signature verification, the types will containSaml2X509Credential.Saml2X509CredentialType.VERIFICATION
.boolean
isSignatureVerficationCredential()
Returns true if the credential has a certificate and can be used for signature verification, the types will containSaml2X509Credential.Saml2X509CredentialType.VERIFICATION
.boolean
isSigningCredential()
Returns true if the credential has a private key and can be used for signing, the types will containSaml2X509Credential.Saml2X509CredentialType.SIGNING
.
-
-
-
Constructor Detail
-
Saml2X509Credential
public Saml2X509Credential(java.security.cert.X509Certificate certificate, Saml2X509Credential.Saml2X509CredentialType... types)
Creates a Saml2X509Credentials representing Identity Provider credentials for verification, encryption or both.- Parameters:
certificate
- an IDP X509Certificate, cannot be nulltypes
- credential types, must be one ofSaml2X509Credential.Saml2X509CredentialType.VERIFICATION
orSaml2X509Credential.Saml2X509CredentialType.ENCRYPTION
or both.
-
Saml2X509Credential
public Saml2X509Credential(java.security.PrivateKey privateKey, java.security.cert.X509Certificate certificate, Saml2X509Credential.Saml2X509CredentialType... types)
Creates a Saml2X509Credentials representing Service Provider credentials for signing, decryption or both.- Parameters:
privateKey
- a private key used for signing or decryption, cannot be nullcertificate
- an SP X509Certificate shared with identity providers, cannot be nulltypes
- credential types, must be one ofSaml2X509Credential.Saml2X509CredentialType.SIGNING
orSaml2X509Credential.Saml2X509CredentialType.DECRYPTION
or both.
-
-
Method Detail
-
isSigningCredential
public boolean isSigningCredential()
Returns true if the credential has a private key and can be used for signing, the types will containSaml2X509Credential.Saml2X509CredentialType.SIGNING
.- Returns:
- true if the credential is a
Saml2X509Credential.Saml2X509CredentialType.SIGNING
type
-
isDecryptionCredential
public boolean isDecryptionCredential()
Returns true if the credential has a private key and can be used for decryption, the types will containSaml2X509Credential.Saml2X509CredentialType.DECRYPTION
.- Returns:
- true if the credential is a
Saml2X509Credential.Saml2X509CredentialType.DECRYPTION
type
-
isSignatureVerficationCredential
public boolean isSignatureVerficationCredential()
Returns true if the credential has a certificate and can be used for signature verification, the types will containSaml2X509Credential.Saml2X509CredentialType.VERIFICATION
.- Returns:
- true if the credential is a
Saml2X509Credential.Saml2X509CredentialType.VERIFICATION
type
-
isEncryptionCredential
public boolean isEncryptionCredential()
Returns true if the credential has a certificate and can be used for signature verification, the types will containSaml2X509Credential.Saml2X509CredentialType.VERIFICATION
.- Returns:
- true if the credential is a
Saml2X509Credential.Saml2X509CredentialType.VERIFICATION
type
-
getCredentialTypes
protected java.util.Set<Saml2X509Credential.Saml2X509CredentialType> getCredentialTypes()
Returns the credential types for this credential.- Returns:
- a set of credential types/usages that this credential can be used for
-
getPrivateKey
public java.security.PrivateKey getPrivateKey()
Returns the private key, or null if this credential type doesn't require one.- Returns:
- the private key, or null
-
getCertificate
public java.security.cert.X509Certificate getCertificate()
Returns the X509 certificate for ths credential. Cannot be null- Returns:
- the X509 certificate
-
-