Class Saml2AuthenticationToken
- java.lang.Object
-
- org.springframework.security.authentication.AbstractAuthenticationToken
-
- org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.Principal
,Authentication
,CredentialsContainer
public class Saml2AuthenticationToken extends AbstractAuthenticationToken
Represents an incoming SAML 2.0 response containing an assertion that has not been validated.isAuthenticated()
will always return false.- Since:
- 5.2
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description Saml2AuthenticationToken(java.lang.String saml2Response, java.lang.String recipientUri, java.lang.String idpEntityId, java.lang.String localSpEntityId, java.util.List<Saml2X509Credential> credentials)
Creates an authentication token from an incoming SAML 2 Response object
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Object
getCredentials()
Returns the decoded and inflated SAML 2.0 Response XML object as a stringjava.lang.String
getIdpEntityId()
Returns the configured IDP, asserting party, entity IDjava.lang.String
getLocalSpEntityId()
Returns the configured entity ID of the receiving relying party, SPjava.lang.Object
getPrincipal()
Always returns null.java.lang.String
getRecipientUri()
Returns the URI that the SAML 2 Response object came in onjava.lang.String
getSaml2Response()
Returns inflated and decoded XML representation of the SAML 2 Responsejava.util.List<Saml2X509Credential>
getX509Credentials()
Returns all the credentials associated with the relying party configuraitonboolean
isAuthenticated()
Used to indicate toAbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
.void
setAuthenticated(boolean authenticated)
The state of this object cannot be changed.-
Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken
equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, setDetails, toString
-
-
-
-
Constructor Detail
-
Saml2AuthenticationToken
public Saml2AuthenticationToken(java.lang.String saml2Response, java.lang.String recipientUri, java.lang.String idpEntityId, java.lang.String localSpEntityId, java.util.List<Saml2X509Credential> credentials)
Creates an authentication token from an incoming SAML 2 Response object- Parameters:
saml2Response
- inflated and decoded XML representation of the SAML 2 ResponserecipientUri
- the URL that the SAML 2 Response was received at. Used for validationidpEntityId
- the entity ID of the asserting entitylocalSpEntityId
- the configured local SP, the relying party, entity IDcredentials
- the credentials configured for signature verification and decryption
-
-
Method Detail
-
getCredentials
public java.lang.Object getCredentials()
Returns the decoded and inflated SAML 2.0 Response XML object as a string- Returns:
- decoded and inflated XML data as a
String
-
getPrincipal
public java.lang.Object getPrincipal()
Always returns null.- Returns:
- null
-
getSaml2Response
public java.lang.String getSaml2Response()
Returns inflated and decoded XML representation of the SAML 2 Response- Returns:
- inflated and decoded XML representation of the SAML 2 Response
-
getRecipientUri
public java.lang.String getRecipientUri()
Returns the URI that the SAML 2 Response object came in on- Returns:
- URI as a string
-
getLocalSpEntityId
public java.lang.String getLocalSpEntityId()
Returns the configured entity ID of the receiving relying party, SP- Returns:
- an entityID for the configured local relying party
-
getX509Credentials
public java.util.List<Saml2X509Credential> getX509Credentials()
Returns all the credentials associated with the relying party configuraiton- Returns:
-
isAuthenticated
public boolean isAuthenticated()
Description copied from interface:Authentication
Used to indicate toAbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
. Typically anAuthenticationManager
(or, more often, one of itsAuthenticationProvider
s) will return an immutable authentication token after successful authentication, in which case that token can safely returntrue
to this method. Returningtrue
will improve performance, as calling theAuthenticationManager
for every request will no longer be necessary.For security reasons, implementations of this interface should be very careful about returning
true
from this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.- Specified by:
isAuthenticated
in interfaceAuthentication
- Overrides:
isAuthenticated
in classAbstractAuthenticationToken
- Returns:
- false
-
setAuthenticated
public void setAuthenticated(boolean authenticated)
The state of this object cannot be changed. Will always throw an exception- Specified by:
setAuthenticated
in interfaceAuthentication
- Overrides:
setAuthenticated
in classAbstractAuthenticationToken
- Parameters:
authenticated
- ignored
-
getIdpEntityId
public java.lang.String getIdpEntityId()
Returns the configured IDP, asserting party, entity ID- Returns:
- a string representing the entity ID
-
-