Class Saml2AuthenticationToken

    • Constructor Detail

      • Saml2AuthenticationToken

        public Saml2AuthenticationToken​(java.lang.String saml2Response,
                                        java.lang.String recipientUri,
                                        java.lang.String idpEntityId,
                                        java.lang.String localSpEntityId,
                                        java.util.List<Saml2X509Credential> credentials)
        Creates an authentication token from an incoming SAML 2 Response object
        saml2Response - inflated and decoded XML representation of the SAML 2 Response
        recipientUri - the URL that the SAML 2 Response was received at. Used for validation
        idpEntityId - the entity ID of the asserting entity
        localSpEntityId - the configured local SP, the relying party, entity ID
        credentials - the credentials configured for signature verification and decryption
    • Method Detail

      • getCredentials

        public java.lang.Object getCredentials()
        Returns the decoded and inflated SAML 2.0 Response XML object as a string
        decoded and inflated XML data as a String
      • getPrincipal

        public java.lang.Object getPrincipal()
        Always returns null.
      • getSaml2Response

        public java.lang.String getSaml2Response()
        Returns inflated and decoded XML representation of the SAML 2 Response
        inflated and decoded XML representation of the SAML 2 Response
      • getRecipientUri

        public java.lang.String getRecipientUri()
        Use getRelyingPartyRegistration().getAssertionConsumerServiceLocation() instead
        Returns the URI that the SAML 2 Response object came in on
        URI as a string
      • getLocalSpEntityId

        public java.lang.String getLocalSpEntityId()
        Use getRelyingPartyRegistration().getEntityId() instead
        Returns the configured entity ID of the receiving relying party, SP
        an entityID for the configured local relying party
      • getX509Credentials

        public java.util.List<Saml2X509Credential> getX509Credentials()
        Get the credentials through getRelyingPartyRegistration() instead
        Returns all the credentials associated with the relying party configuraiton
        all associated credentials
      • isAuthenticated

        public boolean isAuthenticated()
        Description copied from interface: Authentication
        Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager. Typically an AuthenticationManager (or, more often, one of its AuthenticationProviders) will return an immutable authentication token after successful authentication, in which case that token can safely return true to this method. Returning true will improve performance, as calling the AuthenticationManager for every request will no longer be necessary.

        For security reasons, implementations of this interface should be very careful about returning true from this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.

        Specified by:
        isAuthenticated in interface Authentication
        isAuthenticated in class AbstractAuthenticationToken
      • getIdpEntityId

        public java.lang.String getIdpEntityId()
        Use getRelyingPartyRegistration().getAssertingPartyDetails().getEntityId() instead
        Returns the configured IDP, asserting party, entity ID
        a string representing the entity ID