Interface Saml2AuthenticationRequestFactory
-
public interface Saml2AuthenticationRequestFactory
Component that generates AuthenticationRequest,samlp:AuthnRequestType
XML, and accompanying signature data. as defined by https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf Page 50, Line 2147- Since:
- 5.2
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Deprecated Methods Modifier and Type Method Description java.lang.String
createAuthenticationRequest(Saml2AuthenticationRequest request)
Deprecated.please usecreateRedirectAuthenticationRequest(Saml2AuthenticationRequestContext)
orcreatePostAuthenticationRequest(Saml2AuthenticationRequestContext)
This method will be removed in future versions of Spring Securitydefault Saml2PostAuthenticationRequest
createPostAuthenticationRequest(Saml2AuthenticationRequestContext context)
Creates all the necessary AuthNRequest parameters for a POST binding.default Saml2RedirectAuthenticationRequest
createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext context)
Creates all the necessary AuthNRequest parameters for a REDIRECT binding.
-
-
-
Method Detail
-
createAuthenticationRequest
@Deprecated java.lang.String createAuthenticationRequest(Saml2AuthenticationRequest request)
Deprecated.please usecreateRedirectAuthenticationRequest(Saml2AuthenticationRequestContext)
orcreatePostAuthenticationRequest(Saml2AuthenticationRequestContext)
This method will be removed in future versions of Spring SecurityCreates an authentication request from the Service Provider, sp, to the Identity Provider, idp. The authentication result is an XML string that may be signed, encrypted, both or neither. This method only returns theSAMLRequest
string for the request, and for a complete set of data parameters please usecreateRedirectAuthenticationRequest(Saml2AuthenticationRequestContext)
orcreatePostAuthenticationRequest(Saml2AuthenticationRequestContext)
- Parameters:
request
- information about the identity provider, the recipient of this authentication request and accompanying data- Returns:
- XML data in the format of a String. This data may be signed, encrypted, both signed and encrypted with the signature embedded in the XML or neither signed and encrypted
- Throws:
Saml2Exception
- when a SAML library exception occurs- Since:
- 5.2
-
createRedirectAuthenticationRequest
default Saml2RedirectAuthenticationRequest createRedirectAuthenticationRequest(Saml2AuthenticationRequestContext context)
Creates all the necessary AuthNRequest parameters for a REDIRECT binding. If theSaml2AuthenticationRequestContext
doesn't contain anySaml2X509Credential.Saml2X509CredentialType.SIGNING
credentials the result will not contain any signatures. The data set will be signed and encoded for REDIRECT binding including the DEFLATE encoding. It will contain the following parameters to be sent as part of the query string:SAMLRequest, RelayState, SigAlg, Signature
. The default implementation, for sake of backwards compatibility, of this method returns the SAMLRequest message with an XML signature embedded, that should only be used for theSaml2MessageBinding.POST
binding, but works overSaml2MessageBinding.POST
with most providers.- Parameters:
context
- - information about the identity provider, the recipient of this authentication request and accompanying data- Returns:
- a
Saml2RedirectAuthenticationRequest
object with applicable http parameters necessary to make the AuthNRequest over a POST or REDIRECT binding. All parameters will be SAML encoded/deflated, but escaped, ie URI encoded or encoded for Form Data. - Throws:
Saml2Exception
- when a SAML library exception occurs- Since:
- 5.3
-
createPostAuthenticationRequest
default Saml2PostAuthenticationRequest createPostAuthenticationRequest(Saml2AuthenticationRequestContext context)
Creates all the necessary AuthNRequest parameters for a POST binding. If theSaml2AuthenticationRequestContext
doesn't contain anySaml2X509Credential.Saml2X509CredentialType.SIGNING
credentials the result will not contain any signatures. The data set will be signed and encoded for POST binding and if applicable signed with XML signatures. will contain the following parameters to be sent as part of the form data:SAMLRequest, RelayState
. The default implementation of this method returns the SAMLRequest message with an XML signature embedded, that should only be used for theSaml2MessageBinding.POST
binding.- Parameters:
context
- - information about the identity provider, the recipient of this authentication request and accompanying data- Returns:
- a
Saml2PostAuthenticationRequest
object with applicable http parameters necessary to make the AuthNRequest over a POST binding. All parameters will be SAML encoded but not escaped for Form Data. - Throws:
Saml2Exception
- when a SAML library exception occurs- Since:
- 5.3
-
-