Class Saml2AuthenticationToken

    • Constructor Detail

      • Saml2AuthenticationToken

        @Deprecated
        public Saml2AuthenticationToken​(java.lang.String saml2Response,
                                        java.lang.String recipientUri,
                                        java.lang.String idpEntityId,
                                        java.lang.String localSpEntityId,
                                        java.util.List<Saml2X509Credential> credentials)
        Creates an authentication token from an incoming SAML 2 Response object
        Parameters:
        saml2Response - inflated and decoded XML representation of the SAML 2 Response
        recipientUri - the URL that the SAML 2 Response was received at. Used for validation
        idpEntityId - the entity ID of the asserting entity
        localSpEntityId - the configured local SP, the relying party, entity ID
        credentials - the credentials configured for signature verification and decryption
    • Method Detail

      • getCredentials

        public java.lang.Object getCredentials()
        Returns the decoded and inflated SAML 2.0 Response XML object as a string
        Returns:
        decoded and inflated XML data as a String
      • getPrincipal

        public java.lang.Object getPrincipal()
        Always returns null.
        Returns:
        null
      • getSaml2Response

        public java.lang.String getSaml2Response()
        Returns inflated and decoded XML representation of the SAML 2 Response
        Returns:
        inflated and decoded XML representation of the SAML 2 Response
      • getRecipientUri

        @Deprecated
        public java.lang.String getRecipientUri()
        Deprecated.
        Use getRelyingPartyRegistration().getAssertionConsumerServiceLocation() instead
        Returns the URI that the SAML 2 Response object came in on
        Returns:
        URI as a string
      • getLocalSpEntityId

        @Deprecated
        public java.lang.String getLocalSpEntityId()
        Deprecated.
        Use getRelyingPartyRegistration().getEntityId() instead
        Returns the configured entity ID of the receiving relying party, SP
        Returns:
        an entityID for the configured local relying party
      • getX509Credentials

        @Deprecated
        public java.util.List<Saml2X509Credential> getX509Credentials()
        Deprecated.
        Get the credentials through getRelyingPartyRegistration() instead
        Returns all the credentials associated with the relying party configuraiton
        Returns:
        all associated credentials
      • isAuthenticated

        public boolean isAuthenticated()
        Description copied from interface: Authentication
        Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager. Typically an AuthenticationManager (or, more often, one of its AuthenticationProviders) will return an immutable authentication token after successful authentication, in which case that token can safely return true to this method. Returning true will improve performance, as calling the AuthenticationManager for every request will no longer be necessary.

        For security reasons, implementations of this interface should be very careful about returning true from this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.

        Specified by:
        isAuthenticated in interface Authentication
        Overrides:
        isAuthenticated in class AbstractAuthenticationToken
        Returns:
        false
      • getIdpEntityId

        @Deprecated
        public java.lang.String getIdpEntityId()
        Deprecated.
        Use getRelyingPartyRegistration().getAssertingPartyDetails().getEntityId() instead
        Returns the configured IDP, asserting party, entity ID
        Returns:
        a string representing the entity ID
      • getAuthenticationRequest

        public AbstractSaml2AuthenticationRequest getAuthenticationRequest()
        Returns the authentication request sent to the assertion party or null if no authentication request is present
        Returns:
        the authentication request sent to the assertion party
        Since:
        5.6