Package org.springframework.security.saml2.provider.service.registration

Class RelyingPartyRegistrations

java.lang.Object

org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrations

public final class RelyingPartyRegistrations
extends Object

A utility class for constructing instances of RelyingPartyRegistration

Since:

5.4

Method Summary

Modifier and Type	Method	Description
static RelyingPartyRegistration.Builder	fromMetadata(InputStream source)	Return a RelyingPartyRegistration.Builder based off of the given SAML 2.0 Asserting Party (IDP) metadata.
static RelyingPartyRegistration.Builder	fromMetadataLocation(String metadataLocation)	Return a RelyingPartyRegistration.Builder based off of the given SAML 2.0 Asserting Party (IDP) metadata location.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

fromMetadataLocation

public static RelyingPartyRegistration.Builder fromMetadataLocation(String metadataLocation)

Return a RelyingPartyRegistration.Builder based off of the given SAML 2.0 Asserting Party (IDP) metadata location. Valid locations can be classpath- or file-based or they can be HTTP endpoints. Some valid endpoints might include:

   metadataLocation = "classpath:asserting-party-metadata.xml";
   metadataLocation = "file:asserting-party-metadata.xml";
   metadataLocation = "https://ap.example.org/metadata";
 

Note that by default the registrationId is set to be the given metadata location, but this will most often not be sufficient. To complete the configuration, most applications will also need to provide a registrationId, like so:

        RelyingPartyRegistration registration = RelyingPartyRegistrations
                .fromMetadataLocation(metadataLocation)
                .registrationId("registration-id")
                .build();
 

Also note that an IDPSSODescriptor typically only contains information about the asserting party. Thus, you will need to remember to still populate anything about the relying party, like any private keys the relying party will use for signing AuthnRequests.

Parameters:

metadataLocation - The classpath- or file-based locations or HTTP endpoints of the asserting party metadata file

Returns:

the RelyingPartyRegistration.Builder for further configuration

fromMetadata

public static RelyingPartyRegistration.Builder fromMetadata(InputStream source)

Return a RelyingPartyRegistration.Builder based off of the given SAML 2.0 Asserting Party (IDP) metadata.

This method is intended for scenarios when the metadata is looked up by a separate mechanism. One such example is when the metadata is stored in a database.

The callers of this method are accountable for closing the InputStream source.

Note that by default the registrationId is set to be the given metadata location, but this will most often not be sufficient. To complete the configuration, most applications will also need to provide a registrationId, like so:

        String xml = fromDatabase();
        try (InputStream source = new ByteArrayInputStream(xml.getBytes())) {
                RelyingPartyRegistration registration = RelyingPartyRegistrations
                        .fromMetadata(source)
                        .registrationId("registration-id")
                        .build();
        }
 

Also note that an IDPSSODescriptor typically only contains information about the asserting party. Thus, you will need to remember to still populate anything about the relying party, like any private keys the relying party will use for signing AuthnRequests.

Parameters:

source - the InputStream source containing the asserting party metadata

Returns:

the RelyingPartyRegistration.Builder for further configuration

Since:

5.6