Package org.springframework.security.saml2.provider.service.authentication

Class Saml2Authentication

java.lang.Object

org.springframework.security.authentication.AbstractAuthenticationToken

org.springframework.security.saml2.provider.service.authentication.Saml2Authentication

All Implemented Interfaces:

Serializable, Principal, Authentication, CredentialsContainer

public class Saml2Authentication
extends AbstractAuthenticationToken

An implementation of an AbstractAuthenticationToken that represents an authenticated SAML 2.0 Authentication.

The Authentication associates valid SAML assertion data with a Spring Security authentication object The complete assertion is contained in the object in String format, getSaml2Response()

Since:

5.2

See Also:

• AbstractAuthenticationToken
• Serialized Form

Constructor Summary

Constructors

Constructor	Description
Saml2Authentication(AuthenticatedPrincipal principal, String saml2Response, Collection<? extends GrantedAuthority> authorities)	Construct a Saml2Authentication using the provided parameters

Method Summary

Modifier and Type	Method	Description
Object	getCredentials()	The credentials that prove the principal is correct.
Object	getPrincipal()	The identity of the principal being authenticated.
String	getSaml2Response()	Returns the SAML response object, as decoded XML.

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, isAuthenticated, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal

implies

Constructor Details

Saml2Authentication

public Saml2Authentication(AuthenticatedPrincipal principal,
 String saml2Response,
 Collection<? extends GrantedAuthority> authorities)

Construct a Saml2Authentication using the provided parameters

Parameters:

principal - the logged in user

saml2Response - the SAML 2.0 response used to authenticate the user

authorities - the authorities for the logged in user

Method Details

getPrincipal

public Object getPrincipal()

Description copied from interface: Authentication

The identity of the principal being authenticated. In the case of an authentication request with username and password, this would be the username. Callers are expected to populate the principal for an authentication request.

The AuthenticationManager implementation will often return an Authentication containing richer information as the principal for use by the application. Many of the authentication providers will create a UserDetails object as the principal.

Returns:

the Principal being authenticated or the authenticated principal after authentication.

getSaml2Response

public String getSaml2Response()

Returns the SAML response object, as decoded XML. May contain encrypted elements

Returns:

string representation of the SAML Response XML object

getCredentials

public Object getCredentials()

Description copied from interface: Authentication

The credentials that prove the principal is correct. This is usually a password, but could be anything relevant to the AuthenticationManager. Callers are expected to populate the credentials.

Returns:

the credentials that prove the identity of the Principal