org.apereo.cas.support.saml.web.idp.profile.builders.enc

Class SamlObjectSignatureValidator

java.lang.Object

org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlObjectSignatureValidator

Direct Known Subclasses:

SamlIdPObjectSignatureValidator

public class SamlObjectSignatureValidator
extends java.lang.Object

This is SamlObjectSignatureValidator.

Since:

5.1.0

Field Summary

Fields

Modifier and Type	Field and Description
protected org.apereo.cas.configuration.CasConfigurationProperties	casProperties Cas settings.
protected java.util.List	overrideBlackListedSignatureAlgorithms The Override black listed signature algorithms.
protected java.util.List	overrideSignatureAlgorithms The Override signature algorithms.
protected java.util.List	overrideSignatureReferenceDigestMethods The Override signature reference digest methods.
protected java.util.List	overrideWhiteListedAlgorithms The Override white listed signature signing algorithms.

Constructor Summary

Constructors

Constructor and Description
SamlObjectSignatureValidator()

Method Summary

Modifier and Type	Method and Description
protected void	buildEntityCriteriaForSigningCredential(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet) Build entity criteria for signing credential.
protected org.opensaml.saml.metadata.resolver.RoleDescriptorResolver	getRoleDescriptorResolver(org.opensaml.saml.metadata.resolver.MetadataResolver resolver, org.opensaml.messaging.context.MessageContext context, org.opensaml.saml.saml2.core.RequestAbstractType profileRequest) Gets role descriptor resolver.
protected org.opensaml.xmlsec.SignatureValidationConfiguration	getSignatureValidationConfiguration() Gets signature validation configuration.
void	verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.opensaml.saml.metadata.resolver.MetadataResolver resolver, javax.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context) Verify saml profile request if needed.
void	verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, javax.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context) Validate authn request signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

overrideSignatureReferenceDigestMethods

protected final java.util.List overrideSignatureReferenceDigestMethods

The Override signature reference digest methods.

overrideSignatureAlgorithms

protected final java.util.List overrideSignatureAlgorithms

The Override signature algorithms.

overrideBlackListedSignatureAlgorithms

protected final java.util.List overrideBlackListedSignatureAlgorithms

The Override black listed signature algorithms.

overrideWhiteListedAlgorithms

protected final java.util.List overrideWhiteListedAlgorithms

The Override white listed signature signing algorithms.

casProperties

protected final org.apereo.cas.configuration.CasConfigurationProperties casProperties

Cas settings.

Constructor Detail

SamlObjectSignatureValidator

public SamlObjectSignatureValidator()

Method Detail

verifySamlProfileRequestIfNeeded

public void verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest,
                                             org.opensaml.saml.metadata.resolver.MetadataResolver resolver,
                                             javax.servlet.http.HttpServletRequest request,
                                             org.opensaml.messaging.context.MessageContext context)
                                      throws java.lang.Exception

Verify saml profile request if needed.

Parameters:

profileRequest - the profile request

resolver - the resolver

request - the request

context - the context

Throws:

java.lang.Exception - the exception

verifySamlProfileRequestIfNeeded

public void verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest,
                                             org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                                             javax.servlet.http.HttpServletRequest request,
                                             org.opensaml.messaging.context.MessageContext context)
                                      throws java.lang.Exception

Validate authn request signature.

Parameters:

profileRequest - the authn request

adaptor - the adaptor

request - the request

context - the context

Throws:

java.lang.Exception - the exception

getRoleDescriptorResolver

protected org.opensaml.saml.metadata.resolver.RoleDescriptorResolver getRoleDescriptorResolver(org.opensaml.saml.metadata.resolver.MetadataResolver resolver,
                                                                                               org.opensaml.messaging.context.MessageContext context,
                                                                                               org.opensaml.saml.saml2.core.RequestAbstractType profileRequest)
                                                                                        throws java.lang.Exception

Gets role descriptor resolver.

Parameters:

resolver - the resolver

context - the context

profileRequest - the profile request

Returns:

the role descriptor resolver

Throws:

java.lang.Exception - the exception

buildEntityCriteriaForSigningCredential

protected void buildEntityCriteriaForSigningCredential(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest,
                                                       net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)

Build entity criteria for signing credential.

Parameters:

profileRequest - the profile request

criteriaSet - the criteria set

getSignatureValidationConfiguration

protected org.opensaml.xmlsec.SignatureValidationConfiguration getSignatureValidationConfiguration()

Gets signature validation configuration.

Returns:

the signature validation configuration