Package org.apereo.cas.support.saml.web.idp.profile.builders.enc.validate

Class SamlObjectSignatureValidator

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void buildEntityCriteriaForSigningCredential​(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)
      Build entity criteria for signing credential.
      protected org.opensaml.saml.metadata.resolver.RoleDescriptorResolver getRoleDescriptorResolver​(org.opensaml.saml.metadata.resolver.MetadataResolver resolver, org.opensaml.messaging.context.MessageContext context, org.opensaml.saml.saml2.core.RequestAbstractType profileRequest)
      Gets role descriptor resolver.
      protected org.opensaml.xmlsec.SignatureValidationConfiguration getSignatureValidationConfiguration()
      Gets signature validation configuration.
      void verifySamlProfileRequestIfNeeded​(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, javax.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context)
      Validate authn request signature.
      void verifySamlProfileRequestIfNeeded​(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.opensaml.saml.metadata.resolver.MetadataResolver resolver, javax.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context)
      Verify saml profile request if needed.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • overrideSignatureReferenceDigestMethods

        protected final java.util.List overrideSignatureReferenceDigestMethods
        The Override signature reference digest methods.

      • overrideSignatureAlgorithms

        protected final java.util.List overrideSignatureAlgorithms
        The Override signature algorithms.

      • overrideBlackListedSignatureAlgorithms

        protected final java.util.List overrideBlackListedSignatureAlgorithms
        The Override black listed signature algorithms.

      • overrideWhiteListedAlgorithms

        protected final java.util.List overrideWhiteListedAlgorithms
        The Override white listed signature signing algorithms.

      • casProperties

        protected final org.apereo.cas.configuration.CasConfigurationProperties casProperties
        CAS settings.

    • Constructor Detail

      • SamlObjectSignatureValidator

        public SamlObjectSignatureValidator()

    • Method Detail

      • verifySamlProfileRequestIfNeeded

        public void verifySamlProfileRequestIfNeeded​(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest,
                                             org.opensaml.saml.metadata.resolver.MetadataResolver resolver,
                                             javax.servlet.http.HttpServletRequest request,
                                             org.opensaml.messaging.context.MessageContext context)
                                      throws java.lang.Exception
        Verify saml profile request if needed.
        Parameters:
        profileRequest - the profile request
        resolver - the resolver
        request - the request
        context - the context
        Throws:
        java.lang.Exception - the exception

      • verifySamlProfileRequestIfNeeded

        public void verifySamlProfileRequestIfNeeded​(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest,
                                             org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor,
                                             javax.servlet.http.HttpServletRequest request,
                                             org.opensaml.messaging.context.MessageContext context)
                                      throws java.lang.Exception
        Validate authn request signature.
        Parameters:
        profileRequest - the authn request
        adaptor - the adaptor
        request - the request
        context - the context
        Throws:
        java.lang.Exception - the exception

      • getRoleDescriptorResolver

        protected org.opensaml.saml.metadata.resolver.RoleDescriptorResolver getRoleDescriptorResolver​(org.opensaml.saml.metadata.resolver.MetadataResolver resolver,
                                                                                               org.opensaml.messaging.context.MessageContext context,
                                                                                               org.opensaml.saml.saml2.core.RequestAbstractType profileRequest)
                                                                                        throws java.lang.Exception
        Gets role descriptor resolver.
        Parameters:
        resolver - the resolver
        context - the context
        profileRequest - the profile request
        Returns:
        the role descriptor resolver
        Throws:
        java.lang.Exception - the exception

      • buildEntityCriteriaForSigningCredential

        protected void buildEntityCriteriaForSigningCredential​(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest,
                                                       net.shibboleth.utilities.java.support.resolver.CriteriaSet criteriaSet)
        Build entity criteria for signing credential.
        Parameters:
        profileRequest - the profile request
        criteriaSet - the criteria set

      • getSignatureValidationConfiguration

        protected org.opensaml.xmlsec.SignatureValidationConfiguration getSignatureValidationConfiguration()
        Gets signature validation configuration.
        Returns:
        the signature validation configuration