Package org.apereo.cas.support.saml.web.idp.profile.builders.enc.validate

Class SamlObjectSignatureValidator

java.lang.Object
org.apereo.cas.support.saml.web.idp.profile.builders.enc.validate.SamlObjectSignatureValidator
Direct Known Subclasses:
SamlIdPObjectSignatureValidator
public class SamlObjectSignatureValidator extends Object
This is SamlObjectSignatureValidator.
Since:
5.1.0

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final org.apereo.cas.configuration.CasConfigurationProperties
    casProperties
    CAS settings.
    protected final List<String>
    overrideAllowedAlgorithms
    The Override allowed signature signing algorithms.
    protected final List<String>
    overrideBlockedSignatureAlgorithms
    The Override black listed signature algorithms.
    protected final List<String>
    overrideSignatureAlgorithms
    The Override signature algorithms.
    protected final List<String>
    overrideSignatureReferenceDigestMethods
    The Override signature reference digest methods.

  • Constructor Summary

    Constructors
    Constructor
    Description
    SamlObjectSignatureValidator()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    buildEntityCriteriaForSigningCredential(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, net.shibboleth.shared.resolver.CriteriaSet criteriaSet)
    Build entity criteria for signing credential.
    protected org.opensaml.saml.metadata.resolver.RoleDescriptorResolver
    getRoleDescriptorResolver(org.opensaml.saml.metadata.resolver.MetadataResolver resolver, org.opensaml.messaging.context.MessageContext context, org.opensaml.saml.saml2.core.RequestAbstractType profileRequest)
    Gets role descriptor resolver.
    protected org.opensaml.xmlsec.SignatureValidationConfiguration
    getSignatureValidationConfiguration()
    Gets signature validation configuration.
    void
    verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, jakarta.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context)
    Validate authn request signature.
    void
    verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.opensaml.saml.metadata.resolver.MetadataResolver resolver, jakarta.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context)
    Verify saml profile request if needed.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • overrideSignatureReferenceDigestMethods

      protected final List<String> overrideSignatureReferenceDigestMethods
      The Override signature reference digest methods.

    • overrideSignatureAlgorithms

      protected final List<String> overrideSignatureAlgorithms
      The Override signature algorithms.

    • overrideBlockedSignatureAlgorithms

      protected final List<String> overrideBlockedSignatureAlgorithms
      The Override black listed signature algorithms.

    • overrideAllowedAlgorithms

      protected final List<String> overrideAllowedAlgorithms
      The Override allowed signature signing algorithms.

    • casProperties

      protected final org.apereo.cas.configuration.CasConfigurationProperties casProperties
      CAS settings.

  • Constructor Details

    • SamlObjectSignatureValidator

      public SamlObjectSignatureValidator()

  • Method Details

    • verifySamlProfileRequestIfNeeded

      public void verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.opensaml.saml.metadata.resolver.MetadataResolver resolver, jakarta.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context) throws Exception
      Verify saml profile request if needed.
      Parameters:
      profileRequest - the profile request
      resolver - the resolver
      request - the request
      context - the context
      Throws:
      Exception - the exception

    • verifySamlProfileRequestIfNeeded

      public void verifySamlProfileRequestIfNeeded(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade adaptor, jakarta.servlet.http.HttpServletRequest request, org.opensaml.messaging.context.MessageContext context) throws Exception
      Validate authn request signature.
      Parameters:
      profileRequest - the authn request
      adaptor - the adaptor
      request - the request
      context - the context
      Throws:
      Exception - the exception

    • getRoleDescriptorResolver

      protected org.opensaml.saml.metadata.resolver.RoleDescriptorResolver getRoleDescriptorResolver(org.opensaml.saml.metadata.resolver.MetadataResolver resolver, org.opensaml.messaging.context.MessageContext context, org.opensaml.saml.saml2.core.RequestAbstractType profileRequest) throws Exception
      Gets role descriptor resolver.
      Parameters:
      resolver - the resolver
      context - the context
      profileRequest - the profile request
      Returns:
      the role descriptor resolver
      Throws:
      Exception - the exception

    • buildEntityCriteriaForSigningCredential

      protected void buildEntityCriteriaForSigningCredential(org.opensaml.saml.saml2.core.RequestAbstractType profileRequest, net.shibboleth.shared.resolver.CriteriaSet criteriaSet)
      Build entity criteria for signing credential.
      Parameters:
      profileRequest - the profile request
      criteriaSet - the criteria set

    • getSignatureValidationConfiguration

      protected org.opensaml.xmlsec.SignatureValidationConfiguration getSignatureValidationConfiguration()
      Gets signature validation configuration.
      Returns:
      the signature validation configuration