Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.seam.security.external.saml.api
Interface SamlServiceProviderConfigurationApi

All Superinterfaces:
EntityConfigurationApi, SamlEntityConfigurationApi
All Known Implementing Classes:
SamlSpBean
public interface SamlServiceProviderConfigurationApi
extends SamlEntityConfigurationApi

API for the configuration of a SAML Service Provider.

Author:
Marcel Kolsteren

Method Summary
 List<SamlExternalIdentityProvider> getIdentityProviders()
          Returns a list with all identity providers that are trusted (i.e.
 boolean isAuthnRequestsSigned()
          If this property is enabled, all authentication requests targeted at identity providers will be signed.
 boolean isSingleLogoutMessagesSigned()
          This property indicates whether outgoing single logout messages are signed.
 boolean isWantAssertionsSigned()
          This property, which is enabled by default, determines whether incoming authentication responses from the identity provider are required to have a valid signature.
 boolean isWantSingleLogoutMessagesSigned()
          This property indicates whether incoming single logout requests are required to have a valid signature.
 void setAuthnRequestsSigned(boolean authnRequestsSigned)
          See isAuthnRequestsSigned().
 void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned)
          See isSingleLogoutMessagesSigned().
 void setWantAssertionsSigned(boolean wantAssertionsSigned)
          See isWantAssertionsSigned().
 void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned)
          See isWantSingleLogoutMessagesSigned().
 
Methods inherited from interface org.jboss.seam.security.external.saml.api.SamlEntityConfigurationApi
addExternalSamlEntity, getEntityId, getExternalSamlEntities, getExternalSamlEntityByEntityId, getMetaDataURL, getPreferredBinding, setEntityId, setPreferredBinding, setSigningKey
 
Methods inherited from interface org.jboss.seam.security.external.api.EntityConfigurationApi
getHostName, getPort, getProtocol, setHostName, setPort, setProtocol
 

Method Detail

isAuthnRequestsSigned

boolean isAuthnRequestsSigned()
If this property is enabled, all authentication requests targeted at identity providers will be signed. The property is disabled by default. When enabling it, be sure to add a signing key by calling SamlEntityConfigurationApi.setSigningKey(String, String, String, String) .

Returns:
true iff the authentication requests are signed

setAuthnRequestsSigned

void setAuthnRequestsSigned(boolean authnRequestsSigned)
See isAuthnRequestsSigned().

isWantAssertionsSigned

boolean isWantAssertionsSigned()
This property, which is enabled by default, determines whether incoming authentication responses from the identity provider are required to have a valid signature. It is strongly discouraged to disabled signature validation, because this opens possibilities for sending fake authentication responses to the service provider.

Returns:
true iff incoming assertions need to have a valid signature

setWantAssertionsSigned

void setWantAssertionsSigned(boolean wantAssertionsSigned)
See isWantAssertionsSigned().

isSingleLogoutMessagesSigned

boolean isSingleLogoutMessagesSigned()
This property indicates whether outgoing single logout messages are signed. True by default, and the advice is not to disable this property, unless you understand the security risks of doing so.

Returns:
true iff the single logout requests (sent to identity providers) are signed

setSingleLogoutMessagesSigned

void setSingleLogoutMessagesSigned(boolean singleLogoutMessagesSigned)
See isSingleLogoutMessagesSigned().

isWantSingleLogoutMessagesSigned

boolean isWantSingleLogoutMessagesSigned()
This property indicates whether incoming single logout requests are required to have a valid signature. True by default, and the advice is not to disable this property, unless you understand the security risks of doing so.

Returns:
true iff incoming single logout requests need to have a valid signature

setWantSingleLogoutMessagesSigned

void setWantSingleLogoutMessagesSigned(boolean wantSingleLogoutMessagesSigned)
See isWantSingleLogoutMessagesSigned().

getIdentityProviders

List<SamlExternalIdentityProvider> getIdentityProviders()
Returns a list with all identity providers that are trusted (i.e. identity providers that have been added by calling SamlEntityConfigurationApi.addExternalSamlEntity(java.io.Reader)). This allows the API client to present the list to the user, so that the user can choose the provider that needs to be used for doing the login.

Returns:
list of identity providers
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 Seam Framework. All Rights Reserved.