Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.ws.security.provider
Class BaseTrustEngineRule<TokenType>

java.lang.Object
  extended by org.opensaml.ws.security.provider.BaseTrustEngineRule<TokenType>
Type Parameters:
TokenType - type of token which is being evaluated by the underlying trust engine
All Implemented Interfaces:
SecurityPolicyRule
Direct Known Subclasses:
ClientCertAuthRule
public abstract class BaseTrustEngineRule<TokenType>
extends Object
implements SecurityPolicyRule

Base rule which uses a trust engine to evaluate a token extracted from the request or message.

Constructor Summary
BaseTrustEngineRule(org.opensaml.xml.security.trust.TrustEngine<TokenType> engine)
          Constructor.
 
Method Summary
protected abstract  org.opensaml.xml.security.CriteriaSet buildCriteriaSet(String entityID, MessageContext messageContext)
          Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.
protected  boolean evaluate(TokenType token, org.opensaml.xml.security.CriteriaSet criteriaSet)
          Evaluate the token against the specified criteria using the configured trust engine.
protected  boolean evaluate(TokenType token, String entityID, MessageContext messageContext)
          Evaluate the token using the configured trust engine against criteria built using the specified candidate issuer entity ID and message context information.
protected  org.opensaml.xml.security.trust.TrustEngine<TokenType> getTrustEngine()
          Gets the engine used to validate the untrusted token.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.opensaml.ws.security.SecurityPolicyRule
evaluate
 

Constructor Detail

BaseTrustEngineRule

public BaseTrustEngineRule(org.opensaml.xml.security.trust.TrustEngine<TokenType> engine)
Constructor.

Parameters:
engine - Trust engine used to verify the particular token type
Method Detail

getTrustEngine

protected org.opensaml.xml.security.trust.TrustEngine<TokenType> getTrustEngine()
Gets the engine used to validate the untrusted token.

Returns:
engine engine used to validate the untrusted token

buildCriteriaSet

protected abstract org.opensaml.xml.security.CriteriaSet buildCriteriaSet(String entityID,
                                                                          MessageContext messageContext)
                                                                   throws SecurityPolicyException
Subclasses are required to implement this method to build a criteria set for the trust engine according to trust engine and application-specific needs.

Parameters:
entityID - the candidate issuer entity ID which is being evaluated
messageContext - the message context which is being evaluated
Returns:
a newly constructly set of criteria suitable for the configured trust engine
Throws:
SecurityPolicyException - thrown if criteria set can not be constructed

evaluate

protected boolean evaluate(TokenType token,
                           String entityID,
                           MessageContext messageContext)
                    throws SecurityPolicyException
Evaluate the token using the configured trust engine against criteria built using the specified candidate issuer entity ID and message context information.

Parameters:
token - the token to be evaluated
entityID - the candidate issuer entity ID which is being evaluated
messageContext - the message context which is being evaluated
Returns:
true if the token satisfies the criteria as determined by the trust engine, otherwise false
Throws:
SecurityPolicyException - thrown if there is a fatal error during trust engine evaluation

evaluate

protected boolean evaluate(TokenType token,
                           org.opensaml.xml.security.CriteriaSet criteriaSet)
                    throws SecurityPolicyException
Evaluate the token against the specified criteria using the configured trust engine.

Parameters:
token - the token to be evaluated
criteriaSet - the set of criteria against which to evaluate the token
Returns:
true if the token satisfies the criteria as determined by the trust engine, otherwise false
Throws:
SecurityPolicyException - thrown if there is a fatal error during trust engine evaluation
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2006-2011 Internet2. All Rights Reserved.