org.pac4j.saml.logout.impl

Class SAML2LogoutValidator

java.lang.Object

org.pac4j.saml.profile.impl.AbstractSAML2ResponseValidator

org.pac4j.saml.logout.impl.SAML2LogoutValidator

All Implemented Interfaces:

SAML2ResponseValidator

public class SAML2LogoutValidator
extends AbstractSAML2ResponseValidator

Validator for SAML logout requests/responses from the IdP.

Since:

2.0.0

Author:

Matthieu Taggiasco, Jerome Leleu

Field Summary

Fields inherited from class org.pac4j.saml.profile.impl.AbstractSAML2ResponseValidator

acceptedSkew, decrypter, logger, logoutHandler, signatureTrustEngineProvider, uriComparator

Constructor Summary

Constructors

Constructor and Description
SAML2LogoutValidator(SAML2SignatureTrustEngineProvider engine, org.opensaml.saml.saml2.encryption.Decrypter decrypter, LogoutHandler logoutHandler)

Method Summary

Modifier and Type	Method and Description
void	setMaximumAuthenticationLifetime(int maximumAuthenticationLifetime)
Credentials	validate(SAML2MessageContext context) Validates the SAML protocol logout request/response.
protected void	validateLogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest logoutRequest, SAML2MessageContext context, org.opensaml.xmlsec.signature.support.SignatureTrustEngine engine) Validates the SAML logout request.
protected void	validateLogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse logoutResponse, SAML2MessageContext context, org.opensaml.xmlsec.signature.support.SignatureTrustEngine engine) Validates the SAML logout response.

Methods inherited from class org.pac4j.saml.profile.impl.AbstractSAML2ResponseValidator

computeSloKey, decryptEncryptedId, isDateValid, isIssueInstantValid, setAcceptedSkew, validateIssueInstant, validateIssuer, validateIssuerIfItExists, validateSignature, validateSignatureIfItExists, validateSuccess, verifyEndpoint

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SAML2LogoutValidator

public SAML2LogoutValidator(SAML2SignatureTrustEngineProvider engine,
                            org.opensaml.saml.saml2.encryption.Decrypter decrypter,
                            LogoutHandler logoutHandler)

Method Detail

validate

public Credentials validate(SAML2MessageContext context)

Validates the SAML protocol logout request/response.

Parameters:

context - the context

Returns:

the SAML credentials

validateLogoutRequest

protected void validateLogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest logoutRequest,
                                     SAML2MessageContext context,
                                     org.opensaml.xmlsec.signature.support.SignatureTrustEngine engine)

Validates the SAML logout request.

Parameters:

logoutRequest - the logout request

context - the context

engine - the signature engine

validateLogoutResponse

protected void validateLogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse logoutResponse,
                                      SAML2MessageContext context,
                                      org.opensaml.xmlsec.signature.support.SignatureTrustEngine engine)

Validates the SAML logout response.

Parameters:

logoutResponse - the logout response

context - the context

engine - the signature engine

setMaximumAuthenticationLifetime

public final void setMaximumAuthenticationLifetime(int maximumAuthenticationLifetime)