public interface SecurityConfiguration
The OpenSAML ConfigurationService singleton may be queried for the configuration to use for a certain
security operation. For example, to get the EncryptionConfiguration to use, the following code gives us the
config for an encryption operation:
EncryptionConfiguration encryptionConfiguration = ConfigurationService.get(EncryptionConfiguration.class);
This is simple and straightforward, and you should probably stick with that way of getting the system defaults for
security configuration. However, in some cases, for example when a SAML SP or IdP should support several different
profiles regarding security configuration the above doesn't work that well. In these cases you may instantiate
different SecurityConfiguration objects with different defaults, and use those objects to query for the
security configuration.
SecurityConfiguration saml2intConfig = setupSaml2intConfig();
...
EncryptionConfig config = saml2intConfig.getEncryptionConfiguration();
When OpenSAML is initialized (using InitializationService.initialize()) the ConfigurationService will
be assigned the default values from the DefaultSecurityConfigurationBootstrap class. After OpenSAML has been
initialized it is possible to modify these defaults by replacing the stored default objects.
EncryptionConfiguration myEncryptionConfiguration = ...;
... a lot of code setting algorithms ...
ConfigurationService.register(EncryptionConfiguration.class, myEncryptionConfiguration);
By using a SecurityConfiguration object this step may be simplified. For example, to configure the system to
use the SAML2Int algorithm requirements you simply do:
SecurityConfiguration saml2intConfig = new SAML2IntSecurityConfiguration();
saml2intConfig.initOpenSAML();
If you use the OpenSAMLInitializer you can do the following instead:
OpenSAMLInitializer.getInstance().initialize(
new OpenSAMLSecurityExtensionConfig(),
new OpenSAMLSecurityDefaultsConfig(new SAML2IntSecurityConfiguration()));| Modifier and Type | Method and Description |
|---|---|
DecryptionConfiguration |
getDecryptionConfiguration()
Returns the decryption configuration that has been configured.
|
EncryptionConfiguration |
getEncryptionConfiguration()
Returns the encryption configuration that has been configured.
|
String |
getProfileName()
Gets the profile name of this configuration setup.
|
SignatureSigningConfiguration |
getSignatureSigningConfiguration()
Returns the signing configuration that has been configued.
|
SignatureValidationConfiguration |
getSignatureValidationConfiguration()
Returns the signature validation configuration that has been configured.
|
void |
initOpenSAML()
Initializes OpenSAML with the defaults that has been installed for this instance.
|
String getProfileName()
EncryptionConfiguration getEncryptionConfiguration()
DecryptionConfiguration getDecryptionConfiguration()
SignatureSigningConfiguration getSignatureSigningConfiguration()
SignatureValidationConfiguration getSignatureValidationConfiguration()
void initOpenSAML()
throws InitializationException
ConfigurationService.register(XXXConfiguration.class, xxxConfiguration);
InitializationException - for initialization errorsCopyright © 2020 Sweden Connect. All rights reserved.