Package org.apache.cxf.rs.security.saml.sso

Class AbstractRequestAssertionConsumerHandler

java.lang.Object
org.apache.cxf.rs.security.saml.sso.AbstractSSOSpHandler
org.apache.cxf.rs.security.saml.sso.AbstractRequestAssertionConsumerHandler
Direct Known Subclasses:
RequestAssertionConsumerFilter, RequestAssertionConsumerService
public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSSOSpHandler

  • Constructor Details

    • AbstractRequestAssertionConsumerHandler

      public AbstractRequestAssertionConsumerHandler()

  • Method Details

    • setMessageContext

      @Context public void setMessageContext(org.apache.cxf.jaxrs.ext.MessageContext mc)

    • setSupportDeflateEncoding

      public void setSupportDeflateEncoding(boolean deflate)

    • isSupportDeflateEncoding

      public boolean isSupportDeflateEncoding()

    • setReplayCache

      public void setReplayCache(TokenReplayCache<String> replayCache)

    • getReplayCache

      public TokenReplayCache<String> getReplayCache() throws Exception
      Throws:
      Exception

    • setEnforceAssertionsSigned

      public void setEnforceAssertionsSigned(boolean enforceAssertionsSigned)
      Enforce that Assertions must be signed if the POST binding was used. The default is true.

    • setEnforceKnownIssuer

      public void setEnforceKnownIssuer(boolean enforceKnownIssuer)
      Enforce that the Issuer of the received Response/Assertion is known to this RACS. The default is true.

    • setSupportBase64Encoding

      public void setSupportBase64Encoding(boolean supportBase64Encoding)

    • isSupportBase64Encoding

      public boolean isSupportBase64Encoding()

    • close

      @PreDestroy public void close()
      Overrides:
      close in class AbstractSSOSpHandler

    • doProcessSamlResponse

      protected jakarta.ws.rs.core.Response doProcessSamlResponse(String encodedSamlResponse, String relayState, boolean postBinding)

    • createSecurityContext

      protected String createSecurityContext(RequestState requestState, String encodedSamlResponse, String relayState, boolean postBinding)

    • processRelayState

      protected RequestState processRelayState(String relayState)

    • validateSamlResponseProtocol

      protected void validateSamlResponseProtocol(org.opensaml.saml.saml2.core.Response samlResponse)
      Validate the received SAML Response as per the protocol

    • validateSamlSSOResponse

      protected SSOValidatorResponse validateSamlSSOResponse(boolean postBinding, org.opensaml.saml.saml2.core.Response samlResponse, RequestState requestState)
      Validate the received SAML Response as per the Web SSO profile

    • reportError

      protected void reportError(String code)

    • setKeyInfoMustBeAvailable

      public void setKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable)

    • isEnforceResponseSigned

      public boolean isEnforceResponseSigned()

    • setEnforceResponseSigned

      public void setEnforceResponseSigned(boolean enforceResponseSigned)
      Enforce that a SAML Response must be signed.

    • getApplicationURL

      public String getApplicationURL()

    • setApplicationURL

      public void setApplicationURL(String applicationURL)
      Set the Application URL to forward to, for the unsolicited IdP case.
      Parameters:
      applicationURL -

    • isParseApplicationURLFromRelayState

      public boolean isParseApplicationURLFromRelayState()

    • setParseApplicationURLFromRelayState

      public void setParseApplicationURLFromRelayState(boolean parseApplicationURLFromRelayState)
      Whether to parse the application URL to forward to from the RelayState, for the unsolicted IdP case.
      Parameters:
      parseApplicationURLFromRelayState -

    • getAssertionConsumerServiceAddress

      public String getAssertionConsumerServiceAddress()

    • setAssertionConsumerServiceAddress

      public void setAssertionConsumerServiceAddress(String assertionConsumerServiceAddress)

    • isCheckClientAddress

      public boolean isCheckClientAddress()

    • setCheckClientAddress

      public void setCheckClientAddress(boolean checkClientAddress)

    • isStateExpired

      protected boolean isStateExpired(long stateCreatedAt, long expiresAt)