Package org.apache.cxf.rs.security.saml
Class AbstractSamlInHandler
- java.lang.Object
-
- org.apache.cxf.rs.security.saml.AbstractSamlInHandler
-
- All Implemented Interfaces:
javax.ws.rs.container.ContainerRequestFilter
- Direct Known Subclasses:
AbstractSamlBase64InHandler,Saml2BearerAuthHandler,SamlEnvelopedInHandler
@PreMatching public abstract class AbstractSamlInHandler extends Object implements javax.ws.rs.container.ContainerRequestFilter
-
-
Constructor Summary
Constructors Constructor Description AbstractSamlInHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected booleancheckBearer(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)protected booleancheckHolderOfKey(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)protected booleancheckSenderVouches(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)Check the sender-vouches requirements against the received assertion.protected voidcheckSubjectConfirmationData(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)protected voidconfigureAudienceRestriction(Message msg, org.apache.wss4j.dom.handler.RequestData reqData)protected org.apache.wss4j.common.saml.SAMLKeyInfocreateKeyInfoFromDefaultAlias(org.apache.wss4j.common.crypto.Crypto sigCrypto)protected ElementreadToken(Message message, InputStream tokenStream)voidsetKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable)protected voidsetSecurityContext(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper wrapper)voidsetSecurityContextProvider(SecurityContextProvider p)voidsetValidator(org.apache.wss4j.dom.validate.Validator validator)protected voidthrowFault(String error, Exception ex)protected org.apache.wss4j.common.saml.SamlAssertionWrappertoWrapper(Element tokenElement)protected voidvalidateToken(Message message, InputStream tokenStream)protected voidvalidateToken(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)protected voidvalidateToken(Message message, Element tokenElement)
-
-
-
Method Detail
-
setValidator
public void setValidator(org.apache.wss4j.dom.validate.Validator validator)
-
setSecurityContextProvider
public void setSecurityContextProvider(SecurityContextProvider p)
-
validateToken
protected void validateToken(Message message, InputStream tokenStream)
-
readToken
protected Element readToken(Message message, InputStream tokenStream)
-
toWrapper
protected org.apache.wss4j.common.saml.SamlAssertionWrapper toWrapper(Element tokenElement)
-
validateToken
protected void validateToken(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
-
configureAudienceRestriction
protected void configureAudienceRestriction(Message msg, org.apache.wss4j.dom.handler.RequestData reqData)
-
createKeyInfoFromDefaultAlias
protected org.apache.wss4j.common.saml.SAMLKeyInfo createKeyInfoFromDefaultAlias(org.apache.wss4j.common.crypto.Crypto sigCrypto) throws org.apache.wss4j.common.ext.WSSecurityException- Throws:
org.apache.wss4j.common.ext.WSSecurityException
-
checkSubjectConfirmationData
protected void checkSubjectConfirmationData(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
-
setSecurityContext
protected void setSecurityContext(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper wrapper)
-
checkSenderVouches
protected boolean checkSenderVouches(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)
Check the sender-vouches requirements against the received assertion. The SAML Assertion and the request body must be signed by the same signature.
-
checkHolderOfKey
protected boolean checkHolderOfKey(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)
-
checkBearer
protected boolean checkBearer(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)
-
setKeyInfoMustBeAvailable
public void setKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable)
-
-