Class SAMLSSOResponseValidator
- java.lang.Object
-
- org.apache.cxf.rs.security.saml.sso.SAMLSSOResponseValidator
-
public class SAMLSSOResponseValidator extends Object
Validate a SAML 2.0 Protocol Response according to the Web SSO profile. The Response should be validated by the SAMLProtocolResponseValidator first.
-
-
Constructor Summary
Constructors Constructor Description SAMLSSOResponseValidator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetAssertionConsumerURL()StringgetClientAddress()StringgetIssuerIDP()StringgetRequestId()StringgetSpIdentifier()booleanisEnforceResponseSigned()voidsetAssertionConsumerURL(String assertionConsumerURL)voidsetClientAddress(String clientAddress)voidsetEnforceAssertionsSigned(boolean enforceAssertionsSigned)Enforce that Assertions contained in the Response must be signed (if the Response itself is not signed).voidsetEnforceKnownIssuer(boolean enforceKnownIssuer)Enforce that the Issuer of the received Response/Assertion is known.voidsetEnforceResponseSigned(boolean enforceResponseSigned)Enforce whether a SAML Response must be signed.voidsetIssuerIDP(String issuerIDP)voidsetReplayCache(TokenReplayCache<String> replayCache)voidsetRequestId(String requestId)voidsetSpIdentifier(String spIdentifier)SSOValidatorResponsevalidateSamlResponse(org.opensaml.saml.saml2.core.Response samlResponse, boolean postBinding)Validate a SAML 2 Protocol Response
-
-
-
Method Detail
-
setEnforceAssertionsSigned
public void setEnforceAssertionsSigned(boolean enforceAssertionsSigned)
Enforce that Assertions contained in the Response must be signed (if the Response itself is not signed). The default is true.
-
setEnforceKnownIssuer
public void setEnforceKnownIssuer(boolean enforceKnownIssuer)
Enforce that the Issuer of the received Response/Assertion is known. The default is true.
-
validateSamlResponse
public SSOValidatorResponse validateSamlResponse(org.opensaml.saml.saml2.core.Response samlResponse, boolean postBinding) throws org.apache.wss4j.common.ext.WSSecurityException
Validate a SAML 2 Protocol Response- Parameters:
samlResponse-postBinding-- Returns:
- a SSOValidatorResponse object
- Throws:
org.apache.wss4j.common.ext.WSSecurityException
-
getIssuerIDP
public String getIssuerIDP()
-
setIssuerIDP
public void setIssuerIDP(String issuerIDP)
-
getAssertionConsumerURL
public String getAssertionConsumerURL()
-
setAssertionConsumerURL
public void setAssertionConsumerURL(String assertionConsumerURL)
-
getClientAddress
public String getClientAddress()
-
setClientAddress
public void setClientAddress(String clientAddress)
-
getRequestId
public String getRequestId()
-
setRequestId
public void setRequestId(String requestId)
-
getSpIdentifier
public String getSpIdentifier()
-
setSpIdentifier
public void setSpIdentifier(String spIdentifier)
-
setReplayCache
public void setReplayCache(TokenReplayCache<String> replayCache)
-
isEnforceResponseSigned
public boolean isEnforceResponseSigned()
-
setEnforceResponseSigned
public void setEnforceResponseSigned(boolean enforceResponseSigned)
Enforce whether a SAML Response must be signed.
-
-