java.lang.Object
- org.apache.cxf.sts.token.delegation.SAMLDelegationHandler

All Implemented Interfaces:

TokenDelegationHandler

Direct Known Subclasses:

HOKDelegationHandler
```
public class SAMLDelegationHandler
extends Object
implements TokenDelegationHandler
```
The SAML TokenDelegationHandler implementation. It disallows ActAs or OnBehalfOf for all cases apart from the case of a Bearer SAML Token. In addition, the AppliesTo address (if supplied) must match an AudienceRestriction address (if in token), if the "checkAudienceRestriction" property is set to "true".

Constructor Summary

Constructors
Constructor Description

SAMLDelegationHandler()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`canHandleToken(ReceivedToken delegateTarget)`	Return true if this TokenDelegationHandler implementation is capable of handling the ReceivedToken argument.
`protected List<String>`	`getAudienceRestrictions(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)`
`boolean`	`isCheckAudienceRestriction()`
`protected boolean`	`isDelegationAllowed(ReceivedToken receivedToken, String appliesToAddress)`	Is Delegation allowed for a particular token
`TokenDelegationResponse`	`isDelegationAllowed(TokenDelegationParameters tokenParameters)`	See if delegation is allowed for a Token using the given TokenDelegationParameters.
`void`	`setCheckAudienceRestriction(boolean checkAudienceRestriction)`	Set whether to perform a check that the received AppliesTo address is contained in the token as one of the AudienceRestriction URIs.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SAMLDelegationHandler
```
public SAMLDelegationHandler()
```
- Method Detail
  - canHandleToken
```
public boolean canHandleToken(ReceivedToken delegateTarget)
```
    Description copied from interface: TokenDelegationHandler
    
    Return true if this TokenDelegationHandler implementation is capable of handling the ReceivedToken argument.
    
    Specified by:
    
    canHandleToken in interface TokenDelegationHandler
  - isDelegationAllowed
```
public TokenDelegationResponse isDelegationAllowed(TokenDelegationParameters tokenParameters)
```
    Description copied from interface: TokenDelegationHandler
    
    See if delegation is allowed for a Token using the given TokenDelegationParameters.
    
    Specified by:
    
    isDelegationAllowed in interface TokenDelegationHandler
  - isDelegationAllowed
```
protected boolean isDelegationAllowed(ReceivedToken receivedToken,
                                      String appliesToAddress)
```
    Is Delegation allowed for a particular token
  - getAudienceRestrictions
```
protected List<String> getAudienceRestrictions(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
```
  - isCheckAudienceRestriction
```
public boolean isCheckAudienceRestriction()
```
  - setCheckAudienceRestriction
```
public void setCheckAudienceRestriction(boolean checkAudienceRestriction)
```
    Set whether to perform a check that the received AppliesTo address is contained in the token as one of the AudienceRestriction URIs. The default is false.
    
    Parameters:
    
    checkAudienceRestriction - whether to perform an audience restriction check or not

Class SAMLDelegationHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SAMLDelegationHandler

Method Detail

canHandleToken

isDelegationAllowed

isDelegationAllowed

getAudienceRestrictions

isCheckAudienceRestriction

setCheckAudienceRestriction