Class DefaultSAMLRoleParser
- java.lang.Object
-
- org.apache.cxf.sts.token.validator.DefaultSubjectRoleParser
-
- org.apache.cxf.sts.token.validator.DefaultSAMLRoleParser
-
- All Implemented Interfaces:
SAMLRoleParser,SubjectRoleParser
public class DefaultSAMLRoleParser extends DefaultSubjectRoleParser implements SAMLRoleParser
A default implementation to extract roles from a SAML Assertion
-
-
Field Summary
Fields Modifier and Type Field Description static StringSAML_ROLE_ATTRIBUTENAME_DEFAULTThis configuration tag specifies the default attribute name where the roles are present The default is "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role".
-
Constructor Summary
Constructors Constructor Description DefaultSAMLRoleParser()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetRoleAttributeName()booleanisUseJaasSubject()Set<Principal>parseRolesFromAssertion(Principal principal, Subject subject, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)Return the set of User/Principal roles from the Assertion.voidsetRoleAttributeName(String roleAttributeName)Set the attribute URI of the SAML AttributeStatement where the role information is stored.voidsetUseJaasSubject(boolean useJaasSubject)Whether to get roles from the JAAS Subject (if not null) returned from SAML Assertion Validation or not.-
Methods inherited from class org.apache.cxf.sts.token.validator.DefaultSubjectRoleParser
getRoleClassifier, getRoleClassifierType, parseRolesFromSubject, setRoleClassifier, setRoleClassifierType
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.cxf.sts.token.validator.SubjectRoleParser
parseRolesFromSubject
-
-
-
-
Field Detail
-
SAML_ROLE_ATTRIBUTENAME_DEFAULT
public static final String SAML_ROLE_ATTRIBUTENAME_DEFAULT
This configuration tag specifies the default attribute name where the roles are present The default is "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role".- See Also:
- Constant Field Values
-
-
Method Detail
-
parseRolesFromAssertion
public Set<Principal> parseRolesFromAssertion(Principal principal, Subject subject, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
Return the set of User/Principal roles from the Assertion.- Specified by:
parseRolesFromAssertionin interfaceSAMLRoleParser- Parameters:
principal- the Principal associated with the Assertionsubject- the JAAS Subject associated with a successful validation of the Assertionassertion- The Assertion object- Returns:
- the set of User/Principal roles from the Assertion.
-
isUseJaasSubject
public boolean isUseJaasSubject()
-
setUseJaasSubject
public void setUseJaasSubject(boolean useJaasSubject)
Whether to get roles from the JAAS Subject (if not null) returned from SAML Assertion Validation or not. The default is true.- Parameters:
useJaasSubject- whether to get roles from the JAAS Subject or not
-
getRoleAttributeName
public String getRoleAttributeName()
-
setRoleAttributeName
public void setRoleAttributeName(String roleAttributeName)
Set the attribute URI of the SAML AttributeStatement where the role information is stored. The default is "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role".- Parameters:
roleAttributeName- the Attribute URI where role information is stored
-
-