org.picketlink.identity.federation.bindings.tomcat.sp
Class AbstractSPFormAuthenticator
java.lang.Object
org.apache.catalina.valves.ValveBase
org.apache.catalina.authenticator.AuthenticatorBase
org.apache.catalina.authenticator.FormAuthenticator
org.picketlink.identity.federation.bindings.tomcat.sp.BaseFormAuthenticator
org.picketlink.identity.federation.bindings.tomcat.sp.AbstractSPFormAuthenticator
- All Implemented Interfaces:
- MBeanRegistration, org.apache.catalina.Authenticator, org.apache.catalina.Contained, org.apache.catalina.Lifecycle, org.apache.catalina.Valve
- Direct Known Subclasses:
- ServiceProviderAuthenticator
public abstract class AbstractSPFormAuthenticator
- extends BaseFormAuthenticator
Abstract class to be extended by Service Provider valves to handle SAML requests and responses.
- Author:
- Anil Saldhana, Pedro Silva
Field Summary |
protected boolean |
jbossEnv
|
protected org.apache.log4j.Logger |
log
|
protected boolean |
trace
|
Fields inherited from class org.picketlink.identity.federation.bindings.tomcat.sp.BaseFormAuthenticator |
canonicalizationMethod, chain, chainConfigOptions, chainLock, configFile, configProvider, identityURL, idpAddress, idpCertificate, issuerID, keyManager, logOutPage, picketLinkConfiguration, samlHandlerChainClass, saveRestoreRequest, serviceURL, spConfiguration |
Fields inherited from class org.apache.catalina.authenticator.FormAuthenticator |
characterEncoding, info, landingPage |
Fields inherited from class org.apache.catalina.authenticator.AuthenticatorBase |
AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, lifecycle, REALM_NAME, securePagesWithPragma, SESSION_ID_BYTES, sm, sso, started |
Fields inherited from class org.apache.catalina.valves.ValveBase |
container, controller, domain, mserver, next, oname |
Fields inherited from interface org.apache.catalina.Lifecycle |
AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, DESTROY_EVENT, INIT_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT |
Method Summary |
boolean |
authenticate(org.apache.catalina.connector.Request request,
javax.servlet.http.HttpServletResponse response,
org.apache.catalina.deploy.LoginConfig config)
Authenticate the request |
boolean |
authenticate(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.LoginConfig loginConfig)
|
protected String |
getBinding()
Return the SAML Binding that this authenticator supports |
protected void |
initKeyProvider(org.apache.catalina.Context context)
Initialize the KeyProvider configurations. |
protected boolean |
isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding. |
protected boolean |
isPOSTBindingResponse()
|
protected void |
processStart()
|
protected abstract void |
sendRequestToIDP(String destination,
Document samlDocument,
String relayState,
org.apache.catalina.connector.Response response,
boolean willSendRequest)
Send the request to the IDP. |
Methods inherited from class org.picketlink.identity.federation.bindings.tomcat.sp.BaseFormAuthenticator |
doSupportSignature, getConfigFile, getConfiguration, getIdentityURL, getIdpCertificate, getIDPSSODescriptor, handleMetadata, handleMetadata, initializeHandlerChain, localAuthentication, populateChainConfig, processConfiguration, processIDPMetadataFile, register, sendToLogoutPage, setConfigFile, setConfigProvider, setIdpAddress, setIssuerID, setLogOutPage, setSamlHandlerChainClass, setSaveRestoreRequest, setServiceURL, start, testStart, validate |
Methods inherited from class org.apache.catalina.authenticator.FormAuthenticator |
forwardToErrorPage, forwardToLoginPage, getCharacterEncoding, getInfo, getLandingPage, matchRequest, restoreRequest, savedRequestURL, saveRequest, setCharacterEncoding, setLandingPage |
Methods inherited from class org.apache.catalina.authenticator.AuthenticatorBase |
addLifecycleListener, associate, authenticate, findLifecycleListeners, generateSessionId, getCache, getContainer, getDisableProxyCaching, getSecurePagesWithPragma, invoke, isChangeSessionIdOnAuthentication, login, logout, reauthenticateFromSSO, register, removeLifecycleListener, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, stop, unregister |
Methods inherited from class org.apache.catalina.valves.ValveBase |
backgroundProcess, createObjectName, event, getContainerName, getController, getDomain, getNext, getObjectName, getParentName, postDeregister, postRegister, preDeregister, preRegister, setController, setNext, setObjectName, toString |
log
protected org.apache.log4j.Logger log
trace
protected final boolean trace
jbossEnv
protected boolean jbossEnv
AbstractSPFormAuthenticator
public AbstractSPFormAuthenticator()
processStart
protected void processStart()
throws org.apache.catalina.LifecycleException
- Overrides:
processStart
in class BaseFormAuthenticator
- Throws:
org.apache.catalina.LifecycleException
initKeyProvider
protected void initKeyProvider(org.apache.catalina.Context context)
throws org.apache.catalina.LifecycleException
Initialize the KeyProvider configurations. This configurations are to be used during signing and validation of SAML
assertions.
- Specified by:
initKeyProvider
in class BaseFormAuthenticator
- Parameters:
context
-
- Throws:
org.apache.catalina.LifecycleException
authenticate
public boolean authenticate(org.apache.catalina.connector.Request request,
javax.servlet.http.HttpServletResponse response,
org.apache.catalina.deploy.LoginConfig config)
throws IOException
- Authenticate the request
- Overrides:
authenticate
in class org.apache.catalina.authenticator.FormAuthenticator
- Parameters:
request
- response
- config
-
- Returns:
-
- Throws:
IOException
{@link
- RuntimeException} when the response is not of type catalina response object
authenticate
public boolean authenticate(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.LoginConfig loginConfig)
throws IOException
- Throws:
IOException
isPOSTBindingResponse
protected boolean isPOSTBindingResponse()
sendRequestToIDP
protected abstract void sendRequestToIDP(String destination,
Document samlDocument,
String relayState,
org.apache.catalina.connector.Response response,
boolean willSendRequest)
throws ProcessingException,
ConfigurationException,
IOException
Send the request to the IDP. Subclasses should override this method to implement how requests must be sent to the IDP.
- Parameters:
destination
- idp urlsamlDocument
- request or response documentrelayState
- response
- willSendRequest
- are we sending Request or Response to IDP
- Throws:
ProcessingException
ConfigurationException
IOException
getBinding
protected String getBinding()
- Description copied from class:
BaseFormAuthenticator
- Return the SAML Binding that this authenticator supports
- Specified by:
getBinding
in class BaseFormAuthenticator
- Returns:
- See Also:
JBossSAMLURIConstants#SAML_HTTP_POST_BINDING}
,
JBossSAMLURIConstants#SAML_HTTP_REDIRECT_BINDING}
isHttpPostBinding
protected boolean isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
- Returns:
Copyright © 2012 JBoss Inc.. All Rights Reserved.