public class DecryptNameIDs extends AbstractDecryptAction
EncryptedID
element and replace it with the decrypted NameID
in situ.
All of the built-in SAML message types that may include an EncryptedID
are potentially
handled, but the actual message to handle is obtained via strategy function, by default the inbound
message.
Modifier and Type | Field and Description |
---|---|
private org.slf4j.Logger |
log
Class logger.
|
Constructor and Description |
---|
DecryptNameIDs() |
Modifier and Type | Method and Description |
---|---|
protected void |
doExecute(ProfileRequestContext profileRequestContext) |
private void |
processAssertion(ProfileRequestContext profileRequestContext,
Assertion assertion)
Decrypt any
EncryptedID found in an assertion and replace it with the result. |
private NameID |
processEncryptedID(ProfileRequestContext profileRequestContext,
EncryptedID encID)
Decrypt an
EncryptedID and return the result. |
private void |
processLogoutRequest(ProfileRequestContext profileRequestContext,
LogoutRequest request)
Decrypt any
EncryptedID found in a LogoutRequest and replace it with the result. |
private void |
processManageNameIDRequest(ProfileRequestContext profileRequestContext,
ManageNameIDRequest request)
Decrypt any
EncryptedID found in a ManageNameIDRequest and replace it with the result. |
private void |
processNameIDMappingRequest(ProfileRequestContext profileRequestContext,
NameIDMappingRequest request)
Decrypt any
EncryptedID found in a NameIDMappingRequest and replace it with the result. |
private void |
processNameIDMappingResponse(ProfileRequestContext profileRequestContext,
NameIDMappingResponse response)
Decrypt any
EncryptedID found in a NameIDMappingResponse and replace it with the result. |
private NewID |
processNewEncryptedID(ProfileRequestContext profileRequestContext,
NewEncryptedID encID)
Decrypt a
NewEncryptedID and return the result. |
private void |
processSubject(ProfileRequestContext profileRequestContext,
Subject subject)
Decrypt any
EncryptedID found in a subject and replace it with the result. |
doPreExecute, getDecrypter, getDecryptionPredicate, getSAMLObject, isErrorFatal, setDecryptionPredicate, setErrorFatal, setMessageLookupStrategy, setSecurityParametersContextLookupStrategy
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized
@Nonnull private final org.slf4j.Logger log
protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
doExecute
in class AbstractProfileAction
@Nullable private NameID processEncryptedID(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull EncryptedID encID) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
and return the result.profileRequestContext
- current profile request contextencID
- the encrypted objectorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occurs during decryption@Nullable private NewID processNewEncryptedID(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull NewEncryptedID encID) throws org.opensaml.xmlsec.encryption.support.DecryptionException
NewEncryptedID
and return the result.profileRequestContext
- current profile request contextencID
- the encrypted objectorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occurs during decryptionprivate void processSubject(@Nonnull ProfileRequestContext profileRequestContext, @Nullable Subject subject) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
found in a subject and replace it with the result.profileRequestContext
- current profile request contextsubject
- subject to operate onorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occursprivate void processLogoutRequest(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull LogoutRequest request) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
found in a LogoutRequest and replace it with the result.profileRequestContext
- current profile request contextrequest
- request to operate onorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occursprivate void processManageNameIDRequest(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull ManageNameIDRequest request) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
found in a ManageNameIDRequest and replace it with the result.profileRequestContext
- current profile request contextrequest
- request to operate onorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occursprivate void processNameIDMappingRequest(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull NameIDMappingRequest request) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
found in a NameIDMappingRequest and replace it with the result.profileRequestContext
- current profile request contextrequest
- request to operate onorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occursprivate void processNameIDMappingResponse(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull NameIDMappingResponse response) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
found in a NameIDMappingResponse and replace it with the result.profileRequestContext
- current profile request contextresponse
- response to operate onorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occursprivate void processAssertion(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull Assertion assertion) throws org.opensaml.xmlsec.encryption.support.DecryptionException
EncryptedID
found in an assertion and replace it with the result.profileRequestContext
- current profile request contextassertion
- assertion to operate onorg.opensaml.xmlsec.encryption.support.DecryptionException
- if an error occursCopyright © 1999–2020 Shibboleth Consortium. All rights reserved.