public class SAMLMDClientCertAuthSecurityHandler extends BaseClientCertAuthSecurityHandler
BaseClientCertAuthSecurityHandler
which provides support for X509Credential
trust engine validation based on SAML metadata.
The authenticatable entity data is read from and stored to the subcontext identified by
getEntityContextClass()
, which defaults to SAMLPeerEntityContext
.
Modifier and Type | Field and Description |
---|---|
private Class<? extends AbstractAuthenticatableSAMLEntityContext> |
entityContextClass
The actual context class holding the authenticatable SAML entity.
|
private org.slf4j.Logger |
log
Logger.
|
Constructor and Description |
---|
SAMLMDClientCertAuthSecurityHandler()
Constructor.
|
Modifier and Type | Method and Description |
---|---|
protected net.shibboleth.utilities.java.support.resolver.CriteriaSet |
buildCriteriaSet(String entityID,
org.opensaml.messaging.context.MessageContext messageContext) |
protected String |
getCertificatePresenterEntityID(org.opensaml.messaging.context.MessageContext messageContext) |
Class<? extends AbstractAuthenticatableSAMLEntityContext> |
getEntityContextClass()
Get the class type holding the authenticatable SAML entity data.
|
protected void |
setAuthenticatedCertificatePresenterEntityID(org.opensaml.messaging.context.MessageContext messageContext,
String entityID) |
protected void |
setAuthenticatedState(org.opensaml.messaging.context.MessageContext messageContext,
boolean authenticated) |
void |
setEntityContextClass(Class<? extends AbstractAuthenticatableSAMLEntityContext> clazz)
Set the class type holding the authenticatable SAML entity data.
|
doEvaluate, doInitialize, doInvoke, doPreInvoke, evaluateCertificateNameDerivedPresenters, evaluateDerivedPresenters, evaluateSubjectAltNames, evaluateSubjectCommonName, evaluateSubjectDN, getAltNames, getCertificateNameOptions, getCommonName, getHttpServletRequest, getSubjectName, resolveTrustEngine, setHttpServletRequest
evaluate, evaluate, getTrustEngine
doPostInvoke, doPostInvoke, getActivationCondition, getLogPrefix, invoke, setActivationCondition
destroy, doDestroy, initialize, isDestroyed, isInitialized
private org.slf4j.Logger log
private Class<? extends AbstractAuthenticatableSAMLEntityContext> entityContextClass
public SAMLMDClientCertAuthSecurityHandler()
@Nonnull public Class<? extends AbstractAuthenticatableSAMLEntityContext> getEntityContextClass()
Defaults to: SAMLPeerEntityContext
.
public void setEntityContextClass(@Nonnull Class<? extends AbstractAuthenticatableSAMLEntityContext> clazz)
Defaults to: SAMLPeerEntityContext
.
clazz
- the entity context class type@Nonnull protected net.shibboleth.utilities.java.support.resolver.CriteriaSet buildCriteriaSet(@Nullable String entityID, @Nonnull org.opensaml.messaging.context.MessageContext messageContext) throws org.opensaml.messaging.handler.MessageHandlerException
buildCriteriaSet
in class BaseClientCertAuthSecurityHandler
org.opensaml.messaging.handler.MessageHandlerException
@Nullable protected String getCertificatePresenterEntityID(@Nonnull org.opensaml.messaging.context.MessageContext messageContext)
getCertificatePresenterEntityID
in class BaseClientCertAuthSecurityHandler
protected void setAuthenticatedCertificatePresenterEntityID(@Nonnull org.opensaml.messaging.context.MessageContext messageContext, @Nullable String entityID)
setAuthenticatedCertificatePresenterEntityID
in class BaseClientCertAuthSecurityHandler
protected void setAuthenticatedState(@Nonnull org.opensaml.messaging.context.MessageContext messageContext, boolean authenticated)
setAuthenticatedState
in class BaseClientCertAuthSecurityHandler
Copyright © 1999–2020 Shibboleth Consortium. All rights reserved.