|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.cxf.sts.token.delegation.SAMLDelegationHandler
public class SAMLDelegationHandler
The SAML TokenDelegationHandler implementation. It disallows ActAs or OnBehalfOf for all cases apart from the case of a Bearer SAML Token. In addition, the AppliesTo address (if supplied) must match an AudienceRestriction address (if in token), if the "checkAudienceRestriction" property is set to "true".
Constructor Summary | |
---|---|
SAMLDelegationHandler()
|
Method Summary | |
---|---|
boolean |
canHandleToken(ReceivedToken delegateTarget)
Return true if this TokenDelegationHandler implementation is capable of handling the ReceivedToken argument. |
protected List<String> |
getAudienceRestrictions(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
|
boolean |
isCheckAudienceRestriction()
|
protected boolean |
isDelegationAllowed(ReceivedToken receivedToken,
String appliesToAddress)
Is Delegation allowed for a particular token |
TokenDelegationResponse |
isDelegationAllowed(TokenDelegationParameters tokenParameters)
See if delegation is allowed for a Token using the given TokenDelegationParameters. |
void |
setCheckAudienceRestriction(boolean checkAudienceRestriction)
Set whether to perform a check that the received AppliesTo address is contained in the token as one of the AudienceRestriction URIs. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SAMLDelegationHandler()
Method Detail |
---|
public boolean canHandleToken(ReceivedToken delegateTarget)
TokenDelegationHandler
canHandleToken
in interface TokenDelegationHandler
public TokenDelegationResponse isDelegationAllowed(TokenDelegationParameters tokenParameters)
TokenDelegationHandler
isDelegationAllowed
in interface TokenDelegationHandler
protected boolean isDelegationAllowed(ReceivedToken receivedToken, String appliesToAddress)
protected List<String> getAudienceRestrictions(org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)
public boolean isCheckAudienceRestriction()
public void setCheckAudienceRestriction(boolean checkAudienceRestriction)
checkAudienceRestriction
- whether to perform an audience restriction check or not
|
Apache CXF API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |