AbstractSamlInHandler (Apache CXF JavaDoc 3.1.0 API)

java.lang.Object
- org.apache.cxf.rs.security.saml.AbstractSamlInHandler

All Implemented Interfaces:

javax.ws.rs.container.ContainerRequestFilter

Direct Known Subclasses:

AbstractSamlBase64InHandler, Saml2BearerAuthHandler, SamlEnvelopedInHandler
```
@PreMatching
public abstract class AbstractSamlInHandler
extends Object
implements javax.ws.rs.container.ContainerRequestFilter
```

Constructor Summary

Constructors
Constructor and Description

AbstractSamlInHandler()

Constructors
Constructor and Description
`AbstractSamlInHandler()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected boolean`	`checkBearer(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)`
`protected boolean`	`checkHolderOfKey(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)`
`protected boolean`	`checkSenderVouches(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts)` Check the sender-vouches requirements against the received assertion.
`protected void`	`checkSubjectConfirmationData(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)`
`protected void`	`configureAudienceRestriction(Message msg, org.apache.wss4j.dom.handler.RequestData reqData)`
`protected org.apache.wss4j.common.saml.SAMLKeyInfo`	`createKeyInfoFromDefaultAlias(org.apache.wss4j.common.crypto.Crypto sigCrypto)`
`protected Element`	`readToken(Message message, InputStream tokenStream)`
`void`	`setKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable)`
`protected void`	`setSecurityContext(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper wrapper)`
`void`	`setSecurityContextProvider(SecurityContextProvider p)`
`void`	`setValidator(org.apache.wss4j.dom.validate.Validator validator)`
`protected void`	`throwFault(String error, Exception ex)`
`protected org.apache.wss4j.common.saml.SamlAssertionWrapper`	`toWrapper(Element tokenElement)`
`protected void`	`validateToken(Message message, Element tokenElement)`
`protected void`	`validateToken(Message message, InputStream tokenStream)`
`protected void`	`validateToken(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.ws.rs.container.ContainerRequestFilter
filter

Constructor Detail
- AbstractSamlInHandler
```
public AbstractSamlInHandler()
```

Method Detail

setValidator

public void setValidator(org.apache.wss4j.dom.validate.Validator validator)

setSecurityContextProvider

public void setSecurityContextProvider(SecurityContextProvider p)

validateToken

protected void validateToken(Message message,
                 InputStream tokenStream)

readToken

protected Element readToken(Message message,
                InputStream tokenStream)

validateToken

protected void validateToken(Message message,
                 Element tokenElement)

toWrapper

protected org.apache.wss4j.common.saml.SamlAssertionWrapper toWrapper(Element tokenElement)

validateToken

protected void validateToken(Message message,
                 org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)

configureAudienceRestriction

protected void configureAudienceRestriction(Message msg,
                                org.apache.wss4j.dom.handler.RequestData reqData)

createKeyInfoFromDefaultAlias

protected org.apache.wss4j.common.saml.SAMLKeyInfo createKeyInfoFromDefaultAlias(org.apache.wss4j.common.crypto.Crypto sigCrypto)
                                                                          throws org.apache.wss4j.common.ext.WSSecurityException

Throws:: org.apache.wss4j.common.ext.WSSecurityException

checkSubjectConfirmationData

protected void checkSubjectConfirmationData(Message message,
                                org.apache.wss4j.common.saml.SamlAssertionWrapper assertion)

setSecurityContext

protected void setSecurityContext(Message message,
                      org.apache.wss4j.common.saml.SamlAssertionWrapper wrapper)

throwFault

protected void throwFault(String error,
              Exception ex)

checkSenderVouches

protected boolean checkSenderVouches(Message message,
                         org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper,
                         Certificate[] tlsCerts)

Check the sender-vouches requirements against the received assertion. The SAML Assertion and the request body must be signed by the same signature.

checkHolderOfKey

protected boolean checkHolderOfKey(Message message,
                       org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper,
                       Certificate[] tlsCerts)

checkBearer

protected boolean checkBearer(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper,
                  Certificate[] tlsCerts)

setKeyInfoMustBeAvailable

public void setKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable)

Class AbstractSamlInHandler

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface javax.ws.rs.container.ContainerRequestFilter

Constructor Detail

AbstractSamlInHandler

Method Detail

setValidator

setSecurityContextProvider

validateToken

readToken

validateToken

toWrapper

validateToken

configureAudienceRestriction

createKeyInfoFromDefaultAlias

checkSubjectConfirmationData

setSecurityContext

throwFault

checkSenderVouches

checkHolderOfKey

checkBearer

setKeyInfoMustBeAvailable