Package org.apache.cxf.rs.security.saml
Class AbstractSamlInHandler
java.lang.Object
org.apache.cxf.rs.security.saml.AbstractSamlInHandler
- All Implemented Interfaces:
jakarta.ws.rs.container.ContainerRequestFilter
- Direct Known Subclasses:
AbstractSamlBase64InHandler,Saml2BearerAuthHandler,SamlEnvelopedInHandler
@PreMatching
public abstract class AbstractSamlInHandler
extends Object
implements jakarta.ws.rs.container.ContainerRequestFilter
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected booleancheckBearer(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) protected booleancheckHolderOfKey(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) protected booleancheckSenderVouches(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) Check the sender-vouches requirements against the received assertion.protected voidcheckSubjectConfirmationData(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion) protected voidconfigureAudienceRestriction(Message msg, org.apache.wss4j.dom.handler.RequestData reqData) protected org.apache.wss4j.common.saml.SAMLKeyInfocreateKeyInfoFromDefaultAlias(org.apache.wss4j.common.crypto.Crypto sigCrypto) protected ElementreadToken(Message message, InputStream tokenStream) voidsetKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable) protected voidsetSecurityContext(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper wrapper) voidvoidsetValidator(org.apache.wss4j.dom.validate.Validator validator) protected voidthrowFault(String error, Exception ex) protected org.apache.wss4j.common.saml.SamlAssertionWrapperprotected voidvalidateToken(Message message, InputStream tokenStream) protected voidvalidateToken(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion) protected voidvalidateToken(Message message, Element tokenElement) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface jakarta.ws.rs.container.ContainerRequestFilter
filter
-
Constructor Details
-
AbstractSamlInHandler
public AbstractSamlInHandler()
-
-
Method Details
-
setValidator
public void setValidator(org.apache.wss4j.dom.validate.Validator validator) -
setSecurityContextProvider
-
validateToken
-
readToken
-
validateToken
-
toWrapper
-
validateToken
protected void validateToken(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion) -
configureAudienceRestriction
protected void configureAudienceRestriction(Message msg, org.apache.wss4j.dom.handler.RequestData reqData) -
createKeyInfoFromDefaultAlias
protected org.apache.wss4j.common.saml.SAMLKeyInfo createKeyInfoFromDefaultAlias(org.apache.wss4j.common.crypto.Crypto sigCrypto) throws org.apache.wss4j.common.ext.WSSecurityException - Throws:
org.apache.wss4j.common.ext.WSSecurityException
-
checkSubjectConfirmationData
protected void checkSubjectConfirmationData(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertion) -
setSecurityContext
protected void setSecurityContext(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper wrapper) -
throwFault
-
checkSenderVouches
protected boolean checkSenderVouches(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) Check the sender-vouches requirements against the received assertion. The SAML Assertion and the request body must be signed by the same signature. -
checkHolderOfKey
protected boolean checkHolderOfKey(Message message, org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) -
checkBearer
protected boolean checkBearer(org.apache.wss4j.common.saml.SamlAssertionWrapper assertionWrapper, Certificate[] tlsCerts) -
setKeyInfoMustBeAvailable
public void setKeyInfoMustBeAvailable(boolean keyInfoMustBeAvailable)
-