SAML2HTTPPostSimpleSignRule (Red Hat JBoss Enterprise Application Platform 6.4.19.GA public API)

java.lang.Object
- org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule
- - org.opensaml.saml2.binding.security.SAML2HTTPPostSimpleSignRule

All Implemented Interfaces:

SecurityPolicyRule
```
public class SAML2HTTPPostSimpleSignRule
extends BaseSAMLSimpleSignatureSecurityPolicyRule
```
Security policy which evaluates simple "blob" signatures according to the SAML 2 HTTP-POST-SimpleSign binding.

Constructor Summary

Constructors
Constructor and Description
`SAML2HTTPPostSimpleSignRule(SignatureTrustEngine engine, ParserPool parserPool, KeyInfoCredentialResolver keyInfoCredResolver)` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected List<Credential>`	`getRequestCredentials(HttpServletRequest request, SAMLMessageContext samlContext)` Extract any candidate validation credentials from the request and/or message context.
`protected byte[]`	`getSignedContent(HttpServletRequest request)` Get the content over which to validate the signature, in the form suitable for input into `SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential)`.
`protected boolean`	`ruleHandles(HttpServletRequest request, SAMLMessageContext samlMsgCtx)` Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.

Methods inherited from class org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule
buildCriteriaSet, deriveSignerEntityID, evaluate, getSignature, getSignatureAlgorithm, getTrustEngine, validateSignature

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SAML2HTTPPostSimpleSignRule
```
public SAML2HTTPPostSimpleSignRule(SignatureTrustEngine engine,
                           ParserPool parserPool,
                           KeyInfoCredentialResolver keyInfoCredResolver)
```
    Constructor.
    
    Parameters:
    engine - the trust engine to use
    parserPool - the parser pool used to parse the KeyInfo request parameter
    keyInfoCredResolver - the KeyInfo credential resovler to use to extract credentials from the KeyInfo request parameter
- Method Detail
  - ruleHandles
```
protected boolean ruleHandles(HttpServletRequest request,
                  SAMLMessageContext samlMsgCtx)
```
    Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.
    
    Specified by:
    
    ruleHandles in class BaseSAMLSimpleSignatureSecurityPolicyRule
    
    Parameters:
    request - the HTTP servlet request being processed
    samlMsgCtx - the SAML message context being processed
    
    Returns:
    true if the rule should attempt to process the request, otherwise false
  - getSignedContent
```
protected byte[] getSignedContent(HttpServletRequest request)
                           throws SecurityPolicyException
```
    Get the content over which to validate the signature, in the form suitable for input into SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential).
    
    Specified by:
    
    getSignedContent in class BaseSAMLSimpleSignatureSecurityPolicyRule
    
    Parameters:
    request - the HTTP servlet request being processed
    
    Returns:
    the signed content extracted from the request, in the format suitable for input to the trust engine.
    
    Throws:
    
    SecurityPolicyException - thrown if there is an error during request processing
  - getRequestCredentials
```
protected List<Credential> getRequestCredentials(HttpServletRequest request,
                                     SAMLMessageContext samlContext)
                                          throws SecurityPolicyException
```
    Extract any candidate validation credentials from the request and/or message context. Some bindings allow validataion keys for the simple signature to be supplied, and others do not.
    
    Overrides:
    
    getRequestCredentials in class BaseSAMLSimpleSignatureSecurityPolicyRule
    
    Parameters:
    request - the HTTP servlet request being processed
    samlContext - the SAML message context being processed
    
    Returns:
    a list of candidate validation credentials in the request, or null if none were present
    
    Throws:
    
    SecurityPolicyException - thrown if there is an error during request processing

Class SAML2HTTPPostSimpleSignRule

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule

Methods inherited from class java.lang.Object

Constructor Detail

SAML2HTTPPostSimpleSignRule

Method Detail

ruleHandles

getSignedContent

getRequestCredentials