public abstract class AbstractSPFormAuthenticator extends BaseFormAuthenticator
Abstract class to be extended by Service Provider valves to handle SAML requests and responses.
Modifier and Type | Field and Description |
---|---|
protected boolean |
jbossEnv |
auditHelper, canonicalizationMethod, chain, chainConfigOptions, chainLock, configFile, configProvider, enableAudit, identityURL, idpAddress, idpCertificate, issuerID, keyManager, logger, picketLinkConfiguration, samlHandlerChainClass, saveRestoreRequest, serviceURL, spConfiguration, timer, timerInterval
Constructor and Description |
---|
AbstractSPFormAuthenticator() |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(Request request,
HttpServletResponse response,
LoginConfig config)
Authenticate the request
|
boolean |
authenticate(Request request,
Response response,
LoginConfig loginConfig) |
protected String |
getBinding()
Return the SAML Binding that this authenticator supports
|
Context |
getContext() |
protected abstract String |
getContextPath()
Subclasses need to return the context path
based on the capability of their servlet api
|
protected Principal |
getGenericPrincipal(Request request,
String username,
List<String> roles) |
protected void |
initKeyProvider(Context context)
Initialize the KeyProvider configurations.
|
protected boolean |
isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
|
protected boolean |
isPOSTBindingResponse() |
boolean |
restoreRequest(Request request,
Session session) |
protected void |
sendHttpPostBindingRequest(String destination,
Document samlDocument,
String relayState,
Response response,
boolean willSendRequest)
Sends a HTTP POST request to the IDP.
|
protected void |
sendHttpRedirectRequest(String destination,
Document samlDocument,
String relayState,
Response response,
boolean willSendRequest,
String destinationQueryStringWithSignature)
Sends a HTTP Redirect request to the IDP.
|
protected void |
sendRequestToIDP(String destination,
Document samlDocument,
String relayState,
Request request,
Response response,
boolean willSendRequest,
String destinationQueryStringWithSignature)
Send the request to the IDP.
|
protected void |
startPicketLink() |
doSupportSignature, getConfigFile, getConfiguration, getIdentityURL, getIdpCertificate, getIDPSSODescriptor, handleMetadata, handleMetadata, initializeHandlerChain, localAuthentication, populateChainConfig, processConfiguration, processIDPMetadataFile, register, sendToLogoutPage, setAuditHelper, setConfigFile, setConfigProvider, setConfigProvider, setIdpAddress, setIssuerID, setLogOutPage, setSamlHandlerChainClass, setSaveRestoreRequest, setServiceURL, setTimerInterval, testStart, validate
protected void startPicketLink() throws LifecycleException
startPicketLink
in class BaseFormAuthenticator
LifecycleException
protected void sendRequestToIDP(String destination, Document samlDocument, String relayState, Request request, Response response, boolean willSendRequest, String destinationQueryStringWithSignature) throws ProcessingException, ConfigurationException, IOException
Send the request to the IDP. Subclasses should override this method to implement how requests must be sent to the IDP.
destination
- idp urlsamlDocument
- request or response documentrelayState
- response
- request
- willSendRequest
- are we sending Request or Response to IDPdestinationQueryStringWithSignature
- used only with Redirect binding and with signature enabled.ProcessingException
ConfigurationException
IOException
protected void sendHttpRedirectRequest(String destination, Document samlDocument, String relayState, Response response, boolean willSendRequest, String destinationQueryStringWithSignature) throws IOException, ProcessingException, ConfigurationException
Sends a HTTP Redirect request to the IDP.
destination
- relayState
- response
- willSendRequest
- destinationQueryStringWithSignature
- IOException
UnsupportedEncodingException
ConfigurationException
ProcessingException
protected void sendHttpPostBindingRequest(String destination, Document samlDocument, String relayState, Response response, boolean willSendRequest) throws ProcessingException, IOException, ConfigurationException
Sends a HTTP POST request to the IDP.
destination
- samlDocument
- relayState
- response
- willSendRequest
- TrustKeyProcessingException
ProcessingException
IOException
ConfigurationException
protected void initKeyProvider(Context context) throws LifecycleException
Initialize the KeyProvider configurations. This configurations are to be used during signing and validation of SAML assertions.
initKeyProvider
in class BaseFormAuthenticator
context
- LifecycleException
public boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws IOException
request
- response
- config
- IOException
{@link
- RuntimeException} when the response is not of type catalina response objectpublic boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException
IOException
protected boolean isPOSTBindingResponse()
protected String getBinding()
BaseFormAuthenticator
getBinding
in class BaseFormAuthenticator
JBossSAMLURIConstants#SAML_HTTP_POST_BINDING}
,
JBossSAMLURIConstants#SAML_HTTP_REDIRECT_BINDING}
protected boolean isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
public Context getContext()
public boolean restoreRequest(Request request, Session session) throws IOException
IOException
protected abstract String getContextPath()
Copyright © 2017 JBoss by Red Hat. All rights reserved.