Modifier and Type | Field and Description |
---|---|
protected String |
canonicalizationMethod |
protected String |
configFile |
protected String |
identityURL |
protected boolean |
ignoreSignatures |
protected PicketLinkType |
picketLinkConfiguration |
protected String |
serviceURL |
protected SPType |
spConfiguration |
Constructor and Description |
---|
SPFilter() |
Modifier and Type | Method and Description |
---|---|
protected ResponseType |
decryptAssertion(ResponseType responseType) |
void |
destroy()
Called by the web container to indicate to a filter that it is being taken out of service.
|
void |
doFilter(ServletRequest servletRequest,
ServletResponse servletResponse,
FilterChain filterChain)
The
doFilter method of the Filter is called by the container each time a request/response pair is
passed through the chain due to a client request for a resource at the end of the chain. |
Principal |
handleSAMLResponse(HttpServletRequest request,
ResponseType responseType)
Handle the SAMLResponse from the IDP
|
void |
init(FilterConfig filterConfig)
Called by the web container to indicate to a filter that it is being placed into service.
|
protected void |
isTrusted(String issuer) |
protected void |
sendRequestToIDP(AuthnRequestType authnRequest,
String relayState,
HttpServletResponse response) |
protected void |
sendToDestination(Document samlDocument,
String relayState,
String destination,
HttpServletResponse response,
boolean request) |
protected boolean |
validate(HttpServletRequest request) |
protected boolean |
verifySignature(SAMLDocumentHolder samlDocumentHolder) |
protected SPType spConfiguration
protected PicketLinkType picketLinkConfiguration
protected String configFile
protected String serviceURL
protected String identityURL
protected boolean ignoreSignatures
protected String canonicalizationMethod
public void destroy()
Filter
Called by the web container to indicate to a filter that it is being taken out of service.
This method is only called once all threads within the filter's doFilter method have exited or after a timeout period has passed. After the web container calls this method, it will not call the doFilter method again on this instance of the filter.
This method gives the filter an opportunity to clean up any resources that are being held (for example, memory, file handles, threads) and make sure that any persistent state is synchronized with the filter's current state in memory.
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException
Filter
doFilter
method of the Filter is called by the container each time a request/response pair is
passed through the chain due to a client request for a resource at the end of the chain. The FilterChain passed
in to this method allows the Filter to pass on the request and response to the next entity in the chain.
A typical implementation of this method would follow the following pattern:
chain.doFilter()
),
doFilter
in interface Filter
servletRequest
- the ServletRequest
object contains the client's requestservletResponse
- the ServletResponse
object contains the filter's responsefilterChain
- the FilterChain
for invoking the next filter or the resourceIOException
- if an I/O related error has occurred during the processingServletException
- if an exception occurs that interferes with the filter's normal operationUnavailableException
public void init(FilterConfig filterConfig) throws ServletException
Filter
Called by the web container to indicate to a filter that it is being placed into service.
The servlet container calls the init method exactly once after instantiating the filter. The init method must complete successfully before the filter is asked to do any filtering work.
The web container cannot place the filter into service if the init method either
init
in interface Filter
filterConfig
- a FilterConfig
object containing the filter's configuration and initialization
parametersServletException
- if an exception has occurred that interferes with the filter's normal operationprotected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, HttpServletResponse response) throws IOException, SAXException, GeneralSecurityException
protected void sendToDestination(Document samlDocument, String relayState, String destination, HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException
protected boolean validate(HttpServletRequest request) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
IssuerNotTrustedException
protected void isTrusted(String issuer) throws IssuerNotTrustedException
IssuerNotTrustedException
protected ResponseType decryptAssertion(ResponseType responseType)
public Principal handleSAMLResponse(HttpServletRequest request, ResponseType responseType) throws ConfigurationException, AssertionExpiredException
request
- entire request from IDPresponseType
- ResponseType that has been generatedserverEnvironment
- tomcat,jboss etcAssertionExpiredException
ConfigurationException
Copyright © 2020 JBoss by Red Hat. All rights reserved.