public class SAML2STSLoginModule extends SAML2STSCommonLoginModule
This LoginModule
implements the local validation of SAML assertions on AS7. The specified
localValidationSecurityDomain
property must correspond to a AS7 JSSE domain that configures a truststore and
a server-alias that identifies the certificate used to validate the assertions.
Modifier and Type | Field and Description |
---|---|
protected int |
clockSkew |
assertion, credential, enableCacheInvalidation, ENDPOINT_ADDRESS, INITIAL_CLIENTS_IN_POOL, initialClientsInPool, localTestingOnly, localValidation, localValidationSecurityDomain, options, PASSWORD_KEY, PORT_NAME, principal, rawOptions, roleKey, securityDomain, SERVICE_NAME, STS_CONFIG_FILE, stsConfigurationFile, USERNAME_KEY
BASE64_TOKEN_ENCODING, GZIP_TOKEN_ENCODING, logger, NONE_TOKEN_ENCODING, REG_EX_GROUP_KEY, REG_EX_PATTERN_KEY, SAML_TOKEN_HTTP_HEADER_KEY, TOKEN_ENCODING_TYPE_KEY, tokenEncoding, WEB_REQUEST_KEY
callbackHandler, jbossModuleName, log, loginOk, principalClassModuleName, principalClassName, sharedState, subject, unauthenticatedIdentity, useFirstPass
Constructor and Description |
---|
SAML2STSLoginModule() |
Modifier and Type | Method and Description |
---|---|
protected JBossAuthCacheInvalidationFactory.TimeCacheExpiry |
getCacheExpiry() |
void |
initialize(Subject subject,
CallbackHandler callbackHandler,
Map sharedState,
Map options)
Initialize the login module.
|
protected boolean |
localValidation(Element assertionElement)
Locally validate the SAML Assertion element
|
abort, commit, getIdentity, getRoleSets, getSTSClient, login, logout
getCredentialFromHttpRequest, getSamlTokenHttpHeader, getSamlTokenHttpHeaderRegEx, getSamlTokenHttpHeaderRegExGroup, getTokenEncoding
addValidOptions, checkOptions, createGroup, createIdentity, getCallerPrincipalGroup, getUnauthenticatedIdentity, getUseFirstPass
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
AbstractServerLoginModule
initialize
in interface LoginModule
initialize
in class SAML2STSCommonLoginModule
subject
- the Subject to update after a successful login.callbackHandler
- the CallbackHandler that will be used to obtain the
the user identity and credentials.sharedState
- a Map shared between all configured login module instancesoptions
- the parameters passed to the login module.protected boolean localValidation(Element assertionElement) throws Exception
SAML2STSCommonLoginModule
localValidation
in class SAML2STSCommonLoginModule
Exception
protected JBossAuthCacheInvalidationFactory.TimeCacheExpiry getCacheExpiry() throws Exception
getCacheExpiry
in class SAML2STSCommonLoginModule
Exception
Copyright © 2021 JBoss by Red Hat. All rights reserved.