Package com.linecorp.armeria.server.saml
Class SamlServiceProviderBuilder
java.lang.Object
com.linecorp.armeria.server.saml.SamlServiceProviderBuilder
A builder which builds a
SamlServiceProvider
.-
Method Summary
Modifier and TypeMethodDescriptionacs()
Deprecated.acs
(SamlEndpoint endpoint) Returns aSamlAssertionConsumerConfigBuilder
to configure a new assertion consumer service of this service provider.authorizer
(Authorizer<HttpRequest> authorizer) Set anAuthorizer
which is used for this service provider's authentication.build()
Builds aSamlServiceProvider
which helps aServer
have a SAML-based authentication.credentialResolver
(org.opensaml.security.credential.CredentialResolver credentialResolver) Sets aCredentialResolver
for this service provider.encryptionKey
(String encryptionKey) Sets anencryption
key name for this service provider.Sets an entity ID for this service provider.Sets a hostname of this service provider.idp()
Returns aSamlIdentityProviderConfigBuilder
to configure a new idp for authentication.idpConfigSelector
(SamlIdentityProviderConfigSelector idpConfigSelector) Sets aSamlIdentityProviderConfigSelector
which determines a suitable idp for a request.metadataPath
(String metadataPath) Sets a URL for retrieving a metadata of this service provider.port
(int port) Sets a port of this service provider.requestIdManager
(SamlRequestIdManager requestIdManager) Sets aSamlRequestIdManager
which creates and validates a SAML request ID.scheme
(SessionProtocol scheme) Sets a protocol scheme of this service provider.schemeAndPort
(ServerPort serverPort) Sets aServerPort
of this service provider.signatureAlgorithm
(String signatureAlgorithm) Sets a signature algorithm which is used for signing by this service provider.signatureRequired
(boolean signatureRequired) Sets whether to require the received SAML objects to be signed.signingKey
(String signingKey) Sets asigning
key name for this service provider.sloEndpoint
(SamlEndpoint sloEndpoint) Adds a new single logout service endpoint of this service provider.sloHandler
(SamlSingleLogoutHandler sloHandler) Sets aSamlSingleLogoutHandler
which handles SAML messages for a single sign-on.ssoHandler
(SamlSingleSignOnHandler ssoHandler) Sets aSamlSingleSignOnHandler
which handles SAML messages for a single sign-on.
-
Method Details
-
authorizer
Set anAuthorizer
which is used for this service provider's authentication. -
entityId
Sets an entity ID for this service provider. -
credentialResolver
public SamlServiceProviderBuilder credentialResolver(org.opensaml.security.credential.CredentialResolver credentialResolver) Sets aCredentialResolver
for this service provider. -
signingKey
Sets asigning
key name for this service provider. -
encryptionKey
Sets anencryption
key name for this service provider. -
signatureAlgorithm
Sets a signature algorithm which is used for signing by this service provider. -
hostname
Sets a hostname of this service provider. -
scheme
Sets a protocol scheme of this service provider. -
port
Sets a port of this service provider. -
schemeAndPort
Sets aServerPort
of this service provider. -
metadataPath
Sets a URL for retrieving a metadata of this service provider. -
idpConfigSelector
public SamlServiceProviderBuilder idpConfigSelector(SamlIdentityProviderConfigSelector idpConfigSelector) Sets aSamlIdentityProviderConfigSelector
which determines a suitable idp for a request. -
sloEndpoint
Adds a new single logout service endpoint of this service provider. -
requestIdManager
Sets aSamlRequestIdManager
which creates and validates a SAML request ID. -
ssoHandler
Sets aSamlSingleSignOnHandler
which handles SAML messages for a single sign-on. -
sloHandler
Sets aSamlSingleLogoutHandler
which handles SAML messages for a single sign-on. -
idp
Returns aSamlIdentityProviderConfigBuilder
to configure a new idp for authentication. -
acs
Deprecated.Useacs(SamlEndpoint)
.Returns aSamlAssertionConsumerConfigBuilder
to configure a new assertion consumer service of this service provider. -
acs
Returns aSamlAssertionConsumerConfigBuilder
to configure a new assertion consumer service of this service provider. -
signatureRequired
Sets whether to require the received SAML objects to be signed. If enabled, the received SAML objects are rejected when they are not signed or have invalid signature. Otherwise, the received SAML objects will be accepted even if they are not signed, although the objects with an invalid signature will still be rejected. It is strongly discouraged to disable this option because otherwise an attacker can forge an SAML object to bypass authentication. This option is enabled by default.- Parameters:
signatureRequired
-true
to reject the SAML objects without signature.false
to accept the SAML objects without signature.
-
build
Builds aSamlServiceProvider
which helps aServer
have a SAML-based authentication.
-
acs(SamlEndpoint)
.