Package org.opensaml.saml.saml2.profile.impl
Implementations of SAML 2.0 profile behavior.
-
Class Summary Class Description AbstractDecryptAction Abstract base class for actions that perform SAML decryption.AbstractEncryptAction Abstract base class for actions that perform simple unicast SAML encryption to a single decrypting party.AbstractResponseShellAction<MessageType extends StatusResponseType> Abstract action that creates an empty object derived fromStatusResponseType, and sets it as the message returned byInOutOperationContext.getOutboundMessageContext().AddChannelBindingsToAssertions AddGeneratedKeyToAssertions AddNameIDToSubjects AddNameIDToSubjects.NameIDPolicyLookupFunction Lookup function that returns theNameIDPolicyfrom anAuthnRequestmessage returned from a lookup function, by default the inbound message.AddNameIDToSubjects.RequesterIdFromIssuerFunction Lookup function that returnsRequestAbstractType.getIssuer()from a request message returned from a lookup function, by default the inbound message.AddOneTimeUseConditionToAssertions AddProxyRestrictionToAssertions Action adds anProxyRestrictionto everyAssertioncontained in a SAML 2 response, with the audiences and count obtained from a lookup function.AddStatusResponseShell Action that creates an empty object derived fromStatusResponseType, and sets it as the message returned byInOutOperationContext.getOutboundMessageContext().AddStatusToResponse Action that setsStatuscontent in aStatusResponseTypeobtained from a lookup strategy, typically from the outbound message context.AddStatusToResponse.StatusCodeMappingFunction A default method to map event IDs to SAML 2 StatusCode URIs based onEventContext.AddSubjectConfirmationToSubjects Action that buildsSubjectConfirmationand adds it to theSubjectof all the assertions found in aResponse.ChainingSAML2NameIDGenerator Subclass incorporating SAML 2 interface.CopyNameIDFromRequest DecryptAssertions Action to decrypt anEncryptedAssertionelement and replace it with the decryptedAssertionin situ.DecryptAttributes Action to decrypt anEncryptedAttributeelement and replace it with the decryptedAttributein situ.DecryptNameIDs Action to decrypt anEncryptedIDelement and replace it with the decryptedNameIDin situ.DefaultAssertionValidationContextBuilder Function which implements default behavior for building an instance ofValidationContextfrom an instance ofValidateAssertions.AssertionValidationInput.DefaultAssertionValidationContextBuilder.DefaultValidInResponseToLookupFunction Default strategy for resolving the valid InResponseTo value.DefaultAssertionValidationContextBuilder.DefaultValidIssuersLookupFunction Default strategy for resolving the valid Issuers.EncryptAssertions Action that encrypts all assertions in aResponsemessage obtained from a lookup strategy, by default the outbound message context.EncryptAttributes Action that encrypts all attributes in aResponsemessage obtained from a lookup strategy, by default the outbound message context.EncryptNameIDs Action that encrypts allNameIDs in a message obtained from a lookup strategy, by default the outbound message context.PopulateECPContext Action to create and populate anECPContextbased on the request and, when encryption is in use, generating a session key.ResolveArtifact Action that resolves a SAML 2.0 artifact inside anArtifactResolverequest located via a lookup strategy, by default from the inbound message context, and maps it to the corresponding message.ValidateAssertions A profile action which resolves SAML 2.0 Assertions from the profile request context and validates them using a resolved or configured instance ofSAML20AssertionValidator.