Package org.opensaml.saml.saml2.profile.impl
Implementations of SAML 2.0 profile behavior.
-
Class Summary Class Description AbstractDecryptAction Abstract base class for actions that perform SAML decryption.AbstractEncryptAction Abstract base class for actions that perform simple unicast SAML encryption to a single decrypting party.AbstractResponseShellAction<MessageType extends StatusResponseType> Abstract action that creates an empty object derived fromStatusResponseType
, and sets it as the message returned byInOutOperationContext.getOutboundMessageContext()
.AddChannelBindingsToAssertions AddGeneratedKeyToAssertions AddNameIDToSubjects AddNameIDToSubjects.NameIDPolicyLookupFunction Lookup function that returns theNameIDPolicy
from anAuthnRequest
message returned from a lookup function, by default the inbound message.AddNameIDToSubjects.RequesterIdFromIssuerFunction Lookup function that returnsRequestAbstractType.getIssuer()
from a request message returned from a lookup function, by default the inbound message.AddOneTimeUseConditionToAssertions AddProxyRestrictionToAssertions Action adds anProxyRestriction
to everyAssertion
contained in a SAML 2 response, with the audiences and count obtained from a lookup function.AddStatusResponseShell Action that creates an empty object derived fromStatusResponseType
, and sets it as the message returned byInOutOperationContext.getOutboundMessageContext()
.AddStatusToResponse Action that setsStatus
content in aStatusResponseType
obtained from a lookup strategy, typically from the outbound message context.AddStatusToResponse.StatusCodeMappingFunction A default method to map event IDs to SAML 2 StatusCode URIs based onEventContext
.AddSubjectConfirmationToSubjects Action that buildsSubjectConfirmation
and adds it to theSubject
of all the assertions found in aResponse
.ChainingSAML2NameIDGenerator Subclass incorporating SAML 2 interface.CopyNameIDFromRequest DecryptAssertions Action to decrypt anEncryptedAssertion
element and replace it with the decryptedAssertion
in situ.DecryptAttributes Action to decrypt anEncryptedAttribute
element and replace it with the decryptedAttribute
in situ.DecryptNameIDs Action to decrypt anEncryptedID
element and replace it with the decryptedNameID
in situ.DefaultAssertionValidationContextBuilder Function which implements default behavior for building an instance ofValidationContext
from an instance ofValidateAssertions.AssertionValidationInput
.DefaultAssertionValidationContextBuilder.DefaultValidInResponseToLookupFunction Default strategy for resolving the valid InResponseTo value.DefaultAssertionValidationContextBuilder.DefaultValidIssuersLookupFunction Default strategy for resolving the valid Issuers.EncryptAssertions Action that encrypts all assertions in aResponse
message obtained from a lookup strategy, by default the outbound message context.EncryptAttributes Action that encrypts all attributes in aResponse
message obtained from a lookup strategy, by default the outbound message context.EncryptNameIDs Action that encrypts allNameID
s in a message obtained from a lookup strategy, by default the outbound message context.PopulateECPContext Action to create and populate anECPContext
based on the request and, when encryption is in use, generating a session key.ResolveArtifact Action that resolves a SAML 2.0 artifact inside anArtifactResolve
request located via a lookup strategy, by default from the inbound message context, and maps it to the corresponding message.ValidateAssertions A profile action which resolves SAML 2.0 Assertions from the profile request context and validates them using a resolved or configured instance ofSAML20AssertionValidator
.