BaseSAML1MessageEncoder (OpenSAML-J 2.6.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.opensaml.saml1.binding.encoding
Class BaseSAML1MessageEncoder

java.lang.Object
  org.opensaml.ws.message.encoder.BaseMessageEncoder
      org.opensaml.saml1.binding.encoding.BaseSAML1MessageEncoder

All Implemented Interfaces:: SAMLMessageEncoder, MessageEncoder

Direct Known Subclasses:: HTTPArtifactEncoder, HTTPPostEncoder, HTTPSOAP11Encoder

public abstract class BaseSAML1MessageEncoder
extends BaseMessageEncoder
implements SAMLMessageEncoder
extends BaseMessageEncoder
implements SAMLMessageEncoder

Base class for SAML 1 message encoders.

Field Summary
`private List<String>`	`allowedURLSchemes` The list of schemes allowed to appear in URLs related to the encoded message.
`private org.slf4j.Logger`	`log` Class logger.

Constructor Summary
`BaseSAML1MessageEncoder()`

Method Summary
`List<String>`	`getAllowedURLSchemes()` Gets the unmodifiable list of schemes allowed to appear in URLs related to the encoded message.
`protected URLBuilder`	`getEndpointURL(SAMLMessageContext messageContext)` Gets the response URL from the relying party endpoint.
`void`	`setAllowedURLSchemes(String[] schemes)` Sets the list of list of schemes allowed to appear in URLs related to the encoded message.
`protected void`	`signMessage(SAMLMessageContext messageContext)` Signs the given SAML message if it a `SignableSAMLObject` and this encoder has signing credentials.

Methods inherited from class org.opensaml.ws.message.encoder.BaseMessageEncoder
`doEncode, encode, logEncodedMessage, marshallMessage`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.opensaml.common.binding.encoding.SAMLMessageEncoder
`getBindingURI`

Methods inherited from interface org.opensaml.ws.message.encoder.MessageEncoder
`encode, providesMessageConfidentiality, providesMessageIntegrity`

Field Detail

log

private final org.slf4j.Logger log

Class logger.

allowedURLSchemes

private List<String> allowedURLSchemes

The list of schemes allowed to appear in URLs related to the encoded message. Defaults to 'http' and 'https'.

Constructor Detail

BaseSAML1MessageEncoder

public BaseSAML1MessageEncoder()

Method Detail

getAllowedURLSchemes

public List<String> getAllowedURLSchemes()

Gets the unmodifiable list of schemes allowed to appear in URLs related to the encoded message.

Returns:: list of URL schemes allowed to appear in a message

setAllowedURLSchemes

public void setAllowedURLSchemes(String[] schemes)

Sets the list of list of schemes allowed to appear in URLs related to the encoded message. Note, the appearance of schemes such as 'javascript' may open the system up to attacks (e.g. cross-site scripting attacks).

Parameters:: schemes - URL schemes allowed to appear in a message

getEndpointURL

protected URLBuilder getEndpointURL(SAMLMessageContext messageContext)
                             throws MessageEncodingException

Gets the response URL from the relying party endpoint. If the SAML message is a Response and the relying party endpoint contains a response location then that location is returned otherwise the normal endpoint location is returned.

Parameters:: messageContext - current message context
Returns:: response URL from the relying party endpoint
Throws:: MessageEncodingException - throw if no relying party endpoint is available

signMessage

protected void signMessage(SAMLMessageContext messageContext)
                    throws MessageEncodingException

Signs the given SAML message if it a SignableSAMLObject and this encoder has signing credentials.

Parameters:: messageContext - current message context
Throws:: MessageEncodingException - thrown if there is a problem preparing the signature for signing