|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule
public class SAML2HTTPRedirectDeflateSignatureRule
Security policy which evaluates simple "blob" signatures according to the SAML 2 HTTP-Redirect DEFLATE binding.
Field Summary | |
---|---|
private org.slf4j.Logger |
log
Logger. |
Constructor Summary | |
---|---|
SAML2HTTPRedirectDeflateSignatureRule(SignatureTrustEngine engine)
Constructor. |
Method Summary | |
---|---|
private boolean |
appendParameter(StringBuilder builder,
String queryString,
String paramName)
Find the raw query string parameter indicated and append it to the string builder. |
private String |
buildSignedContentString(String queryString)
Extract the raw request parameters and build a string representation of the content that was signed. |
protected byte[] |
getSignedContent(javax.servlet.http.HttpServletRequest request)
Get the content over which to validate the signature, in the form suitable for input into SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential) . |
protected boolean |
ruleHandles(javax.servlet.http.HttpServletRequest request,
SAMLMessageContext samlMsgCtx)
Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context. |
Methods inherited from class org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule |
---|
buildCriteriaSet, deriveSignerEntityID, evaluate, getRequestCredentials, getSignature, getSignatureAlgorithm, getTrustEngine, validateSignature |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private final org.slf4j.Logger log
Constructor Detail |
---|
public SAML2HTTPRedirectDeflateSignatureRule(SignatureTrustEngine engine)
engine
- the trust engine to useMethod Detail |
---|
protected boolean ruleHandles(javax.servlet.http.HttpServletRequest request, SAMLMessageContext samlMsgCtx) throws SecurityPolicyException
ruleHandles
in class BaseSAMLSimpleSignatureSecurityPolicyRule
request
- the HTTP servlet request being processedsamlMsgCtx
- the SAML message context being processed
SecurityPolicyException
- thrown if there is an error during request processingprotected byte[] getSignedContent(javax.servlet.http.HttpServletRequest request) throws SecurityPolicyException
SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential)
.
getSignedContent
in class BaseSAMLSimpleSignatureSecurityPolicyRule
request
- the HTTP servlet request being processed
SecurityPolicyException
- thrown if there is an error during request processingprivate String buildSignedContentString(String queryString) throws SecurityPolicyException
queryString
- the raw HTTP query string from the request
SecurityPolicyException
- thrown if there is an error during request processingprivate boolean appendParameter(StringBuilder builder, String queryString, String paramName)
builder
- string builder to which to append the parameterqueryString
- the URL query string containing parametersparamName
- the name of the parameter to append
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |