Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.saml2.binding.security
Class SAML2HTTPRedirectDeflateSignatureRule

java.lang.Object
  extended by org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule
      extended by org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule
All Implemented Interfaces:
SecurityPolicyRule
public class SAML2HTTPRedirectDeflateSignatureRule
extends BaseSAMLSimpleSignatureSecurityPolicyRule

Security policy which evaluates simple "blob" signatures according to the SAML 2 HTTP-Redirect DEFLATE binding.

Field Summary
private  org.slf4j.Logger log
          Logger.
 
Constructor Summary
SAML2HTTPRedirectDeflateSignatureRule(SignatureTrustEngine engine)
          Constructor.
 
Method Summary
private  boolean appendParameter(StringBuilder builder, String queryString, String paramName)
          Find the raw query string parameter indicated and append it to the string builder.
private  String buildSignedContentString(String queryString)
          Extract the raw request parameters and build a string representation of the content that was signed.
protected  byte[] getSignedContent(javax.servlet.http.HttpServletRequest request)
          Get the content over which to validate the signature, in the form suitable for input into SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential).
protected  boolean ruleHandles(javax.servlet.http.HttpServletRequest request, SAMLMessageContext samlMsgCtx)
          Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.
 
Methods inherited from class org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule
buildCriteriaSet, deriveSignerEntityID, evaluate, getRequestCredentials, getSignature, getSignatureAlgorithm, getTrustEngine, validateSignature
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

private final org.slf4j.Logger log
Logger.

Constructor Detail

SAML2HTTPRedirectDeflateSignatureRule

public SAML2HTTPRedirectDeflateSignatureRule(SignatureTrustEngine engine)
Constructor.

Parameters:
engine - the trust engine to use
Method Detail

ruleHandles

protected boolean ruleHandles(javax.servlet.http.HttpServletRequest request,
                              SAMLMessageContext samlMsgCtx)
                       throws SecurityPolicyException
Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.

Specified by:
ruleHandles in class BaseSAMLSimpleSignatureSecurityPolicyRule
Parameters:
request - the HTTP servlet request being processed
samlMsgCtx - the SAML message context being processed
Returns:
true if the rule should attempt to process the request, otherwise false
Throws:
SecurityPolicyException - thrown if there is an error during request processing

getSignedContent

protected byte[] getSignedContent(javax.servlet.http.HttpServletRequest request)
                           throws SecurityPolicyException
Get the content over which to validate the signature, in the form suitable for input into SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential).

Specified by:
getSignedContent in class BaseSAMLSimpleSignatureSecurityPolicyRule
Parameters:
request - the HTTP servlet request being processed
Returns:
the signed content extracted from the request, in the format suitable for input to the trust engine.
Throws:
SecurityPolicyException - thrown if there is an error during request processing

buildSignedContentString

private String buildSignedContentString(String queryString)
                                 throws SecurityPolicyException
Extract the raw request parameters and build a string representation of the content that was signed.

Parameters:
queryString - the raw HTTP query string from the request
Returns:
a string representation of the signed content
Throws:
SecurityPolicyException - thrown if there is an error during request processing

appendParameter

private boolean appendParameter(StringBuilder builder,
                                String queryString,
                                String paramName)
Find the raw query string parameter indicated and append it to the string builder. The appended value will be in the form 'paramName=paramValue' (minus the quotes).

Parameters:
builder - string builder to which to append the parameter
queryString - the URL query string containing parameters
paramName - the name of the parameter to append
Returns:
true if parameter was found, false otherwise
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 1999-2013. All Rights Reserved.