org.pac4j.saml.sso.impl

Class SAML2LogoutResponseValidator

java.lang.Object

org.pac4j.saml.sso.impl.SAML2LogoutResponseValidator

All Implemented Interfaces:

SAML2ResponseValidator

public class SAML2LogoutResponseValidator
extends java.lang.Object
implements SAML2ResponseValidator

Validator for SAML logout response

Since:

2.0.0

Author:

Matthieu Taggiasco

Constructor Summary

Constructors

Constructor and Description
SAML2LogoutResponseValidator(SAML2SignatureTrustEngineProvider engine)
SAML2LogoutResponseValidator(SAML2SignatureTrustEngineProvider engine, net.shibboleth.utilities.java.support.net.URIComparator uriComparator)

Method Summary

Modifier and Type	Method and Description
void	setAcceptedSkew(int acceptedSkew)
void	setMaximumAuthenticationLifetime(int maximumAuthenticationLifetime)
Credentials	validate(SAML2MessageContext context) Validates the SAML protocol response and the SAML SSO response.
protected void	validateIssuer(org.opensaml.saml.saml2.core.Issuer issuer, SAML2MessageContext context) Validate issuer format and value.
protected void	validateSamlProtocolResponse(org.opensaml.saml.saml2.core.Response response, SAML2MessageContext context, org.opensaml.xmlsec.signature.support.SignatureTrustEngine engine) Validates the SAML protocol response: - IssueInstant - Issuer - StatusCode - Signature
protected void	validateSignature(org.opensaml.xmlsec.signature.Signature signature, java.lang.String idpEntityId, org.opensaml.xmlsec.signature.support.SignatureTrustEngine trustEngine) Validate the given digital signature by checking its profile and value.
protected void	verifyEndpoint(org.opensaml.saml.saml2.metadata.Endpoint endpoint, java.lang.String destination)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SAML2LogoutResponseValidator

public SAML2LogoutResponseValidator(SAML2SignatureTrustEngineProvider engine)

SAML2LogoutResponseValidator

public SAML2LogoutResponseValidator(SAML2SignatureTrustEngineProvider engine,
                                    net.shibboleth.utilities.java.support.net.URIComparator uriComparator)

Method Detail

validate

public Credentials validate(SAML2MessageContext context)

Validates the SAML protocol response and the SAML SSO response. The method decrypt encrypted assertions if any.

Specified by:

validate in interface SAML2ResponseValidator

Parameters:

context - the context

validateSamlProtocolResponse

protected final void validateSamlProtocolResponse(org.opensaml.saml.saml2.core.Response response,
                                                  SAML2MessageContext context,
                                                  org.opensaml.xmlsec.signature.support.SignatureTrustEngine engine)

Validates the SAML protocol response: - IssueInstant - Issuer - StatusCode - Signature

Parameters:

response - the response

context - the context

engine - the engine

verifyEndpoint

protected final void verifyEndpoint(org.opensaml.saml.saml2.metadata.Endpoint endpoint,
                                    java.lang.String destination)

validateIssuer

protected final void validateIssuer(org.opensaml.saml.saml2.core.Issuer issuer,
                                    SAML2MessageContext context)

Validate issuer format and value.

Parameters:

issuer - the issuer

context - the context

validateSignature

protected final void validateSignature(org.opensaml.xmlsec.signature.Signature signature,
                                       java.lang.String idpEntityId,
                                       org.opensaml.xmlsec.signature.support.SignatureTrustEngine trustEngine)

Validate the given digital signature by checking its profile and value.

Parameters:

signature - the signature

idpEntityId - the idp entity id

trustEngine - the trust engine

setAcceptedSkew

public final void setAcceptedSkew(int acceptedSkew)

Specified by:

setAcceptedSkew in interface SAML2ResponseValidator

setMaximumAuthenticationLifetime

public final void setMaximumAuthenticationLifetime(int maximumAuthenticationLifetime)

Specified by:

setMaximumAuthenticationLifetime in interface SAML2ResponseValidator