Class Saml2AuthenticationToken
- java.lang.Object
-
- org.springframework.security.authentication.AbstractAuthenticationToken
-
- org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken
-
- All Implemented Interfaces:
java.io.Serializable,java.security.Principal,org.springframework.security.core.Authentication,org.springframework.security.core.CredentialsContainer
public class Saml2AuthenticationToken extends org.springframework.security.authentication.AbstractAuthenticationTokenRepresents an incoming SAML 2.0 response containing an assertion that has not been validated.isAuthenticated()will always return false.- Since:
- 5.2
- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description Saml2AuthenticationToken(java.lang.String saml2Response, java.lang.String recipientUri, java.lang.String idpEntityId, java.lang.String localSpEntityId, java.util.List<Saml2X509Credential> credentials)Deprecated.Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, java.lang.String saml2Response)Creates aSaml2AuthenticationTokenwith the provided parameters Note that the givenRelyingPartyRegistrationshould have all its templates resolved at this point.Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, java.lang.String saml2Response, AbstractSaml2AuthenticationRequest authenticationRequest)Creates aSaml2AuthenticationTokenwith the provided parameters.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description AbstractSaml2AuthenticationRequestgetAuthenticationRequest()Returns the authentication request sent to the assertion party ornullif no authentication request is presentjava.lang.ObjectgetCredentials()Returns the decoded and inflated SAML 2.0 Response XML object as a stringjava.lang.StringgetIdpEntityId()Deprecated.UsegetRelyingPartyRegistration().getAssertingPartyDetails().getEntityId()insteadjava.lang.StringgetLocalSpEntityId()Deprecated.UsegetRelyingPartyRegistration().getEntityId()insteadjava.lang.ObjectgetPrincipal()Always returns null.java.lang.StringgetRecipientUri()Deprecated.UsegetRelyingPartyRegistration().getAssertionConsumerServiceLocation()insteadRelyingPartyRegistrationgetRelyingPartyRegistration()Get the resolvedRelyingPartyRegistrationassociated with the requestjava.lang.StringgetSaml2Response()Returns inflated and decoded XML representation of the SAML 2 Responsejava.util.List<Saml2X509Credential>getX509Credentials()Deprecated.Get the credentials throughgetRelyingPartyRegistration()insteadbooleanisAuthenticated()voidsetAuthenticated(boolean authenticated)The state of this object cannot be changed.-
Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken
equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, setDetails, toString
-
-
-
-
Constructor Detail
-
Saml2AuthenticationToken
public Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, java.lang.String saml2Response, AbstractSaml2AuthenticationRequest authenticationRequest)
Creates aSaml2AuthenticationTokenwith the provided parameters. Note that the givenRelyingPartyRegistrationshould have all its templates resolved at this point. SeeSaml2WebSsoAuthenticationFilterfor an example of performing that resolution.- Parameters:
relyingPartyRegistration- the resolvedRelyingPartyRegistrationto usesaml2Response- the SAML 2.0 response to authenticateauthenticationRequest- theAuthNRequestsent to the asserting party- Since:
- 5.6
-
Saml2AuthenticationToken
public Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, java.lang.String saml2Response)
Creates aSaml2AuthenticationTokenwith the provided parameters Note that the givenRelyingPartyRegistrationshould have all its templates resolved at this point. SeeSaml2WebSsoAuthenticationFilterfor an example of performing that resolution.- Parameters:
relyingPartyRegistration- the resolvedRelyingPartyRegistrationto usesaml2Response- the SAML 2.0 response to authenticate- Since:
- 5.4
-
Saml2AuthenticationToken
@Deprecated public Saml2AuthenticationToken(java.lang.String saml2Response, java.lang.String recipientUri, java.lang.String idpEntityId, java.lang.String localSpEntityId, java.util.List<Saml2X509Credential> credentials)Deprecated.Creates an authentication token from an incoming SAML 2 Response object- Parameters:
saml2Response- inflated and decoded XML representation of the SAML 2 ResponserecipientUri- the URL that the SAML 2 Response was received at. Used for validationidpEntityId- the entity ID of the asserting entitylocalSpEntityId- the configured local SP, the relying party, entity IDcredentials- the credentials configured for signature verification and decryption
-
-
Method Detail
-
getCredentials
public java.lang.Object getCredentials()
Returns the decoded and inflated SAML 2.0 Response XML object as a string- Returns:
- decoded and inflated XML data as a
String
-
getPrincipal
public java.lang.Object getPrincipal()
Always returns null.- Returns:
- null
-
getRelyingPartyRegistration
public RelyingPartyRegistration getRelyingPartyRegistration()
Get the resolvedRelyingPartyRegistrationassociated with the request- Returns:
- the resolved
RelyingPartyRegistration - Since:
- 5.4
-
getSaml2Response
public java.lang.String getSaml2Response()
Returns inflated and decoded XML representation of the SAML 2 Response- Returns:
- inflated and decoded XML representation of the SAML 2 Response
-
getRecipientUri
@Deprecated public java.lang.String getRecipientUri()
Deprecated.UsegetRelyingPartyRegistration().getAssertionConsumerServiceLocation()insteadReturns the URI that the SAML 2 Response object came in on- Returns:
- URI as a string
-
getLocalSpEntityId
@Deprecated public java.lang.String getLocalSpEntityId()
Deprecated.UsegetRelyingPartyRegistration().getEntityId()insteadReturns the configured entity ID of the receiving relying party, SP- Returns:
- an entityID for the configured local relying party
-
getX509Credentials
@Deprecated public java.util.List<Saml2X509Credential> getX509Credentials()
Deprecated.Get the credentials throughgetRelyingPartyRegistration()insteadReturns all the credentials associated with the relying party configuraiton- Returns:
- all associated credentials
-
isAuthenticated
public boolean isAuthenticated()
- Specified by:
isAuthenticatedin interfaceorg.springframework.security.core.Authentication- Overrides:
isAuthenticatedin classorg.springframework.security.authentication.AbstractAuthenticationToken- Returns:
- false
-
setAuthenticated
public void setAuthenticated(boolean authenticated)
The state of this object cannot be changed. Will always throw an exception- Specified by:
setAuthenticatedin interfaceorg.springframework.security.core.Authentication- Overrides:
setAuthenticatedin classorg.springframework.security.authentication.AbstractAuthenticationToken- Parameters:
authenticated- ignored
-
getIdpEntityId
@Deprecated public java.lang.String getIdpEntityId()
Deprecated.UsegetRelyingPartyRegistration().getAssertingPartyDetails().getEntityId()insteadReturns the configured IDP, asserting party, entity ID- Returns:
- a string representing the entity ID
-
getAuthenticationRequest
public AbstractSaml2AuthenticationRequest getAuthenticationRequest()
Returns the authentication request sent to the assertion party ornullif no authentication request is present- Returns:
- the authentication request sent to the assertion party
- Since:
- 5.6
-
-