org.apache.cxf.rs.security.saml
Class AbstractSamlInHandler
java.lang.Object
org.apache.cxf.rs.security.saml.AbstractSamlInHandler
- All Implemented Interfaces:
- org.apache.cxf.jaxrs.ext.RequestHandler
- Direct Known Subclasses:
- AbstractSamlBase64InHandler, SamlEnvelopedInHandler
public abstract class AbstractSamlInHandler
- extends Object
- implements org.apache.cxf.jaxrs.ext.RequestHandler
|
Method Summary |
protected boolean |
checkBearer(org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
Certificate[] tlsCerts)
|
protected boolean |
checkHolderOfKey(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
Certificate[] tlsCerts)
|
protected boolean |
checkSenderVouches(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
Certificate[] tlsCerts)
Check the sender-vouches requirements against the received assertion. |
protected void |
checkSubjectConfirmationData(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertion)
|
protected Element |
readToken(org.apache.cxf.message.Message message,
InputStream tokenStream)
|
protected void |
setSecurityContext(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper wrapper)
|
void |
setSecurityContextProvider(SecurityContextProvider p)
|
void |
setValidator(org.apache.ws.security.validate.Validator validator)
|
protected void |
throwFault(String error,
Exception ex)
|
protected org.apache.ws.security.saml.ext.AssertionWrapper |
toWrapper(Element tokenElement)
|
protected void |
validateToken(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertion)
|
protected void |
validateToken(org.apache.cxf.message.Message message,
Element tokenElement)
|
protected void |
validateToken(org.apache.cxf.message.Message message,
InputStream tokenStream)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Methods inherited from interface org.apache.cxf.jaxrs.ext.RequestHandler |
handleRequest |
AbstractSamlInHandler
public AbstractSamlInHandler()
setValidator
public void setValidator(org.apache.ws.security.validate.Validator validator)
setSecurityContextProvider
public void setSecurityContextProvider(SecurityContextProvider p)
validateToken
protected void validateToken(org.apache.cxf.message.Message message,
InputStream tokenStream)
readToken
protected Element readToken(org.apache.cxf.message.Message message,
InputStream tokenStream)
validateToken
protected void validateToken(org.apache.cxf.message.Message message,
Element tokenElement)
toWrapper
protected org.apache.ws.security.saml.ext.AssertionWrapper toWrapper(Element tokenElement)
validateToken
protected void validateToken(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertion)
checkSubjectConfirmationData
protected void checkSubjectConfirmationData(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertion)
setSecurityContext
protected void setSecurityContext(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper wrapper)
throwFault
protected void throwFault(String error,
Exception ex)
checkSenderVouches
protected boolean checkSenderVouches(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
Certificate[] tlsCerts)
- Check the sender-vouches requirements against the received assertion. The SAML
Assertion and the request body must be signed by the same signature.
checkHolderOfKey
protected boolean checkHolderOfKey(org.apache.cxf.message.Message message,
org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
Certificate[] tlsCerts)
checkBearer
protected boolean checkBearer(org.apache.ws.security.saml.ext.AssertionWrapper assertionWrapper,
Certificate[] tlsCerts)
Apache CXF