public abstract class AbstractSPFormAuthenticator extends BaseFormAuthenticator
Abstract class to be extended by Service Provider valves to handle SAML requests and responses.
Modifier and Type | Field and Description |
---|---|
protected boolean |
jbossEnv |
protected Logger |
log |
protected boolean |
trace |
canonicalizationMethod, chain, chainConfigOptions, chainLock, configFile, configProvider, identityURL, idpAddress, idpCertificate, issuerID, keyManager, logOutPage, picketLinkConfiguration, samlHandlerChainClass, saveRestoreRequest, serviceURL, spConfiguration
characterEncoding, info, landingPage
AUTH_HEADER_NAME, cache, changeSessionIdOnAuthentication, context, disableProxyCaching, lifecycle, REALM_NAME, securePagesWithPragma, SESSION_ID_BYTES, sm, sso, started
Constructor and Description |
---|
AbstractSPFormAuthenticator() |
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(org.apache.catalina.connector.Request request,
HttpServletResponse response,
org.apache.catalina.deploy.LoginConfig config)
Authenticate the request
|
boolean |
authenticate(org.apache.catalina.connector.Request request,
org.apache.catalina.connector.Response response,
org.apache.catalina.deploy.LoginConfig loginConfig) |
protected String |
getBinding()
Return the SAML Binding that this authenticator supports
|
protected void |
initKeyProvider(org.apache.catalina.Context context)
Initialize the KeyProvider configurations.
|
protected boolean |
isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
|
protected boolean |
isPOSTBindingResponse() |
protected void |
processStart() |
protected abstract void |
sendRequestToIDP(String destination,
Document samlDocument,
String relayState,
org.apache.catalina.connector.Response response,
boolean willSendRequest)
Send the request to the IDP.
|
doSupportSignature, getConfigFile, getConfiguration, getIdentityURL, getIdpCertificate, getIDPSSODescriptor, handleMetadata, handleMetadata, initializeHandlerChain, localAuthentication, populateChainConfig, processConfiguration, processIDPMetadataFile, register, sendToLogoutPage, setConfigFile, setConfigProvider, setIdpAddress, setIssuerID, setLogOutPage, setSamlHandlerChainClass, setSaveRestoreRequest, setServiceURL, start, testStart, validate
forwardToErrorPage, forwardToLoginPage, getCharacterEncoding, getInfo, getLandingPage, matchRequest, restoreRequest, savedRequestURL, saveRequest, setCharacterEncoding, setLandingPage
addLifecycleListener, associate, authenticate, findLifecycleListeners, generateSessionId, getCache, getContainer, getDisableProxyCaching, getSecurePagesWithPragma, invoke, isChangeSessionIdOnAuthentication, login, logout, reauthenticateFromSSO, register, removeLifecycleListener, setCache, setChangeSessionIdOnAuthentication, setContainer, setDisableProxyCaching, setSecurePagesWithPragma, stop, unregister
protected Logger log
protected final boolean trace
protected boolean jbossEnv
protected void processStart() throws org.apache.catalina.LifecycleException
processStart
in class BaseFormAuthenticator
org.apache.catalina.LifecycleException
protected void initKeyProvider(org.apache.catalina.Context context) throws org.apache.catalina.LifecycleException
Initialize the KeyProvider configurations. This configurations are to be used during signing and validation of SAML assertions.
initKeyProvider
in class BaseFormAuthenticator
context
- org.apache.catalina.LifecycleException
public boolean authenticate(org.apache.catalina.connector.Request request, HttpServletResponse response, org.apache.catalina.deploy.LoginConfig config) throws IOException
authenticate
in class org.apache.catalina.authenticator.FormAuthenticator
request
- response
- config
- IOException
{@link
- RuntimeException} when the response is not of type catalina response objectpublic boolean authenticate(org.apache.catalina.connector.Request request, org.apache.catalina.connector.Response response, org.apache.catalina.deploy.LoginConfig loginConfig) throws IOException
IOException
protected boolean isPOSTBindingResponse()
protected abstract void sendRequestToIDP(String destination, Document samlDocument, String relayState, org.apache.catalina.connector.Response response, boolean willSendRequest) throws ProcessingException, ConfigurationException, IOException
Send the request to the IDP. Subclasses should override this method to implement how requests must be sent to the IDP.
destination
- idp urlsamlDocument
- request or response documentrelayState
- response
- willSendRequest
- are we sending Request or Response to IDPProcessingException
ConfigurationException
IOException
protected String getBinding()
BaseFormAuthenticator
getBinding
in class BaseFormAuthenticator
JBossSAMLURIConstants#SAML_HTTP_POST_BINDING}
,
JBossSAMLURIConstants#SAML_HTTP_REDIRECT_BINDING}
protected boolean isHttpPostBinding()
Indicates if the SP is configure with HTTP POST Binding.
Copyright © 2012 JBoss by Red Hat. All Rights Reserved.