Modifier and Type | Field and Description |
---|---|
protected String |
canonicalizationMethod |
protected String |
configFile |
protected String |
identityURL |
protected boolean |
ignoreSignatures |
protected PicketLinkType |
picketLinkConfiguration |
protected String |
serviceURL |
protected SPType |
spConfiguration |
Constructor and Description |
---|
SPFilter() |
Modifier and Type | Method and Description |
---|---|
protected ResponseType |
decryptAssertion(ResponseType responseType) |
void |
destroy()
Called by the web container to indicate to a filter that it is being
taken out of service.
|
void |
doFilter(ServletRequest servletRequest,
ServletResponse servletResponse,
FilterChain filterChain)
The
doFilter method of the Filter is called by the
container each time a request/response pair is passed through the
chain due to a client request for a resource at the end of the chain. |
Principal |
handleSAMLResponse(HttpServletRequest request,
ResponseType responseType)
Handle the SAMLResponse from the IDP
|
void |
init(FilterConfig filterConfig)
Called by the web container to indicate to a filter that it is
being placed into service.
|
protected void |
isTrusted(String issuer) |
protected void |
sendRequestToIDP(AuthnRequestType authnRequest,
String relayState,
HttpServletResponse response) |
protected void |
sendToDestination(Document samlDocument,
String relayState,
String destination,
HttpServletResponse response,
boolean request) |
protected boolean |
validate(HttpServletRequest request) |
protected boolean |
verifySignature(SAMLDocumentHolder samlDocumentHolder) |
protected SPType spConfiguration
protected PicketLinkType picketLinkConfiguration
protected String configFile
protected String serviceURL
protected String identityURL
protected boolean ignoreSignatures
protected String canonicalizationMethod
public void destroy()
Filter
This method is only called once all threads within the filter's doFilter method have exited or after a timeout period has passed. After the web container calls this method, it will not call the doFilter method again on this instance of the filter.
This method gives the filter an opportunity to clean up any resources that are being held (for example, memory, file handles, threads) and make sure that any persistent state is synchronized with the filter's current state in memory.
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException
Filter
doFilter
method of the Filter is called by the
container each time a request/response pair is passed through the
chain due to a client request for a resource at the end of the chain.
The FilterChain passed in to this method allows the Filter to pass
on the request and response to the next entity in the chain.
A typical implementation of this method would follow the following pattern:
chain.doFilter()
),
doFilter
in interface Filter
IOException
ServletException
public void init(FilterConfig filterConfig) throws ServletException
Filter
The servlet container calls the init method exactly once after instantiating the filter. The init method must complete successfully before the filter is asked to do any filtering work.
The web container cannot place the filter into service if the init method either
init
in interface Filter
ServletException
protected void sendRequestToIDP(AuthnRequestType authnRequest, String relayState, HttpServletResponse response) throws IOException, SAXException, GeneralSecurityException
protected void sendToDestination(Document samlDocument, String relayState, String destination, HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException
protected boolean validate(HttpServletRequest request) throws IOException, GeneralSecurityException
IOException
GeneralSecurityException
protected boolean verifySignature(SAMLDocumentHolder samlDocumentHolder) throws IssuerNotTrustedException
IssuerNotTrustedException
protected void isTrusted(String issuer) throws IssuerNotTrustedException
IssuerNotTrustedException
protected ResponseType decryptAssertion(ResponseType responseType)
public Principal handleSAMLResponse(HttpServletRequest request, ResponseType responseType) throws ConfigurationException, AssertionExpiredException
request
- entire request from IDPresponseType
- ResponseType that has been generatedserverEnvironment
- tomcat,jboss etcAssertionExpiredException
ConfigurationException
Copyright © 2012 JBoss by Red Hat. All Rights Reserved.