org.pac4j.saml.config

Class SAML2Configuration

java.lang.Object

org.pac4j.core.util.InitializableObject

org.pac4j.saml.config.SAML2Configuration

Direct Known Subclasses:

SAML2ClientConfiguration

public class SAML2Configuration
extends InitializableObject

The class is responsible for capturing client settings and passing them around.

Since:

1.7

Author:

Misagh Moayyed, Jerome Leleu

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	CERTIFICATES_PREFIX
protected static String	CLASSPATH_PREFIX
protected static String	DEFAULT_PROVIDER_NAME
protected static String	FILE_PREFIX
protected static String	RESOURCE_PREFIX

Constructor Summary

Constructors

Modifier	Constructor and Description
	SAML2Configuration()
	SAML2Configuration(org.springframework.core.io.Resource keystoreResource, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource)
	SAML2Configuration(org.springframework.core.io.Resource keystoreResource, String keyStoreAlias, String keyStoreType, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource)
protected	SAML2Configuration(String keyStoreAlias, String keyStoreType, org.springframework.core.io.Resource keystoreResource, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource, String identityProviderEntityId, String serviceProviderEntityId, String providerName, Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions, String attributeAsId)
	SAML2Configuration(String keystorePath, String keystorePassword, String privateKeyPassword, String identityProviderMetadataPath)

Method Summary

Modifier and Type	Method and Description
LogoutHandler	findLogoutHandler()
int	getAcceptedSkew()
int	getAssertionConsumerServiceIndex()
String	getAttributeAsId()
int	getAttributeConsumingServiceIndex()
String	getAuthnContextClassRef() Deprecated.
List<String>	getAuthnContextClassRefs()
String	getAuthnRequestBindingType()
Supplier<List<org.opensaml.core.xml.schema.XSAny>>	getAuthnRequestExtensions()
Collection<String>	getBlackListedSignatureSigningAlgorithms()
String	getCertificateNameToAppend()
String	getComparisonType()
String	getDestinationBindingType() Deprecated.
String	getIdentityProviderEntityId()
org.springframework.core.io.Resource	getIdentityProviderMetadataResource()
String	getKeyStoreAlias()
String	getKeystorePassword()
org.springframework.core.io.Resource	getKeystoreResource()
String	getKeyStoreType()
LogoutHandler	getLogoutHandler()
Map<String,String>	getMappedAttributes()
int	getMaximumAuthenticationLifetime()
String	getNameIdPolicyFormat()
String	getPostLogoutURL()
String	getPrivateKeyPassword()
String	getProviderName()
List<SAML2ServiceProvicerRequestedAttribute>	getRequestedServiceProviderAttributes()
String	getResponseBindingType()
SAMLMessageStorageFactory	getSamlMessageStorageFactory()
String	getServiceProviderEntityId()
org.springframework.core.io.WritableResource	getServiceProviderMetadataResource()
List<String>	getSignatureAlgorithms()
String	getSignatureCanonicalizationAlgorithm()
List<String>	getSignatureReferenceDigestMethods()
File	getSigningBase64CertificatePath()
File	getSigningBinaryCertificatePath()
File	getSigningKeyFile()
String	getSpLogoutRequestBindingType()
String	getSpLogoutResponseBindingType()
void	init(String clientName) Initializes the configuration for a particular client.
protected void	internalInit()
boolean	isAllSignatureValidationDisabled()
boolean	isAuthnRequestSigned()
boolean	isForceAuth()
boolean	isForceKeystoreGeneration()
boolean	isForceServiceProviderMetadataGeneration()
boolean	isPassive()
boolean	isSignMetadata()
boolean	isSpLogoutRequestSigned()
boolean	isUseNameQualifier()
boolean	isWantsAssertionsSigned()
protected static org.springframework.core.io.Resource	mapPathToResource(String path)
protected static org.springframework.core.io.UrlResource	newUrlResource(String url)
void	setAcceptedSkew(int acceptedSkew)
void	setAllSignatureValidationDisabled(boolean allSignatureValidationDisabled) Disables all signature validation.
void	setAssertionConsumerServiceIndex(int assertionConsumerServiceIndex)
void	setAttributeAsId(String attributeAsId)
void	setAttributeConsumingServiceIndex(int attributeConsumingServiceIndex)
void	setAuthnContextClassRef(String authnContextClassRef) Deprecated.
void	setAuthnContextClassRefs(List<String> authnContextClassRefs)
void	setAuthnRequestBindingType(String authnRequestBindingType)
void	setAuthnRequestExtensions(Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions)
void	setAuthnRequestSigned(boolean authnRequestSigned)
void	setBlackListedSignatureSigningAlgorithms(Collection<String> blackListedSignatureSigningAlgorithms)
void	setCertificateNameToAppend(String certificateNameToAppend)
void	setComparisonType(String comparisonType)
void	setDestinationBindingType(String destinationBindingType) Deprecated.
void	setForceAuth(boolean forceAuth)
void	setForceKeystoreGeneration(boolean forceKeystoreGeneration)
void	setForceServiceProviderMetadataGeneration(boolean forceServiceProviderMetadataGeneration)
void	setIdentityProviderEntityId(String identityProviderEntityId)
void	setIdentityProviderMetadataPath(String path)
void	setIdentityProviderMetadataResource(org.springframework.core.io.Resource identityProviderMetadataResource)
void	setIdentityProviderMetadataResourceClasspath(String path)
void	setIdentityProviderMetadataResourceFilepath(String path)
void	setIdentityProviderMetadataResourceUrl(String url)
void	setKeystoreAlias(String keyStoreAlias)
void	setKeystorePassword(String keystorePassword)
void	setKeystorePath(String path)
void	setKeystoreResource(org.springframework.core.io.Resource keystoreResource)
void	setKeystoreResourceClasspath(String path)
void	setKeystoreResourceFilepath(String path)
void	setKeystoreResourceUrl(String url)
void	setKeystoreType(String keyStoreType)
void	setLogoutHandler(LogoutHandler logoutHandler)
void	setMappedAttributes(Map<String,String> mappedAttributes)
void	setMaximumAuthenticationLifetime(int maximumAuthenticationLifetime)
void	setNameIdPolicyFormat(String nameIdPolicyFormat)
void	setPassive(boolean passive)
void	setPostLogoutURL(String postLogoutURL)
void	setPrivateKeyPassword(String privateKeyPassword)
void	setProviderName(String providerName)
void	setResponseBindingType(String responseBindingType)
void	setSamlMessageStorageFactory(SAMLMessageStorageFactory samlMessageStorageFactory)
void	setServiceProviderEntityId(String serviceProviderEntityId)
void	setServiceProviderMetadataPath(String path)
void	setServiceProviderMetadataResource(org.springframework.core.io.WritableResource serviceProviderMetadataResource)
void	setServiceProviderMetadataResourceFilepath(String path)
void	setSignatureAlgorithms(List<String> signatureAlgorithms)
void	setSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm)
void	setSignatureReferenceDigestMethods(List<String> signatureReferenceDigestMethods)
void	setSignMetadata(boolean signMetadata)
void	setSpLogoutRequestBindingType(String spLogoutRequestBindingType)
void	setSpLogoutRequestSigned(boolean spLogoutRequestSigned)
void	setSpLogoutResponseBindingType(String spLogoutResponseBindingType)
void	setUseNameQualifier(boolean useNameQualifier)
void	setWantsAssertionsSigned(boolean wantsAssertionsSigned)

Methods inherited from class org.pac4j.core.util.InitializableObject

init

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

RESOURCE_PREFIX

protected static final String RESOURCE_PREFIX

See Also:

Constant Field Values

CLASSPATH_PREFIX

protected static final String CLASSPATH_PREFIX

See Also:

Constant Field Values

FILE_PREFIX

protected static final String FILE_PREFIX

See Also:

Constant Field Values

DEFAULT_PROVIDER_NAME

protected static final String DEFAULT_PROVIDER_NAME

See Also:

Constant Field Values

CERTIFICATES_PREFIX

protected static final String CERTIFICATES_PREFIX

See Also:

Constant Field Values

Constructor Detail

SAML2Configuration

public SAML2Configuration()

SAML2Configuration

public SAML2Configuration(String keystorePath,
                          String keystorePassword,
                          String privateKeyPassword,
                          String identityProviderMetadataPath)

SAML2Configuration

public SAML2Configuration(org.springframework.core.io.Resource keystoreResource,
                          String keystorePassword,
                          String privateKeyPassword,
                          org.springframework.core.io.Resource identityProviderMetadataResource)

SAML2Configuration

public SAML2Configuration(org.springframework.core.io.Resource keystoreResource,
                          String keyStoreAlias,
                          String keyStoreType,
                          String keystorePassword,
                          String privateKeyPassword,
                          org.springframework.core.io.Resource identityProviderMetadataResource)

SAML2Configuration

protected SAML2Configuration(String keyStoreAlias,
                             String keyStoreType,
                             org.springframework.core.io.Resource keystoreResource,
                             String keystorePassword,
                             String privateKeyPassword,
                             org.springframework.core.io.Resource identityProviderMetadataResource,
                             String identityProviderEntityId,
                             String serviceProviderEntityId,
                             String providerName,
                             Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions,
                             String attributeAsId)

Method Detail

internalInit

protected void internalInit()

Specified by:

internalInit in class InitializableObject

getRequestedServiceProviderAttributes

public List<SAML2ServiceProvicerRequestedAttribute> getRequestedServiceProviderAttributes()

setIdentityProviderMetadataResource

public void setIdentityProviderMetadataResource(org.springframework.core.io.Resource identityProviderMetadataResource)

setIdentityProviderMetadataResourceFilepath

public void setIdentityProviderMetadataResourceFilepath(String path)

setIdentityProviderMetadataResourceClasspath

public void setIdentityProviderMetadataResourceClasspath(String path)

setIdentityProviderMetadataResourceUrl

public void setIdentityProviderMetadataResourceUrl(String url)

setIdentityProviderMetadataPath

public void setIdentityProviderMetadataPath(String path)

getAssertionConsumerServiceIndex

public int getAssertionConsumerServiceIndex()

setAssertionConsumerServiceIndex

public void setAssertionConsumerServiceIndex(int assertionConsumerServiceIndex)

isForceKeystoreGeneration

public boolean isForceKeystoreGeneration()

setForceKeystoreGeneration

public void setForceKeystoreGeneration(boolean forceKeystoreGeneration)

newUrlResource

protected static org.springframework.core.io.UrlResource newUrlResource(String url)

mapPathToResource

protected static org.springframework.core.io.Resource mapPathToResource(String path)

getAcceptedSkew

public int getAcceptedSkew()

setAcceptedSkew

public void setAcceptedSkew(int acceptedSkew)

getIdentityProviderMetadataResource

public org.springframework.core.io.Resource getIdentityProviderMetadataResource()

setIdentityProviderEntityId

public void setIdentityProviderEntityId(String identityProviderEntityId)

getIdentityProviderEntityId

public String getIdentityProviderEntityId()

setKeystoreAlias

public void setKeystoreAlias(String keyStoreAlias)

setKeystoreType

public void setKeystoreType(String keyStoreType)

setKeystoreResource

public void setKeystoreResource(org.springframework.core.io.Resource keystoreResource)

setKeystoreResourceFilepath

public void setKeystoreResourceFilepath(String path)

setKeystoreResourceClasspath

public void setKeystoreResourceClasspath(String path)

setKeystoreResourceUrl

public void setKeystoreResourceUrl(String url)

setKeystorePath

public void setKeystorePath(String path)

setKeystorePassword

public void setKeystorePassword(String keystorePassword)

setPrivateKeyPassword

public void setPrivateKeyPassword(String privateKeyPassword)

getKeyStoreAlias

public String getKeyStoreAlias()

getKeyStoreType

public String getKeyStoreType()

getKeystoreResource

public org.springframework.core.io.Resource getKeystoreResource()

getKeystorePassword

public String getKeystorePassword()

getPrivateKeyPassword

public String getPrivateKeyPassword()

getCertificateNameToAppend

public String getCertificateNameToAppend()

setCertificateNameToAppend

public void setCertificateNameToAppend(String certificateNameToAppend)

setServiceProviderMetadataResource

public void setServiceProviderMetadataResource(org.springframework.core.io.WritableResource serviceProviderMetadataResource)

setServiceProviderMetadataResourceFilepath

public void setServiceProviderMetadataResourceFilepath(String path)

setServiceProviderMetadataPath

public void setServiceProviderMetadataPath(String path)

setForceServiceProviderMetadataGeneration

public void setForceServiceProviderMetadataGeneration(boolean forceServiceProviderMetadataGeneration)

getServiceProviderMetadataResource

public org.springframework.core.io.WritableResource getServiceProviderMetadataResource()

setServiceProviderEntityId

public void setServiceProviderEntityId(String serviceProviderEntityId)

getServiceProviderEntityId

public String getServiceProviderEntityId()

isPassive

public boolean isPassive()

setPassive

public void setPassive(boolean passive)

isForceAuth

public boolean isForceAuth()

setForceAuth

public void setForceAuth(boolean forceAuth)

getComparisonType

public String getComparisonType()

setComparisonType

public void setComparisonType(String comparisonType)

getDestinationBindingType

@Deprecated
public String getDestinationBindingType()

Deprecated.

Use getAuthnRequestBindingType().

Returns:

the authn request binding type

setDestinationBindingType

@Deprecated
public void setDestinationBindingType(String destinationBindingType)

Deprecated.

Use setAuthnRequestBindingType(String).

Parameters:

destinationBindingType - the authn request binding type

getAuthnRequestBindingType

public String getAuthnRequestBindingType()

setAuthnRequestBindingType

public void setAuthnRequestBindingType(String authnRequestBindingType)

getResponseBindingType

public String getResponseBindingType()

setResponseBindingType

public void setResponseBindingType(String responseBindingType)

getSpLogoutRequestBindingType

public String getSpLogoutRequestBindingType()

setSpLogoutRequestBindingType

public void setSpLogoutRequestBindingType(String spLogoutRequestBindingType)

getSpLogoutResponseBindingType

public String getSpLogoutResponseBindingType()

setSpLogoutResponseBindingType

public void setSpLogoutResponseBindingType(String spLogoutResponseBindingType)

getAuthnContextClassRef

@Deprecated
public String getAuthnContextClassRef()

Deprecated.

Use getAuthnContextClassRefs().

Returns:

the authn context class ref

setAuthnContextClassRef

@Deprecated
public void setAuthnContextClassRef(String authnContextClassRef)

Deprecated.

Use setAuthnContextClassRefs(List).

Parameters:

authnContextClassRef - the authn context class ref

getAuthnContextClassRefs

public List<String> getAuthnContextClassRefs()

setAuthnContextClassRefs

public void setAuthnContextClassRefs(List<String> authnContextClassRefs)

getNameIdPolicyFormat

public String getNameIdPolicyFormat()

setNameIdPolicyFormat

public void setNameIdPolicyFormat(String nameIdPolicyFormat)

getMaximumAuthenticationLifetime

public int getMaximumAuthenticationLifetime()

setMaximumAuthenticationLifetime

public void setMaximumAuthenticationLifetime(int maximumAuthenticationLifetime)

isForceServiceProviderMetadataGeneration

public boolean isForceServiceProviderMetadataGeneration()

getSamlMessageStorageFactory

public SAMLMessageStorageFactory getSamlMessageStorageFactory()

setSamlMessageStorageFactory

public void setSamlMessageStorageFactory(SAMLMessageStorageFactory samlMessageStorageFactory)

getBlackListedSignatureSigningAlgorithms

public Collection<String> getBlackListedSignatureSigningAlgorithms()

setBlackListedSignatureSigningAlgorithms

public void setBlackListedSignatureSigningAlgorithms(Collection<String> blackListedSignatureSigningAlgorithms)

getSignatureAlgorithms

public List<String> getSignatureAlgorithms()

setSignatureAlgorithms

public void setSignatureAlgorithms(List<String> signatureAlgorithms)

getSignatureReferenceDigestMethods

public List<String> getSignatureReferenceDigestMethods()

setSignatureReferenceDigestMethods

public void setSignatureReferenceDigestMethods(List<String> signatureReferenceDigestMethods)

getSignatureCanonicalizationAlgorithm

public String getSignatureCanonicalizationAlgorithm()

setSignatureCanonicalizationAlgorithm

public void setSignatureCanonicalizationAlgorithm(String signatureCanonicalizationAlgorithm)

isWantsAssertionsSigned

public boolean isWantsAssertionsSigned()

setWantsAssertionsSigned

public void setWantsAssertionsSigned(boolean wantsAssertionsSigned)

isAuthnRequestSigned

public boolean isAuthnRequestSigned()

setAuthnRequestSigned

public void setAuthnRequestSigned(boolean authnRequestSigned)

isSpLogoutRequestSigned

public boolean isSpLogoutRequestSigned()

setSpLogoutRequestSigned

public void setSpLogoutRequestSigned(boolean spLogoutRequestSigned)

isAllSignatureValidationDisabled

public boolean isAllSignatureValidationDisabled()

setAllSignatureValidationDisabled

public void setAllSignatureValidationDisabled(boolean allSignatureValidationDisabled)

Disables all signature validation. DO NOT ENABLE THIS IN PRODUCTION! This option is only provided for development purposes.

Parameters:

allSignatureValidationDisabled -

getAttributeConsumingServiceIndex

public int getAttributeConsumingServiceIndex()

setAttributeConsumingServiceIndex

public void setAttributeConsumingServiceIndex(int attributeConsumingServiceIndex)

getProviderName

public String getProviderName()

setProviderName

public void setProviderName(String providerName)

getAuthnRequestExtensions

public Supplier<List<org.opensaml.core.xml.schema.XSAny>> getAuthnRequestExtensions()

setAuthnRequestExtensions

public void setAuthnRequestExtensions(Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions)

getAttributeAsId

public String getAttributeAsId()

setAttributeAsId

public void setAttributeAsId(String attributeAsId)

isUseNameQualifier

public boolean isUseNameQualifier()

setUseNameQualifier

public void setUseNameQualifier(boolean useNameQualifier)

isSignMetadata

public boolean isSignMetadata()

setSignMetadata

public void setSignMetadata(boolean signMetadata)

getMappedAttributes

public Map<String,String> getMappedAttributes()

setMappedAttributes

public void setMappedAttributes(Map<String,String> mappedAttributes)

getLogoutHandler

public LogoutHandler getLogoutHandler()

setLogoutHandler

public void setLogoutHandler(LogoutHandler logoutHandler)

getPostLogoutURL

public String getPostLogoutURL()

setPostLogoutURL

public void setPostLogoutURL(String postLogoutURL)

findLogoutHandler

public LogoutHandler findLogoutHandler()

init

public void init(String clientName)

Initializes the configuration for a particular client.

Parameters:

clientName - Name of the client. The configuration can use the value or not.

getSigningBinaryCertificatePath

public File getSigningBinaryCertificatePath()
                                     throws IOException

Throws:

IOException

getSigningBase64CertificatePath

public File getSigningBase64CertificatePath()
                                     throws IOException

Throws:

IOException

getSigningKeyFile

public File getSigningKeyFile()
                       throws IOException

Throws:

IOException