Package org.pac4j.saml.config
Class SAML2Configuration
java.lang.Object
org.pac4j.core.util.InitializableObject
org.pac4j.core.client.config.BaseClientConfiguration
org.pac4j.saml.config.SAML2Configuration
public class SAML2Configuration
extends org.pac4j.core.client.config.BaseClientConfiguration
The class is responsible for capturing client settings and passing them around.
- Since:
- 1.7
- Author:
- Misagh Moayyed, Jerome Leleu
-
Field Summary
-
Constructor Summary
ModifierConstructorDescriptionSAML2Configuration
(String keystorePath, String keystorePassword, String privateKeyPassword, String identityProviderMetadataPath) protected
SAML2Configuration
(String keyStoreAlias, String keyStoreType, org.springframework.core.io.Resource keystoreResource, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource, String identityProviderEntityId, String serviceProviderEntityId, String providerName, Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions, String attributeAsId) SAML2Configuration
(org.springframework.core.io.Resource keystoreResource, String keyStoreAlias, String keyStoreType, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource) SAML2Configuration
(org.springframework.core.io.Resource keystoreResource, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
org.pac4j.core.logout.handler.LogoutHandler
long
int
int
org.apache.http.client.HttpClient
int
int
org.springframework.core.io.Resource
org.springframework.core.io.Resource
org.pac4j.core.logout.handler.LogoutHandler
long
int
org.pac4j.core.profile.converter.AttributeConverter
org.springframework.core.io.Resource
net.shibboleth.utilities.java.support.net.URIComparator
protected void
internalInit
(boolean forceReinit) boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
protected static org.springframework.core.io.UrlResource
newUrlResource
(String url) void
setAcceptedSkew
(long acceptedSkew) void
setAllSignatureValidationDisabled
(boolean allSignatureValidationDisabled) Disables all signature validation.void
setAssertionConsumerServiceIndex
(int assertionConsumerServiceIndex) void
setAttributeAsId
(String attributeAsId) void
setAttributeConsumingServiceIndex
(int attributeConsumingServiceIndex) void
setAuthnContextClassRefs
(List<String> authnContextClassRefs) void
setAuthnRequestBindingType
(String authnRequestBindingType) void
setAuthnRequestExtensions
(Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions) void
setAuthnRequestSigned
(boolean authnRequestSigned) void
setBlackListedSignatureSigningAlgorithms
(Collection<String> blackListedSignatureSigningAlgorithms) void
setCallbackUrl
(String callbackUrl) void
setCertificateExpirationPeriod
(Period certificateExpirationPeriod) void
setCertificateNameToAppend
(String certificateNameToAppend) void
setCertificateSignatureAlg
(String certificateSignatureAlg) void
setComparisonType
(String comparisonType) void
setContactPersons
(List<SAML2MetadataContactPerson> contactPersons) void
setForceAuth
(boolean forceAuth) void
setForceKeystoreGeneration
(boolean forceKeystoreGeneration) void
setForceServiceProviderMetadataGeneration
(boolean forceServiceProviderMetadataGeneration) void
setHostnameVerifier
(HostnameVerifier hostnameVerifier) void
setHttpClient
(org.apache.http.client.HttpClient httpClient) void
setIdentityProviderEntityId
(String identityProviderEntityId) void
setIdentityProviderMetadataConnectTimeout
(int identityProviderMetadataConnectTimeout) void
void
setIdentityProviderMetadataReadTimeout
(int identityProviderMetadataReadTimeout) void
setIdentityProviderMetadataResolver
(SAML2MetadataResolver identityProviderMetadataResolver) void
setIdentityProviderMetadataResource
(org.springframework.core.io.Resource identityProviderMetadataResource) void
void
void
void
setIssuerFormat
(String issuerFormat) void
setKeystoreAlias
(String keyStoreAlias) void
setKeystoreGenerator
(SAML2KeystoreGenerator keystoreGenerator) void
setKeystorePassword
(String keystorePassword) void
setKeystorePath
(String path) void
setKeystoreResource
(org.springframework.core.io.Resource keystoreResource) void
void
void
void
setKeystoreType
(String keyStoreType) void
setLogoutHandler
(org.pac4j.core.logout.handler.LogoutHandler logoutHandler) void
setMappedAttributes
(Map<String, String> mappedAttributes) void
setMaximumAuthenticationLifetime
(long maximumAuthenticationLifetime) void
setMetadataGenerator
(SAML2MetadataGenerator metadataGenerator) void
setMetadataSigner
(SAML2MetadataSigner metadataSigner) void
setMetadataUIInfos
(List<SAML2MetadataUIInfo> metadataUIInfos) void
setNameIdAttribute
(String nameIdAttribute) void
setNameIdPolicyAllowCreate
(Boolean nameIdPolicyAllowCreate) void
setNameIdPolicyFormat
(String nameIdPolicyFormat) void
setPartialLogoutTreatedAsSuccess
(boolean partialLogoutTreatedAsSuccess) void
setPassive
(boolean passive) void
setPostLogoutURL
(String postLogoutURL) void
setPrivateKeyPassword
(String privateKeyPassword) void
setPrivateKeySize
(int privateKeySize) void
setProviderName
(String providerName) void
setResponseBindingType
(String responseBindingType) void
setResponseDestinationAttributeMandatory
(boolean mandatory) SAML specification states the Response `Destination` attribute is optional.void
setSamlAttributeConverter
(org.pac4j.core.profile.converter.AttributeConverter samlAttributeConverter) void
setSamlMessageStoreFactory
(SAMLMessageStoreFactory samlMessageStoreFactory) void
setServiceProviderEntityId
(String serviceProviderEntityId) void
void
setServiceProviderMetadataResource
(org.springframework.core.io.Resource serviceProviderMetadataResource) void
void
setSignatureAlgorithms
(List<String> signatureAlgorithms) void
setSignatureCanonicalizationAlgorithm
(String signatureCanonicalizationAlgorithm) void
setSignatureReferenceDigestMethods
(List<String> signatureReferenceDigestMethods) void
setSignMetadata
(boolean signMetadata) void
setSingleSignOutServiceUrl
(String singleSignOutServiceUrl) void
setSpLogoutRequestBindingType
(String spLogoutRequestBindingType) void
setSpLogoutRequestSigned
(boolean spLogoutRequestSigned) void
setSpLogoutResponseBindingType
(String spLogoutResponseBindingType) void
setSslSocketFactory
(SSLSocketFactory sslSocketFactory) void
setSupportedProtocols
(List<String> supportedProtocols) void
setUriComparator
(net.shibboleth.utilities.java.support.net.URIComparator uriComparator) void
setUseNameQualifier
(boolean useNameQualifier) void
setWantsAssertionsSigned
(boolean wantsAssertionsSigned) void
setWantsResponsesSigned
(boolean wantsResponsesSigned) Methods inherited from class org.pac4j.core.util.InitializableObject
afterInternalInit, beforeInternalInit, getLastAttempt, getMaxAttempts, getMinTimeIntervalBetweenAttemptsInMilliseconds, getNbAttempts, init, init, isInitialized, reinit, setMaxAttempts, setMinTimeIntervalBetweenAttemptsInMilliseconds, shouldInitialize
-
Field Details
-
RESOURCE_PREFIX
- See Also:
-
CLASSPATH_PREFIX
- See Also:
-
FILE_PREFIX
- See Also:
-
DEFAULT_PROVIDER_NAME
- See Also:
-
-
Constructor Details
-
SAML2Configuration
public SAML2Configuration() -
SAML2Configuration
-
SAML2Configuration
-
SAML2Configuration
-
SAML2Configuration
protected SAML2Configuration(String keyStoreAlias, String keyStoreType, org.springframework.core.io.Resource keystoreResource, String keystorePassword, String privateKeyPassword, org.springframework.core.io.Resource identityProviderMetadataResource, String identityProviderEntityId, String serviceProviderEntityId, String providerName, Supplier<List<org.opensaml.core.xml.schema.XSAny>> authnRequestExtensions, String attributeAsId)
-
-
Method Details
-
newUrlResource
-
setCallbackUrl
-
internalInit
protected void internalInit(boolean forceReinit) - Specified by:
internalInit
in classorg.pac4j.core.util.InitializableObject
-
getKeystoreGenerator
-
setKeystoreGenerator
-
isNameIdPolicyAllowCreate
-
setNameIdPolicyAllowCreate
-
getContactPersons
-
setContactPersons
-
getMetadataUIInfos
-
setMetadataUIInfos
-
getSupportedProtocols
-
setSupportedProtocols
-
getCertificateSignatureAlg
-
setCertificateSignatureAlg
-
getCertificateExpirationPeriod
-
setCertificateExpirationPeriod
-
getPrivateKeySize
public int getPrivateKeySize() -
setPrivateKeySize
public void setPrivateKeySize(int privateKeySize) -
getScopingIdentityProviders
-
getRequestedServiceProviderAttributes
-
setIdentityProviderMetadataResourceFilepath
-
setIdentityProviderMetadataResourceClasspath
-
setIdentityProviderMetadataResourceUrl
-
setIdentityProviderMetadataPath
-
getAssertionConsumerServiceIndex
public int getAssertionConsumerServiceIndex() -
setAssertionConsumerServiceIndex
public void setAssertionConsumerServiceIndex(int assertionConsumerServiceIndex) -
isForceKeystoreGeneration
public boolean isForceKeystoreGeneration() -
setForceKeystoreGeneration
public void setForceKeystoreGeneration(boolean forceKeystoreGeneration) -
getAcceptedSkew
public long getAcceptedSkew() -
setAcceptedSkew
public void setAcceptedSkew(long acceptedSkew) -
getIdentityProviderMetadataResource
public org.springframework.core.io.Resource getIdentityProviderMetadataResource() -
setIdentityProviderMetadataResource
public void setIdentityProviderMetadataResource(org.springframework.core.io.Resource identityProviderMetadataResource) -
getIdentityProviderEntityId
-
setIdentityProviderEntityId
-
setKeystoreAlias
-
setKeystoreType
-
setKeystoreResourceFilepath
-
setKeystoreResourceClasspath
-
setKeystoreResourceUrl
-
setKeystorePath
-
getKeyStoreAlias
-
getKeyStoreType
-
getKeystoreResource
public org.springframework.core.io.Resource getKeystoreResource() -
setKeystoreResource
public void setKeystoreResource(org.springframework.core.io.Resource keystoreResource) -
getKeystorePassword
-
setKeystorePassword
-
getPrivateKeyPassword
-
setPrivateKeyPassword
-
getCertificateNameToAppend
-
setCertificateNameToAppend
-
setServiceProviderMetadataResourceFilepath
-
setServiceProviderMetadataPath
-
getServiceProviderMetadataResource
public org.springframework.core.io.Resource getServiceProviderMetadataResource() -
setServiceProviderMetadataResource
public void setServiceProviderMetadataResource(org.springframework.core.io.Resource serviceProviderMetadataResource) -
getServiceProviderEntityId
-
setServiceProviderEntityId
-
isPassive
public boolean isPassive() -
setPassive
public void setPassive(boolean passive) -
isForceAuth
public boolean isForceAuth() -
setForceAuth
public void setForceAuth(boolean forceAuth) -
getComparisonType
-
setComparisonType
-
getAuthnRequestBindingType
-
setAuthnRequestBindingType
-
getResponseBindingType
-
setResponseBindingType
-
getSpLogoutRequestBindingType
-
setSpLogoutRequestBindingType
-
getSpLogoutResponseBindingType
-
setSpLogoutResponseBindingType
-
getAuthnContextClassRefs
-
setAuthnContextClassRefs
-
getUriComparator
public net.shibboleth.utilities.java.support.net.URIComparator getUriComparator() -
setUriComparator
public void setUriComparator(net.shibboleth.utilities.java.support.net.URIComparator uriComparator) -
getNameIdPolicyFormat
-
setNameIdPolicyFormat
-
getMaximumAuthenticationLifetime
public long getMaximumAuthenticationLifetime() -
setMaximumAuthenticationLifetime
public void setMaximumAuthenticationLifetime(long maximumAuthenticationLifetime) -
isForceServiceProviderMetadataGeneration
public boolean isForceServiceProviderMetadataGeneration() -
setForceServiceProviderMetadataGeneration
public void setForceServiceProviderMetadataGeneration(boolean forceServiceProviderMetadataGeneration) -
getSamlMessageStoreFactory
-
setSamlMessageStoreFactory
-
getBlackListedSignatureSigningAlgorithms
-
setBlackListedSignatureSigningAlgorithms
public void setBlackListedSignatureSigningAlgorithms(Collection<String> blackListedSignatureSigningAlgorithms) -
getSignatureAlgorithms
-
setSignatureAlgorithms
-
getSignatureReferenceDigestMethods
-
setSignatureReferenceDigestMethods
-
getSignatureCanonicalizationAlgorithm
-
setSignatureCanonicalizationAlgorithm
-
isWantsAssertionsSigned
public boolean isWantsAssertionsSigned() -
setWantsAssertionsSigned
public void setWantsAssertionsSigned(boolean wantsAssertionsSigned) -
isWantsResponsesSigned
public boolean isWantsResponsesSigned() -
setWantsResponsesSigned
public void setWantsResponsesSigned(boolean wantsResponsesSigned) -
isAuthnRequestSigned
public boolean isAuthnRequestSigned() -
setAuthnRequestSigned
public void setAuthnRequestSigned(boolean authnRequestSigned) -
isSpLogoutRequestSigned
public boolean isSpLogoutRequestSigned() -
setSpLogoutRequestSigned
public void setSpLogoutRequestSigned(boolean spLogoutRequestSigned) -
isAllSignatureValidationDisabled
public boolean isAllSignatureValidationDisabled() -
setAllSignatureValidationDisabled
public void setAllSignatureValidationDisabled(boolean allSignatureValidationDisabled) Disables all signature validation. DO NOT ENABLE THIS IN PRODUCTION! This option is only provided for development purposes.- Parameters:
allSignatureValidationDisabled
-
-
setResponseDestinationAttributeMandatory
public void setResponseDestinationAttributeMandatory(boolean mandatory) SAML specification states the Response `Destination` attribute is optional. Providing a value is recommended to prevent malicious forwarding of responses to unintended recipients. -
isResponseDestinationAttributeMandatory
public boolean isResponseDestinationAttributeMandatory() -
getAttributeConsumingServiceIndex
public int getAttributeConsumingServiceIndex() -
setAttributeConsumingServiceIndex
public void setAttributeConsumingServiceIndex(int attributeConsumingServiceIndex) -
getProviderName
-
setProviderName
-
getAuthnRequestExtensions
-
setAuthnRequestExtensions
-
getMetadataSigner
-
setMetadataSigner
-
getAttributeAsId
-
setAttributeAsId
-
isUseNameQualifier
public boolean isUseNameQualifier() -
setUseNameQualifier
public void setUseNameQualifier(boolean useNameQualifier) -
isSignMetadata
public boolean isSignMetadata() -
setSignMetadata
public void setSignMetadata(boolean signMetadata) -
getMappedAttributes
-
setMappedAttributes
-
getLogoutHandler
public org.pac4j.core.logout.handler.LogoutHandler getLogoutHandler() -
setLogoutHandler
public void setLogoutHandler(org.pac4j.core.logout.handler.LogoutHandler logoutHandler) -
getPostLogoutURL
-
setPostLogoutURL
-
getNameIdAttribute
-
setNameIdAttribute
-
getHostnameVerifier
-
setHostnameVerifier
-
getSslSocketFactory
-
setSslSocketFactory
-
findLogoutHandler
public org.pac4j.core.logout.handler.LogoutHandler findLogoutHandler() -
getIssuerFormat
-
setIssuerFormat
-
getSingleSignOutServiceUrl
-
setSingleSignOutServiceUrl
-
getHttpClient
public org.apache.http.client.HttpClient getHttpClient() -
setHttpClient
public void setHttpClient(org.apache.http.client.HttpClient httpClient) -
getCredentialProvider
-
toMetadataGenerator
-
determineSingleSignOutServiceUrl
-
getMetadataGenerator
- Throws:
Exception
-
setMetadataGenerator
-
getIdentityProviderMetadataResolver
-
setIdentityProviderMetadataResolver
public void setIdentityProviderMetadataResolver(SAML2MetadataResolver identityProviderMetadataResolver) -
isPartialLogoutTreatedAsSuccess
public boolean isPartialLogoutTreatedAsSuccess() -
setPartialLogoutTreatedAsSuccess
public void setPartialLogoutTreatedAsSuccess(boolean partialLogoutTreatedAsSuccess) -
getSamlAttributeConverter
public org.pac4j.core.profile.converter.AttributeConverter getSamlAttributeConverter() -
setSamlAttributeConverter
public void setSamlAttributeConverter(org.pac4j.core.profile.converter.AttributeConverter samlAttributeConverter) -
getIdentityProviderMetadataConnectTimeout
public int getIdentityProviderMetadataConnectTimeout() -
setIdentityProviderMetadataConnectTimeout
public void setIdentityProviderMetadataConnectTimeout(int identityProviderMetadataConnectTimeout) -
getIdentityProviderMetadataReadTimeout
public int getIdentityProviderMetadataReadTimeout() -
setIdentityProviderMetadataReadTimeout
public void setIdentityProviderMetadataReadTimeout(int identityProviderMetadataReadTimeout)
-