org.opensaml.common.binding.security
Class SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory.SAMLProtocolMessageXMLSignatureSecurityPolicyRule

java.lang.Object
  extended by org.opensaml.ws.security.provider.BaseTrustEngineRule<Signature,javax.servlet.ServletRequest>
      extended by org.opensaml.common.binding.security.BaseSAMLSignatureSecurityPolicyRuleFactory.BaseSAMLSignatureSecurityPolicyRule
          extended by org.opensaml.common.binding.security.SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory.SAMLProtocolMessageXMLSignatureSecurityPolicyRule
All Implemented Interfaces:
SecurityPolicyRule<javax.servlet.ServletRequest>
Enclosing class:
SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory

protected class SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory.SAMLProtocolMessageXMLSignatureSecurityPolicyRule
extends BaseSAMLSignatureSecurityPolicyRuleFactory.BaseSAMLSignatureSecurityPolicyRule

SAML security policy rule which validates the signature (if present) on the SAMLObject which represents the SAML protocol message being processed. If the message is not an instance of SignableSAMLObject, then no processing is performed. If signature validation is successful, and the context issuer was not previously authenticated, then the context's issuer authentication state will be set to true.


Constructor Summary
SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory.SAMLProtocolMessageXMLSignatureSecurityPolicyRule(TrustEngine<Signature> engine)
          Constructor.
 
Method Summary
 void evaluate(javax.servlet.ServletRequest request, XMLObject message, SecurityPolicyContext context)
          Evaluates the rule against the given request and message.
 
Methods inherited from class org.opensaml.common.binding.security.BaseSAMLSignatureSecurityPolicyRuleFactory.BaseSAMLSignatureSecurityPolicyRule
buildCriteriaSet
 
Methods inherited from class org.opensaml.ws.security.provider.BaseTrustEngineRule
evaluate, getTrustEngine
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory.SAMLProtocolMessageXMLSignatureSecurityPolicyRule

public SAMLProtocolMessageXMLSignatureSecurityPolicyRuleFactory.SAMLProtocolMessageXMLSignatureSecurityPolicyRule(TrustEngine<Signature> engine)
Constructor.

Parameters:
engine - Trust engine used to verify the signature
Method Detail

evaluate

public void evaluate(javax.servlet.ServletRequest request,
                     XMLObject message,
                     SecurityPolicyContext context)
              throws SecurityPolicyException
Evaluates the rule against the given request and message.

Specified by:
evaluate in interface SecurityPolicyRule<javax.servlet.ServletRequest>
Specified by:
evaluate in class BaseTrustEngineRule<Signature,javax.servlet.ServletRequest>
Parameters:
request - the protocol request
message - the incoming message
context - the security policy context to use for evaluation and storage of related state info
Throws:
SecurityPolicyException - thrown if the request/message do not meet the requirements of this rule