org.opensaml.common.binding.security
Class SAMLMDClientCertAuthRuleFactory.SAMLMDClientCertAuthRule
java.lang.Object
org.opensaml.ws.security.provider.BaseTrustEngineRule<X509Credential,javax.servlet.ServletRequest>
org.opensaml.ws.security.provider.ClientCertAuthRule
org.opensaml.common.binding.security.SAMLMDClientCertAuthRuleFactory.SAMLMDClientCertAuthRule
- All Implemented Interfaces:
- SecurityPolicyRule<javax.servlet.ServletRequest>
- Enclosing class:
- SAMLMDClientCertAuthRuleFactory
public class SAMLMDClientCertAuthRuleFactory.SAMLMDClientCertAuthRule
- extends ClientCertAuthRule
SAML specialization of ClientCertAuthRule
which provides support for
X509Credential trust engine validation based on SAML metadta.
Method Summary |
protected CriteriaSet |
buildCriteriaSet(java.lang.String entityID,
javax.servlet.ServletRequest request,
XMLObject message,
SecurityPolicyContext context)
Subclasses are required to implement this method to build a criteria set for the trust engine
according to trust engine and application-specific needs. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SAMLMDClientCertAuthRuleFactory.SAMLMDClientCertAuthRule
public SAMLMDClientCertAuthRuleFactory.SAMLMDClientCertAuthRule(TrustEngine<X509Credential> engine,
ClientCertAuthRuleFactory.CertificateNameOptions nameOptions)
- Constructor.
- Parameters:
engine
- Trust engine used to verify the request X509CredentialnameOptions
- options for deriving issuer names from an X.509 certificate
buildCriteriaSet
protected CriteriaSet buildCriteriaSet(java.lang.String entityID,
javax.servlet.ServletRequest request,
XMLObject message,
SecurityPolicyContext context)
- Subclasses are required to implement this method to build a criteria set for the trust engine
according to trust engine and application-specific needs.
- Overrides:
buildCriteriaSet
in class ClientCertAuthRule
- Parameters:
entityID
- the candidate issuer entity ID which is being evaluatedrequest
- the protocol requestmessage
- the incoming messagecontext
- the security policy context to use for evaluation and storage of related state info
- Returns:
- a newly constructly set of criteria suitable for the configured trust engine