org.opensaml.saml2.binding.security
Class SAML2ProtocolMessageRuleFactory.SAML2ProtocolMessageRule

java.lang.Object
  extended by org.opensaml.saml2.binding.security.SAML2ProtocolMessageRuleFactory.SAML2ProtocolMessageRule
All Implemented Interfaces:
SecurityPolicyRule<javax.servlet.ServletRequest>
Enclosing class:
SAML2ProtocolMessageRuleFactory

public class SAML2ProtocolMessageRuleFactory.SAML2ProtocolMessageRule
extends java.lang.Object
implements SecurityPolicyRule<javax.servlet.ServletRequest>

An implementation of SecurityPolicyRule which processes SAML 2 messages and extracts relevant information out for use in other rules.


Constructor Summary
SAML2ProtocolMessageRuleFactory.SAML2ProtocolMessageRule()
           
 
Method Summary
 void evaluate(javax.servlet.ServletRequest request, XMLObject message, SecurityPolicyContext context)
          Evaluates the rule against the given request and message.
protected  java.lang.String extractEntityId(Issuer issuer)
          Extracts the entity ID from the SAML 2 Issuer.
protected  void extractRequestInfo(SAMLSecurityPolicyContext samlContext, RequestAbstractType request)
          Extract information from a SAML RequestAbstractType message.
protected  void extractResponseInfo(SAMLSecurityPolicyContext samlContext, StatusResponseType statusResponse)
          Extract information from a SAML StatusResponse message.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SAML2ProtocolMessageRuleFactory.SAML2ProtocolMessageRule

public SAML2ProtocolMessageRuleFactory.SAML2ProtocolMessageRule()
Method Detail

evaluate

public void evaluate(javax.servlet.ServletRequest request,
                     XMLObject message,
                     SecurityPolicyContext context)
              throws SecurityPolicyException
Evaluates the rule against the given request and message.

Specified by:
evaluate in interface SecurityPolicyRule<javax.servlet.ServletRequest>
Parameters:
request - the protocol request
message - the incoming message
context - the security policy context to use for evaluation and storage of related state info
Throws:
SecurityPolicyException - thrown if the request/message do not meet the requirements of this rule

extractResponseInfo

protected void extractResponseInfo(SAMLSecurityPolicyContext samlContext,
                                   StatusResponseType statusResponse)
                            throws SecurityPolicyException
Extract information from a SAML StatusResponse message.

Parameters:
samlContext - the security policy context in which to store information
statusResponse - the SAML message to process
Throws:
SecurityPolicyException - thrown if the response issuer has a format other than NameIDType.ENTITY or, if the response does not contain an issuer, if the contained assertions contain issuers that are not of NameIDType.ENTITY format or if the assertions contain different issuers

extractRequestInfo

protected void extractRequestInfo(SAMLSecurityPolicyContext samlContext,
                                  RequestAbstractType request)
                           throws SecurityPolicyException
Extract information from a SAML RequestAbstractType message.

Parameters:
samlContext - the security policy context in which to store information
request - the SAML message to process
Throws:
SecurityPolicyException - thrown if the request issuer has a format other than NameIDType.ENTITY

extractEntityId

protected java.lang.String extractEntityId(Issuer issuer)
                                    throws SecurityPolicyException
Extracts the entity ID from the SAML 2 Issuer.

Parameters:
issuer - issuer to extract the entityID from
Returns:
entity ID of the issuer
Throws:
SecurityPolicyException - thrown if the given issuer has a format other than NameIDType.ENTITY