org.opensaml.ws.security
Interface SecurityPolicy<RequestType extends javax.servlet.ServletRequest>

Type Parameters:
RequestType - type of incoming protocol request
All Known Implementing Classes:
BasicSecurityPolicy, SAMLSecurityPolicy

public interface SecurityPolicy<RequestType extends javax.servlet.ServletRequest>

A policy used to verify the security of an incoming request. Its security mechanisms may be used to check transport layer items (e.g client certificates and basic auth passwords) and the payload valiators may be used to check the payload of a request to ensure it meets certain criteria (e.g. valid digital signature).


Method Summary
 void evaluate(RequestType request, XMLObject message)
          Evaluates this policy.
 java.lang.String getIssuer()
          Convenience method for getting the issuer of the message as determined by the registered validators, from the security policy context.
 java.util.List<SecurityPolicyRule<RequestType>> getPolicyRules()
          Gets the rules that are evaluated for this policy.
 SecurityPolicyContext getSecurityPolicyContext()
          Get the SecurityPolicyContext instance which stores various items of state related to the evaluation of this policy.
 java.lang.Boolean isIssuerAuthenticated()
          Gets whether the message issuer was authenticated.
 

Method Detail

getSecurityPolicyContext

SecurityPolicyContext getSecurityPolicyContext()
Get the SecurityPolicyContext instance which stores various items of state related to the evaluation of this policy.

Returns:
security policy context information as determined by the registered security policy rules

getIssuer

java.lang.String getIssuer()
Convenience method for getting the issuer of the message as determined by the registered validators, from the security policy context.

Returns:
issuer of the message as determined by the registered validators

isIssuerAuthenticated

java.lang.Boolean isIssuerAuthenticated()
Gets whether the message issuer was authenticated.

Returns:
Boolean.TRUE if the issuer was authenticated, Boolean.FALSE if the issuer failed authentication, or null if no authentication was attempted

getPolicyRules

java.util.List<SecurityPolicyRule<RequestType>> getPolicyRules()
Gets the rules that are evaluated for this policy.

Returns:
rules that are evaluated for this policy

evaluate

void evaluate(RequestType request,
              XMLObject message)
              throws SecurityPolicyException
Evaluates this policy.

Parameters:
request - the protocol request
message - the incoming message
Throws:
SecurityPolicyException - thrown if the request does not meet the requirements of this policy