Class InResponseToSecurityHandler

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, MessageHandler

public class InResponseToSecurityHandler
extends AbstractMessageHandler
Client-side message handler for validating that the inbound SAML response inResponseTo ID matches the corresponding outbound request ID.
  • Field Details

    • log

      private org.slf4j.Logger log
      Logger.
  • Constructor Details

    • InResponseToSecurityHandler

      public InResponseToSecurityHandler()
  • Method Details

    • doInvoke

      protected void doInvoke​(@Nonnull MessageContext messageContext) throws MessageHandlerException
      Performs the handler logic.
      Specified by:
      doInvoke in class AbstractMessageHandler
      Parameters:
      messageContext - the message context on which to invoke the handler
      Throws:
      MessageHandlerException - if there is an error invoking the handler on the message context
    • resolveOutboundRequestID

      private String resolveOutboundRequestID​(@Nonnull MessageContext messageContext)
      Resolve the outbound request ID.
      Parameters:
      messageContext - the message context
      Returns:
      the outbound request ID, or null
    • resolveInboundInResponseTo

      private String resolveInboundInResponseTo​(@Nonnull MessageContext messageContext)
      Resolve the inbound inResponseTo ID.
      Parameters:
      messageContext - the message context
      Returns:
      the inbound inResponseTo, or null