Class ReceivedEndpointSecurityHandler

All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, MessageHandler

public class ReceivedEndpointSecurityHandler
extends AbstractMessageHandler
Message handler which checks the validity of the SAML protocol message receiver endpoint against requirements indicated in the message.
  • Field Details

    • log

      @Nonnull private org.slf4j.Logger log
      Logger.
    • uriComparator

      @Nonnull private URIComparator uriComparator
      The URI comparator to use in performing the validation.
    • httpServletRequest

      @NonnullAfterInit private javax.servlet.http.HttpServletRequest httpServletRequest
      The HttpServletRequest being processed.
  • Constructor Details

    • ReceivedEndpointSecurityHandler

      public ReceivedEndpointSecurityHandler()
      Constructor.
  • Method Details

    • getURIComparator

      @Nonnull public URIComparator getURIComparator()
      Get the URI comparator instance to use.
      Returns:
      the uriComparator.
    • setURIComparator

      public void setURIComparator​(@Nonnull URIComparator comparator)
      Set the URI comparator instance to use.
      Parameters:
      comparator - the new URI comparator to use
    • getHttpServletRequest

      @NonnullAfterInit public javax.servlet.http.HttpServletRequest getHttpServletRequest()
      Get the HTTP servlet request being processed.
      Returns:
      Returns the request.
    • setHttpServletRequest

      public void setHttpServletRequest​(@Nonnull javax.servlet.http.HttpServletRequest request)
      Set the HTTP servlet request being processed.
      Parameters:
      request - The to set.
    • doInitialize

      protected void doInitialize() throws ComponentInitializationException
      Overrides:
      doInitialize in class AbstractInitializableComponent
      Throws:
      ComponentInitializationException
    • doInvoke

      protected void doInvoke​(@Nonnull MessageContext messageContext) throws MessageHandlerException
      Performs the handler logic.
      Specified by:
      doInvoke in class AbstractMessageHandler
      Parameters:
      messageContext - the message context on which to invoke the handler
      Throws:
      MessageHandlerException - if there is an error invoking the handler on the message context
    • compareEndpointURIs

      protected boolean compareEndpointURIs​(@Nonnull @NotEmpty String messageDestination, @Nonnull @NotEmpty String receiverEndpoint, @Nonnull URIComparator comparator) throws URIException
      Compare the message endpoint URI's specified.

      The comparison is performed using the specified instance of URIComparator.

      Parameters:
      messageDestination - the intended message destination endpoint URI
      receiverEndpoint - the endpoint URI at which the message was received
      comparator - the comparator instance to use
      Returns:
      true if the endpoints are equivalent, false otherwise
      Throws:
      URIException - if one of the URI's to evaluate is invalid
    • checkEndpointURI

      protected void checkEndpointURI​(@Nonnull MessageContext messageContext, @Nonnull URIComparator comparator) throws MessageHandlerException
      Check the validity of the SAML protocol message receiver endpoint against requirements indicated in the message.
      Parameters:
      messageContext - current message context
      comparator - the URI comparator instance to use, if null an internal default will be used
      Throws:
      MessageHandlerException - thrown if the message was received at an endpoint consistent with message requirements, or if there is a problem decoding and processing the message Destination or receiver endpoint information