Classes responsible for performing transport-related and basic message validation of decoded SAML messages.
ClassDescriptionBase class for security-oriented message handlers which verify simple "blob" signatures computed over some components of a request.Base class for SAML security message handlers which evaluate a signature with a signature trust engine.Handler implementation that checks and records the result of
HttpClientserver TLS authentication as stored in the @link
HttpClientContextresolved via strategy function.Class which verifies that the
Endpointto which a message will be delivered contains a valid URL scheme.Client-side message handler for validating that the inbound SAML response inResponseTo ID matches the corresponding outbound request ID.Security message handler implementation that checks for validity of SAML message issue instant date and time.Security message handler implementation that which checks for replay of SAML messages.Function for resolving the SAML entity ID from the parent
InOutOperationContext.Message handler which checks the validity of the SAML protocol message receiver endpoint against requirements indicated in the message.SAML specialization of
BaseClientCertAuthSecurityHandlerwhich provides support for X509Credential trust engine validation based on SAML metadata.A message handler implementation that signs an outbound SAML protocol message if the message context contains an instance of
SignatureSigningParametersas determined by
SAMLMessageSecuritySupport.getContextSigningParameters(MessageContext).SAML security message handler which validates the signature (if present) on the
SAMLObjectwhich represents the SAML protocol message being processed.