org.opensaml.saml.common.profile.impl.SignAssertions

All Implemented Interfaces:: Component, DestructableComponent, InitializableComponent, ProfileAction

public class SignAssertions extends AbstractProfileAction

Action that signs assertions in a SAML 1/2 Response returned by a lookup strategy, by default the message returned by InOutOperationContext.getOutboundMessageContext().

The SecurityParametersContext governing the signing process is located by a lookup strategy, by default a child of the profile request context.

Event:: EventIds.PROCEED_EVENT_ID, EventIds.INVALID_MSG_CTX

Field Summary

Fields

Modifier and Type

Field

Description

private final org.slf4j.Logger

log

Class logger.

private SAMLObject

response

The response containing the assertions to be signed.

private Function<ProfileRequestContext,SAMLObject>

responseLookupStrategy

Strategy used to locate the response to operate on.

private Function<ProfileRequestContext,SecurityParametersContext>

securityParametersLookupStrategy

Strategy used to locate the SecurityParametersContext to use for signing.

private SignatureSigningParameters

signatureSigningParameters

The signature signing parameters.
Constructor Summary

Constructors

Constructor

Description

SignAssertions()

Constructor.
Method Summary

Modifier and Type

Method

Description

protected void

doExecute(ProfileRequestContext profileRequestContext)

Performs this action.

protected boolean

doPreExecute(ProfileRequestContext profileRequestContext)

Called prior to execution, actions may override this method to perform pre-processing for a request.

private void

logResponse(String message)

Log the Response with the given message at trace level.

void

setResponseLookupStrategy(Function<ProfileRequestContext,SAMLObject> strategy)

Set the strategy used to locate the response to operate on.

void

setSecurityParametersLookupStrategy(Function<ProfileRequestContext,SecurityParametersContext> strategy)

Set the strategy used to locate the SecurityParametersContext to use.

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction
doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized

Field Details
- log
  
  @Nonnull private final org.slf4j.Logger log
  
  Class logger.
- responseLookupStrategy
  
  @Nonnull private Function<ProfileRequestContext,SAMLObject> responseLookupStrategy
  
  Strategy used to locate the response to operate on.
- securityParametersLookupStrategy
  
  @Nonnull private Function<ProfileRequestContext,SecurityParametersContext> securityParametersLookupStrategy
  
  Strategy used to locate the SecurityParametersContext to use for signing.
- signatureSigningParameters
  
  @Nullable private SignatureSigningParameters signatureSigningParameters
  
  The signature signing parameters.
- response
  
  @Nullable private SAMLObject response
  
  The response containing the assertions to be signed.
Constructor Details
- SignAssertions
  
  public SignAssertions()
  
  Constructor.
Method Details
- setResponseLookupStrategy
  
  public void setResponseLookupStrategy(@Nonnull Function<ProfileRequestContext,SAMLObject> strategy)
  
  Set the strategy used to locate the response to operate on.
  
  Parameters:
  
  strategy - lookup strategy
- setSecurityParametersLookupStrategy
  
  public void setSecurityParametersLookupStrategy(@Nonnull Function<ProfileRequestContext,SecurityParametersContext> strategy)
  
  Set the strategy used to locate the SecurityParametersContext to use.
  
  Parameters:
  
  strategy - lookup strategy
- doPreExecute
  
  protected boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext)
  
  Called prior to execution, actions may override this method to perform pre-processing for a request.
  If false is returned, execution will not proceed, and the action should attach an EventContext to the context tree to signal how to continue with overall workflow processing.
  
  If returning successfully, the last step should be to return the result of the superclass version of this method.
  
  Overrides:
  
  doPreExecute in class AbstractProfileAction
  
  Parameters:
  
  profileRequestContext - the current IdP profile request context
  
  Returns:
  
  true iff execution should proceed
- doExecute
  
  protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext)
  
  Performs this action. Actions must override this method to perform their work.
  
  Overrides:
  
  doExecute in class AbstractProfileAction
  
  Parameters:
  
  profileRequestContext - the current IdP profile request context
- logResponse
  
  private void logResponse(@Nonnull String message)
  
  Log the Response with the given message at trace level.
  
  Parameters:
  
  message - the log message

Class SignAssertions

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

Methods inherited from class java.lang.Object

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

Field Details

log

responseLookupStrategy

securityParametersLookupStrategy

signatureSigningParameters

response

Constructor Details

SignAssertions

Method Details

setResponseLookupStrategy

setSecurityParametersLookupStrategy

doPreExecute

doExecute

logResponse