Package org.opensaml.saml.config

Class SAMLConfiguration

java.lang.Object
org.opensaml.saml.config.SAMLConfiguration
public class SAMLConfiguration extends Object
SAML-related configuration information.

The configuration instance to use would typically be retrieved from the ConfigurationService.

  • Field Details

  • Constructor Details

    • SAMLConfiguration

      public SAMLConfiguration()
      Constructor.

  • Method Details

    • getSAML1ArtifactBuilderFactory

      public SAML1ArtifactBuilderFactory getSAML1ArtifactBuilderFactory()
      Gets the artifact factory for the library.
      Returns:
      artifact factory for the library

    • setSAML1ArtifactBuilderFactory

      public void setSAML1ArtifactBuilderFactory(SAML1ArtifactBuilderFactory factory)
      Sets the artifact factory for the library.
      Parameters:
      factory - artifact factory for the library

    • getSAML2ArtifactBuilderFactory

      public SAML2ArtifactBuilderFactory getSAML2ArtifactBuilderFactory()
      Gets the artifact factory for the library.
      Returns:
      artifact factory for the library

    • setSAML2ArtifactBuilderFactory

      public void setSAML2ArtifactBuilderFactory(SAML2ArtifactBuilderFactory factory)
      Sets the artifact factory for the library.
      Parameters:
      factory - artifact factory for the library

    • getAllowedBindingURLSchemes

      @Nonnull @NonnullElements @Unmodifiable @NotLive public List<String> getAllowedBindingURLSchemes()
      Gets the unmodifiable list of schemes allowed to appear in binding URLs when encoding a message.

      All scheme values returned will be lowercased.

      Defaults to 'http' and 'https'.

      Returns:
      list of URL schemes allowed to appear in a message

    • setAllowedBindingURLSchemes

      public void setAllowedBindingURLSchemes(@Nullable List<String> schemes)
      Sets the list of schemes allowed to appear in binding URLs when encoding a message.

      The supplied list will be copied. Values will be normalized: 1) strings will be trimmed, 2) nulls will be removed, and 3) all values will be lowercased.

      Note, the appearance of schemes such as 'javascript' may open the system up to attacks (e.g. cross-site scripting attacks).

      Parameters:
      schemes - URL schemes allowed to appear in a message