Class AuthnStatementValidator
java.lang.Object
org.opensaml.saml.saml2.assertion.impl.AuthnStatementValidator
- All Implemented Interfaces:
StatementValidator
StatementValidator implementation for AuthnStatement conditions.
Supports the following ValidationContext static parameters:
-
SAML2AssertionValidationParameters.STMT_AUTHN_CHECK_ADDRESS: Optional. -
SAML2AssertionValidationParameters.STMT_AUTHN_VALID_ADDRESSES: Required ifSAML2AssertionValidationParameters.STMT_AUTHN_CHECK_ADDRESSis true or omitted, otherwise optional. -
SAML2AssertionValidationParameters.STMT_AUTHN_MAX_TIME: Optional.
Supports the following ValidationContext dynamic parameters:
- None.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionGets the element or schema type QName of the statement handled by this validator.validate(Statement statement, Assertion assertion, ValidationContext context) Validates the given statement.protected ValidationResultvalidateAuthnContext(AuthnStatement authnStatement, Assertion assertion, ValidationContext context) Validate theAuthnContext.protected ValidationResultvalidateAuthnInstant(AuthnStatement authnStatement, Assertion assertion, ValidationContext context) Validate the authnInstant attribute of theAuthnStatement.protected ValidationResultvalidateSubjectLocality(AuthnStatement authnStatement, Assertion assertion, ValidationContext context) Validate theSubjectLocality.
-
Field Details
-
log
private org.slf4j.Logger logLogger.
-
-
Constructor Details
-
AuthnStatementValidator
public AuthnStatementValidator()
-
-
Method Details
-
getServicedStatement
Gets the element or schema type QName of the statement handled by this validator.- Specified by:
getServicedStatementin interfaceStatementValidator- Returns:
- element or schema type QName of the statement handled by this validator
-
validate
public ValidationResult validate(@Nonnull Statement statement, @Nonnull Assertion assertion, @Nonnull ValidationContext context) throws AssertionValidationException Validates the given statement.- Specified by:
validatein interfaceStatementValidator- Parameters:
statement- statement to be validatedassertion- assertion bearing the statementcontext- current Assertion validation context- Returns:
- the validation result
- Throws:
AssertionValidationException- if there is a problem processing the validation operation
-
validateAuthnInstant
protected ValidationResult validateAuthnInstant(@Nonnull AuthnStatement authnStatement, @Nonnull Assertion assertion, @Nonnull ValidationContext context) throws AssertionValidationException Validate the authnInstant attribute of theAuthnStatement.- Parameters:
authnStatement- the current statement being validatedassertion- the current assertion being evaluatedcontext- the current validation context- Returns:
- the validation result
- Throws:
AssertionValidationException- if there is a fatal error during evaluation
-
validateSubjectLocality
protected ValidationResult validateSubjectLocality(@Nonnull AuthnStatement authnStatement, @Nonnull Assertion assertion, @Nonnull ValidationContext context) throws AssertionValidationException Validate theSubjectLocality.- Parameters:
authnStatement- the current statement being validatedassertion- the current assertion being evaluatedcontext- the current validation context- Returns:
- the validation result
- Throws:
AssertionValidationException- if there is a fatal error during evaluation
-
validateAuthnContext
protected ValidationResult validateAuthnContext(@Nonnull AuthnStatement authnStatement, @Nonnull Assertion assertion, @Nonnull ValidationContext context) throws AssertionValidationException Validate theAuthnContext.The default implementation is a no-op and always valid. Subclasses may override.
- Parameters:
authnStatement- the current statement being validatedassertion- the current assertion being evaluatedcontext- the current validation context- Returns:
- the validation result
- Throws:
AssertionValidationException- if there is a fatal error during evaluation
-