SAML2HTTPRedirectDeflateSignatureRule (OpenSAML-J 2.6.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.opensaml.saml2.binding.security
Class SAML2HTTPRedirectDeflateSignatureRule

java.lang.Object
  org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule
      org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule

All Implemented Interfaces:: SecurityPolicyRule

public class SAML2HTTPRedirectDeflateSignatureRule
extends BaseSAMLSimpleSignatureSecurityPolicyRule
extends BaseSAMLSimpleSignatureSecurityPolicyRule

Security policy which evaluates simple "blob" signatures according to the SAML 2 HTTP-Redirect DEFLATE binding.

Field Summary
`private org.slf4j.Logger`	`log` Logger.

Constructor Summary
`SAML2HTTPRedirectDeflateSignatureRule(SignatureTrustEngine engine)` Constructor.

Method Summary
`private boolean`	`appendParameter(StringBuilder builder, String queryString, String paramName)` Find the raw query string parameter indicated and append it to the string builder.
`private String`	`buildSignedContentString(String queryString)` Extract the raw request parameters and build a string representation of the content that was signed.
`protected byte[]`	`getSignedContent(javax.servlet.http.HttpServletRequest request)` Get the content over which to validate the signature, in the form suitable for input into `SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential)`.
`protected boolean`	`ruleHandles(javax.servlet.http.HttpServletRequest request, SAMLMessageContext samlMsgCtx)` Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.

Methods inherited from class org.opensaml.common.binding.security.BaseSAMLSimpleSignatureSecurityPolicyRule
`buildCriteriaSet, deriveSignerEntityID, evaluate, getRequestCredentials, getSignature, getSignatureAlgorithm, getTrustEngine, validateSignature`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

log

private final org.slf4j.Logger log

Logger.

Constructor Detail

SAML2HTTPRedirectDeflateSignatureRule

public SAML2HTTPRedirectDeflateSignatureRule(SignatureTrustEngine engine)

Constructor.

Parameters:: engine - the trust engine to use

Method Detail

ruleHandles

protected boolean ruleHandles(javax.servlet.http.HttpServletRequest request,
                              SAMLMessageContext samlMsgCtx)
                       throws SecurityPolicyException

Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.

Specified by:: ruleHandles in class BaseSAMLSimpleSignatureSecurityPolicyRule

Parameters:: request - the HTTP servlet request being processed; samlMsgCtx - the SAML message context being processed
Returns:: true if the rule should attempt to process the request, otherwise false
Throws:: SecurityPolicyException - thrown if there is an error during request processing

getSignedContent

protected byte[] getSignedContent(javax.servlet.http.HttpServletRequest request)
                           throws SecurityPolicyException

Get the content over which to validate the signature, in the form suitable for input into SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential).

Specified by:: getSignedContent in class BaseSAMLSimpleSignatureSecurityPolicyRule

Parameters:: request - the HTTP servlet request being processed
Returns:: the signed content extracted from the request, in the format suitable for input to the trust engine.
Throws:: SecurityPolicyException - thrown if there is an error during request processing

buildSignedContentString

private String buildSignedContentString(String queryString)
                                 throws SecurityPolicyException

Extract the raw request parameters and build a string representation of the content that was signed.

Parameters:: queryString - the raw HTTP query string from the request
Returns:: a string representation of the signed content
Throws:: SecurityPolicyException - thrown if there is an error during request processing

appendParameter

private boolean appendParameter(StringBuilder builder,
                                String queryString,
                                String paramName)

Find the raw query string parameter indicated and append it to the string builder. The appended value will be in the form 'paramName=paramValue' (minus the quotes).

Parameters:: builder - string builder to which to append the parameter; queryString - the URL query string containing parameters; paramName - the name of the parameter to append
Returns:: true if parameter was found, false otherwise