Package com.avoka.fc.core.security

Class SAML2AttributesParser

  • public class SAML2AttributesParser
extends Object
    Provides a SAML2 (Security Assertion Markup Language) attribute parser helper class for SSO Filter authentication token scripts.
    Since:
    4.0.0

    • Field Detail

      • REQUEST_PARAM_SAML_RESPONSE

        public static final String REQUEST_PARAM_SAML_RESPONSE
        Request param SAMLResponse
        See Also:
        Constant Field Values

    • Constructor Detail

      • SAML2AttributesParser

        public SAML2AttributesParser​(HttpServletRequest request)
        Create a SAML2 Attribute parser from the given request.
        Parameters:
        request - - HttpServletRequest that contains the SAML Token (required)

    • Method Detail

      • getSSOAuthenticationToken

        public SSOAuthenticationToken getSSOAuthenticationToken()
        Return the SAML2 attributes from a request containing the token.

        The map has 2 types of entries:

        1. simple attributes like givenname are stored in the Map as String
        2. attributes such as groups are stored in the Map as List

        If the SAML2 attribute parser has groupAttributeName configured then the SSOAuthenticationToken will any parsed groups as Spring GrantedAuthoritys.

        Returns:
        the ssoAuthenticationToken which contain a ssoAuthTokenAttributeMap

      • isValidSignature

        public boolean isValidSignature()
        Validates the signature associated with the SAML2 Response. Note this does not check the signature of the assertions.
        Returns:
        false if the SAML token is invalid, true if Valid or if the certPublicKey is not specified.

      • isValidSignatue

        public boolean isValidSignatue()
        Deprecated.
        Validates the SAML2 Response.
        Returns:
        false if the SAML token is invalid, true if Valid or if the certPublicKey is not specified.

      • setFromSecurityManager

        public void setFromSecurityManager​(SecurityManager securityManager)
        Set the configuration properties from the SecurityManager instead of setting individually.
        Parameters:
        securityManager - the security manager associated with this SSO (required)

      • setValidationCertData

        public void setValidationCertData​(byte[] validatorCertData)
        Sets the certificate used for validating the SAML2 Signature
        Parameters:
        validatorCertData - byte[]

      • setKeystoreData

        public void setKeystoreData​(byte[] keystoreData)
        Sets the keystore that holds the private key and validationCertAlias
        Parameters:
        keystoreData - byte[]

      • setKeystorePassword

        public void setKeystorePassword​(String keystorePassword)
        Sets the keystore password
        Parameters:
        keystorePassword - String

      • setPrivateKeyAlias

        public void setPrivateKeyAlias​(String privateKeyAlias)
        Sets the Private Key Alias for the keystore
        Parameters:
        privateKeyAlias - String

      • setPrivateKeyPassword

        public void setPrivateKeyPassword​(String privateKeyPassword)
        Sets the Private Key Password
        Parameters:
        privateKeyPassword - String

      • setGroupAttributeName

        public void setGroupAttributeName​(String groupAttributeName)
        Sets the Group Attribute Name.

        If the SAML2 attribute parser has groupAttributeName configured then the SSOAuthenticationToken will any parsed groups as Spring GrantedAuthoritys.

        Parameters:
        groupAttributeName - String

      • hasSamlToken

        public boolean hasSamlToken()
        Returns true if the request has a SAML2 SAMLRequest or SAMLResponse request parameters.
        Returns:
        true if has a SAMLRequest or SAMLResponse request parameter