Package com.avoka.fc.core.security

Class SAML2AttributesParser

java.lang.Object
com.avoka.fc.core.security.SAML2AttributesParser
public class SAML2AttributesParser extends Object
Provides a SAML2 (Security Assertion Markup Language) attribute parser helper class for SSO Filter authentication token scripts.
Since:
4.0.0

  • Field Details

    • REQUEST_PARAM_SAML_RESPONSE

      public static final String REQUEST_PARAM_SAML_RESPONSE
      Request param SAMLResponse
      See Also:

  • Constructor Details

    • SAML2AttributesParser

      public SAML2AttributesParser(HttpServletRequest request)
      Create a SAML2 Attribute parser from the given request.
      Parameters:
      request - - HttpServletRequest that contains the SAML Token (required)

  • Method Details

    • getSSOAuthenticationToken

      public SSOAuthenticationToken getSSOAuthenticationToken()
      Return the SAML2 attributes from a request containing the token.

      The map has 2 types of entries:

      1. simple attributes like givenname are stored in the Map as String
      2. attributes such as groups are stored in the Map as List

      If the SAML2 attribute parser has groupAttributeName configured then the SSOAuthenticationToken will any parsed groups as Spring GrantedAuthoritys.

      Returns:
      the ssoAuthenticationToken which contain a ssoAuthTokenAttributeMap

    • isValidSignature

      public boolean isValidSignature()
      Validates the signature associated with the SAML2 Response. Note this does not check the signature of the assertions.
      Returns:
      false if the SAML token is invalid, true if Valid or if the certPublicKey is not specified.

    • isValidSignatue

      public boolean isValidSignatue()
      Deprecated.
      Validates the SAML2 Response.
      Returns:
      false if the SAML token is invalid, true if Valid or if the certPublicKey is not specified.

    • setFromSecurityManager

      public void setFromSecurityManager(SecurityManager securityManager)
      Set the configuration properties from the SecurityManager instead of setting individually.
      Parameters:
      securityManager - the security manager associated with this SSO (required)

    • setValidationCertData

      public void setValidationCertData(byte[] validatorCertData)
      Sets the certificate used for validating the SAML2 Signature
      Parameters:
      validatorCertData - byte[]

    • setKeystoreData

      public void setKeystoreData(byte[] keystoreData)
      Sets the keystore that holds the private key and validationCertAlias
      Parameters:
      keystoreData - byte[]

    • setKeystorePassword

      public void setKeystorePassword(String keystorePassword)
      Sets the keystore password
      Parameters:
      keystorePassword - String

    • setPrivateKeyAlias

      public void setPrivateKeyAlias(String privateKeyAlias)
      Sets the Private Key Alias for the keystore
      Parameters:
      privateKeyAlias - String

    • setPrivateKeyPassword

      public void setPrivateKeyPassword(String privateKeyPassword)
      Sets the Private Key Password
      Parameters:
      privateKeyPassword - String

    • setGroupAttributeName

      public void setGroupAttributeName(String groupAttributeName)
      Sets the Group Attribute Name.

      If the SAML2 attribute parser has groupAttributeName configured then the SSOAuthenticationToken will any parsed groups as Spring GrantedAuthoritys.

      Parameters:
      groupAttributeName - String

    • hasSamlToken

      public boolean hasSamlToken()
      Returns true if the request has a SAML2 SAMLRequest or SAMLResponse request parameters.
      Returns:
      true if has a SAMLRequest or SAMLResponse request parameter