Package se.swedenconnect.opensaml.saml2.response.replay

Class MessageReplayCheckerImpl

java.lang.Object
se.swedenconnect.opensaml.saml2.response.replay.MessageReplayCheckerImpl
All Implemented Interfaces:
MessageReplayChecker
public class MessageReplayCheckerImpl extends Object implements MessageReplayChecker
Message replay checker implementation using OpenSAML's ReplayCache as an underlying cache.
Author:
Martin Lindström (martin.lindstrom@litsec.se)

  • Constructor Summary

    Constructors
    Constructor
    Description
    MessageReplayCheckerImpl(org.opensaml.storage.ReplayCache replayCache, String replayCacheName)
    Constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    checkReplay(String id)
    Checks if the supplied message ID already has been processed within the time the replay checker keeps the processed items in its cache.
    void
    checkReplay(org.opensaml.saml.common.SAMLObject object)
    Checks if the supplied message contains an ID that already has been processed within the time the replay checker keeps the processed items in its cache.
    void
    setReplayCache(org.opensaml.storage.ReplayCache replayCache)
    Assigns the replay cache to use when checking against replay attacks.
    void
    setReplayCacheExpiration(long replayCacheExpiration)
    Assigns the number of milliseconds each stored ID should be kept in the cache.
    void
    setReplayCacheName(String replayCacheName)
    Assigns the name of the replay cache.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • MessageReplayCheckerImpl

      public MessageReplayCheckerImpl(org.opensaml.storage.ReplayCache replayCache, String replayCacheName)
      Constructor.
      Parameters:
      replayCache - the OpenSAML ReplayCache object to use
      replayCacheName - the name of the replay cache

  • Method Details

    • checkReplay

      public void checkReplay(String id) throws MessageReplayException
      Checks if the supplied message ID already has been processed within the time the replay checker keeps the processed items in its cache.
      Specified by:
      checkReplay in interface MessageReplayChecker
      Parameters:
      id - the message ID
      Throws:
      MessageReplayException - if there is a replay attack

    • checkReplay

      public void checkReplay(org.opensaml.saml.common.SAMLObject object) throws MessageReplayException, IllegalArgumentException
      Checks if the supplied message contains an ID that already has been processed within the time the replay checker keeps the processed items in its cache.
      Specified by:
      checkReplay in interface MessageReplayChecker
      Parameters:
      object - the SAML message object
      Throws:
      MessageReplayException - if there is a replay attack
      IllegalArgumentException - if the supplied object is not supported by the checker

    • setReplayCache

      public void setReplayCache(org.opensaml.storage.ReplayCache replayCache)
      Assigns the replay cache to use when checking against replay attacks.
      Parameters:
      replayCache - the cache

    • setReplayCacheName

      public void setReplayCacheName(String replayCacheName)
      Assigns the name of the replay cache.
      Parameters:
      replayCacheName - the name

    • setReplayCacheExpiration

      public void setReplayCacheExpiration(long replayCacheExpiration)
      Assigns the number of milliseconds each stored ID should be kept in the cache. The default is 5 minutes.
      Parameters:
      replayCacheExpiration - number of millis