Package se.swedenconnect.opensaml.saml2.response.replay

Class MessageReplayCheckerImpl

java.lang.Object

se.swedenconnect.opensaml.saml2.response.replay.MessageReplayCheckerImpl

All Implemented Interfaces:

MessageReplayChecker

public class MessageReplayCheckerImpl
extends Object
implements MessageReplayChecker

Message replay checker implementation using OpenSAML's ReplayCache as an underlying cache.

Author:

Martin Lindström (martin.lindstrom@litsec.se)

Constructor Summary

Constructors

Constructor	Description
MessageReplayCheckerImpl(ReplayCache replayCache, String replayCacheName)	Constructor.

Method Summary

Modifier and Type	Method	Description
void	checkReplay(String id)	Checks if the supplied message ID already has been processed within the time the replay checker keeps the processed items in its cache.
void	checkReplay(SAMLObject object)	Checks if the supplied message contains an ID that already has been processed within the time the replay checker keeps the processed items in its cache.
void	setReplayCache(ReplayCache replayCache)	Assigns the replay cache to use when checking against replay attacks.
void	setReplayCacheExpiration(long replayCacheExpiration)	Assigns the number of milliseconds each stored ID should be kept in the cache.
void	setReplayCacheName(String replayCacheName)	Assigns the name of the replay cache.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

MessageReplayCheckerImpl

public MessageReplayCheckerImpl(ReplayCache replayCache,
 String replayCacheName)

Constructor.

Parameters:

replayCache - the OpenSAML ReplayCache object to use

replayCacheName - the name of the replay cache

Method Details

checkReplay

public void checkReplay(String id)
                 throws MessageReplayException

Checks if the supplied message ID already has been processed within the time the replay checker keeps the processed items in its cache.

Specified by:

checkReplay in interface MessageReplayChecker

Parameters:

id - the message ID

Throws:

MessageReplayException - if there is a replay attack

checkReplay

public void checkReplay(SAMLObject object)
                 throws MessageReplayException,
IllegalArgumentException

Checks if the supplied message contains an ID that already has been processed within the time the replay checker keeps the processed items in its cache.

Specified by:

checkReplay in interface MessageReplayChecker

Parameters:

object - the SAML message object

Throws:

MessageReplayException - if there is a replay attack

IllegalArgumentException - if the supplied object is not supported by the checker

setReplayCache

public void setReplayCache(ReplayCache replayCache)

Assigns the replay cache to use when checking against replay attacks.

Parameters:

replayCache - the cache

setReplayCacheName

public void setReplayCacheName(String replayCacheName)

Assigns the name of the replay cache.

Parameters:

replayCacheName - the name

setReplayCacheExpiration

public void setReplayCacheExpiration(long replayCacheExpiration)

Assigns the number of milliseconds each stored ID should be kept in the cache. The default is 5 minutes.

Parameters:

replayCacheExpiration - number of millis