Package se.swedenconnect.opensaml.saml2.response.validation

Class ResponseValidationSettings

java.lang.Object
se.swedenconnect.opensaml.saml2.response.validation.ResponseValidationSettings
public class ResponseValidationSettings extends Object
Configuration settings for response and assertion validation.
Author:
Martin Lindström (martin@idsec.se)

  • Field Details

    • DEFAULT_ALLOWED_CLOCK_SKEW

      public static final Duration DEFAULT_ALLOWED_CLOCK_SKEW
      The default allowed clock skew (in milliseconds) - 30 seconds.

    • DEFAULT_MAX_AGE_RESPONSE

      public static final Duration DEFAULT_MAX_AGE_RESPONSE
      The default age for a response message that we allow (in milliseconds) - 3 minutes.

    • DEFAULT_MAX_SESSION_AGE

      public static final Duration DEFAULT_MAX_SESSION_AGE
      Default max session age (in milliseconds) - 1 hour.

  • Constructor Details

    • ResponseValidationSettings

      public ResponseValidationSettings()

  • Method Details

    • getAllowedClockSkew

      public Duration getAllowedClockSkew()
      Returns the allowed clock skew.

      The default is DEFAULT_ALLOWED_CLOCK_SKEW.

      Returns:
      the allowed clock skew

    • setAllowedClockSkew

      public void setAllowedClockSkew(Duration allowedClockSkew)
      Assigns the allowed clock skew.

      The default is DEFAULT_ALLOWED_CLOCK_SKEW.

      Parameters:
      allowedClockSkew - the allowed clock skew

    • getMaxAgeResponse

      public Duration getMaxAgeResponse()
      Returns the maximum allowed "age" of a response message.

      The default is DEFAULT_MAX_AGE_RESPONSE.

      Returns:
      the maximum allowed "age" of a response message

    • setMaxAgeResponse

      public void setMaxAgeResponse(Duration maxAgeResponse)
      Assigns the maximum allowed "age" of a response message

      The default is DEFAULT_MAX_AGE_RESPONSE.

      Parameters:
      maxAgeResponse - the maximum allowed "age" of a response message

    • getMaxSessionAge

      public Duration getMaxSessionAge()
      Returns the maximum session age allowed for SSO.

      The default is DEFAULT_MAX_SESSION_AGE.

      Returns:
      the maximum session age allowed for SSO

    • setMaxSessionAge

      public void setMaxSessionAge(Duration maxSessionAge)
      Assigns the maximum session age allowed for SSO.

      The default is DEFAULT_MAX_SESSION_AGE.

      Parameters:
      maxSessionAge - the maximum session age allowed for SSO

    • isStrictValidation

      public boolean isStrictValidation()
      Predicate telling whether strict validation should be performed.

      The default is false.

      Returns:
      whether strict validation should be performed

    • setStrictValidation

      public void setStrictValidation(boolean strictValidation)
      Assigns telling whether strict validation should be performed.

      The default is false.

      Parameters:
      strictValidation - whether strict validation should be performed

    • isRequireSignedAssertions

      public boolean isRequireSignedAssertions()
      Do we require signed assertions?

      Should correspond the WantAssertionsSigned of the SP metadata.

      Returns:
      do we require signed assertions?

    • setRequireSignedAssertions

      public void setRequireSignedAssertions(boolean requireSignedAssertions)
      Assigns whether we require signed assertions.

      Should correspond the WantAssertionsSigned of the SP metadata.

      Parameters:
      requireSignedAssertions - whether we require signed assertions?

    • toString

      public String toString()
      Overrides:
      toString in class Object