Interface SecurityConfiguration
- All Known Implementing Classes:
AbstractSecurityConfiguration
,DefaultSecurityConfiguration
,SAML2IntSecurityConfiguration
The OpenSAML ConfigurationService
singleton may be queried for the configuration to use for a certain
security operation. For example, to get the EncryptionConfiguration
to use, the following code gives us the
config for an encryption operation:
EncryptionConfiguration encryptionConfiguration = ConfigurationService.get(EncryptionConfiguration.class);
This is simple and straightforward, and you should probably stick with that way of getting the system defaults for
security configuration. However, in some cases, for example when a SAML SP or IdP should support several different
profiles regarding security configuration the above doesn't work that well. In these cases you may instantiate
different SecurityConfiguration
objects with different defaults, and use those objects to query for the
security configuration.
SecurityConfiguration saml2intConfig = setupSaml2intConfig();
...
EncryptionConfig config = saml2intConfig.getEncryptionConfiguration();
When OpenSAML is initialized (using InitializationService.initialize()
) the ConfigurationService
will
be assigned the default values from the DefaultSecurityConfigurationBootstrap
class. After OpenSAML has been
initialized it is possible to modify these defaults by replacing the stored default objects.
EncryptionConfiguration myEncryptionConfiguration = ...;
... a lot of code setting algorithms ...
ConfigurationService.register(EncryptionConfiguration.class, myEncryptionConfiguration);
By using a SecurityConfiguration
object this step may be simplified. For example, to configure the system to
use the SAML2Int algorithm requirements you simply do:
SecurityConfiguration saml2intConfig = new SAML2IntSecurityConfiguration();
saml2intConfig.initOpenSAML();
If you use the OpenSAMLInitializer
you can do the following instead:
OpenSAMLInitializer.getInstance().initialize(
new OpenSAMLSecurityExtensionConfig(),
new OpenSAMLSecurityDefaultsConfig(new SAML2IntSecurityConfiguration()));
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Method Summary
Modifier and TypeMethodDescriptionorg.opensaml.xmlsec.DecryptionConfiguration
Returns the decryption configuration that has been configured.org.opensaml.xmlsec.EncryptionConfiguration
Returns the encryption configuration that has been configured.Gets the profile name of this configuration setup.org.opensaml.xmlsec.SignatureSigningConfiguration
Returns the signing configuration that has been configued.org.opensaml.xmlsec.SignatureValidationConfiguration
Returns the signature validation configuration that has been configured.void
Initializes OpenSAML with the defaults that has been installed for this instance.
-
Method Details
-
getProfileName
String getProfileName()Gets the profile name of this configuration setup.- Returns:
- the profile name
-
getEncryptionConfiguration
org.opensaml.xmlsec.EncryptionConfiguration getEncryptionConfiguration()Returns the encryption configuration that has been configured.- Returns:
- encryption configuration
-
getDecryptionConfiguration
org.opensaml.xmlsec.DecryptionConfiguration getDecryptionConfiguration()Returns the decryption configuration that has been configured.- Returns:
- decryption configuration
-
getSignatureSigningConfiguration
org.opensaml.xmlsec.SignatureSigningConfiguration getSignatureSigningConfiguration()Returns the signing configuration that has been configued.- Returns:
- signing configuration
-
getSignatureValidationConfiguration
org.opensaml.xmlsec.SignatureValidationConfiguration getSignatureValidationConfiguration()Returns the signature validation configuration that has been configured.- Returns:
- signature validation configuration
-
initOpenSAML
void initOpenSAML() throws org.opensaml.core.config.InitializationExceptionInitializes OpenSAML with the defaults that has been installed for this instance.ConfigurationService.register(XXXConfiguration.class, xxxConfiguration);
- Throws:
org.opensaml.core.config.InitializationException
- for initialization errors
-