Class AuthnRequestReplayValidator
java.lang.Object
se.swedenconnect.spring.saml.idp.authnrequest.validation.AuthnRequestReplayValidator
- All Implemented Interfaces:
AuthnRequestValidator
A
AuthnRequestValidator for protecting against message replay attacks.- Author:
- Martin Lindström
-
Constructor Summary
ConstructorsConstructorDescriptionDefault constructor instantiating an in-memoryMessageReplayChecker.AuthnRequestReplayValidator(MessageReplayChecker replayChecker) Constructor taking theMessageReplayCheckerto use. -
Method Summary
Modifier and TypeMethodDescriptionvoidvalidate(Saml2AuthnRequestAuthenticationToken authnRequestToken) Performs validation of a feature/requirement regarding the supplied SAML 2 authentication request.
-
Constructor Details
-
AuthnRequestReplayValidator
public AuthnRequestReplayValidator()Default constructor instantiating an in-memoryMessageReplayChecker.Note: This is not recommended in a production environment.
-
AuthnRequestReplayValidator
Constructor taking theMessageReplayCheckerto use.- Parameters:
replayChecker- the message replay checker
-
-
Method Details
-
validate
public void validate(Saml2AuthnRequestAuthenticationToken authnRequestToken) throws UnrecoverableSaml2IdpException, Saml2ErrorStatusException Performs validation of a feature/requirement regarding the supplied SAML 2 authentication request.The method may update the supplied token with information useful in later stages.
- Specified by:
validatein interfaceAuthnRequestValidator- Parameters:
authnRequestToken- the authentication request token- Throws:
UnrecoverableSaml2IdpException- for errors that can not be signalled back to the SAML SPSaml2ErrorStatusException- for errors that should be sent as SAML error responses
-