Package se.swedenconnect.spring.saml.idp.config.configurers

Class Saml2AuthnRequestAuthenticationProviderConfigurer

java.lang.Object

se.swedenconnect.spring.saml.idp.config.configurers.Saml2AuthnRequestAuthenticationProviderConfigurer

public class Saml2AuthnRequestAuthenticationProviderConfigurer
extends Object

A configurer for configuring the Saml2AuthnRequestAuthenticationProvider.

Author:

Martin Lindström

Constructor Summary

Constructors

Constructor	Description
Saml2AuthnRequestAuthenticationProviderConfigurer()

Method Summary

Modifier and Type	Method	Description
Saml2AuthnRequestAuthenticationProviderConfigurer	assertionConsumerServiceValidator(AuthnRequestValidator assertionConsumerServiceValidator)	Assigns a custom assertion consumer service AuthnRequestValidator.
protected static List<RequestedAttributeProcessor>	createDefaultRequestedAttributeProcessors(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity)	Gets the default set of RequestedAttributeProcessors.
Saml2AuthnRequestAuthenticationProviderConfigurer	messageReplayChecker(MessageReplayChecker messageReplayChecker)	Assigns a MessageReplayChecker to the AuthnRequestReplayValidator.
Saml2AuthnRequestAuthenticationProviderConfigurer	nameIDGeneratorFactory(NameIDGeneratorFactory nameIDGeneratorFactory)	Assigns a custom NameIDGeneratorFactory.
Saml2AuthnRequestAuthenticationProviderConfigurer	principalSelectionProcessor(PrincipalSelectionProcessor principalSelectionProcessor)	Assigns a custom PrincipalSelectionProcessor.
Saml2AuthnRequestAuthenticationProviderConfigurer	replayValidator(AuthnRequestValidator replayValidator)	Assigns a replay validator.
Saml2AuthnRequestAuthenticationProviderConfigurer	requestedAttributeProcessors(Consumer<List<RequestedAttributeProcessor>> customizer)	Gives access to the list of RequestedAttributeProcessors.
Saml2AuthnRequestAuthenticationProviderConfigurer	serviceProviderFilter(Saml2ServiceProviderFilter serviceProviderFilter)	Assigns a Saml2ServiceProviderFilter.
Saml2AuthnRequestAuthenticationProviderConfigurer	signatureMessageExtensionExtractor(SignatureMessageExtensionExtractor signatureMessageExtensionExtractor)	Assigns a custom SignatureMessageExtensionExtractor.
Saml2AuthnRequestAuthenticationProviderConfigurer	signatureMessagePreprocessor(SignatureMessagePreprocessor signatureMessagePreprocessor)	Assigns a SignatureMessagePreprocessor that is used to prepare received sign messages for display.
Saml2AuthnRequestAuthenticationProviderConfigurer	signatureValidator(AuthnRequestValidator signatureValidator)	Assigns a custom AuthnRequestValidator for validating the signatures of AuthnRequest messages.
Saml2AuthnRequestAuthenticationProviderConfigurer	userMessagePreprocessor(UserMessagePreprocessor userMessagePreprocessor)	Assigns a UserMessagePreprocessor that is used to prepare received user messages for display.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Saml2AuthnRequestAuthenticationProviderConfigurer

public Saml2AuthnRequestAuthenticationProviderConfigurer()

Method Details

signatureValidator

public Saml2AuthnRequestAuthenticationProviderConfigurer signatureValidator(AuthnRequestValidator signatureValidator)

Assigns a custom AuthnRequestValidator for validating the signatures of AuthnRequest messages.

Parameters:

signatureValidator - a validator

Returns:

this configurer

assertionConsumerServiceValidator

public Saml2AuthnRequestAuthenticationProviderConfigurer assertionConsumerServiceValidator(AuthnRequestValidator assertionConsumerServiceValidator)

Assigns a custom assertion consumer service AuthnRequestValidator.

If the validation succeeds the validator must assigned the assertion consumer service URL using Saml2AuthnRequestAuthenticationToken.setAssertionConsumerServiceUrl(String).

Parameters:

assertionConsumerServiceValidator - the validator

Returns:

this configurer

replayValidator

public Saml2AuthnRequestAuthenticationProviderConfigurer replayValidator(AuthnRequestValidator replayValidator)

Assigns a replay validator. The default is to use AuthnRequestReplayValidator with an in-memory MessageReplayChecker. Use messageReplayChecker(MessageReplayChecker) to configure another MessageReplayChecker but stick with the AuthnRequestReplayValidator.

Parameters:

replayValidator - the validator

Returns:

this configurer

messageReplayChecker

public Saml2AuthnRequestAuthenticationProviderConfigurer messageReplayChecker(MessageReplayChecker messageReplayChecker)

Assigns a MessageReplayChecker to the AuthnRequestReplayValidator. Mutually exlcusive with replayValidator(AuthnRequestValidator).

Parameters:

messageReplayChecker - the message replay checker to use

Returns:

this configurer

requestedAttributeProcessors

public Saml2AuthnRequestAuthenticationProviderConfigurer requestedAttributeProcessors(Consumer<List<RequestedAttributeProcessor>> customizer)

Gives access to the list of RequestedAttributeProcessors. Using this method the supplied Consumer may be used to add/remove or modify the processors.

Parameters:

customizer - the customizer

Returns:

this configurer

signatureMessageExtensionExtractor

public Saml2AuthnRequestAuthenticationProviderConfigurer signatureMessageExtensionExtractor(SignatureMessageExtensionExtractor signatureMessageExtensionExtractor)

Assigns a custom SignatureMessageExtensionExtractor. The default is DefaultSignatureMessageExtensionExtractor. It is possible to disable support for the SignMessage extension by assigning null.

Parameters:

signatureMessageExtensionExtractor - the custom extractor (or null)

Returns:

this configurer

signatureMessagePreprocessor

public Saml2AuthnRequestAuthenticationProviderConfigurer signatureMessagePreprocessor(SignatureMessagePreprocessor signatureMessagePreprocessor)

Assigns a SignatureMessagePreprocessor that is used to prepare received sign messages for display. By default, no processor is installed.

Parameters:

signatureMessagePreprocessor - the processor.

Returns:

this configurer

userMessagePreprocessor

public Saml2AuthnRequestAuthenticationProviderConfigurer userMessagePreprocessor(UserMessagePreprocessor userMessagePreprocessor)

Assigns a UserMessagePreprocessor that is used to prepare received user messages for display. By default, no processor is installed.

Parameters:

userMessagePreprocessor - the processor

Returns:

the configurer

principalSelectionProcessor

public Saml2AuthnRequestAuthenticationProviderConfigurer principalSelectionProcessor(PrincipalSelectionProcessor principalSelectionProcessor)

Assigns a custom PrincipalSelectionProcessor. The default is DefaultPrincipalSelectionProcessor. It is possible to disable support for the PrincipalSelection extension by assigning null.

Parameters:

principalSelectionProcessor - the custom principal selection extractor (or null)

Returns:

this configurer

nameIDGeneratorFactory

public Saml2AuthnRequestAuthenticationProviderConfigurer nameIDGeneratorFactory(NameIDGeneratorFactory nameIDGeneratorFactory)

Assigns a custom NameIDGeneratorFactory. The default is DefaultNameIDGeneratorFactory.

Parameters:

nameIDGeneratorFactory - the custom NameID generator factory

Returns:

this configurer

serviceProviderFilter

public Saml2AuthnRequestAuthenticationProviderConfigurer serviceProviderFilter(@Nonnull
 Saml2ServiceProviderFilter serviceProviderFilter)

Assigns a Saml2ServiceProviderFilter.

Parameters:

serviceProviderFilter - the filter

Returns:

this configurer

createDefaultRequestedAttributeProcessors

protected static List<RequestedAttributeProcessor> createDefaultRequestedAttributeProcessors(org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity)

Gets the default set of RequestedAttributeProcessors.

Parameters:

httpSecurity - the HTTP security object

Returns:

a list of RequestedAttributeProcessors