Package org.nuxeo.ecm.platform.auth.saml

Class SAMLAuthenticationProvider

    • Constructor Detail

      • SAMLAuthenticationProvider

        public SAMLAuthenticationProvider()

    • Method Detail

      • initializeSecurity

        protected void initializeSecurity​(Map<String,​String> parameters)

      • initializeMetadataProvider

        protected void initializeMetadataProvider​(Map<String,​String> parameters)
                                   throws org.opensaml.saml2.metadata.provider.MetadataProviderException
        Throws:
        org.opensaml.saml2.metadata.provider.MetadataProviderException

      • getIdPDescriptor

        protected org.opensaml.saml2.metadata.EntityDescriptor getIdPDescriptor()
                                                                 throws org.opensaml.saml2.metadata.provider.MetadataProviderException
        Throws:
        org.opensaml.saml2.metadata.provider.MetadataProviderException

      • getSSOUrl

        protected String getSSOUrl​(javax.servlet.http.HttpServletRequest request,
                           javax.servlet.http.HttpServletResponse response)
        Returns a Login URL to use with HTTP Redirect

      • getRequestedUrl

        protected String getRequestedUrl​(javax.servlet.http.HttpServletRequest request)

      • computeUrl

        public String computeUrl​(javax.servlet.http.HttpServletRequest request,
                         String requestedUrl)
        Description copied from interface: LoginProviderLinkComputer
        Compute Url that should be used to login via this login provider. Because the url can depend onb the context, it is computed by this method rather than using a static property
        Specified by:
        computeUrl in interface LoginProviderLinkComputer

      • handleLoginPrompt

        public Boolean handleLoginPrompt​(javax.servlet.http.HttpServletRequest request,
                                 javax.servlet.http.HttpServletResponse response,
                                 String baseURL)
        Description copied from interface: NuxeoAuthenticationPlugin
        Handles the Login Prompt.
        Specified by:
        handleLoginPrompt in interface NuxeoAuthenticationPlugin
        Parameters:
        request - the request
        response - the response
        Returns:
        true if AuthFilter must stop execution (ie: login prompt generated a redirect), false otherwise

      • getProcessor

        protected AbstractSAMLProfile getProcessor​(org.opensaml.common.binding.SAMLMessageContext context)

      • getBinding

        protected SAMLBinding getBinding​(org.opensaml.ws.transport.InTransport transport)

      • populateLocalContext

        protected void populateLocalContext​(org.opensaml.common.binding.SAMLMessageContext context,
                                    javax.servlet.http.HttpServletRequest request)

      • getSLOUrl

        protected String getSLOUrl​(javax.servlet.http.HttpServletRequest request,
                           javax.servlet.http.HttpServletResponse response)
        Returns a Logout URL to use with HTTP Redirect

      • getSamlCredential

        protected SAMLCredential getSamlCredential​(javax.servlet.http.HttpServletRequest request)

      • handleLogout

        public Boolean handleLogout​(javax.servlet.http.HttpServletRequest request,
                            javax.servlet.http.HttpServletResponse response)
        Description copied from interface: NuxeoAuthenticationPluginLogoutExtension
        Handles logout operation.

        Generic logout (killing session and Seam objects) is done by LogoutActionBean This interface must be implemented by auth plugin when the target auth system needs a specific logout procedure.

        Specified by:
        handleLogout in interface NuxeoAuthenticationPluginLogoutExtension
        Returns:
        true if caller must stop execution (ie: logout generated a redirect), false otherwise

      • sendError

        protected void sendError​(javax.servlet.http.HttpServletRequest req,
                         String key)

      • getKeyManager

        protected KeyManager getKeyManager()

      • getCookie

        protected javax.servlet.http.Cookie getCookie​(javax.servlet.http.HttpServletRequest httpRequest,
                                              String cookieName)

      • removeCookie

        protected void removeCookie​(javax.servlet.http.HttpServletResponse httpResponse,
                            javax.servlet.http.Cookie cookie)