use of org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler in project cas by apereo.
the class SamlIdPObjectSigner method prepareEndpointURLSchemeSecurityHandler.
/**
* Prepare endpoint url scheme security handler.
*
* @param <T> the type parameter
* @param outboundContext the outbound context
* @throws Exception the exception
*/
protected <T extends SAMLObject> void prepareEndpointURLSchemeSecurityHandler(final MessageContext<T> outboundContext) throws Exception {
final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
}
use of org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler in project pac4j by pac4j.
the class SAML2WebSSOMessageSender method invokeOutboundMessageHandlers.
protected final void invokeOutboundMessageHandlers(final SPSSODescriptor spDescriptor, final IDPSSODescriptor idpssoDescriptor, final SAML2MessageContext outboundContext) {
try {
final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
final SAMLOutboundDestinationHandler handlerDest = new SAMLOutboundDestinationHandler();
handlerDest.initialize();
handlerDest.invoke(outboundContext);
boolean signOutboundContext = false;
if (this.isAuthnRequestSigned) {
logger.debug("Authn requests are expected to be always signed before submission");
signOutboundContext = true;
} else if (spDescriptor.isAuthnRequestsSigned()) {
logger.debug("The service provider metadata indicates that authn requests are signed");
signOutboundContext = true;
} else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
logger.debug("The identity provider metadata indicates that authn requests may be signed");
signOutboundContext = true;
}
if (signOutboundContext) {
logger.debug("Signing SAML2 outbound context...");
final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.invoke(outboundContext);
}
} catch (final Exception e) {
throw new SAMLException(e);
}
}
use of org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler in project cas by apereo.
the class BaseSamlObjectSigner method prepareEndpointURLSchemeSecurityHandler.
/**
* Prepare endpoint url scheme security handler.
*
* @param <T> the type parameter
* @param outboundContext the outbound context
* @throws Exception the exception
*/
protected <T extends SAMLObject> void prepareEndpointURLSchemeSecurityHandler(final MessageContext<T> outboundContext) throws Exception {
final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
}
use of org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler in project pac4j by pac4j.
the class SAML2LogoutMessageSender method invokeOutboundMessageHandlers.
protected final void invokeOutboundMessageHandlers(final SPSSODescriptor spDescriptor, final IDPSSODescriptor idpssoDescriptor, final SAML2MessageContext outboundContext) {
try {
final EndpointURLSchemeSecurityHandler handlerEnd = new EndpointURLSchemeSecurityHandler();
handlerEnd.initialize();
handlerEnd.invoke(outboundContext);
final SAMLOutboundDestinationHandler handlerDest = new SAMLOutboundDestinationHandler();
handlerDest.initialize();
handlerDest.invoke(outboundContext);
if (spDescriptor.isAuthnRequestsSigned()) {
final SAMLOutboundProtocolMessageSigningHandler handler = new SAMLOutboundProtocolMessageSigningHandler();
handler.setSignErrorResponses(this.signErrorResponses);
handler.invoke(outboundContext);
} else if (idpssoDescriptor.getWantAuthnRequestsSigned()) {
logger.warn("IdP wants authn requests signed, it will perhaps reject your authn requests unless you provide a keystore");
}
} catch (final Exception e) {
throw new SAMLException(e);
}
}
Aggregations