public class DefaultAuthInterceptor extends Object implements IWSServerAuthInterceptor
allowBasic
is set to true, and a SAML artifact isn't available, then fall back to basic
auth to the security providerConstructor and Description |
---|
DefaultAuthInterceptor(boolean allowBasic)
Construct request interceptor and require than incoming SOAP messages must contain
an artifact in the SOAP header.
|
DefaultAuthInterceptor(SAMLAssertionValidator samlValidator,
electric.security.basic.BasicRealm basicRealmAuthenticator,
String securityProviderEndpoint,
boolean allowBasic)
Construct request interceptor with the specified SAML security provider endpoint URL
and specifying whether to enforce the SAML check
|
DefaultAuthInterceptor(String securityProviderURL)
Construct request interceptor with the specified SAML security provider endpoint URL.
|
DefaultAuthInterceptor(String securityProviderURL,
boolean allowBasic)
Construct request interceptor with the specified SAML security provider endpoint URL
and specifying whether to enforce the SAML check
|
Modifier and Type | Method and Description |
---|---|
protected boolean |
doIntercept()
Check if SOAP interception is required
If Http session is already asserted, no interception is necessary.
|
boolean |
getAllowAnonymous()
Whether this interceptor will allow anonymous access
|
boolean |
getAllowBasic() |
String |
getAuthenticatedUserDN()
Get the user dn of the user associated with the HTTP session
of the current thread.
|
electric.security.basic.BasicRealm |
getBasicRealm()
If IWSServerAuthInterceptor can be configured to allowBasic, then it must support
instantiating one of these
|
protected HttpSession |
getHttpSession() |
protected SAMLAssertionValidator |
getSamlValidator() |
void |
intercept(electric.soap.SOAPMessage message,
electric.util.Context messageContext)
Implementation of
ISOAPInterceptor . |
protected boolean |
isAssertedSession()
Does the session contain the flag that we already have an asserted user for this Session
|
protected void |
performIntercept(Element textElement)
Perform SOAP interception to verify the SAML assertion received
in the SOAP header.
|
void |
setAllowAnonymous(boolean allowAnonymous)
Whether this interceptor will allow anonymous access
|
void |
setAllowBasic(boolean allowBasic)
Modify the enforce allowBasic to verify SAML artifact.
|
protected void |
setAsserted(boolean asserted)
Set a value into the current session to flag that we have an asserted user
and don't require validation on subsequent requests
|
protected void |
setSessionUser(String username)
Store the name of the asserted user in the Session
|
public DefaultAuthInterceptor(boolean allowBasic)
allowBasic
- whether or not to allow fall back to basic authpublic DefaultAuthInterceptor(String securityProviderURL)
securityProviderURL
- - The URL of the SAML security provider web service as a Stringpublic DefaultAuthInterceptor(String securityProviderURL, boolean allowBasic)
securityProviderURL
- - The URL of the SAML security provider web service as a StringallowBasic
- whether or not to allow fall back to basic authpublic DefaultAuthInterceptor(SAMLAssertionValidator samlValidator, electric.security.basic.BasicRealm basicRealmAuthenticator, String securityProviderEndpoint, boolean allowBasic)
public void intercept(electric.soap.SOAPMessage message, electric.util.Context messageContext)
ISOAPInterceptor
. This method intercepts
the inbound SOAP message to retrieve the SAML artifact header element.intercept
in interface electric.soap.ISOAPInterceptor
message
- the SOAPMessage
object.messageContext
- the context related to the SOAP message.public electric.security.basic.BasicRealm getBasicRealm()
IWSServerAuthInterceptor
getBasicRealm
in interface IWSServerAuthInterceptor
public void setAllowBasic(boolean allowBasic)
setAllowBasic
in interface IWSServerAuthInterceptor
allowBasic
- boolean set to true if SAML artifact verification
is enforced, false otherwise.public boolean getAllowBasic()
getAllowBasic
in interface IWSServerAuthInterceptor
public boolean getAllowAnonymous()
getAllowAnonymous
in interface IWSServerAuthInterceptor
public void setAllowAnonymous(boolean allowAnonymous)
setAllowAnonymous
in interface IWSServerAuthInterceptor
protected boolean doIntercept()
protected void performIntercept(Element textElement)
protected SAMLAssertionValidator getSamlValidator()
public String getAuthenticatedUserDN()
getAuthenticatedUserDN
in interface IWSServerAuthInterceptor
String
m_name of the userprotected void setAsserted(boolean asserted)
protected void setSessionUser(String username)
protected boolean isAssertedSession()
protected HttpSession getHttpSession()