org.apereo.cas.support.saml.web.view

Class AbstractSaml10ResponseView

java.lang.Object

org.springframework.context.support.ApplicationObjectSupport

org.springframework.web.context.support.WebApplicationObjectSupport

org.springframework.web.servlet.view.AbstractView

org.apereo.cas.services.web.view.AbstractCasView

org.apereo.cas.support.saml.web.view.AbstractSaml10ResponseView

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.context.ApplicationContextAware, org.springframework.web.context.ServletContextAware, org.springframework.web.servlet.View

Direct Known Subclasses:

Saml10FailureResponseView, Saml10SuccessResponseView

public abstract class AbstractSaml10ResponseView
extends org.apereo.cas.services.web.view.AbstractCasView

Base class for all views that render SAML1 SOAP messages directly to the HTTP response stream.

Since:

3.5.1

Field Summary

Fields

Modifier and Type	Field and Description
protected int	issueLength Assertion validity period length.
protected Saml10ObjectBuilder	samlObjectBuilder The Saml object builder.
protected int	skewAllowance Skew time.

Fields inherited from class org.apereo.cas.services.web.view.AbstractCasView

authenticationAttributeReleasePolicy, authenticationContextAttribute, protocolAttributeEncoder, servicesManager, successResponse

Fields inherited from class org.springframework.web.servlet.view.AbstractView

DEFAULT_CONTENT_TYPE

Fields inherited from class org.springframework.context.support.ApplicationObjectSupport

logger

Fields inherited from interface org.springframework.web.servlet.View

PATH_VARIABLES, RESPONSE_STATUS_ATTRIBUTE, SELECTED_CONTENT_TYPE

Constructor Summary

Constructors

Constructor and Description

AbstractSaml10ResponseView(boolean successResponse, org.apereo.cas.authentication.ProtocolAttributeEncoder protocolAttributeEncoder, org.apereo.cas.services.ServicesManager servicesManager, java.lang.String authenticationContextAttribute, Saml10ObjectBuilder samlObjectBuilder, org.apereo.cas.web.support.ArgumentExtractor samlArgumentExtractor, java.lang.String encoding, int skewAllowance, int issueLength, org.apereo.cas.authentication.AuthenticationAttributeReleasePolicy authAttrReleasePolicy) Instantiates a new Abstract saml 10 response view.

Method Summary

Modifier and Type	Method and Description
protected abstract void	prepareResponse(org.opensaml.saml.saml1.core.Response response, java.util.Map<java.lang.String,java.lang.Object> model) Subclasses must implement this method by adding child elements (status, assertion, etc) to the given empty SAML 1 response message.
protected void	renderMergedOutputModel(java.util.Map<java.lang.String,java.lang.Object> model, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

Methods inherited from class org.apereo.cas.services.web.view.AbstractCasView

decideAttributeReleaseBasedOnServiceAttributePolicy, decideIfCredentialPasswordShouldBeReleasedAsAttribute, decideIfProxyGrantingTicketShouldBeReleasedAsAttribute, getAssertionFrom, getAuthenticationAttribute, getAuthenticationAttributeReleasePolicy, getAuthenticationAttributes, getAuthenticationAttributesAsMultiValuedAttributes, getAuthenticationContextAttribute, getAuthenticationDate, getChainedAuthentications, getErrorCodeFrom, getErrorDescriptionFrom, getModelAttributes, getPrimaryAuthenticationFrom, getPrincipal, getPrincipalAttributesAsMultiValuedAttributes, getProtocolAttributeEncoder, getProxyGrantingTicketId, getProxyGrantingTicketIou, getSatisfiedMultifactorAuthenticationProviderId, getServiceFrom, getServicesManager, isAssertionBackedByNewLogin, isRememberMeAuthentication, isSuccessResponse, putAllIntoModel, putIntoModel

Methods inherited from class org.springframework.web.servlet.view.AbstractView

addStaticAttribute, createMergedOutputModel, createRequestContext, createTemporaryOutputStream, exposeModelAsRequestAttributes, generatesDownloadContent, getAttributesMap, getBeanName, getContentType, getRequestContextAttribute, getRequestToExpose, getStaticAttributes, isExposePathVariables, prepareResponse, render, setAttributes, setAttributesCSV, setAttributesMap, setBeanName, setContentType, setExposeContextBeansAsAttributes, setExposedContextBeanNames, setExposePathVariables, setRequestContextAttribute, setResponseContentType, toString, writeToResponse

Methods inherited from class org.springframework.web.context.support.WebApplicationObjectSupport

getServletContext, getTempDir, getWebApplicationContext, initApplicationContext, initServletContext, isContextRequired, setServletContext

Methods inherited from class org.springframework.context.support.ApplicationObjectSupport

getApplicationContext, getMessageSourceAccessor, initApplicationContext, requiredContextClass, setApplicationContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

samlObjectBuilder

protected final Saml10ObjectBuilder samlObjectBuilder

The Saml object builder.

skewAllowance

protected final int skewAllowance

Skew time.

issueLength

protected final int issueLength

Assertion validity period length.

Constructor Detail

AbstractSaml10ResponseView

public AbstractSaml10ResponseView(boolean successResponse,
                                  org.apereo.cas.authentication.ProtocolAttributeEncoder protocolAttributeEncoder,
                                  org.apereo.cas.services.ServicesManager servicesManager,
                                  java.lang.String authenticationContextAttribute,
                                  Saml10ObjectBuilder samlObjectBuilder,
                                  org.apereo.cas.web.support.ArgumentExtractor samlArgumentExtractor,
                                  java.lang.String encoding,
                                  int skewAllowance,
                                  int issueLength,
                                  org.apereo.cas.authentication.AuthenticationAttributeReleasePolicy authAttrReleasePolicy)

Instantiates a new Abstract saml 10 response view.

Parameters:

successResponse - the success response

protocolAttributeEncoder - the protocol attribute encoder

servicesManager - the services manager

authenticationContextAttribute - the authentication context attribute

samlObjectBuilder - the saml object builder

samlArgumentExtractor - the saml argument extractor

encoding - Sets the character encoding in the HTTP response.

skewAllowance - Sets the allowance for time skew in seconds between CAS and the client server. Default 0s. This value will be subtracted from the current time when setting the SAML NotBeforeDate attribute, thereby allowing for the CAS server to be ahead of the client by as much as the value defined here. Skewing of the issue instant via setting this property applies to all saml assertions that are issued by CAS and it currently cannot be controlled on a per relying party basis. Before configuring this, it is recommended that each service provider attempt to correctly sync their system time with an NTP server so as to match the CAS server's issue instant config and to avoid applying this setting globally. This should only be used in situations where the NTP server is unresponsive to sync time on the client, or the client is simply unable to adjust their server time configuration.

issueLength - Sets the length of time in seconds between the NotBefore and NotOnOrAfter attributes in the SAML assertion. Default 30s.

authAttrReleasePolicy - This policy controls which authentication attributes get released in a validation response.

Method Detail

renderMergedOutputModel

protected void renderMergedOutputModel(java.util.Map<java.lang.String,java.lang.Object> model,
                                       javax.servlet.http.HttpServletRequest request,
                                       javax.servlet.http.HttpServletResponse response)
                                throws java.lang.Exception

Specified by:

renderMergedOutputModel in class org.springframework.web.servlet.view.AbstractView

Throws:

java.lang.Exception

prepareResponse

protected abstract void prepareResponse(org.opensaml.saml.saml1.core.Response response,
                                        java.util.Map<java.lang.String,java.lang.Object> model)

Subclasses must implement this method by adding child elements (status, assertion, etc) to the given empty SAML 1 response message. Implementers need not be concerned with error handling.

Parameters:

response - SAML 1 response message to be filled.

model - Spring MVC model map containing data needed to prepare response.