Package org.opensaml.messaging.handler.impl

Class URLEvaluatingMessageChannelSecurity

  • All Implemented Interfaces:
    net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, org.opensaml.messaging.handler.MessageHandler
    public class URLEvaluatingMessageChannelSecurity
extends AbstractMessageChannelSecurity
    Message handler which populates a MessageChannelSecurityContext based on evaluating a target URL resolved via a configured strategy function.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      private boolean defaultPortInsecure
      Flag controlling whether traffic on the default TLS port is "secure".
      private org.slf4j.Logger log
      Logger.
      private String url
      The target resolved URL.
      private net.shibboleth.utilities.java.support.net.URLBuilder urlBuilder
      Target resolved and parsed URL.
      private Function<org.opensaml.messaging.context.MessageContext,​String> urlLookup
      Function which looks up the URL to evaluate.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void doInitialize()
      protected void doInvoke​(org.opensaml.messaging.context.MessageContext messageContext)
      protected boolean doPreInvoke​(org.opensaml.messaging.context.MessageContext messageContext)
      void setDefaultPortInsecure​(boolean flag)
      Set whether traffic on the default TLS port is "secure" for the purposes of this action.
      void setURLLookup​(Function<org.opensaml.messaging.context.MessageContext,​String> function)
      Set the function which looks up the destination URL to evaluate.

      • Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler

        doPostInvoke, doPostInvoke, getActivationCondition, getLogPrefix, invoke, setActivationCondition

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

        destroy, doDestroy, initialize, isDestroyed, isInitialized

      • Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

        initialize, isInitialized

    • Field Detail

      • log

        @Nonnull
private org.slf4j.Logger log
        Logger.

      • defaultPortInsecure

        private boolean defaultPortInsecure
        Flag controlling whether traffic on the default TLS port is "secure".

      • urlLookup

        @NonnullAfterInit
private Function<org.opensaml.messaging.context.MessageContext,​String> urlLookup
        Function which looks up the URL to evaluate.

      • url

        @Nullable
private String url
        The target resolved URL.

      • urlBuilder

        @Nullable
private net.shibboleth.utilities.java.support.net.URLBuilder urlBuilder
        Target resolved and parsed URL.

    • Constructor Detail

      • URLEvaluatingMessageChannelSecurity

        public URLEvaluatingMessageChannelSecurity()
        Constructor.

    • Method Detail

      • setDefaultPortInsecure

        public void setDefaultPortInsecure​(boolean flag)
        Set whether traffic on the default TLS port is "secure" for the purposes of this action.

        Defaults to "true"

        Ordinarily TLS is considered a "secure" channel, but traffic to a default port meant for browser access tends to rely on server certificates that are unsuited to secure messaging use cases. This flag allows software layers to recognize traffic on this port as "insecure" and needing additional security measures.

        Parameters:
        flag - flag to set

      • setURLLookup

        public void setURLLookup​(@Nullable
                         Function<org.opensaml.messaging.context.MessageContext,​String> function)
        Set the function which looks up the destination URL to evaluate.
        Parameters:
        function - the lookup function

      • doInitialize

        protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
        Overrides:
        doInitialize in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
        Throws:
        net.shibboleth.utilities.java.support.component.ComponentInitializationException

      • doPreInvoke

        protected boolean doPreInvoke​(@Nonnull
                              org.opensaml.messaging.context.MessageContext messageContext)
                       throws org.opensaml.messaging.handler.MessageHandlerException
        Overrides:
        doPreInvoke in class AbstractMessageChannelSecurity
        Throws:
        org.opensaml.messaging.handler.MessageHandlerException

      • doInvoke

        protected void doInvoke​(@Nonnull
                        org.opensaml.messaging.context.MessageContext messageContext)
        Specified by:
        doInvoke in class org.opensaml.messaging.handler.AbstractMessageHandler