java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken
All Implemented Interfaces:
Serializable, Principal, Authentication, CredentialsContainer

public class Saml2AuthenticationToken extends AbstractAuthenticationToken
Represents an incoming SAML 2.0 response containing an assertion that has not been validated. isAuthenticated() will always return false.
Since:
5.2
See Also:
  • Constructor Details

  • Method Details

    • getCredentials

      public Object getCredentials()
      Returns the decoded and inflated SAML 2.0 Response XML object as a string
      Returns:
      decoded and inflated XML data as a String
    • getPrincipal

      public Object getPrincipal()
      Always returns null.
      Returns:
      null
    • getRelyingPartyRegistration

      public RelyingPartyRegistration getRelyingPartyRegistration()
      Get the resolved RelyingPartyRegistration associated with the request
      Returns:
      the resolved RelyingPartyRegistration
      Since:
      5.4
    • getSaml2Response

      public String getSaml2Response()
      Returns inflated and decoded XML representation of the SAML 2 Response
      Returns:
      inflated and decoded XML representation of the SAML 2 Response
    • isAuthenticated

      public boolean isAuthenticated()
      Description copied from interface: Authentication
      Used to indicate to AbstractSecurityInterceptor whether it should present the authentication token to the AuthenticationManager. Typically an AuthenticationManager (or, more often, one of its AuthenticationProviders) will return an immutable authentication token after successful authentication, in which case that token can safely return true to this method. Returning true will improve performance, as calling the AuthenticationManager for every request will no longer be necessary.

      For security reasons, implementations of this interface should be very careful about returning true from this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.

      Specified by:
      isAuthenticated in interface Authentication
      Overrides:
      isAuthenticated in class AbstractAuthenticationToken
      Returns:
      false
    • setAuthenticated

      public void setAuthenticated(boolean authenticated)
      The state of this object cannot be changed. Will always throw an exception
      Specified by:
      setAuthenticated in interface Authentication
      Overrides:
      setAuthenticated in class AbstractAuthenticationToken
      Parameters:
      authenticated - ignored
    • getAuthenticationRequest

      public AbstractSaml2AuthenticationRequest getAuthenticationRequest()
      Returns the authentication request sent to the assertion party or null if no authentication request is present
      Returns:
      the authentication request sent to the assertion party
      Since:
      5.6