Class Saml2AuthenticationToken
java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken
- All Implemented Interfaces:
Serializable
,Principal
,Authentication
,CredentialsContainer
Represents an incoming SAML 2.0 response containing an assertion that has not been
validated.
isAuthenticated()
will always return false.- Since:
- 5.2
- See Also:
-
Constructor Summary
ConstructorDescriptionSaml2AuthenticationToken
(RelyingPartyRegistration relyingPartyRegistration, String saml2Response) Creates aSaml2AuthenticationToken
with the provided parameters Note that the givenRelyingPartyRegistration
should have all its templates resolved at this point.Saml2AuthenticationToken
(RelyingPartyRegistration relyingPartyRegistration, String saml2Response, AbstractSaml2AuthenticationRequest authenticationRequest) Creates aSaml2AuthenticationToken
with the provided parameters. -
Method Summary
Modifier and TypeMethodDescriptionReturns the authentication request sent to the assertion party ornull
if no authentication request is presentReturns the decoded and inflated SAML 2.0 Response XML object as a stringAlways returns null.Get the resolvedRelyingPartyRegistration
associated with the requestReturns inflated and decoded XML representation of the SAML 2 Responseboolean
Used to indicate toAbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
.void
setAuthenticated
(boolean authenticated) The state of this object cannot be changed.Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken
equals, eraseCredentials, getAuthorities, getDetails, getName, hashCode, setDetails, toString
-
Constructor Details
-
Saml2AuthenticationToken
public Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, String saml2Response, AbstractSaml2AuthenticationRequest authenticationRequest) Creates aSaml2AuthenticationToken
with the provided parameters. Note that the givenRelyingPartyRegistration
should have all its templates resolved at this point. SeeSaml2WebSsoAuthenticationFilter
for an example of performing that resolution.- Parameters:
relyingPartyRegistration
- the resolvedRelyingPartyRegistration
to usesaml2Response
- the SAML 2.0 response to authenticateauthenticationRequest
- theAuthNRequest
sent to the asserting party- Since:
- 5.6
-
Saml2AuthenticationToken
public Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, String saml2Response) Creates aSaml2AuthenticationToken
with the provided parameters Note that the givenRelyingPartyRegistration
should have all its templates resolved at this point. SeeSaml2WebSsoAuthenticationFilter
for an example of performing that resolution.- Parameters:
relyingPartyRegistration
- the resolvedRelyingPartyRegistration
to usesaml2Response
- the SAML 2.0 response to authenticate- Since:
- 5.4
-
-
Method Details
-
getCredentials
Returns the decoded and inflated SAML 2.0 Response XML object as a string- Returns:
- decoded and inflated XML data as a
String
-
getPrincipal
Always returns null.- Returns:
- null
-
getRelyingPartyRegistration
Get the resolvedRelyingPartyRegistration
associated with the request- Returns:
- the resolved
RelyingPartyRegistration
- Since:
- 5.4
-
getSaml2Response
Returns inflated and decoded XML representation of the SAML 2 Response- Returns:
- inflated and decoded XML representation of the SAML 2 Response
-
isAuthenticated
public boolean isAuthenticated()Description copied from interface:Authentication
Used to indicate toAbstractSecurityInterceptor
whether it should present the authentication token to theAuthenticationManager
. Typically anAuthenticationManager
(or, more often, one of itsAuthenticationProvider
s) will return an immutable authentication token after successful authentication, in which case that token can safely returntrue
to this method. Returningtrue
will improve performance, as calling theAuthenticationManager
for every request will no longer be necessary.For security reasons, implementations of this interface should be very careful about returning
true
from this method unless they are either immutable, or have some way of ensuring the properties have not been changed since original creation.- Specified by:
isAuthenticated
in interfaceAuthentication
- Overrides:
isAuthenticated
in classAbstractAuthenticationToken
- Returns:
- false
-
setAuthenticated
public void setAuthenticated(boolean authenticated) The state of this object cannot be changed. Will always throw an exception- Specified by:
setAuthenticated
in interfaceAuthentication
- Overrides:
setAuthenticated
in classAbstractAuthenticationToken
- Parameters:
authenticated
- ignored
-
getAuthenticationRequest
Returns the authentication request sent to the assertion party ornull
if no authentication request is present- Returns:
- the authentication request sent to the assertion party
- Since:
- 5.6
-