org.opensaml.saml.saml2.profile.impl

Class AbstractEncryptAction

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction<InboundMessageType,OutboundMessageType>

org.opensaml.profile.action.AbstractConditionalProfileAction

org.opensaml.saml.saml2.profile.impl.AbstractEncryptAction

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, ProfileAction

Direct Known Subclasses:

EncryptAssertions, EncryptAttributes, EncryptNameIDs

public abstract class AbstractEncryptAction
extends AbstractConditionalProfileAction

Abstract base class for actions that perform simple unicast SAML encryption to a single decrypting party.

The EncryptionContext governing the encryption process is located by a lookup strategy, by default a child of the outbound message context.

An optional recipient name is also obtained from a lookup strategy.

Field Summary

Fields

Modifier and Type	Field and Description
private Encrypter	encrypter The encryption object.
private com.google.common.base.Function<ProfileRequestContext,EncryptionContext>	encryptionCtxLookupStrategy Strategy used to locate the EncryptionContext.
private com.google.common.base.Function<ProfileRequestContext,Encrypter.KeyPlacement>	keyPlacementLookupStrategy Strategy used to determine encrypted key placement.
private Logger	log Class logger.
private com.google.common.base.Function<ProfileRequestContext,String>	recipientLookupStrategy Strategy used to locate the encryption recipient.

Constructor Summary

Constructors

Constructor and Description
AbstractEncryptAction() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected boolean	doPreExecute(ProfileRequestContext profileRequestContext)
protected abstract org.opensaml.xmlsec.EncryptionParameters	getApplicableParameters(EncryptionContext ctx) Return the right set of parameters for the operation to be performed, or none if no encryption should occur.
Encrypter	getEncrypter() Get the encrypter.
void	setEncryptionContextLookupStrategy(com.google.common.base.Function<ProfileRequestContext,EncryptionContext> strategy) Set the strategy used to locate the EncryptionContext associated with a given ProfileRequestContext.
void	setKeyPlacementLookupStrategy(com.google.common.base.Function<ProfileRequestContext,Encrypter.KeyPlacement> strategy) Set the strategy used to determine the encrypted key placement strategy.
void	setRecipientLookupStrategy(com.google.common.base.Function<ProfileRequestContext,String> strategy) Set the strategy used to locate the encryption recipient.

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doExecute, doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final Logger log

Class logger.

encryptionCtxLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,EncryptionContext> encryptionCtxLookupStrategy

Strategy used to locate the EncryptionContext.

recipientLookupStrategy

@Nullable
private com.google.common.base.Function<ProfileRequestContext,String> recipientLookupStrategy

Strategy used to locate the encryption recipient.

keyPlacementLookupStrategy

@Nonnull
private com.google.common.base.Function<ProfileRequestContext,Encrypter.KeyPlacement> keyPlacementLookupStrategy

Strategy used to determine encrypted key placement.

encrypter

@Nullable
private Encrypter encrypter

The encryption object.

Constructor Detail

AbstractEncryptAction

public AbstractEncryptAction()

Constructor.

Method Detail

setEncryptionContextLookupStrategy

public void setEncryptionContextLookupStrategy(@Nonnull
                                      com.google.common.base.Function<ProfileRequestContext,EncryptionContext> strategy)

Set the strategy used to locate the EncryptionContext associated with a given ProfileRequestContext.

Parameters:

strategy - lookup strategy

setRecipientLookupStrategy

public void setRecipientLookupStrategy(@Nonnull
                              com.google.common.base.Function<ProfileRequestContext,String> strategy)

Set the strategy used to locate the encryption recipient.

Parameters:

strategy - lookup strategy

setKeyPlacementLookupStrategy

public void setKeyPlacementLookupStrategy(@Nonnull
                                 com.google.common.base.Function<ProfileRequestContext,Encrypter.KeyPlacement> strategy)

Set the strategy used to determine the encrypted key placement strategy.

Parameters:

strategy - lookup strategy

getEncrypter

@Nullable
public Encrypter getEncrypter()

Get the encrypter.

Returns:

the encrypter

doPreExecute

protected boolean doPreExecute(@Nonnull
                   ProfileRequestContext profileRequestContext)

Overrides:

doPreExecute in class AbstractConditionalProfileAction

getApplicableParameters

@Nullable
protected abstract org.opensaml.xmlsec.EncryptionParameters getApplicableParameters(@Nullable
                                                                        EncryptionContext ctx)

Return the right set of parameters for the operation to be performed, or none if no encryption should occur.

Parameters:

ctx - possibly null input context to pull parameters from

Returns:

the right parameter set, or null for none