edu.internet2.middleware.shibboleth.common.binding.security
Class ShibbolethClientCertAuthRule
java.lang.Object
org.opensaml.ws.security.provider.BaseTrustEngineRule<org.opensaml.xml.security.x509.X509Credential>
org.opensaml.ws.security.provider.ClientCertAuthRule
org.opensaml.common.binding.security.SAMLMDClientCertAuthRule
edu.internet2.middleware.shibboleth.common.binding.security.ShibbolethClientCertAuthRule
- All Implemented Interfaces:
- org.opensaml.ws.security.SecurityPolicyRule
public class ShibbolethClientCertAuthRule
- extends org.opensaml.common.binding.security.SAMLMDClientCertAuthRule
Specialization of SAMLMDClientCertAuthRule
which may include Shibboleth-specific
method overrides for client certificate authentication processing.
Constructor Summary |
ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine)
Constructor. |
ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine,
org.opensaml.ws.security.provider.CertificateNameOptions nameOptions)
Constructor. |
Methods inherited from class org.opensaml.common.binding.security.SAMLMDClientCertAuthRule |
buildCriteriaSet |
Methods inherited from class org.opensaml.ws.security.provider.ClientCertAuthRule |
doEvaluate, evaluate, evaluateCertificateNameDerivedIssuers, evaluateDerivedIssuers, evaluateSubjectAltNames, evaluateSubjectCommonName, evaluateSubjectDN, getAltNames, getCertificateNameOptions, getCommonName, getSubjectName |
Methods inherited from class org.opensaml.ws.security.provider.BaseTrustEngineRule |
evaluate, evaluate, getTrustEngine |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ShibbolethClientCertAuthRule
public ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine,
org.opensaml.ws.security.provider.CertificateNameOptions nameOptions)
- Constructor.
- Parameters:
engine
- Trust engine used to verify the request X509CredentialnameOptions
- options for deriving issuer names from an X.509 certificate
ShibbolethClientCertAuthRule
public ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine)
- Constructor. The certificate name issuer derivation options are defaulted
to be consistent with the Shibboleth 1.3 identity provider.
- Parameters:
engine
- Trust engine used to verify the request X509Credential
Copyright © 2006-2008 Internet2. All Rights Reserved.