edu.internet2.middleware.shibboleth.common.binding.security
Class ShibbolethClientCertAuthRule

java.lang.Object
  extended by org.opensaml.ws.security.provider.BaseTrustEngineRule<org.opensaml.xml.security.x509.X509Credential>
      extended by org.opensaml.ws.security.provider.ClientCertAuthRule
          extended by org.opensaml.common.binding.security.SAMLMDClientCertAuthRule
              extended by edu.internet2.middleware.shibboleth.common.binding.security.ShibbolethClientCertAuthRule
All Implemented Interfaces:
org.opensaml.ws.security.SecurityPolicyRule

public class ShibbolethClientCertAuthRule
extends org.opensaml.common.binding.security.SAMLMDClientCertAuthRule

Specialization of SAMLMDClientCertAuthRule which may include Shibboleth-specific method overrides for client certificate authentication processing.


Constructor Summary
ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine)
          Constructor.
ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine, org.opensaml.ws.security.provider.CertificateNameOptions nameOptions)
          Constructor.
 
Method Summary
 
Methods inherited from class org.opensaml.common.binding.security.SAMLMDClientCertAuthRule
buildCriteriaSet
 
Methods inherited from class org.opensaml.ws.security.provider.ClientCertAuthRule
doEvaluate, evaluate, evaluateCertificateNameDerivedIssuers, evaluateCertificateNameDerivedPresenters, evaluateDerivedIssuers, evaluateDerivedPresenters, evaluateSubjectAltNames, evaluateSubjectCommonName, evaluateSubjectDN, getAltNames, getCertificateNameOptions, getCertificatePresenterEntityID, getCommonName, getSubjectName, setAuthenticatedCertificatePresenterEntityID
 
Methods inherited from class org.opensaml.ws.security.provider.BaseTrustEngineRule
evaluate, evaluate, getTrustEngine
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ShibbolethClientCertAuthRule

public ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine,
                                    org.opensaml.ws.security.provider.CertificateNameOptions nameOptions)
Constructor.

Parameters:
engine - Trust engine used to verify the request X509Credential
nameOptions - options for deriving issuer names from an X.509 certificate

ShibbolethClientCertAuthRule

public ShibbolethClientCertAuthRule(org.opensaml.xml.security.trust.TrustEngine<org.opensaml.xml.security.x509.X509Credential> engine)
Constructor. The certificate name issuer derivation options are defaulted to be consistent with the Shibboleth 1.3 identity provider.

Parameters:
engine - Trust engine used to verify the request X509Credential


Copyright © 2006-2009 Internet2. All Rights Reserved.