Package org.certificateservices.messages.saml2.metadata

Class SAMLMetaDataMessageParser

    • Field Detail

      • METADATA_XSD_SCHEMA_2_0_RESOURCE_LOCATION

        protected static final java.lang.String METADATA_XSD_SCHEMA_2_0_RESOURCE_LOCATION
        See Also:
        Constant Field Values

    • Constructor Detail

      • SAMLMetaDataMessageParser

        public SAMLMetaDataMessageParser()

    • Method Detail

      • getDefaultSchemaLocations

        public java.lang.String[] getDefaultSchemaLocations()
                                             throws org.xml.sax.SAXException
        Specified by:
        getDefaultSchemaLocations in class BaseSAMLMessageParser
        Returns:
        an array of schema locations used by the parser. The string value should point to resources available using getResourceAsStream()
        Throws:
        org.xml.sax.SAXException

      • lookupSchemaForElement

        protected java.lang.String lookupSchemaForElement​(java.lang.String type,
                                                  java.lang.String namespaceURI,
                                                  java.lang.String publicId,
                                                  java.lang.String systemId,
                                                  java.lang.String baseURI)
        Description copied from class: BaseSAMLMessageParser
        Method to find Schema for a specific element related to the custom schema locations. The implementation only need to find it's related XSD, the basic datatypes and XML itself are not needed.
        Specified by:
        lookupSchemaForElement in class BaseSAMLMessageParser
        Parameters:
        type - The type of the resource being resolved. For XML [XML 1.0] resources (i.e. entities), applications must use the value "http://www.w3.org/TR/REC-xml". For XML Schema [XML Schema Part 1], applications must use the value "http://www.w3.org/2001/XMLSchema". Other types of resources are outside the scope of this specification and therefore should recommend an absolute URI in order to use this method.
        namespaceURI - The namespace of the resource being resolved, e.g. the target namespace of the XML Schema [XML Schema Part 1] when resolving XML Schema resources.
        publicId - The public identifier of the external entity being referenced, or null if no public identifier was supplied or if the resource is not an entity.
        systemId - The system identifier, a URI reference [IETF RFC 2396], of the external resource being referenced, or null if no system identifier was supplied.
        baseURI - The absolute base URI of the resource being parsed, or null if there is no base URI.
        Returns:
        the resource as stream path to related schema XSD, or null if no matching found.

      • genEntityDescriptor

        public EntityDescriptorType genEntityDescriptor​(java.lang.String entityID,
                                                java.util.Date validUntil,
                                                javax.xml.datatype.Duration cacheDuration,
                                                ExtensionsType extensions,
                                                java.util.List<java.lang.Object> descriptors,
                                                OrganizationType organisation,
                                                java.util.List<ContactType> contactPersons,
                                                java.util.List<AdditionalMetadataLocationType> additionalMetadataLocations,
                                                java.util.Map<javax.xml.namespace.QName,​java.lang.String> otherAttributes)
                                         throws MessageProcessingException,
                                                MessageContentException
        The element specifies metadata for a single SAML entity. A single entity may act in many different roles in the support of multiple profiles. This specification directly supports the following concrete roles as well as the abstract element for extensibility (see subsequent sections for more details):
      • SSO Identity Provider
      • SSO Service Provider
      • Authentication Authority
      • Attribute Authority
      • Policy Decision Point
      • Affiliation

        • When used as the root element of a metadata instance, this element MUST contain either a validUntil or cacheDuration attribute. It is RECOMMENDED that only the root element of a metadata instance contain either attribute.

        It is RECOMMENDED that if multiple role descriptor elements of the same type appear, that they do not share overlapping protocolSupportEnumeration values. Selecting from among multiple role descriptor elements of the same type that do share a protocolSupportEnumeration value is undefined within this specification, but MAY be defined by metadata profiles, possibly through the use of other distinguishing extension attributes.

Parameters:
entityID - Specifies the unique identifier of the SAML entity whose metadata is described by the element's contents. (Required)
validUntil - Optional attribute indicates the expiration time of the metadata contained in the element and any contained elements. (Optional, use null to not set).
cacheDuration - Optional attribute indicates the maximum length of time a consumer should cache the metadata contained in the element and any contained elements. (Optional, use null to not set).
extensions - This contains optional metadata extensions that are agreed upon between a metadata publisher and consumer. Extension elements MUST be namespace-qualified by a non-SAML-defined namespace. (Optional, use null to not set).
descriptors - The primary content of the element is either a sequence of one or more role descriptor elements, or a specialized descriptor that defines an affiliation. Either a list of RoleDescriptorType or One AffiliationDescriptorType.
organisation - Optional element i dentifying the organization responsible for the SAML entity described by the element. (Optional, use null to not set).
contactPersons - Optional sequence of elements identifying various kinds of contact personnel. (Optional, use null to not set).
additionalMetadataLocations - Optional sequence of namespace-qualified locations where additional metadata exists for the SAML entity. This may include metadata in alternate formats or describing adherence to other non-SAML specifications. (Optional, use null to not set).
otherAttributes - Arbitrary namespace-qualified attributes from non-SAML-defined namespaces. (Optional, use null to not set).
Returns:
a populated EntityDescriptorType
Throws:
MessageProcessingException - if internal error occurred generating the message.
MessageContentException - if bad message format was detected.
Parameters:
context - message security related context. Use null if no signature should be used.
entityID - Specifies the unique identifier of the SAML entity whose metadata is described by the element's contents. (Required)
validUntil - Optional attribute indicates the expiration time of the metadata contained in the element and any contained elements. (Optional, use null to not set).
cacheDuration - Optional attribute indicates the maximum length of time a consumer should cache the metadata contained in the element and any contained elements. (Optional, use null to not set).
extensions - This contains optional metadata extensions that are agreed upon between a metadata publisher and consumer. Extension elements MUST be namespace-qualified by a non-SAML-defined namespace. (Optional, use null to not set).
descriptors - The primary content of the element is either a sequence of one or more role descriptor elements, or a specialized descriptor that defines an affiliation. Either a list of RoleDescriptorType or One AffiliationDescriptorType.
organisation - Optional element i dentifying the organization responsible for the SAML entity described by the element. (Optional, use null to not set).
contactPersons - Optional sequence of elements identifying various kinds of contact personnel. (Optional, use null to not set).
additionalMetadataLocations - Optional sequence of namespace-qualified locations where additional metadata exists for the SAML entity. This may include metadata in alternate formats or describing adherence to other non-SAML specifications. (Optional, use null to not set).
otherAttributes - Arbitrary namespace-qualified attributes from non-SAML-defined namespaces. (Optional, use null to not set).
sign - if returned message should contain a signature.
Returns:
marshalled xml message in UTF-8 encoded byte array.
Throws:
MessageProcessingException - if internal error occurred generating the message.
MessageContentException - if bad message format was detected.