All Superinterfaces:: Component, IdentifiedComponent, ProfileConfiguration, SAMLProfileConfiguration

All Known Subinterfaces:: ArtifactResolutionProfileConfiguration, AttributeQueryProfileConfiguration, BrowserSSOProfileConfiguration, ECPProfileConfiguration, SAML2AssertionProducingProfileConfiguration, SAMLAssertionConsumingProfileConfiguration, SingleLogoutProfileConfiguration

public interface SAML2ProfileConfiguration extends SAMLProfileConfiguration

Base interface for SAML 2 profile configurations.

Field Summary

Fields inherited from interface net.shibboleth.profile.config.ProfileConfiguration
DEFAULT_DISALLOWED_FEATURES
Method Summary

Modifier and Type

Method

Description

boolean

isEncryptionOptional(ProfileRequestContext profileRequestContext)

Gets whether to ignore an inability to encrypt due to external factors.

boolean

isEncryptNameIDs(ProfileRequestContext profileRequestContext)

Gets the predicate used to determine if name identifiers should be encrypted.

boolean

isIgnoreRequestSignatures(ProfileRequestContext profileRequestContext)

Gets whether to bypass verification of request signatures.

Methods inherited from interface net.shibboleth.shared.component.IdentifiedComponent
getId

Methods inherited from interface net.shibboleth.profile.config.ProfileConfiguration
getDisallowedFeatures, getSecurityConfiguration, isFeatureDisallowed

Methods inherited from interface net.shibboleth.saml.profile.config.SAMLProfileConfiguration
getMessageHandler, isSignRequests, isSignResponses

Method Details
- isIgnoreRequestSignatures
  
  @ConfigurationSetting(name="ignoreRequestSignatures") boolean isIgnoreRequestSignatures(@Nullable ProfileRequestContext profileRequestContext)
  
  Gets whether to bypass verification of request signatures.
  This is typically of use to deal with broken services or to allow a signer's key to be bypassed in the event that it is managed improperly.
  
  Parameters:
  
  profileRequestContext - current profile request context
  
  Returns:
  
  true iff request signatures should be ignored
- isEncryptionOptional
  
  @ConfigurationSetting(name="encryptionOptional") boolean isEncryptionOptional(@Nullable ProfileRequestContext profileRequestContext)
  
  Gets whether to ignore an inability to encrypt due to external factors.
  This allows a deployer to signal that encryption is "best effort" and can be omitted if a relying party doesn't possess a key, support a compatible algorithm, etc.
  
  Defaults to false.
  
  Parameters:
  
  profileRequestContext - current profile request context
  
  Returns:
  
  true iff encryption should be treated as optional
- isEncryptNameIDs
  
  @ConfigurationSetting(name="encryptNameIDs") boolean isEncryptNameIDs(@Nullable ProfileRequestContext profileRequestContext)
  
  Gets the predicate used to determine if name identifiers should be encrypted.
  
  Parameters:
  
  profileRequestContext - current profile request context
  
  Returns:
  
  predicate used to determine if name identifiers should be encrypted

Interface SAML2ProfileConfiguration

Field Summary

Fields inherited from interface net.shibboleth.profile.config.ProfileConfiguration

Method Summary

Methods inherited from interface net.shibboleth.shared.component.IdentifiedComponent

Methods inherited from interface net.shibboleth.profile.config.ProfileConfiguration

Methods inherited from interface net.shibboleth.saml.profile.config.SAMLProfileConfiguration

Method Details

isIgnoreRequestSignatures

isEncryptionOptional

isEncryptNameIDs