@Override public boolean supports(InTransport transport) { if (transport instanceof HTTPInTransport) { HTTPTransport t = (HTTPTransport) transport; return "POST".equalsIgnoreCase(t.getHTTPMethod()) && t.getParameterValue("assertion") != null; } else { return false; } }
/** * Checks if the transport is of the correct request method. * * @param transport transport being evalauted * * @throws SecurityPolicyException thrown if the request method was an unexpected value */ protected void evaluateRequestMethod(HTTPTransport transport) throws SecurityPolicyException { String transportMethod = transport.getHTTPMethod(); if (requiredRequestMethod != null && !transportMethod.equalsIgnoreCase(requiredRequestMethod)) { log.error("Invalid request method, expected " + requiredRequestMethod + " but was " + transportMethod); throw new SecurityPolicyException("Invalid request method, expected " + requiredRequestMethod + " but was " + transportMethod); } }
/** * Checks if the transport is secured. * * @param transport transport being evalauted * * @throws SecurityPolicyException thrown if the transport is not secure and was required to be */ protected void evaluateSecured(HTTPTransport transport) throws SecurityPolicyException { if (requireSecured && !transport.isConfidential()) { log.error("Request was required to be secured but was not"); throw new SecurityPolicyException("Request was required to be secured but was not"); } } }
/** * Checks if the transport is of the correct content type. * * @param transport transport being evalauted * * @throws SecurityPolicyException thrown if the content type was an unexpected value */ protected void evaluateContentType(HTTPTransport transport) throws SecurityPolicyException { String transportContentType = transport.getHeaderValue("Content-Type"); if (requiredContentType != null && !transportContentType.startsWith(requiredContentType)) { log.error("Invalid content type, expected " + requiredContentType + " but was " + transportContentType); throw new SecurityPolicyException("Invalid content type, expected " + requiredContentType + " but was " + transportContentType); } }
public boolean supports(InTransport transport) { if (transport instanceof HTTPInTransport) { HTTPTransport t = (HTTPTransport) transport; return "POST".equalsIgnoreCase(t.getHTTPMethod()) && (t.getParameterValue("SAMLRequest") != null || t.getParameterValue("SAMLResponse") != null); } else { return false; } }
public boolean supports(InTransport transport) { if (transport instanceof HTTPInTransport) { HTTPTransport t = (HTTPTransport) transport; return "GET".equalsIgnoreCase(t.getHTTPMethod()) && (t.getParameterValue("SAMLRequest") != null || t.getParameterValue("SAMLResponse") != null); } else { return false; } }