opensaml::saml2 Namespace Reference

SAML 2.0 assertion namespace. More...

Classes

class  EncryptableObject
 Marker interface for SAML types that can be encrypted. More...
class  RootObject
 SAML 2.0 assertion or protocol message. More...
class  NameIDTypeBuilder
 Builder for NameIDType objects. More...
class  ConditionBuilder
 Builder for Condition extension objects. More...
class  DelegationRestrictionTypeBuilder
 Builder for DelegationRestrictionType objects. More...
class  KeyInfoConfirmationDataTypeBuilder
 Builder for KeyInfoConfirmationDataType objects. More...
class  StatementBuilder
 Builder for Statement extension objects. More...
class  AssertionValidator
class  BrowserSSOProfileValidator
class  SAML2AssertionPolicy
 Policy subclass to track SAML 2.0 Assertion SubjectConfirmation. More...

Functions

 DECL_XMLOBJECT_SIMPLE (, AssertionIDRef, AssertionID, SAML 2.0 AssertionIDRef element)
 DECL_XMLOBJECT_SIMPLE (, AssertionURIRef, AssertionURI, SAML 2.0 AssertionURIRef element)
 DECL_XMLOBJECT_SIMPLE (, Audience, AudienceURI, SAML 2.0 Audience element)
 DECL_XMLOBJECT_SIMPLE (, AuthnContextClassRef, Reference, SAML 2.0 AuthnContextClassRef element)
 DECL_XMLOBJECT_SIMPLE (, AuthnContextDeclRef, Reference, SAML 2.0 AuthnContextDeclRef element)
 DECL_XMLOBJECT_SIMPLE (, AuthenticatingAuthority, ID, SAML 2.0 AuthenticatingAuthority element)
 BEGIN_XMLOBJECT (, EncryptedElementType, xmltooling::XMLObject, SAML 2.0 EncryptedElementType type)
 DECL_TYPED_FOREIGN_CHILD (EncryptedData, xmlencryption)
 DECL_TYPED_FOREIGN_CHILDREN (EncryptedKey, xmlencryption)
virtual void encrypt (const EncryptableObject &xmlObject, const saml2md::MetadataProvider &metadataProvider, saml2md::MetadataCredentialCriteria &criteria, bool compact=false, const XMLCh *algorithm=nullptr)
 Encrypts an object to a single recipient using this object as a container.
virtual void encrypt (const EncryptableObject &xmlObject, const std::vector< std::pair< const saml2md::MetadataProvider *, saml2md::MetadataCredentialCriteria * > > &recipients, bool compact=false, const XMLCh *algorithm=nullptr)
 Encrypts an object to multiple recipients using this object as a container.
virtual xmltooling::XMLObject * decrypt (const xmltooling::CredentialResolver &credResolver, const XMLCh *recipient, xmltooling::CredentialCriteria *criteria=nullptr, bool requireAuthenticatedCipher=false) const
 Decrypts the element using the supplied CredentialResolver.
 BEGIN_XMLOBJECT (, EncryptedID, EncryptedElementType, SAML 2.0 EncryptedID element)
 BEGIN_XMLOBJECT (, BaseID, EncryptableObject, SAML 2.0 BaseID abstract element)
 DECL_STRING_ATTRIB (NameQualifier, NAMEQUALIFIER)
 DECL_STRING_ATTRIB (SPNameQualifier, SPNAMEQUALIFIER)
 BEGIN_XMLOBJECT (, NameIDType, xmltooling::XMLObject, SAML 2.0 NameIDType type)
 DECL_STRING_ATTRIB (Format, FORMAT)
 DECL_STRING_ATTRIB (SPProvidedID, SPPROVIDEDID)
 DECL_SIMPLE_CONTENT (Name)
 BEGIN_XMLOBJECT2 (, NameID, NameIDType, EncryptableObject, SAML 2.0 NameID element)
 BEGIN_XMLOBJECT (, Issuer, NameIDType, SAML 2.0 Issuer element)
 BEGIN_XMLOBJECT (, Condition, xmltooling::XMLObject, SAML 2.0 Condition element)
 BEGIN_XMLOBJECT (, AudienceRestriction, Condition, SAML 2.0 AudienceRestriction element)
 DECL_TYPED_CHILDREN (Audience)
 BEGIN_XMLOBJECT (, OneTimeUse, Condition, SAML 2.0 OneTimeUse element)
 BEGIN_XMLOBJECT (, ProxyRestriction, Condition, SAML 2.0 ProxyRestriction element)
 DECL_INTEGER_ATTRIB (Count, COUNT)
 BEGIN_XMLOBJECT (, Delegate, xmltooling::XMLObject, SAML 2.0 Delegation Restriction Condition Delegate element)
 DECL_STRING_ATTRIB (ConfirmationMethod, CONFIRMATIONMETHOD)
 DECL_DATETIME_ATTRIB (DelegationInstant, DELEGATIONINSTANT)
 DECL_TYPED_CHILD (BaseID)
 DECL_TYPED_CHILD (NameID)
 DECL_TYPED_CHILD (EncryptedID)
 BEGIN_XMLOBJECT (, DelegationRestrictionType, Condition, SAML 2.0 Delegation Restriction Condition type)
 DECL_TYPED_CHILDREN (Delegate)
 BEGIN_XMLOBJECT (, Conditions, xmltooling::XMLObject, SAML 2.0 Conditions element)
 DECL_DATETIME_ATTRIB (NotBefore, NOTBEFORE)
 DECL_DATETIME_ATTRIB (NotOnOrAfter, NOTONORAFTER)
 DECL_TYPED_CHILDREN (AudienceRestriction)
 DECL_TYPED_CHILDREN (OneTimeUse)
 DECL_TYPED_CHILDREN (ProxyRestriction)
 DECL_TYPED_CHILDREN (Condition)
 BEGIN_XMLOBJECT (, SubjectConfirmationDataType, xmltooling::XMLObject, SAML 2.0 SubjectConfirmationDataType base type)
 DECL_STRING_ATTRIB (Recipient, RECIPIENT)
 DECL_STRING_ATTRIB (InResponseTo, INRESPONSETO)
 DECL_STRING_ATTRIB (Address, ADDRESS)
 BEGIN_XMLOBJECT2 (, SubjectConfirmationData, SubjectConfirmationDataType, xmltooling::ElementProxy, SAML 2.0 SubjectConfirmationData element)
 DECL_SIMPLE_CONTENT (Data)
 BEGIN_XMLOBJECT2 (, KeyInfoConfirmationDataType, SubjectConfirmationDataType, xmltooling::AttributeExtensibleXMLObject, SAML 2.0 KeyInfoConfirmationDataType type)
 DECL_TYPED_FOREIGN_CHILDREN (KeyInfo, xmlsignature)
 BEGIN_XMLOBJECT (, SubjectConfirmation, xmltooling::XMLObject, SAML 2.0 SubjectConfirmation element)
 DECL_STRING_ATTRIB (Method, METHOD)
 DECL_XMLOBJECT_CHILD (SubjectConfirmationData)
 BEGIN_XMLOBJECT (, Subject, xmltooling::XMLObject, SAML 2.0 Subject element)
 DECL_TYPED_CHILDREN (SubjectConfirmation)
 BEGIN_XMLOBJECT (, Statement, xmltooling::XMLObject, SAML 2.0 Statement element)
 BEGIN_XMLOBJECT (, SubjectLocality, xmltooling::XMLObject, SAML 2.0 SubjectLocality element)
 DECL_STRING_ATTRIB (DNSName, DNSNAME)
 BEGIN_XMLOBJECT (, AuthnContextDecl, xmltooling::ElementProxy, SAML 2.0 AuthnContextDecl element)
 BEGIN_XMLOBJECT (, AuthnContext, xmltooling::XMLObject, SAML 2.0 AuthnContext element)
 DECL_TYPED_CHILD (AuthnContextClassRef)
 DECL_XMLOBJECT_CHILD (AuthnContextDecl)
 DECL_TYPED_CHILD (AuthnContextDeclRef)
 DECL_TYPED_CHILDREN (AuthenticatingAuthority)
 BEGIN_XMLOBJECT (, AuthnStatement, Statement, SAML 2.0 AuthnStatement element)
 DECL_DATETIME_ATTRIB (AuthnInstant, AUTHNINSTANT)
 DECL_STRING_ATTRIB (SessionIndex, SESSIONINDEX)
 DECL_DATETIME_ATTRIB (SessionNotOnOrAfter, SESSIONNOTONORAFTER)
 DECL_TYPED_CHILD (SubjectLocality)
 DECL_TYPED_CHILD (AuthnContext)
 BEGIN_XMLOBJECT (, Action, xmltooling::XMLObject, SAML 2.0 Action element)
 DECL_STRING_ATTRIB (Namespace, NAMESPACE)
 DECL_SIMPLE_CONTENT (Action)
 BEGIN_XMLOBJECT (, Evidence, xmltooling::XMLObject, SAML 2.0 Evidence element)
 DECL_TYPED_CHILDREN (AssertionIDRef)
 DECL_TYPED_CHILDREN (AssertionURIRef)
 DECL_TYPED_CHILDREN (Assertion)
 DECL_TYPED_CHILDREN (EncryptedAssertion)
 BEGIN_XMLOBJECT (, AuthzDecisionStatement, Statement, SAML 2.0 AuthzDecisionStatement element)
 DECL_STRING_ATTRIB (Resource, RESOURCE)
 DECL_STRING_ATTRIB (Decision, DECISION)
 DECL_TYPED_CHILDREN (Action)
 DECL_TYPED_CHILD (Evidence)
 BEGIN_XMLOBJECT (, AttributeValue, xmltooling::ElementProxy, SAML 2.0 AttributeValue element)
 BEGIN_XMLOBJECT2 (, Attribute, xmltooling::AttributeExtensibleXMLObject, EncryptableObject, SAML 2.0 Attribute element)
 DECL_STRING_ATTRIB (Name, NAME)
 DECL_STRING_ATTRIB (NameFormat, NAMEFORMAT)
 DECL_STRING_ATTRIB (FriendlyName, FRIENDLYNAME)
 DECL_XMLOBJECT_CHILDREN (AttributeValue)
 BEGIN_XMLOBJECT (, EncryptedAttribute, EncryptedElementType, SAML 2.0 EncryptedAttribute element)
 BEGIN_XMLOBJECT (, AttributeStatement, Statement, SAML 2.0 AttributeStatement element)
 DECL_TYPED_CHILDREN (Attribute)
 DECL_TYPED_CHILDREN (EncryptedAttribute)
 BEGIN_XMLOBJECT (, EncryptedAssertion, EncryptedElementType, SAML 2.0 EncryptedAssertion element)
 BEGIN_XMLOBJECT (, Advice, xmltooling::ElementExtensibleXMLObject, SAML 2.0 Advice element)
 BEGIN_XMLOBJECT3 (, Assertion, saml2::RootObject, opensaml::Assertion, EncryptableObject, SAML 2.0 Assertion element)
 DECL_INHERITED_STRING_ATTRIB (Version, VER)
 DECL_INHERITED_STRING_ATTRIB (ID, ID)
 DECL_INHERITED_DATETIME_ATTRIB (IssueInstant, ISSUEINSTANT)
 DECL_INHERITED_TYPED_CHILD (Issuer)
 DECL_TYPED_CHILD (Subject)
 DECL_TYPED_CHILD (Conditions)
 DECL_TYPED_CHILD (Advice)
 DECL_TYPED_CHILDREN (Statement)
 DECL_TYPED_CHILDREN (AuthnStatement)
 DECL_TYPED_CHILDREN (AttributeStatement)
 DECL_TYPED_CHILDREN (AuthzDecisionStatement)
 DECL_XMLOBJECTBUILDER (, Action, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Advice, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Assertion, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AssertionIDRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AssertionURIRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Attribute, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AttributeStatement, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AttributeValue, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Audience, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AudienceRestriction, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthenticatingAuthority, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthnContext, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthnContextClassRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthnContextDecl, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthnContextDeclRef, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthnStatement, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, AuthzDecisionStatement, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Conditions, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, EncryptedAssertion, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, EncryptedAttribute, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, EncryptedID, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Evidence, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Issuer, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, NameID, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, OneTimeUse, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, ProxyRestriction, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Subject, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, SubjectConfirmation, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, SubjectConfirmationData, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, SubjectLocality, samlconstants::SAML20_NS, samlconstants::SAML20_PREFIX)
 DECL_XMLOBJECTBUILDER (, Delegate, samlconstants::SAML20_DELEGATION_CONDITION_NS, samlconstants::SAML20_DELEGATION_CONDITION_PREFIX)
void registerAssertionClasses ()
 Registers builders and validators for SAML 2.0 Assertion classes into the runtime.

Variables

static const XMLCh TYPE_NAME []
 EncryptedElementType local name.
 END_XMLOBJECT
static const XMLCh UNSPECIFIED []
 Unspecified name format ID.
static const XMLCh EMAIL []
 Email address name format ID.
static const XMLCh X509_SUBJECT []
 X.509 subject name format ID.
static const XMLCh WIN_DOMAIN_QUALIFIED []
 Windows domain qualified name format ID.
static const XMLCh KERBEROS []
 Kerberos principal name format ID.
static const XMLCh ENTITY []
 Entity identifier name format ID.
static const XMLCh PERSISTENT []
 Persistent identifier name format ID.
static const XMLCh TRANSIENT []
 Transient identifier name format ID.
static const XMLCh BEARER []
 Bearer confirmation method.
static const XMLCh HOLDER_KEY []
 Holder of key confirmation method.
static const XMLCh SENDER_VOUCHES []
 Sender vouches confirmation method.
static const XMLCh RWEDC_NEG_ACTION_NAMESPACE []
 Read/Write/Execute/Delete/Control Action Namespace.
static const XMLCh RWEDC_ACTION_NAMESPACE []
 Read/Write/Execute/Delete/Control with Negation Action Namespace.
static const XMLCh GHPP_ACTION_NAMESPACE []
 Get/Head/Put/Post Action Namespace.
static const XMLCh UNIX_ACTION_NAMESPACE []
 UNIX File Permissions Action Namespace.
static const XMLCh DECISION_PERMIT []
 Permit Decision.
static const XMLCh DECISION_DENY []
 Deny Decision.
static const XMLCh DECISION_INDETERMINATE []
 Indeterminate Decision.
static const XMLCh URI_REFERENCE []
 URI reference attribute name format ID.
static const XMLCh BASIC []
 Basic attribute name format ID.

Detailed Description

SAML 2.0 assertion namespace.


Function Documentation

virtual xmltooling::XMLObject* opensaml::saml2::decrypt ( const xmltooling::CredentialResolver &  credResolver,
const XMLCh *  recipient,
xmltooling::CredentialCriteria *  criteria = nullptr,
bool  requireAuthenticatedCipher = false 
) const [virtual]

Decrypts the element using the supplied CredentialResolver.

The object returned will be unmarshalled around the decrypted DOM element in a new Document owned by the object.

The final boolean parameter is used to enforce a requirement for an authenticated cipher suite such as AES-GCM or similar. These ciphers include an HMAC or equivalent step that prevents tampering. Newer applications should set this parameter to true unless the ciphertext has been independently authenticated, and even in such a case, it is rarely possible to prevent chosen ciphertext attacks by trusted signers.

Parameters:
credResolver locked resolver supplying decryption keys
recipient identifier naming the recipient (the entity performing the decryption)
criteria optional external criteria to use with resolver
requireAuthenticatedCipher true iff the bulk data encryption algorithm must be an authenticated cipher
Returns:
the decrypted and unmarshalled object
virtual void opensaml::saml2::encrypt ( const EncryptableObject &  xmlObject,
const std::vector< std::pair< const saml2md::MetadataProvider *, saml2md::MetadataCredentialCriteria * > > &  recipients,
bool  compact = false,
const XMLCh *  algorithm = nullptr 
) [virtual]

Encrypts an object to multiple recipients using this object as a container.

Parameters:
xmlObject object to encrypt
recipients pairs containing a locked MetadataProvider to supply encryption keys, and a metadata-based CredentialCriteria to use
compact true iff compact KeyInfo should be used
algorithm optionally specifies data encryption algorithm if none can be determined from metadata
Returns:
the encrypted object
virtual void opensaml::saml2::encrypt ( const EncryptableObject &  xmlObject,
const saml2md::MetadataProvider &  metadataProvider,
saml2md::MetadataCredentialCriteria &  criteria,
bool  compact = false,
const XMLCh *  algorithm = nullptr 
) [virtual]

Encrypts an object to a single recipient using this object as a container.

Parameters:
xmlObject object to encrypt
metadataProvider a locked MetadataProvider to supply encryption keys
criteria metadata-based CredentialCriteria to use
compact true iff compact KeyInfo should be used
algorithm optionally specifies data encryption algorithm if none can be determined from metadata
Returns:
the encrypted object

Variable Documentation

static const XMLCh opensaml::saml2::TYPE_NAME [static]

EncryptedElementType local name.

AssertionType local name.

AdviceType local name.

AttributeStatementType local name.

AttributeType local name.

AuthzDecisionStatementType local name.

EvidenceType local name.

ActionType local name.

AuthnStatementType local name.

AuthnContextType local name.

SubjectLocalityType local name.

SubjectType local name.

SubjectConfirmationType local name.

KeyInfoConfirmationDataType local name.

ConditionsType local name.

DelegationRestrictionType local name.

DelegateType local name.

ProxyRestrictionType local name.

OneTimeUseType local name.

AudienceRestrictionType local name.

NameIDType local name.

static const XMLCh opensaml::saml2::UNSPECIFIED [static]

Unspecified name format ID.

Unspecified attribute name format ID.


Generated on 9 Jan 2013 for opensaml-2.5.2 by  doxygen 1.6.1